last executing test programs:

36.478422934s ago: executing program 0 (id=1996):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000300)=""/8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
socket$nl_sock_diag(0x10, 0x3, 0x4)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r3=>0x0}) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vxcan1\x00', <r4=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@can_newroute={0x2c, 0x18, 0x1, 0x0, 0x25dfdbfe, {0x1d, 0x1, 0x6}, [@CGW_DST_IF={0x8, 0xa, r3}, @CGW_SRC_IF={0x8, 0x9, r4}, @CGW_MOD_UID={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) (async, rerun: 32)
r5 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000fc0)={'team0\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$team(&(0x7f0000000000), r5)
sendmsg$TEAM_CMD_OPTIONS_SET(r5, &(0x7f0000001d40)={0x0, 0x0, &(0x7f0000001d00)={&(0x7f0000000200)={0x60, r7, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [{{0x8, 0x1, r6}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0xffffffffffffffcb, 0x4, 0x1}}, {0x8}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40004}, 0x884)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r9=>0x0})
bind$packet(r8, &(0x7f0000000300)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @remote}, 0x14) (async)
r10 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'veth0\x00', <r11=>0x0})
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=@ipv4_deladdr={0x2c, 0x15, 0x1, 0xfffffffa, 0x20000000, {0x2, 0x18, 0x0, 0x0, r11}, [@IFA_LABEL={0x14, 0x3, 'veth0\x00'}]}, 0x2c}}, 0x4000850) (async)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000140)={'ip6_vti0\x00', &(0x7f00000000c0)={'ip6_vti0\x00', <r13=>0x0, 0x29, 0x0, 0xa5, 0x401, 0x8, @loopback, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8000, 0x7800, 0x5, 0x2}}) (async)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000), 0x10, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB="05"], 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x8001) (async)
connect$can_j1939(r1, &(0x7f0000000540)={0x1d, 0x0, 0x0, {0x0, 0xff, 0x3}, 0xff}, 0x18) (async)
r14 = socket$nl_route(0x10, 0x3, 0x0) (async)
r15 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r15, 0x8933, &(0x7f00000000c0)={'ip_vti0\x00', <r16=>0x0})
sendmsg$nl_route(r14, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r16}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @vti={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VTI_REMOTE={0x8, 0x3}]}}}]}, 0x38}}, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)={0x1a4, r7, 0x300, 0x70bd2d, 0x25dfdbfd, {}, [{{0x8}, {0x104, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r9}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r11}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r13}}}, {0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x2, 0x4, 0x6, 0xffff}, {0xf, 0x8, 0x7, 0x1}, {0x9, 0x24, 0x4, 0x7}]}}}]}}, {{0x8, 0x1, r16}, {0x7c, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xfffffffe}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}]}}]}, 0x1a4}, 0x1, 0x0, 0x0, 0x20040011}, 0x24000088)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x4}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0xf}, 0x94)
r17 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_team(r17, 0x8933, &(0x7f0000000500))

36.099180156s ago: executing program 1 (id=2002):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r1)
sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x4c, r3, 0x1, 0x70bd28, 0x25dfdbff, {{}, {@void, @val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x1, 0x5b}}}}, [@NL80211_ATTR_4ADDR={0xfffffd27, 0x53, 0x1}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'dvmrp0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x62b4e7cb98b4f193}, 0x4c010)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_POWER_SAVE(r0, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000101}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x50, r3, 0x20, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x7, 0x69}}}}, [@NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}]}, 0x50}, 0x1, 0x0, 0x0, 0x4010}, 0x20000081)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newlink={0x28, 0x10, 0x403, 0xfffffffd, 0x25dfdbfe, {0x0, 0x0, 0x74, r6, 0x800, 0x55007}, [@IFLA_MASTER={0x8, 0xa, r6}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x0)

35.839024421s ago: executing program 0 (id=2005):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000710441000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc1, &(0x7f000000cf3d)=""/193, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94) (async)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000080)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x3ff, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x1}, 0x50) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000012000000850000001500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_ro(r3, &(0x7f0000000140)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$cgroup_subtree(r4, &(0x7f00000012c0)={[{0x2b, 'hugetlb'}]}, 0x9) (async)
pipe(&(0x7f0000000100)={<r5=>0xffffffffffffffff}) (async)
r6 = socket$inet(0x2, 0x3, 0x7f)
bind$inet(r6, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
connect$inet(r6, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r5, 0x0, r6, 0x0, 0x8000, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0xb, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000006b8a00fe00000000c7080000010000007b8af0ff00000000bda100000000000007000000f8ffffffbfa400000000000007040000f0ffffffb7020000080000fa18230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b704000008000000850000001a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
ioctl$FIBMAP(r8, 0x1, &(0x7f00000000c0)=0xffffffdf) (async)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@bloom_filter={0x1e, 0x200, 0x1e, 0xf, 0x8, 0xffffffffffffffff, 0xfffff48f, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x1, 0xb}, 0x50) (async)
r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r10, &(0x7f00000001c0)={0x1f, 0xffff, 0x3}, 0x6) (async)
write(r10, &(0x7f0000000340)="07000000010000", 0x7) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x4, [@fwd={0x1}]}, {0x0, [0x2e, 0x30]}}, 0x0, 0x28}, 0x20) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{0xffffffffffffffff, <r11=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000300)=r0}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x9, &(0x7f0000000100)=@raw=[@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}], &(0x7f0000000000)='GPL\x00', 0x1000, 0x64, &(0x7f0000000180)=""/100, 0x41100, 0x30, '\x00', 0x0, 0x25, r4, 0x8, &(0x7f0000000200)={0x8, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000380)=[r5, 0xffffffffffffffff, r7, r8, r9, 0x1, r11], &(0x7f00000003c0)=[{0x5, 0x2, 0x4}, {0x2, 0x1, 0x0, 0x9}, {0x1, 0x4, 0x9, 0x2}], 0x10, 0x4}, 0x94)

35.838640401s ago: executing program 1 (id=2006):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'geneve1\x00', <r2=>0x0})
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001540)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x0, 0xb, 0x2}}}}]}, 0x40}}, 0xc0)
r4 = accept(r0, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000100)=ANY=[@ANYBLOB="e10931d8640a00000000000086dd600141000010880020010000000000000000000000000000fe8000000000000000000000000000aa00000000000790"], 0x0)
recvmmsg(r4, &(0x7f0000000480)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001700)=""/4106, 0xffffffffffffff23}], 0x1000000000000099}, 0x8}], 0x1, 0x0, 0x0)

35.733014108s ago: executing program 0 (id=2007):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f0000000000), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000003c0)={'vxcan0\x00', <r2=>0x0})
syz_init_net_socket$llc(0x1a, 0x0, 0x0)
sendmsg$can_bcm(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, r2}, 0x10, &(0x7f0000000180)={&(0x7f0000000100)={0x1, 0x222, 0x6, {0x0, 0x2710}, {}, {0x3, 0x1, 0x1}, 0x1, @can={{0x3}, 0x3, 0x1, 0x0, 0x0, "ea1ee06e4a675d1c"}}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000)
sendmsg$can_bcm(r1, &(0x7f0000000500)={&(0x7f00000002c0)={0x1d, r2}, 0x7, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="02000000420000000800000000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="030000600100c6c31596d9d5693a8d8b00000300008008000000a9eaa89d9302f08d65a97dd53f531315fe2ac2a034815751835ef151c69f67f38564cadfbe31cc282708c02d25656f27d27d25b1b230d225"], 0x48}, 0x1, 0x0, 0x0, 0x40048c1}, 0x40000)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4)
ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f00000000c0)=<r6=>0x0)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32=r6], 0x1c}}, 0x840)
unshare(0x2c020400)
write$nci(r3, &(0x7f0000000300)=@NCI_OP_NFCEE_MODE_SET_RSP={0x2, 0x1, 0x2, 0x1, 0x2}, 0x46)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r8, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r9}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
connect$can_j1939(0xffffffffffffffff, &(0x7f0000000280)={0x1d, r9, 0x2, {0x2, 0xf0, 0x1}, 0x2}, 0x18)
r10 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
r11 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000080)="5c00000011006bcc9e3be34c6e17aa310769876c1d0000007ea60864160af36514001ac004000202080002000600010076e6f06cea2618c3ecb525c89c32f292b156a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
writev(r0, &(0x7f00000006c0)=[{&(0x7f0000000080)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e9001c2f8db0049d90491ceaebfd26d4eef23248000000f858dbb8a19052343f", 0x35}, {&(0x7f0000000100)="051a02000000006558", 0x9}], 0x2)

35.689192389s ago: executing program 2 (id=2008):
r0 = socket$netlink(0x10, 0x3, 0x4) (async)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) (async, rerun: 64)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x6}, 0x1c) (async, rerun: 64)
write(r0, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27)

35.595679645s ago: executing program 1 (id=2011):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
write(r0, &(0x7f0000000000)="240000001a005f0214f9f407000904001f000000000000050000001f0800040001000000", 0x24)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="4c0000001000010400000000000000000000000095e0f0f0d66be6bb2881eaa4bb5b4c7a36c294f33dffbaa9dc008cc16080d67d4c82e8840295e68e67f423a2f83dcc7346d0543c23df64a8835737514cb8fcffaa335c36c9f6d536432e221096e537f7b1b4ca5b5f2eea6af3912ce06a48b44d23710b91fa3bcf53df606a4a405b64062fc4caac3bc27d43d403a06f46edb83cf709028a70371b28e3482c1e2fb3436c35652df518008d208e7f33327cfc242a0706e52a93707f7f104a1e004727a32deed7daa887108182094d8c68ed92b1fba7b055092acc2cb54b4597c8902535723d9cad6f6c18e47357a1377a74576ebf9d0014a865abe18f1632cf050dae9eb815a921121581de4c0000000000000000000000000077850ae053aad6fcc461b2f0bc4f13102cb28cf8837e91fc44f7915f8d9214504de0f8ea5a851559b401198b0eeed7d5f2bcbfc2532913c6c47f3b1662d7e1de60b4c6c0ab31cb22bbf73dc33f84a68ec99a792d38b798c39816613baec45de3945b842a0b27a447765314fc585fc488adecd4ef86f68ec34ba134f51c128b5494057903c1a0941ad14f41e81137e9d0bc4bd409d0399bd889b5c4b79d06e3eaa50e70f74cabc8ecc6766b89e0460d0648b1ee77140c428db511914b6039b83049aebce32fe7f5baef679a", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c0002800c00210009000000000000000c0022000200000000000000"], 0x4c}}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000000)={r4, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r3}, 0x20)
ioctl$F2FS_IOC_GET_COMPRESS_OPTION(r3, 0x8002f515, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000007040)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a4c000000060a0b0400000000b6473f3fe86efdb899fd7394e086320000000002000000200004801c0001800b00010065787468647200000c00028008000640000000020900010073797a30000000000900020073797a32000000001400000011"], 0x74}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r5, 0x0)
recvfrom$inet(r5, &(0x7f00000001c0)=""/44, 0x2c, 0x40012000, &(0x7f0000000280)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
recvfrom$l2tp(r5, &(0x7f0000000080)=""/142, 0x8e, 0x10000, &(0x7f0000000140)={0x2, 0x0, @private}, 0x10)

35.096366267s ago: executing program 2 (id=2012):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0x890b, &(0x7f0000001480)={{0x0, 0x31a29a8a, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0xf00, 0x0, 0x3, 0x0, 0x0, 0x6, 0x1, 0x3}})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x0, 0x25, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000010000000000000500000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000180100002020692500000000002020207b1af8ff00000000bfa1000000000000070100e5ee00f8ffffffb702000008000000b76900000a0000000000000006000000185900000f00000000000000000000181200"/134, @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000bf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000280)='syzkaller\x00', 0x7, 0xb4, &(0x7f00000004c0)=""/180, 0x41100, 0x30, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x0, 0x6, 0x7, 0x4}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000300)=[r1, r1, r1, r1], &(0x7f00000005c0)=[{0x1, 0x5, 0x0, 0x8}, {0x1, 0x4, 0xd, 0x1}, {0x4, 0x2, 0x7, 0x2}, {0x5, 0x2, 0x10, 0x3}, {0x2, 0x1, 0x9, 0xc}, {0x3, 0x4, 0xf, 0x2}], 0x10, 0x10}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r1}, &(0x7f0000000340), &(0x7f0000000080)=r2}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0xa00, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

34.903192909s ago: executing program 1 (id=2015):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6) (async)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000, 0x5, 0x2}, 0x20) (async)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000200)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e20, 0x3, @private0, 0x80000000}}, 0x0, 0x0, 0x3f, 0x0, "bb02a3c364ca41d6357e5445244748042f9e4e00f943a92866ef086c82ac9b2df3ee818afaacff1f16c54dc46d8b6d2ccd008a008000000000000000a032000700000000000000000000000000004d00"}, 0xd8) (async, rerun: 64)
r3 = socket$kcm(0x23, 0x5, 0x0) (async, rerun: 64)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (async)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000240)=0x9, 0x4) (async)
listen(r3, 0x800) (async, rerun: 32)
r5 = socket$kcm(0x2, 0xa, 0x2) (rerun: 32)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local})
write$tun(r4, &(0x7f0000000380)=ANY=[@ANYBLOB="1c0000f500000000000000862dfdff000000"], 0x78) (async)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r7=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4) (async, rerun: 64)
bind$xdp(r2, &(0x7f0000000100)={0x2c, 0x0, r7, 0x0, r2}, 0x10) (async, rerun: 64)
sendmmsg(r2, &(0x7f0000000540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x800)
socketpair$unix(0x1, 0x5, 0x0, 0x0) (async, rerun: 32)
sendmsg$nl_xfrm(r1, 0x0, 0x0) (async, rerun: 32)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x4c, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x48104}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bond={{0x9}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_INTERVAL={0x8, 0x7, 0xf4}, @IFLA_BOND_MODE={0x5, 0x1, 0x5}, @IFLA_BOND_ACTIVE_SLAVE={0x8}]}}}]}, 0x4c}}, 0x0) (async)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="09000000040000000004000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000001800000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70200000000000085000000860000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

30.214945804s ago: executing program 2 (id=2021):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0xfca804a0, 0x0, 0x8, 0x0, &(0x7f0000000300)=""/8, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000980)={r1, <r2=>0xffffffffffffffff}, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={r2, 0x68, &(0x7f0000000200)}, 0x33)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001240)=@newtaction={0x68, 0x30, 0x871a15abc695fb3f, 0x70bd27, 0x1, {}, [{0x54, 0x1, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x8, 0xffff, 0x10000000, 0x7, 0xfff}, 0x200}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}, 0x68}}, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
writev(r0, &(0x7f0000000100)=[{&(0x7f0000001b80)="0c2467721e3493ba2527524c53f861675004c79400e044650caf504205e1a9659e794b309805d330a77691120cd738e20f4ca5f1924484bd18e2824b32055b746bdcb73f080132b32e174405b2d78e59004a24f71f3eca8efdb9440bc04b034d446759195a3c914837a58a5b173eac473388b4b3727858e0c003513d7686cd2126b3e5446f73cd2bb5c25476a69d04e016a7a344eb147d373e633de48e13c4f872efcd7936308800437407ae049a58cdd648c7a5b1557bdb4e3ec62301acac86224e44c129f537ddd5ab3ab8a4173f41e0d9a5db7b9e060bc4ef2117f45c4f30e31d55dbedfecadf22b3d0fe4236872ce564cd12cb18ecd206029e8bd4e71e82d2d72bbba0aa8464668bdae0e308d7c0be89e996bc7e99ccaa9c3b7d37c0daf279a9345d13784440c46e0e57958eddfdf163c209cefc8a90ac0d188fd41db10aa58d49b86e4d4c1c26dce00c56498a3b276f540ea5b86a1230146fed177b81ff210ea8ee2a3961b9052260be63c7c9d53947a7254e622b756bbe63ca33153b68fa0108d0e113b1b2d582f589bf8b51c53c335be1e53072c65fdabe576abd89beb5f0e306b743a20d6aab22fc58763862b814573589a57db723737de5e8c74b94d05bbbf5ffd1717b352eb19496972ac51d7032b5d5082974ca068ed1dac4f7c5fd25bc173e2f203262b7d933a14d6638ac00b59612ed788d085590c9f071b885eb19e62d97d98a639420e449f35d4b9ee854617b97e24c82bdcd2744817abde2d7f081ef4d2c87a30ba40a23d7805191fb72bbb8161c8cad14ff8496eaeaeb9bac14e22467d7a653c7ce4c599e200a9da3aaab89ce3e72bc7a0c7fd61379e7975f8ee173423973903a8261c3e679e3d104e9a3a8cf6f9e6d69556566a00d2c684e8477402b2292d3ecfcd06fa26bf74bb59ff29b1566d0c99458cd288f1bffbda1f47364e218e3a1dda4e0712ef8178909dae7024482d2a0c7afb6e3475bc47cc9112db2711aedb45caece9423940f7e1d840f2d6e58b1327f876c281a64b8507903b4a229a233de361e7d346edfa50e6da169a72bbc675f969f9c68476545d9277979ecc69aeebb0210049464493e8ecdb3bf988212b4d9a15a44e5f5a0e46eec2c168b70cfc0212df885cc5cc0bc9dbc7ccbfd8d54384c922dbbfe7f27b134ae504ea9b6e0fbae61e5fec7cd7117d0007a26ae3c53aaac5566592140bca2dc75ce664c3353a3d94754ec63deea39a62148259df1dc051d2d76009983c06c5c7b3947b62113af63dc78adfbf57e0a1ecc108e463db5b23ee0048ca48d53769dd8fe5761e96282f7a6746423721a56272cf602181d4d2b14b54c91f7edb0f83998b1c9113ba63bd7c3286e1aaa1030fdc470377c149c905872c07801aa5ffc097f2555f1411f0a87b474112cb36c29f584d4e49ad29c6893b9f476e7f2f89d5afe50a820ebcecad10ab99bf4de80c8feed7fae02914451122e80f5ec5cafdd0fea89a8bf6af48eea0753efdb7c206501df1fe1eb9399438a28bcc960915386bac27893092cae869b046c615d4ce5605d3464e760972e6e0403f2aeef3885f702e9e7a7be87c6b73fcd39af4d7f8c5a8a31d64afd2e7fd661a66f996dde9ccc1096a23872ca797f11c23799d81ad45267cf37f15dd3adc1c362610e97e5e01ab733ae35f51de308790c2d5e2ac598f119488487269f5b1efd03264a779c5ab1b6b60e69445190dd6696170f7871d081fc223b599980da14a42d288f0f28d7787f813bb1629ea6707c5543301a6da1aab1a872c06a5711e99edf829da047b329cbe9f739c7b3b53d46379966a5df0982a735e652eda3bd6e9181c09ce350a2fc910f1b31201d7ff9aec0fd1518806c2efb93f9b617171c260e72747b093f3571de0494c10b8ec7777aa9a5f1383f3662f45c2c1fbfc5930d1c3aa0d4a8c391bf88d7ae50aefb86e97114078712387714c4b5a87f2ad03c9f5899111ea5ee63fb47b64761baccefa104592c3bf52e9a3a888d629fc5c603c5113f7d3518ffcb0900b81de0a73ecf5b23a96029dc09fdb01a315a5d7248c88f5de0664f9fe7677466e8aed0bb7a42346651ef892962d600d2ffdbac5b2057ae0adc97b09339dd2cfc3569f17bac303df11cdb23848d32f644900f81ee1750e55080e1e7bd6ee33e82b000d3a9ccda098f1244a50fba9eda56c2eb105614dec9f393c9905355d8421a58fef88e93de9532b9efdb46f381a0c002469746bcadd86c6f39ffbf777d75ae20e9eaf83721a3db8283a02f76692bf5b3e92e93a7f75a316f208ce330dd906144044d0b8d8f6517d5d695b3288b90ad0786b0e1f24d9818f209f4e3c21686fe4e5e67ea1e5f27a7ab89ed9bc55365da669833f5541079cac0238dcc49b555fd01216bcc744c9ec97da0db81fe60293e659f7d78d5acd35f155750616200ff9a02d918e53900075d978fb4cf2c41f2a63d32abff3b50a4dbd5eb5d67c62fe69775374e77d59f697041766fca688b44fc3326c6c5286ef49f522b720965a7ea29f3c5049fd120caf27edf0cad555ffd860738277305ebd70cb65dbc42696c5491642c3062e7f244600aa3420223d7d46556b2977968a883c35a48fe031e6c0021fcb3a935ed2c292daf9f536d61222f1e20e154420920bf825d2023e7e2a03514edecb0e149e43d92cad5c56cedb384c64797f1f0c8fc21e6d871b9e556251c9fc839a6ce61ecfc591607227550f0111af804757e06456d9a1b27932cd13632696e27a4c1bccc8a236fb15ccc03aba9b12921e131608169d96a51499f13bee801ecb54e79febf1ee7679c6a88d976c5b5438203e822d858a16fb534a2322789a9ed9fed78eedd55fd0711e08c0200b874f915fd157a9bb0a8ee778e6f96728cfd1914ce049483929d007b087c0616c21c8351374d67617eaa59ce7ef314cac5e534d8f4a1b63a5129fc40871e186a3f536d118750ba95fc21f8bb367bdf50d40ace482e44a9a599a09e7dcd8c3614b190317ea2c086d27daa0f975dc2509fa5df1ff48b211c12b0d2c7032fde86bdf6f700fd43c4c012d8d15b5b281b4430cdddc5402585cf5d2fdad6b4b8ac66f6e61fe6607f637b39586b9215c79af2c59e3104e3fcada0a920f01dbb570996fc2be5539dbb4bb817fdf943fc958daa930deeb5772c6ec1c5983eafff04712aa36bf0879d9740c696d810f15b802c9e60751313aa6c21484a80042a5c51f9f69802ef422094428868a7152195de294257feb99665e2716219642e49c9f98dcfbfb0f19d978ca4b167e3a7f450dd6a7d05b0c4f59b36704e6fbe153a0d9daa3507700218e0d72ff25a1527145aa84d4dff02b48bbb885df023053e9767869f07244c0731950d56b39d45ebcc10873233213da556351d73e150c4fc8a1b44b3214e26ac184668900cf31f662f8345994ada4e5b2330602ab70473e2749d5d4bf2199523905cb98e2d52208922d5b8d6196717e3d28f956c8fa567080be68328bc21e4bf13582506cd602c7e1141a33aa9cb1019d2037f0430f6a9c7ce096982402f5a5586a767f46be3ac71b068e55b97474333292d6bf82dc3efee1814d0d11daf7b6e1889297267b6e49c2cbd89223028027116e6e2510e138c17c77e61e1d5ec0827da779742f2cbf2cf8092680c4bb8c09da7eb108b63cf4f4a445ed9b7e143baf346f8845849a6102ecb6eb0d0d2beb05ea10659c60c47581d38f4e6aa4e0574fbca88d103f8a1ccf3b626d71c119322651cff9aa1da453a4667d48d8d48f63dc0f68d8385d55ffa1eca080e597ee7345b840ce81ecb5e1d1ba6b7a15e038a2ebb6cab801abfb3266b9eab193d9bc623646bbea16233c6f3be07ef61eeeacaf8486174501b3f0d50769f69a8d4c8610103b49e7a41197d32f381402029f79fc3101715c83f1708c70522f724adb20d0c1f95ac2c36529abd832568154b517d662a93a990e732852e8204dfafc396bce17f511536ca1c87a7025883c7201e5b0e550ed1319b690b0ccf135c0b0c75e3dbbe9e06e559088b0aa1ce840493b0b6a8483a3e2cd7213ce041a6c58b77175757ce9eb21acca2caab3b8a1c68a668d4adf27e3648e12eb45d7ab2161e29024cbf0a61acf9331c5dcf16bdafb3a7dcc185bffca9a34c09bded2f97453f0b92f9ba325b2cfed2f59375342c68b34360efe94c3c5c3bda79e18531764e04ef5e053fba77f508703ec4f2bdd3244a2061e7ce54f97814540079b2bfcf8e22951027704e7e7fe8326c040ada91e41cc922ee0e194a1c2f863538e46276c6da6b0446fae640773f7f448aeb3ca3804217c647319c7c4e3a59897224e058dd3f2eb3686139ba2916208c998d3a6887086be57b7bf5d8761c042a4805b843fcbd70eb2f75e1588dd6619213d3dbd97ddf4b3bcf38616506fb513cb5fcba0ab3df9bdbf4e9d176a637599a112bf8567696a92793c57057c72581838766d8f9143e98cf6b45c4d9618856f5bacb24f814f7f4150b749981f9efecfe0f2c4fa826bcfe5f9d5e2caa0d34071b5808318e70fc214e4dec012be085487805c240a3dc398601114d8b5295224821d1febd265df952f4d201094248f801110bb8a8e3aa415bb3844deb54941aef9a3bbf19945d1c6a8b4de866dc0204bd926622d4e39f3d9ab0564a9226323afbe452548b191825ddf533026792c192fe336af689e7bcbddeddeaac9d5b1db16e207c312cd0bacc29f9abb1c2ad0b45562edd102da3105bd0cde67f309452b736825d3b86f86425b510ae3f8cf621cded6a5918f6d2fe2b915947eece0d923c4decfa3821231fff3119411f7d7b068d6adfc9932fd7053a2d65091316868e9141092a89bf5bc0345df4dec054960afcf162028adf8103206dd7f0c913a06753f77709b1fbd4adb96cb407e5996bd6e45644fc9aaef71ae81478a51b8ab446ad281224414d5d0b83a25aaf03ccc29b7751fc7e4bb1d44486fb9fb4dc63b63c7b155ee121755897521e1d39434a94f7e023ad876b575ed368ae6346804493dad4f951079b4e3d97e39d899aa386ef620cb3dc6a84cbd91e0783e334ed795c9b32d1c32628c9ae31dc1fc6ac3ea6167072b2e7d23b01bbf24fdc5169f92f41963db15a38b8a111bfda7ebfdb00c94cc4d9ed6f66c0b24dd2cf2afb0b95800436a111775596bc761515f2d98be46a1c47ebc5c011da91ff624eb3997a7bd9a692271a036c03fcb7e0701fa9e1ffeb8ca292bc890ee2cdbb1930208c69bf19e26c6c8e0436dd645c604f5c3c10522f199cb88fad73c3bbafb44894619ed95b3fa2307f686ff4f0258ec310a73d167352d9c730af79fc3a619ca4530da074dc2d4af16c0cc7a344c5cc399c07134d5d5ca6287a248b30ca9b1495b1bb7c65ee57c8fffc7bb5b9f9c75bf4b7fc5048ab2419224dff13483f2b761de4aed726f61b12aa2e85da27aa28d371fc56e53e30c2549c44dc7cce0c74f08d90a31397923a305f0ceea7ebcf5fd75ddb293ad0d6314653cf177d0d9b414e5a8ad50a6e27fc87bfbe3fc4f2d9ca73b0c55dfd7228429735d47c6ddf7d7834f3f3dc86284088ceb60b41f23eab4bcb8c485e4a3d29e4ebe856f7149aa60c13b13d062811933e44d81419c595db31e1ce40cfccf6b63aaf59d6e81d2cb06287f2a9a42bde5fc156eaa589e695e7dbaee562d6801c5462cd0d0f48fc9fccf55fbb281aba549c01e41bd05a383858fa96f99832cdf40ae7293b546e97a72447e639108cd126eec4af9ea084d686047755814ab9a116d1c53c1f43f81564b014b06f6d5d17dbfc", 0x1000}], 0x1)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r4, &(0x7f0000000340)="0a000300010000", 0x7)
recvmmsg(r4, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x10040, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r5, &(0x7f0000000b00)={&(0x7f0000000a80)=@hci={0x1f, 0x300, 0x6}, 0x80, &(0x7f00000002c0)=[{&(0x7f00000013c0)="62031400d755af176510", 0xa}], 0x1}, 0x4041)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r6 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r6, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r6, 0x8)
r7 = accept4(r6, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r7, 0x84, 0x84, &(0x7f0000000000)={0x0, @in={{0x2, 0x4e20, @empty}}, 0xfffd}, 0x90)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b", 0x19}], 0x1}}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000040)="bf", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000001b00)="1791613d45501cb6a8d8eaeb96ee68b2d8daad34b8c528b97ead9f051e427e309b714d3d12d8d401ee42a68183b0e95a5b22ea526737b16783f6d819d82b492bf64f5475d1e1f435a4fd5de8795db130dc9a9e82dae807b69f57202e694041d85a70a98ed38e10b116d2249a87", 0x6d}], 0x1}}], 0x3, 0x2090)

29.685274523s ago: executing program 3 (id=2023):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000640)=@raw={'raw\x00', 0x3c1, 0x3, 0x380, 0x128, 0x1170, 0x1398, 0x128, 0x1170, 0x2b0, 0x1398, 0x1398, 0x2b0, 0x1398, 0x3, 0x0, {[{{@ipv6={@empty, @mcast1, [0xff, 0xffffffff], [0xffffffff], 'veth1_to_bridge\x00', 'veth0_to_hsr\x00', {}, {}, 0x2b, 0x3b, 0x3}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@ah={{0x30}, {[0x4d4, 0x4d3], 0x2, 0x9, 0x7}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0xfffe, 0x10, 0x2}}}, {{@uncond, 0x0, 0x160, 0x188, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x2}}, @common=@srh1={{0x90}, {0x1, 0x0, 0x0, 0x0, 0x0, @loopback, @private0, @loopback, [0x0, 0x0, 0x0, 0xff], [], [0xffffff, 0x0, 0xff000000], 0x0, 0x803}}]}, @common=@unspec=@NFQUEUE0={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x43c) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000490000000000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000008c0)="89", 0x0}, 0x32) (async)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a40)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a50000000060a0b0400000000000000000200000024ffffffffffffffff0001006e61740014000280080005400000000308000140000000000996766ada468b4cf23f738649eae49100010073797a30000000000900020073797a3200000000140000001100010000000000000000000300000a"], 0x78}}, 0x0) (async)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000280)={0xffffffff}, 0x10) (async)
sendmsg$nl_generic(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001200010a00000000001000000a000000f897c165422ca7cc081f558148e9f9202ca8931a0c06e073ffc2b5b2297996acda5883f149ca511cdc3fc812db2a47008bab7bbac4fd9b51639c24def2ce6d96d7c5b9e8431607317df0e08ab02cf4e8ed01de4ac9e16622c3f40291698bc8df174ce25bd74853500fd73ac3072eb9c2f0425e1a56b08a8a83c9688fde992722a196fa739566e6edfbe7446d"], 0x14}}, 0x0) (async)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f00000001c0)={'ip6tnl0\x00', &(0x7f00000002c0)={'ip6tnl0\x00', <r5=>0x0, 0x2f, 0x16, 0x8, 0x23, 0x35, @private1={0xfc, 0x1, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x42}, 0x700, 0x700, 0x2}}) (async)
r6 = socket(0x400000000010, 0x3, 0x0) (async)
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r9 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="f0000000120003"], 0xf0}, 0x1, 0x0, 0x0, 0x8000}, 0x44040) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000340)={'team0\x00', <r10=>0x0}) (async, rerun: 32)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f0, &(0x7f0000000440)={'syztnl0\x00', &(0x7f0000000380)={'tunl0\x00', <r11=>0x0, 0x1, 0x700, 0xfffffff7, 0x6, {{0x1f, 0x4, 0x1, 0x10, 0x7c, 0x66, 0x0, 0x78, 0x29, 0x0, @multicast2, @multicast2, {[@ssrr={0x89, 0x13, 0x4f, [@broadcast, @local, @broadcast, @broadcast]}, @end, @ra={0x94, 0x4, 0x1}, @generic={0x89, 0x3, "d9"}, @timestamp_prespec={0x44, 0x4c, 0x96, 0x3, 0x8, [{@empty, 0x3}, {@multicast2, 0xd1}, {@broadcast, 0x4b71}, {@rand_addr=0x64010101, 0x4}, {@multicast1, 0x3}, {@dev={0xac, 0x14, 0x14, 0x21}, 0x101}, {@private=0xa010102, 0x1}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4}, {@loopback, 0x7}]}, @noop]}}}}}) (rerun: 32)
sendmsg$nl_route(r4, &(0x7f0000000540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x6010800}, 0xc, &(0x7f0000000500)={&(0x7f0000000b00)=ANY=[@ANYBLOB="78000000540010002cbd7000fbdbdf2507000000", @ANYRES32=r5, @ANYBLOB="20000100", @ANYRES32=r8, @ANYBLOB="000001000a01010000000000000000000000000082dd000020000100", @ANYRES32=r10, @ANYBLOB="01030000ffffffff0000000000000000000000000800000020000100", @ANYRES32=r11, @ANYBLOB="00030100ac32144300008389c81c4230186573dfc8000000000020000000aded967906e5c9d5361020cb085b6c45bd88919ffcfd961e42441ebb0dee751d931016a03df8d5b1c17704dc13460beae585f99a6138f826150a504732d33cf131d6fef6fee733804dd785939bfb064e1a6d9e5bb348af0929f3ebeac535d25f08000000000000000559223d2b3e31c6594f47113f0e5d75ec896717067e0466e821e88df23f5871b70ddc6d13a8d3c052ace371375b6573b81ecec41372c79af8058433b823908a5d6caf18826a5b1c60a4e3dab2822352"], 0x78}, 0x1, 0x0, 0x0, 0x4}, 0x4048004) (async)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000000)=0x4, 0x4)
mmap$xdp(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x800000, 0x12, r0, 0x100000000)

29.203484191s ago: executing program 3 (id=2024):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000006c0)=@newtfilter={0x4c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xfffa, 0x2}, {}, {0xa, 0xfff9}}, [@TCA_CHAIN={0x8, 0xb, 0xec}, @filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_OPS={{0x6}, {0x4}}]}}]}, 0x4c}}, 0x24004000)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c000000100005ff28bd7000000000000000004a", @ANYRES32=0x0, @ANYBLOB="c042000000000019140012800904000280080020000100"/36], 0x3c}}, 0x0)

25.467911431s ago: executing program 2 (id=2026):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
syz_emit_ethernet(0xfdef, &(0x7f00000003c0)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x380, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000050000000026000400"}, {0x18, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x18, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x21, 0x7, "f5000000000000000000000200000000000000000000000000008879e66485201a0015ca837400"/55}, {0x0, 0x14, "5e14f0e7e72d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fa632dbf04542188b196e213408c"}, {0x3, 0x5, "d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="c0000000000101040000000000000000020000007400018014000180080001000000000008000200e00000020c00028005000100000000004300028005000100060000000c0003ef05000100000000000c0002"], 0xc0}}, 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c0000001000090400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800900010076657468000000001800028014000100000000008ee796813d3a154aa864af375cae723085bb0100888c2e9abe7d6126b24813b39ccb6e70d463839f30d31853cfc24661645f03fa39a887a15e8153c42d1823e4bf831909cc1374064ec9d2f1225ef2dcacfa3e", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\n'], 0x5c}}, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x64, 0x0, 0x4, 0x70bd2c, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x81}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x1}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x60}, @IPVS_CMD_ATTR_SERVICE={0x24, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2f}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x1e}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000085}, 0x800)

25.376885956s ago: executing program 2 (id=2027):
socket$l2tp(0x2, 0x2, 0x73) (async)
socket$l2tp(0x2, 0x2, 0x73)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="3000000040000701feffffff00000000017c0000040042801400018008000300", @ANYRES32=0x0, @ANYBLOB="08000200", @ANYRES32=0x0, @ANYBLOB="040002"], 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
close(0x3)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc) (async)
bind$netlink(r1, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket(0x2b, 0x1, 0x1)
connect$inet6(r3, &(0x7f00000001c0)={0xa, 0x4e1f, 0x2, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x60, 0x2, 0x3, 0x301, 0x0, 0x0, {0x0, 0x0, 0x5}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x1}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x10}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x32}, @NFQA_CFG_QUEUE_MAXLEN={0x8}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}, @NFQA_CFG_FLAGS={0x8}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x4, 0x1}}, @NFQA_CFG_CMD={0x8, 0x1, {0x4, 0x0, 0x2b}}]}, 0x60}, 0x1, 0x0, 0x0, 0x24040805}, 0x40448d1)
getsockopt$PNPIPE_IFINDEX(r3, 0x113, 0x2, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000380)=0x4)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r3, 0xc0096616, &(0x7f0000000100)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$BTRFS_IOC_INO_PATHS(r1, 0xc0389423, &(0x7f0000000080)={0x62a, 0x10, [0xd, 0x9, 0x94, 0x4800000000], &(0x7f0000000040)=[0x0, 0x0]})
sendmsg$NBD_CMD_CONNECT(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYRES32=r4, @ANYRESDEC=r2, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0) (async)
sendmsg$NBD_CMD_CONNECT(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYRES32=r4, @ANYRESDEC=r2, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r6, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f00000002c0)='./cgroup/cgroup.procs\x00', &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x1}}, 0x40)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000003c0)=@generic={0x0, r7}, 0x18)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r8, 0x0) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r8, 0x0)
write$tun(r8, &(0x7f0000000440)={@void, @void, @ipv6=@icmpv6={0x9, 0x6, "d92f77", 0x257, 0x3a, 0x0, @remote, @mcast2, {[@routing={0x2c, 0x6, 0x0, 0x3, 0x0, [@private1={0xfc, 0x1, '\x00', 0x1}, @remote, @ipv4={'\x00', '\xff\xff', @private=0xa010100}]}, @routing={0x33, 0x0, 0x2, 0x9}, @dstopts={0x29, 0x25, '\x00', [@generic={0x6, 0x7, "8bec1a157ee40f"}, @generic={0x8, 0xf1, "2844d3f71e0eba23296baf778ea69a9e58b6be320c6bb656a8392fdb81b0d5c8e59127f5a01cf83d22ddc59f1729b935795180589e5c45d3bc892ecf3ca34a94424cf4e217869641c99850b77d5ec27086aafff41237598b1c703cd595af0a7e1e70accee8ee416b2283b61ec8fe95d7da433c771e4a3623f8fdb63b9f48ae7a25e0c363816017656f26bc43c05c6c8b2f2518b3103b22185c2cc0884e07a7c46479780026ffcb284aeba62f17f2e5588b226d27a30a5596ab6e19434c61f1b724ee710e892055c5848b7f4b307522fe8a3f19a851417fa95d0aa19ec773aae5f982dd5301a15605721ccd10f97faf9112"}, @ra={0x5, 0x2, 0x9}, @pad1, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1, @hao={0xc9, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @pad1, @enc_lim={0x4, 0x1, 0x6}]}, @fragment={0x84, 0x0, 0x8, 0x0, 0x0, 0x8, 0x65}], @echo_reply={0x81, 0x0, 0x0, 0x3, 0x6fb, "63c7ce810678e58f67589d3b386722e32901ed060358c27666d2d0996dfc3addb3efcf9d90abd80803972d7da798306cdadb9545bc7a8b9fa50309f365a7e9291684faab2e7921355ae3497a803c736b612beae26e1039b506cc9ceb8dc7b3bc1d5010b5f7e39060ca420013e80a42ff53f7889645e470206bc463f90605d9342fb853e5658a929a5b50fe2c4d597607157475621a731e6580bc22d54c8ca2eca150892682fd2bfdf484c39a94862ebef1593f1c87b25c069f9ae3d1fadfd3330810a67a18e3a1575b1845364489988210e3e55b3a50a2"}}}}, 0x27f)

25.270842244s ago: executing program 3 (id=2028):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300), 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, 0x0, 0x20008045)
sendmsg$NL80211_CMD_SET_WIPHY(r1, 0x0, 0x41000)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r2, 0x7d4165c9)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r5, 0x7d4165c9)
listen(r4, 0x0)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r6, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000780)={@in6={{0xa, 0x4e24, 0x2, @empty, 0xc}}, 0x0, 0x0, 0x20, 0x0, "9c0fe2154aa786d10084ecfbe8e86f7d312fcc8fde38d5823d22fbbb55a7837e5f2329f4d662f2185f18fae43e09d661d12a01669d6eef2e4733c2c29a3c3d16ef45c7c1c8ecfcc76b47d9ab9a573f11"}, 0xd8)
listen(r7, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000680)={@in6={{0xa, 0x4e21, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x81}}, 0x0, 0x0, 0x40, 0x0, "2b20a1a47cddc63b223be606d7303a4d4d11e10450d766feb63b382d54bab577021cad5de4fe7630a33b6deca160b1267ff02123bc27830000000000ffff40000000000000b5b29049cb65f00300"}, 0xd8)
r8 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r8, &(0x7f0000000540)=[{&(0x7f0000000180)="580000001200192340834b80040d8c560a066f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0effeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1)
listen(r4, 0x5)

25.074504213s ago: executing program 3 (id=2030):
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001500)=ANY=[@ANYBLOB="44000000000000000000de809f6b801b33fda90e", @ANYRES32=0x0, @ANYBLOB="00000000000000002400128008000100677265001800028006000300010000000400120006000e0000000000"], 0x44}}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r1, &(0x7f0000000100)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xe}}, 0x57)
sendto$inet(r1, 0x0, 0x0, 0x24040891, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0xe22, 0x1, @mcast2, 0x6}, 0x1c)
connect$inet6(r3, &(0x7f0000000600)={0x2, 0x4e23, 0x0, @dev}, 0x1c)
ioctl$XFS_IOC_START_COMMIT(r0, 0x80585882, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1e, 0xe, &(0x7f0000000200)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x1000007, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, r0, 0x8, &(0x7f0000000080), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x20000}, 0x10}, 0x94)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001500)=ANY=[@ANYBLOB="44000000000000000000de809f6b801b33fda90e", @ANYRES32=0x0, @ANYBLOB="00000000000000002400128008000100677265001800028006000300010000000400120006000e0000000000"], 0x44}}, 0x0) (async)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) (async)
connect$inet(r1, &(0x7f0000000100)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xe}}, 0x57) (async)
sendto$inet(r1, 0x0, 0x0, 0x24040891, 0x0, 0x0) (async)
socket$inet6(0xa, 0x2, 0x0) (async)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0xe22, 0x1, @mcast2, 0x6}, 0x1c) (async)
connect$inet6(r3, &(0x7f0000000600)={0x2, 0x4e23, 0x0, @dev}, 0x1c) (async)
ioctl$XFS_IOC_START_COMMIT(r0, 0x80585882, &(0x7f00000000c0)) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1e, 0xe, &(0x7f0000000200)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x1000007, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, r0, 0x8, &(0x7f0000000080), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x20000}, 0x10}, 0x94) (async)

24.9495081s ago: executing program 3 (id=2031):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="5c0000000206035d15237fd5a3e64b330f16e98f000000000000000000000000000d000300686173683a6e65740000000005000400000000000900020073797a31000000000c00078008001340000017e505000500020000000500010006000000"], 0x54}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000980)=ANY=[@ANYRES16=r0], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0xfffffffe}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
sendmsg$NFT_BATCH(r0, &(0x7f0000000600)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000005c0)={&(0x7f0000001ac0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x24, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x4}, [@NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWRULE={0x2b8, 0x6, 0xa, 0x5, 0x0, 0x0, {0x3, 0x0, 0x5}, [@NFTA_RULE_COMPAT={0x44, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x10e0}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x52d3}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x32}]}, @NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x2}, @NFTA_RULE_COMPAT={0x1c, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x1e4, 0x4, 0x0, 0x1, [{0x108, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0xfc, 0x2, 0x0, 0x1, [@NFTA_CMP_DATA={0xf8, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x38, 0x1, "e5affb69481123633a914ab2b7326e048d470ef191dbb004d1a172b18d43e0d87416ad94457cdc6d3c356d42404bf3cbaf9d743a"}, @NFTA_DATA_VERDICT={0x30, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFTA_DATA_VERDICT={0x30, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFTA_DATA_VERDICT={0x5c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}]}]}}}, {0x10, 0x1, 0x0, 0x1, @lookup={{0xb}, @void}}, {0x10, 0x1, 0x0, 0x1, @payload={{0xc}, @void}}, {0x10, 0x1, 0x0, 0x1, @lookup={{0xb}, @void}}, {0x14, 0x1, 0x0, 0x1, @synproxy={{0xd}, @void}}, {0xc, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @void}}, {0x38, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_OSF_FLAGS={0x8}, @NFTA_OSF_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_OSF_DREG={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_OSF_FLAGS={0x8}, @NFTA_OSF_DREG={0x8}]}}}, {0x50, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_LOG_QTHRESHOLD={0x6, 0x4, 0x1, 0x0, 0x3}, @NFTA_LOG_PREFIX={0x5, 0x2, 0x1, 0x0, '\x00'}, @NFTA_LOG_LEVEL={0x8, 0x5, 0x1, 0x0, 0xa}, @NFTA_LOG_FLAGS={0x8, 0x6, 0x1, 0x0, 0xf}, @NFTA_LOG_LEVEL={0x8, 0x5, 0x1, 0x0, 0xa}, @NFTA_LOG_FLAGS={0x8, 0x6, 0x1, 0x0, 0x29}, @NFTA_LOG_QTHRESHOLD={0x6, 0x4, 0x1, 0x0, 0x7}, @NFTA_LOG_SNAPLEN={0x8, 0x3, 0x1, 0x0, 0x7}]}}}]}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x1}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_RULE_COMPAT={0x24, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x2e}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x86dd}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x5}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWRULE={0x690, 0x6, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_RULE_USERDATA={0x71, 0x7, 0x1, 0x0, "8f320b4434ab7de2fc40eaae16e3a4cd30962674eb3b393c98e80fe83ba026d3dabe8a43c8719d3d2ebba0c08dd93c1817c2f5545da15fd34f2200c8bd4b68eaefa6504524dc347f0177162f0df26ec13aed86fcc492922fd0d98e08c91958f015df13879613b746976b07607c"}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x2}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_RULE_EXPRESSIONS={0x5f4, 0x4, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @log={{0x8}, @void}}, {0x50, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x40, 0x2, 0x0, 0x1, [@NFTA_QUOTA_CONSUMED={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x3}, @NFTA_QUOTA_BYTES={0xc}, @NFTA_QUOTA_CONSUMED={0xc, 0x4, 0x1, 0x0, 0x8}, @NFTA_QUOTA_CONSUMED={0xc, 0x4, 0x1, 0x0, 0x3}]}}}, {0x60, 0x1, 0x0, 0x1, @dup={{0x8}, @val={0x54, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xe}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xa}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x15}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xc}, @NFTA_DUP_SREG_DEV={0x8}]}}}, {0x2c, 0x1, 0x0, 0x1, @reject={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0x6}, @NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x1}]}}}, {0x4d8, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x4c8, 0x2, 0x0, 0x1, [@NFTA_BITWISE_DATA={0x208, 0x7, 0x0, 0x1, [@NFTA_DATA_VALUE={0x3b, 0x1, "3ef46932c703f34f72e309459362617d60fc0b717f1274190258cb7a51a05e2f49545e131ab063eed7f17c3bb4765b26ae4d8a55c041ff"}, @NFTA_DATA_VALUE={0x2f, 0x1, "648e31c0aeec4abc943f72fb6623e5b295b242b97a3fbc158c671727199b2a3d8fc6e97d9e004f7cc98f49"}, @NFTA_DATA_VERDICT={0x40, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VERDICT={0x20, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}, @NFTA_DATA_VALUE={0x81, 0x1, "019dd2f17d6fa84cdfa4bac1f150bec2b52758b507a9f375b6b203c138a2ab43bea7d9d9b4bb9c8322705e6bd7f1b24334702e8e418aa3e554d80e00f79a1ac35d1f42812c4b70669b9d314459d1ff5ccaca69b87f5cfef0d62d9a2b317259423592db0f03985bef6c99f23fafe75057bb46e3052cdba561cea05a0cf7"}, @NFTA_DATA_VERDICT={0x3c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}, @NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x54, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}]}, @NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x58}, @NFTA_BITWISE_XOR={0x288, 0x5, 0x0, 0x1, [@NFTA_DATA_VALUE={0x99, 0x1, "e577e98912f132f9e9158e6b15f65cfa5f893039e0829fd135357bc0075315a1c758ee180c35dd7c9b06a533f57eba688298d5a8164ff712e75d4f2131d9077f2ebf4d0de6f03b81286db8378702524d2bcab80a394f08ff2c23ba58051596709055a7e2b2e5ade71408688b2dbe64199aca01675eff46f4aa77048c1976ffcf3c55f314aa21456ed26a387ef3ce044421a80d1ae0"}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}, @NFTA_DATA_VERDICT={0x28, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VALUE={0xad, 0x1, "69b3f9b0a796d7aec850e20d7f905f0f8ffa0fc661a6b6bb8769a5b8daa71a69b25094b67583648e1922d9726d6b3a968cf1386d4ce5de245066518795298a0a95524bb1062864155ded00803eda2402ab562c55789668ef15caf709f9fc94592e62c4ffe596a2cee574e77aeb78d8c1a7094547b0789932a44b1c16e165ce79a1351127b54e5fd8f8753674148530409fa181535ed3790ffe37aefe3650c56e3e30f6c704ddcd7a43"}, @NFTA_DATA_VALUE={0x101, 0x1, "930cc1b11a9200b412baa498f11b8537f6cdb762496e72d9025ef8190a51cab986b864e6666ada86386e7c21a2399cd3f0fe50cdf51b4f43384c5365c539c8d1d025d3ef837aa4c5b17c5852a46436e4f626e12926216b64d52877a560103fe0802bd7f343323c2f84d934cb81caace3cfe48ac75ac060d55d4fb3ad1f3d476c52d7120eddd382b267c92aa82cdc3c0b302a1e0e56ebc1467ca4a646580d8cfd8bc18b7ea3cc9f634ee14352f4b50fda5828f319d2bcb754414cd7d112f64ea970d757feeea24fc4830163422c7e0017fb37ce6642e13e5b81523ca3a3db1c889ad1df11e92bfd9a2c151b53e6c1ef22fa4f9c3666cb485d8c00303098"}]}, @NFTA_BITWISE_DATA={0x14, 0x7, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}]}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_BITWISE_OP={0x8}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x15}]}}}, {0x10, 0x1, 0x0, 0x1, @counter={{0xc}, @void}}, {0x20, 0x1, 0x0, 0x1, @rt={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_RT_KEY={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RT_KEY={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}]}, @NFT_MSG_NEWCHAIN={0x74, 0x3, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x7}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x1}, @NFTA_CHAIN_HOOK={0x44, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x7177898e}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x66b54a23}, @NFTA_HOOK_DEV={0x14, 0x3, 'pimreg0\x00'}, @NFTA_HOOK_DEV={0x14, 0x3, 'ipvlan0\x00'}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x2}]}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xffffffffffffffff}]}, @NFT_MSG_DELSET={0x23c, 0xb, 0xa, 0x801, 0x0, 0x0, {0x1, 0x0, 0xa}, [@NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0x6}, @NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0x8ce}, @NFTA_SET_USERDATA={0xec, 0xd, 0x1, 0x0, "bf63ace7a4c338cd66261dec1c9117119013f81a159b91c1e5f2ce517bf2affd33387256f83a2a95a81eea3d299a11ebf402fd22e45d9aa85afb3b0f2d6913f10bb3bd0b64ae0199c63a5a6186afd533401c136488ca1f8698e18b8ce11342e99fc8e6a5d7a83499d460138ce818a1d68d4e9d5a82a11165e6872d9997d6d67f8d34401c301b5bece3c390c816d46936ca2531bcef79bd19929c845edd91110a1f5fbe56c7c0dd3bbef32a266cdeea384505c709ce96f0abe7cf8f7cd4ee9bbe76f7cc7bbbba37d011c35df2de159344c48b1bb200f707cb64f9603e32fe6f62682827606a451b7e"}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_TIMEOUT={0xc, 0xb, 0x1, 0x0, 0xffffffffffffff8f}, @NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x3}, @NFTA_SET_USERDATA={0xeb, 0xd, 0x1, 0x0, "c4caf2e8a96bbf5eb775def53c6c0a50a19b3e1ac26a4dae665175844a270a30793e19f5413b173d60b07704616510dc9abf56320a766f4a524d8c05faaf08891e21600b39726fdbd3ce6d312eb76f8b0ea9933028c348de8a462bc817d56fbdfa55aec4aeb73e6ad5ee3c4a8108b3234bf9eb6e4ffd104857984d7cd83c63131ca5103819e8fbb6ac51b97787c7f0e15e057dfc4441f2b7caf28d87685410d0cf0f19e67ac3659dbe92c28d1c5c5f7fe4cdbeb54bc053c7bd45ee8ff7bb226704922278e8eda207b7168860891d4fd01d975eef8ce5629795b343cf460408301eaa3e82ecc404"}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x2}]}, @NFT_MSG_DELTABLE={0x2c, 0x2, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x4}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x4}]}, @NFT_MSG_DELCHAIN={0x4c, 0x5, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x1}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x2}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffb}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0xcbc}, 0x1, 0x0, 0x0, 0x20008040}, 0x24000811)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r1, 0x18000000000002a0, 0x14, 0x0, &(0x7f0000000040)="07009e1400fc00000000ffffff7f000000000000", 0x0, 0x1fc2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'batadv0\x00', <r2=>0x0})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x100, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff5653f, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x81}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=@newtfilter={0x38, 0x2c, 0xd3f, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0xc, 0xfff1}, {0x0, 0x9}, {0x8, 0x2}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_FLAGS={0x8, 0xb, 0x3}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x20048044)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0fff100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001011404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x57)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r6, 0x702, 0xe, 0x700, &(0x7f0000000540)="e460334470b8d480eb00c15286dd", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000300)={@ifindex, 0x6, 0x0, 0x5, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x0, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r7=>0x0}, 0x40)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r1, r2, 0x25, 0x5, @val=@tcx={@void, @value=r1, @void, @void, r7}}, 0x1c)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000500)={@fallback=r1, 0x0, 0x0, 0xf, &(0x7f00000003c0)=[0x0], 0x1, 0x0, &(0x7f0000000400)=[0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0]}, 0x40)
socket$netlink(0x10, 0x3, 0x6)

24.728271283s ago: executing program 0 (id=2033):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="4400000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="662700000000000024001280090001007866726d0000000014000280040003"], 0x44}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[], 0xe8}}, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x1, 0x1, 0x3a)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r3, 0x89f8, &(0x7f0000000180)={'ip_vti0\x00', &(0x7f0000000100)={'syztnl1\x00', 0x0, 0x7800, 0x700, 0x1, 0x0, {{0x5, 0x4, 0x2, 0x0, 0x14, 0x66, 0x0, 0xe, 0x4, 0x0, @multicast1, @local}}}})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x41800, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x8}, 0x50)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000006c0), r2)
sendmsg$IEEE802154_LIST_IFACE(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000003c0)={0x14, r4, 0x703, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4020804}, 0x0)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000002c0), r2)

24.588914093s ago: executing program 4 (id=2034):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x0, &(0x7f0000000000), &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x51}, 0x94)

24.538385921s ago: executing program 4 (id=2035):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}, @NFT_MSG_DELSETELEM={0x2c, 0xe, 0xa, 0x201, 0x0, 0x0, {0xa}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xe0}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f00000005c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f00000003c0)={0x1cc, 0x1, 0xa, 0x101, 0x0, 0x0, {0x5, 0x0, 0x3}, [@NFTA_TABLE_USERDATA={0x3f, 0x6, "bc7602396e4315298de7c2410f0c31c72a48cda25f978ee7a5cecb6804ecdb5564d65a878e1ef3f38a5bade612494ed72a0aa6e0cf22fa24b86763"}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_TABLE_USERDATA={0xb4, 0x6, "269da55183dcf4340e6878be044be128569c8bf5d71d5c0dcc41b477bebf93e308360196bd9309881647f3cdc80e3c26db3fbb1eaeeb0564edfee3fd30b793b16623d806eab3826b780d39695a7cbc0be9c0385b8cd30fe2b5bef90f2385c2e3659af34462a1da2e04b9e1b57e8c876f7f38bdf9dd17ba3614ff6866b48122bf4a23685038ae299103abe28f99f2757efb3f998bedc061a074247c3d65c79855c114ed2a45ced7582451efe2f9acba98"}, @NFTA_TABLE_USERDATA={0xae, 0x6, "6a925b822f4fe564b531102e4f16b5bad85bc4c5be5f321289453b93ddc6fcbdbbb2ea31db82a2b3c45d8eb40256acdde4ef466af0dd86edf3c330acad0190e15b3cf5d85a63e9aba2f85a3e6b41e648d9f53a06171d5e7304bd397d7da02e11512a3f795cc6dc0828b463e2f30b26e25883b9eda053d7af038816c63d0da5eb8b51c8ff48635161ca776a79d8362389a4b55f90c27126dc037d3bb8796652ab2b1cb7e559246d0b846d"}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x1cc}, 0x1, 0x0, 0x0, 0x40}, 0x41)
sendmsg$NFNL_MSG_ACCT_DEL(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)={0x68, 0x3, 0x7, 0x3, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x3}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0xffffffffffffffff}, @NFACCT_FILTER={0x1c, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x8}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1ff0}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}]}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x200000000}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x100000001}]}, 0x68}, 0x1, 0x0, 0x0, 0x8000}, 0x60801)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}, @NFT_MSG_DELSETELEM={0x2c, 0xe, 0xa, 0x201, 0x0, 0x0, {0xa}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xe0}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f00000005c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f00000003c0)={0x1cc, 0x1, 0xa, 0x101, 0x0, 0x0, {0x5, 0x0, 0x3}, [@NFTA_TABLE_USERDATA={0x3f, 0x6, "bc7602396e4315298de7c2410f0c31c72a48cda25f978ee7a5cecb6804ecdb5564d65a878e1ef3f38a5bade612494ed72a0aa6e0cf22fa24b86763"}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_TABLE_USERDATA={0xb4, 0x6, "269da55183dcf4340e6878be044be128569c8bf5d71d5c0dcc41b477bebf93e308360196bd9309881647f3cdc80e3c26db3fbb1eaeeb0564edfee3fd30b793b16623d806eab3826b780d39695a7cbc0be9c0385b8cd30fe2b5bef90f2385c2e3659af34462a1da2e04b9e1b57e8c876f7f38bdf9dd17ba3614ff6866b48122bf4a23685038ae299103abe28f99f2757efb3f998bedc061a074247c3d65c79855c114ed2a45ced7582451efe2f9acba98"}, @NFTA_TABLE_USERDATA={0xae, 0x6, "6a925b822f4fe564b531102e4f16b5bad85bc4c5be5f321289453b93ddc6fcbdbbb2ea31db82a2b3c45d8eb40256acdde4ef466af0dd86edf3c330acad0190e15b3cf5d85a63e9aba2f85a3e6b41e648d9f53a06171d5e7304bd397d7da02e11512a3f795cc6dc0828b463e2f30b26e25883b9eda053d7af038816c63d0da5eb8b51c8ff48635161ca776a79d8362389a4b55f90c27126dc037d3bb8796652ab2b1cb7e559246d0b846d"}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x1cc}, 0x1, 0x0, 0x0, 0x40}, 0x41) (async)
sendmsg$NFNL_MSG_ACCT_DEL(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)={0x68, 0x3, 0x7, 0x3, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x3}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0xffffffffffffffff}, @NFACCT_FILTER={0x1c, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x8}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1ff0}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}]}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x200000000}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x100000001}]}, 0x68}, 0x1, 0x0, 0x0, 0x8000}, 0x60801) (async)

23.455612499s ago: executing program 1 (id=2036):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000ec0)=@raw={'raw\x00', 0x8, 0x3, 0x6e8, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x618, 0xffffffff, 0xffffffff, 0x618, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x330, 0x358, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa', {0x6}}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x2c0, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0xc4, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0xffffffffffffffff, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x8000, 0x16a, 0x1, 'syz1\x00', 'syz0\x00', {0x80000001}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x748)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008004f0fffeffe809005300fff5dd000000100001000d0c10000000000000000000", 0x58}], 0x1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$FS_IOC_GETFLAGS(r2, 0x80086601, &(0x7f0000000000))
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0xfffffffffffffe01, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETTABLE(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000600)={0x20, 0x1, 0xa, 0x801, 0x0, 0x0, {0x1, 0x0, 0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}}, 0x800)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000100001000000000000000000000000000200000038000480340001800b00010074617267657400002400028010000100434f4e4e5345434d41524b0005000300ef00000008aa542bdf0000000900010073797a30000000000900020073797a310000000b40000000031400000011000100000000000000005fc7ce030a00"/140], 0x94}}, 0x0)

23.271033887s ago: executing program 4 (id=2037):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="44000000100510a015cf2a29f2e61b7bfb227e5f", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800900010069706970000000001400028005000a00010000000500050000000000"], 0x44}}, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000300), 0x0)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, 0x0, 0x20008045)
sendmsg$NL80211_CMD_SET_WIPHY(r4, 0x0, 0x41000)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r5, 0x7d4165c9)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r8, 0x7d4165c9)
listen(r7, 0x0)
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r9, 0x2)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000780)={@in6={{0xa, 0x4e24, 0x2, @empty, 0xc}}, 0x0, 0x0, 0x20, 0x0, "9c0fe2154aa786d10084ecfbe8e86f7d312fcc8fde38d5823d22fbbb55a7837e5f2329f4d662f2185f18fae43e09d661d12a01669d6eef2e4733c2c29a3c3d16ef45c7c1c8ecfcc76b47d9ab9a573f11"}, 0xd8)
listen(r10, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r10, 0x6, 0xe, &(0x7f0000000680)={@in6={{0xa, 0x4e21, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x81}}, 0x0, 0x0, 0x40, 0x0, "2b20a1a47cddc63b223be606d7303a4d4d11e10450d766feb63b382d54bab577021cad5de4fe7630a33b6deca160b1267ff02123bc27830000000000ffff40000000000000b5b29049cb65f00300"}, 0xd8)
r11 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r11, &(0x7f0000000540)=[{&(0x7f0000000180)="580000001400192340834b80040d8c560a066f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0effeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1)
listen(r7, 0x5)
ioctl$sock_SIOCETHTOOL(r2, 0x89f1, &(0x7f0000000a00)={'tunl0\x00', &(0x7f0000000a40)=@ethtool_cmd={0x3d, 0x0, 0xfffffffd, 0x8, 0x2, 0x3, 0x8, 0xfe, 0x0, 0x9, 0x0, 0x8, 0x40, 0x0, 0x0, 0x4000003, [0x1, 0x2]}})
bind$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x2710, @my=0x1}, 0x10)

23.065636238s ago: executing program 1 (id=2038):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000700), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
r6 = socket$inet(0x10, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'virt_wifi0\x00', <r7=>0x0})
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x34, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r7, {}, {0xffff, 0xffff}, {0x3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}}, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_GET_SCAN(r9, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, 0x0, 0x200, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x2, 0x7d}}}}, ["", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000e80), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
sendmsg$inet(r12, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg(r11, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0)
pipe(0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @empty, @multicast1}, @address_request}}}}, 0x0)
r13 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r13, 0x89f3, &(0x7f0000000240)={'syztnl0\x00', &(0x7f00000001c0)={'ip6_vti0\x00', r7, 0x4, 0xf, 0x2, 0x80000000, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @empty, 0x80, 0x7, 0x1000, 0x7fff}})

21.111622786s ago: executing program 2 (id=2039):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea6086416ae0e99d3f3f55fe80002020800020500eab556a705251e618229b30051f60af4d4938037e786a6d0001000000e4509c5bbcd72c6c953000000000000000000", 0x5c}, {&(0x7f0000000080)="91bfec564e2afeacb773fcc1e949615261127af88cbde8fe739a3e4abc04ed80a2b2142443ac42f7f968967e183bccbd3e6ecc1abff391ef6fccde9d265a1d717c03ea7596e12d9da408c5d24cef4ee41774", 0x52}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x20004080)
ioctl$XFS_IOC_GOINGDOWN(r0, 0x8004587d, &(0x7f0000000000)) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0xfffffffffffffda3, &(0x7f0000000180)={&(0x7f0000000200)=@delnexthop={0x20, 0x69, 0xb, 0x0, 0x0, {}, [{0x8, 0x1, 0x1}]}, 0x20}}, 0x4000000) (async)
r4 = socket$kcm(0x23, 0x5, 0x0) (async)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (async)
setsockopt$sock_int(r4, 0x1, 0x6, &(0x7f0000000240)=0x9, 0x4) (async)
listen(r4, 0x800)
accept4(r4, 0x0, 0x0, 0x80000) (async)
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r5, &(0x7f0000000400)=ANY=[@ANYBLOB="1c0000f500000000000000862dfdff000000", @ANYBLOB="07b2bab740"], 0x78) (async)
r7 = socket$kcm(0x2, 0x200000000000001, 0x0) (async)
r8 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000000)={0x43, 0x0, 0x0, 0x3}, 0x10) (async)
bind$tipc(r8, 0x0, 0x0) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xa, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x63, 0x11, 0x22}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$tipc(r9, &(0x7f0000000140)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x43, 0x1}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x24004000}, 0x800)
sendmsg$inet(r7, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085) (async)
ioctl$sock_kcm_SIOCKCMUNATTACH(r7, 0x5411, 0x0) (async)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x1, 0x0, 0x0) (async)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000340)={'bridge0\x00'})

16.33114336s ago: executing program 4 (id=2040):
r0 = accept$netrom(0xffffffffffffffff, &(0x7f0000000000)={{0x3, @default}, [@bcast, @remote, @default, @default, @default, @bcast, @netrom, @bcast]}, &(0x7f0000000080)=0x48)
setsockopt$netrom_NETROM_T4(r0, 0x103, 0x6, &(0x7f00000000c0), 0x4)
clock_gettime(0x0, &(0x7f0000003bc0)={<r1=>0x0, <r2=>0x0})
recvmmsg(0xffffffffffffffff, &(0x7f0000003b00)=[{{&(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f0000001280)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/219, 0xdb}], 0x2, &(0x7f00000012c0)=""/4096, 0x1000}, 0x401}, {{&(0x7f00000022c0)=@alg, 0x80, &(0x7f0000002580)=[{&(0x7f0000002340)=""/14, 0xe}, {&(0x7f0000002380)=""/39, 0x27}, {&(0x7f00000023c0)=""/151, 0x97}, {&(0x7f0000002480)=""/222, 0xde}], 0x4, &(0x7f00000025c0)=""/224, 0xe0}, 0x4}, {{&(0x7f00000026c0)=@ieee802154={0x24, @short}, 0x80, &(0x7f0000003980)=[{&(0x7f0000002740)=""/84, 0x54}, {&(0x7f00000027c0)=""/4096, 0x1000}, {&(0x7f00000037c0)=""/2, 0x2}, {&(0x7f0000003800)=""/115, 0x73}, {&(0x7f0000003880)=""/29, 0x1d}, {&(0x7f00000038c0)=""/183, 0xb7}], 0x6, &(0x7f0000003a00)=""/210, 0xd2}, 0x60}], 0x3, 0x100, &(0x7f0000003c00)={r1, r2+60000000})
r4 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000003c40)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0)
write$cgroup_int(r4, &(0x7f0000003c80), 0x12)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000004080)={0xffffffffffffffff, 0xe0, &(0x7f0000003f80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000003d80)=[0x0, 0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x9, 0x1, &(0x7f0000003dc0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000003e40)=[0x0], 0x0, 0x49, &(0x7f0000003e80)=[{}], 0x8, 0x10, &(0x7f0000003ec0), &(0x7f0000003f00), 0x8, 0x29, 0x8, 0x8, &(0x7f0000003f40)}}, 0x10)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000041c0)={&(0x7f00000040c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x72, 0x72, 0x3, [@func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{0x1, 0x4}, {0xe, 0x4}]}, @typedef={0xc, 0x0, 0x0, 0x8, 0x4}, @datasec={0xe, 0x3, 0x0, 0xf, 0x2, [{0x2, 0x6, 0x5a}, {0x4, 0x400, 0x8}, {0x5, 0x8, 0x1}], "130a"}, @float={0x6}, @restrict={0xf, 0x0, 0x0, 0xb, 0x4}]}, {0x0, [0x5f]}}, &(0x7f0000004180)=""/39, 0x8f, 0x27, 0x1, 0x2}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000043c0)={0xffffffffffffffff, 0x20, &(0x7f0000004380)={&(0x7f0000004240)=""/204, 0xcc, <r7=>0x0, &(0x7f0000004340)=""/23, 0x17}}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000004440)={0x12, 0x1, &(0x7f0000003cc0)=@raw=[@ldst={0x1, 0x2, 0x0, 0x9, 0xb, 0x0, 0x1}], &(0x7f0000003d00)='syzkaller\x00', 0x6, 0x3b, &(0x7f0000003d40)=""/59, 0x41000, 0x22, '\x00', r5, @cgroup_sock_addr=0xf, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f0000004200)={0x2, 0x8, 0x8000, 0x81}, 0x10, r7, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000004400)=[{0x0, 0x4, 0x5, 0xb}], 0x10, 0x1000}, 0x94)
getsockname$netrom(r3, &(0x7f0000004500)={{0x3, @bcast}, [@default, @netrom, @null, @remote, @remote, @null, @bcast, @bcast]}, &(0x7f0000004580)=0x48)
setsockopt$rose(r3, 0x104, 0x1, &(0x7f00000045c0)=0x40000000, 0x4)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_SET(r9, &(0x7f0000004740)={&(0x7f0000004600)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000004700)={&(0x7f0000004640)={0x98, 0x0, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, {0x1c}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}]}, 0x98}, 0x1, 0x0, 0x0, 0x800}, 0x4000)
sendmsg$NL80211_CMD_CONNECT(r9, &(0x7f0000004ac0)={&(0x7f0000004780)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000004a80)={&(0x7f00000047c0)={0x2a0, 0x0, 0x124, 0x70bd27, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x2, 0x3f}}}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_PREV_BSSID={0xa}, @NL80211_ATTR_IE={0x134, 0x2a, [@challenge={0x10, 0x1, 0x70}, @channel_switch={0x25, 0x3, {0x1, 0xb2, 0x6}}, @random={0x6, 0xe3, "a30705858760ab62f07b185d1708ddf8993902d59fdaf048c9d069fc8b34667e5af53a900b6f46c7b42cd6d4d9bfb00b82c2d5dc63ed3cc8968da350b3ee53c332c9abbcc4c63a40a0ef2ee49a0f095a4c50e2afa5afe6c3e3d9006b6e2ced11919bad2c48a9920e7ee69157c80623cb4e74578c7d2ff6ac9ab2d56d7eea15680137ff6b7da1b348e72807fea3dbc1abb6f64d0d518a8d3d84166f536f2323a10ceeadc57844dfad2412aa0feafeeeeda9553bff07a614322a2a9b7f0af6bdc7b9042c4b74574af5f4fc55c0469ab782f346ad4fe9f140d32384ccfff46891a27338fa"}, @ibss={0x6, 0x2, 0x89}, @mesh_config={0x71, 0x7, {0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, 0x1, 0x6, 0x29}}, @ssid={0x0, 0x11, @random="9518270e152158795c08e4581db0b42d82"}, @mic={0x8c, 0x18, {0x4f4, "124f98abb43a", @long="bf321eeee691017edb0bc0e4fba501ac"}}, @measure_req={0x26, 0x7, {0x9, 0x5, 0x4, "47d5905b"}}]}, @fils_params=[@NL80211_ATTR_FILS_ERP_REALM={0x5e, 0xfa, "cffc664171e648ccacd17efd276d098e2f35ee6bb73ea17bb88ca022677d3c51f32fe261cc4a5788da37428916946a660f04f59c94ee8ea77cf0ea97dc56d12284594819bb0df644e2163958339d76085e776b8b7064f4f759cd"}, @NL80211_ATTR_FILS_ERP_USERNAME={0x14, 0xf9, "187fdb285ce1042c10d923442538a481"}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x28}, @NL80211_ATTR_FILS_ERP_REALM={0x97, 0xfa, "ef611bad22f2b51fc48466c01fce23b140f69580c5666b5bb9a9728a7469d9bd9b469039ef8a911777f1f1035697a3acc831db73635868b038c516e393bc1b4b07ca7e89a9d76844cffcead2236f1c9eb439a43c9a7c0abbe3a070ba5b4899941a4e92182a502b1ff6f63508836193208f5e957dc5c42ce91f78573376b95929b381acd5b1d11c905623d7561edd97ca16c41a"}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x401}, @NL80211_ATTR_FILS_ERP_USERNAME={0x9, 0xf9, "5a8f55690c"}, @NL80211_ATTR_FILS_ERP_RRK={0x4}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x112}]]}, 0x2a0}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000004b00)={<r10=>0x0, 0x4, 0x200}, &(0x7f0000004b40)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r3, 0x84, 0x1a, &(0x7f0000004b80)={r10, 0x9e, "739d852d5831ddb30eb22dbbfc1ed6cac67221bf1b44716119816376b6c0de3107913a8d8fb0d02ccef9e437b1a58095ed9c546040624cd142db384fde553b9623dbaa518db5f0a4b90707dad331861738c2b6bee6f420502bb66ad092d7da9597cf2835d88f8920b35b60f1ae43e517c18d5eef647e4de7a3d4deac10844e7251c296cd2d2b2e2575af40870b4c60c09e05dc660b2ca3cbc86f2c996cb0"}, &(0x7f0000004c40)=0xa6)
sendmsg$inet(r9, &(0x7f0000004dc0)={&(0x7f0000004c80)={0x2, 0x4e24, @rand_addr=0x64010101}, 0x10, &(0x7f0000004d80)=[{&(0x7f0000004cc0)="06f149a050cbe6c9bfe452163159daae48191190c90408f5d5195a2926c0da44dfc08aff82919e923d2cdcb519892db15bb935bc2278d22384f8428e23aba633a124de2ca9693faa680f7a93e78c5993249d14f3ec66e5cb32047d4d3551e285b4129e3f74e45cdf7e4c34f6b0e3ba976f93dce106f23d0a6f55275555eaaa622edc100e19ea1a681138e92af73e89cd4442d5b52820c826a9f6e2c60ecd437b245150daf99d40df3a6b9475db28", 0xae}], 0x1}, 0x20044000)
bind(0xffffffffffffffff, &(0x7f0000004e00)=@pppol2tpv3={0x18, 0x1, {0x0, r3, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x2, 0x3}}, 0x80)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000004ec0), r3)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000004f00)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r9, &(0x7f0000005080)={&(0x7f0000004e80)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000005040)={&(0x7f0000004f40)={0xe8, r11, 0x200, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r12}, @val={0xc, 0x99, {0x8, 0x5e}}}}, [@NL80211_ATTR_REKEY_DATA={0x44, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="e7eaf2f372cb9d950ccf3df98336669afd28c46a9be2726e"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x5}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="dcc4457fc0a939308d5ec095b2695b5c13f7a0189c9c0716"}]}, @NL80211_ATTR_REKEY_DATA={0x6c, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x7}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "9e7060e40996c7a4"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x6}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="d7b100296b0466133dd609bb60bc9bdc6e28b6b53e1e774cce9323c495f5a1b4"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="65c95921ff7a60c47d5f71fdebaf48f74f04af2d5206174c"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "6dde9b6330b6c4f3"}]}, @NL80211_ATTR_REKEY_DATA={0x10, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "7384ec3a023a4385"}]}]}, 0xe8}}, 0x40)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$packet(0x11, 0x3, 0x300)
r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$nl802154(&(0x7f0000005100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000005140)={'wpan4\x00', <r15=>0x0})
sendmsg$NL802154_CMD_SET_SHORT_ADDR(r13, &(0x7f0000005200)={&(0x7f00000050c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000051c0)={&(0x7f0000005180)={0x28, r14, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r15}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x28}, 0x1, 0x0, 0x0, 0x2008080}, 0x1)
setsockopt$IP_VS_SO_SET_EDIT(r8, 0x0, 0x483, &(0x7f0000005240)={0x2f, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x1, 'wlc\x00', 0x0, 0x2, 0x4}, 0x2c)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f0000005380)={0x0, 0xad, "b3ba269294630c217d7d7e79edbb2d2539bdc375565cc391398eba0f0906b75a197fcc3ea6b6fd62ed87507fa01f7d01e00b2cb3046710c30284b5a294accd83b2939125fd249360f3c390da999a4f49d178aec38400d1d7d21bba1c9aa5b49493377c7f04099f2dd74e97f9882e4f314774ae28ceca354aa7041b0112dc93a7c60621636d9cc9a8582c0c8546d375d1567edf14986d3ea2a024013330a3153a1c94d19049d69caae925bd00b1"}, &(0x7f0000005440)=0xb5)

16.315675924s ago: executing program 0 (id=2041):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="00000000040000090000000000000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_FIB_DREG={0x8}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x20}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f00000003c0)='cgroup.clone_children\x00', 0x2, 0x0)
sendfile(r2, r2, 0x0, 0x8)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xa, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b70800000c300000638af8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018240000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000400)={r4, 0x0, 0x0}, 0x10)

15.911905033s ago: executing program 4 (id=2042):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
poll(0x0, 0x0, 0xeb)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x50)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r2, 0x0, 0xfe33)
recvmsg(r2, 0x0, 0x2000)
close(0x3)
socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_RECONFIGURE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7000fedbdf25030040000800010000000000100007800c0001800800", @ANYRES8=r0], 0x2c}, 0x1, 0x0, 0x0, 0x150}, 0x20008040)

15.749893358s ago: executing program 0 (id=2043):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket$kcm(0x11, 0x3, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0xa0100, 0x0)
close(r4)
socket$unix(0x1, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r6, {0x0, 0x4}, {0xffff, 0xb}, {0x4, 0xffe0}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x61b01259}}]}, 0x38}, 0x1, 0x0, 0x0, 0x240040a1}, 0x4890)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$kcm(r3, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x8, r7, 0x17}, 0x80, &(0x7f0000000480)=[{&(0x7f00000002c0)='\'', 0x1}], 0x1}, 0x4)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r8, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @broadcast}, 0x2}}, 0x2e)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r10, 0x84, 0xf, &(0x7f0000001f40)={0x0, @in6={{0xa, 0x0, 0x0, @mcast1}}}, &(0x7f00000002c0)=0x98)
write$cgroup_subtree(r9, &(0x7f0000000000)=ANY=[], 0x3261e)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x100010, r9, 0xab75e000)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
getsockopt(r8, 0x111, 0x1, 0x0, &(0x7f0000000080))

15.656462577s ago: executing program 4 (id=2044):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x40, 0x10, 0x49920d862a921d1b, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x5}]}, 0x40}}, 0x0)
unshare(0x20000400)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r4=>0x0})
r5 = socket$packet(0x11, 0x3, 0x300)
getsockopt$sock_buf(r5, 0x1, 0x37, 0x0, &(0x7f0000001000)=0x29)
r6 = socket$alg(0x26, 0x5, 0x0)
ioctl$XFS_IOC_START_COMMIT(r5, 0x80585882, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
ioctl$sock_x25_SIOCDELRT(r7, 0x890c, &(0x7f0000000580)={@null, 0xb, 'veth1_to_bridge\x00'})
bind$alg(r6, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r8 = accept4(r6, 0x0, 0x0, 0x800)
sendmsg$alg(r8, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x890}, 0x0)
r9 = socket(0x22, 0x2, 0x1)
r10 = socket$pptp(0x18, 0x1, 0x2)
ioctl$FS_IOC_MEASURE_VERITY(r10, 0xc0046686, &(0x7f0000000680)={0x1, 0x7c, "93931c54dbd637b659d82f514dddf5ec048085e53b9b4ae9c976a049068e245a96bef9e46fc2488b6eec1feb6006820622bbcb8527ea5c2098c91bd09d4212ad8816a1c0f4ce1138d7f0006cc4dedd4cdb6746bb3dec0b3b0d7e50a8711b10221188f51a563f3674cd5d4570646bdf2c01298ec1742222cf37629cea"})
ioctl$sock_inet6_tcp_SIOCATMARK(r9, 0x8905, 0x0)
sendmsg$nl_route_sched_retired(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000700)=@delqdisc={0x100, 0x25, 0x800, 0x70bd2d, 0x25dfdafe, {0x0, 0x0, 0x0, 0x0, {0xfff2, 0x3}, {0x7, 0x9}, {0xe, 0xffe0}}, [@q_dsmark={{0xb}, {0x24, 0x2, [@TCA_DSMARK_SET_TC_INDEX, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x8}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x30}]}}, @q_dsmark={{0xb}, {0x18, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xff}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}]}}, @q_dsmark={{0xb}, {0x1c, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x9d}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0xf, 0x2, 0x3}]}}, @q_dsmark={{0xb}, {0x4}}, @q_dsmark={{0xb}, {0xc, 0x2, [@TCA_DSMARK_INDICES={0x6}]}}, @q_dsmark={{0x3d}, {0xc, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x2}]}}, @q_dsmark={{0xb}, {0x14}}]}, 0x100}, 0x1, 0x0, 0x0, 0x4008044}, 0x0)
recvmmsg(r8, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000300)=""/223, 0xdf}, {&(0x7f0000000840)=""/127, 0x7f}], 0x2}, 0x101}], 0x1, 0x60, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001e5ff0000080000000000000001000084060000000000000001"], 0x0, 0x42}, 0x20)
ioctl$sock_netdev_private(r0, 0x18, &(0x7f0000000480)="1bce6a7a9c6d342506ecaa84edb278f1ea5d60d4c15f5b17f3793201b71f29c523353f2231f2040dcc257dfb6624f0ade73c92e61e87b666b23715719727e0ac6111f9664b9babd203d8652ce8d822a1d1b4ae2a37ffba1cfd17c785b984ee222f5c5dbca5d30dd268a02b57c82cfdfce9a895864a50a0ecef9389a71b42a3f089caebe42242382b4312a411ab80af314918b8aa97d298c69ed110e904779d5fd3c0d8ab7b7257591ae1ca5990eccb07db424b12ded801d7edd77a667c642d435ae8a80afabb49ffaa")
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000001c0)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r4, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)

15.151758631s ago: executing program 3 (id=2045):
syz_emit_ethernet(0xfcf, &(0x7f00000000c0)={@local, @multicast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0xf99, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, @local, {[], "223427d5c9a46b9fa14172170a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433c7b54c8dd4b59203f9a2e227e9b043eb430e606cf98f3428ac8511948dd553bc0728c0626fbda71bd2a1d734d605e27bdb0be93b7b91284689e31fccb70c15f2c39da9011c84d36fe4b4b36ff26e45a34685fc638dbdaa068a3d3d4f5d44b74afc0fc7956e5fcc3fe405ac6d292d1d90f257f18fe14a3192d28ed369956aa2f91f9fee773cf7fb5d90705347eeadc1af86de78a498fa1a20e5b3f481a0595769654d969299506d8ffbc172a7fb9453a8a3787e80b167936863f2cc16c1d03481bd40e1abcf87a292559771572136932bf30e48174012a1d4d5f138f93140af2ceb9c821c7966ea7592d762975b5b33ef141b6b91eb388c91b924945c3231d0f299adb5a36e0c95a17872e7ebf0bc0e33baf5c46f9e2087b77bad0794d519ce7bc8674a70f3545d020454ded22f164185df3b4f952b132947b75333993fd73a6bac5836dd5720e559bcb82a4926734c5c3b1287c5fec219a99f71eb398430001f007306e9232c269c2886357f75d935e8de054341ac36f1df1fc77fbc347d90660f4d5658cfeb9e289f70968a7c0b38ae34c4bfa46b47964e223ac34f472e3231e8c285add5713592c76c062c3477beb55b279846f04f8d6a5ce2743c6a2020f0c5164953b8dca7e57239dc8a7f507bcf77767ab0b4602437171a09c8e80f5a165c4c37eaae386cfcb927dd1a935fa717fa1608792b34bafbc20cf11a678455894ede62788309ab7a7075535847a2b48260a613e521b01d75648263ad78e6176528dbf3e6c4e4d72066e617be5387183a51dd97d2e846c5d173b51e17a4c8d78a49c914cbe44236c52c78de45b44f9d80bc6f77c75135922a84579bce77baa71311889f5b7b90c5124b8298d5e9c81c442d60df00795854d3213a1ac254c8963c109f68b3ff5451c381f6fb56c116f86b71f988d1e9f732280cbf3d4e9791fefc4bdec5dc293fb77b02d5aab6bd8cd179b7e425126b7f78c0d004bc6470ecc2bbc422bd06a6bd8f717009509e6a88b01347b7a62b9dea6f7a7446a371f422499a6e66eeb6a7b0beb4a86a61f875a9bfe0f5d5f0d0e4c85852afaea97d74ebc80d6491a8a1c998c4b5bc34b3edaeba2df902cd5e14e016720e6c3c8b15287b2471c34251e26dc442720cd5d984e30b110b7370f233f865b9ac129fdf49ff02b303d7d4f91039d3bb58a9d64d7a72d8b8eba6b45a000370d4f0e9c0d411768441372e7112e5d4e7d70a9d6b428b8b85ee6209d6f73e7b024740c052166deeb843e4ab78d1d354d75a5827ff0d49d8964e75785f3594c7299c0917b48f3b2efb81a4c3a7d6e0f1cf50efe0360963c2e3ee390ed2a4c39f42e856eced0f2ee7beacd2ecbece493e911ca0460584323ea6d4a0c00864693c979cae38f0c5841bfaeebf609d1075163c120fea0bd0207d2dd07e5e2e0a5afe3efee0ee6bb9a926a8dba7a27a82c5421a5b20bfb5dbdef532a12435fcd899f15603209831711e0dcfaaf2104b2016f087fce44848c70b65a34b9be83df2064391fc5a8d169dc1943d226e57ab5ba06c656273d4efba73a8a61aae19df4d2445f3ce7e649af1b4ffc86106c9092ddd0aafeb45653d181cb32b06a1dd41573495f15c3b8c0019ba72a2eb163dfcbdbb235322ae27d7116af506f295c2424ab9191aa8ce0e4617b212af21983f8d2b19d7fdeec881f6fa448acc7c3e133b6f281583fad4467c05801e69f6ffc1ae2e1f54655534d884c2f8f60303da33ccbe47a293643edb61c7d9fad4e3e54028bc64be8e5b1da53446869b136660b8e96ff96c48641ece275967b27b291c5c240b3399b5b901b699227735f821938bc88ded45bada2b257b1a4bcab7ed6647f2027e5680c87329e9cfdba6bde2f2a9b676be016001702bebbabb2eae3eba01d6f49ab70245a4c5ef0e136b531e1843487b3f69c5b811217d6d2f5e71b47f40c28117bd09a88bb21887a06e2cc164d4281d0df47cbd5781f1524098d89ccae32f24c5f9d86469106685fdc683ad5e873030b621dc00354e0621106da90aca69bb53848dd57251a45bc1898aca9bc84c9a8d2f8aabeed888560771c8cb03aab02620430fec8e9740880790060ccbffd5b8edaa219ca61587eff1b1b03ae8af53059f121efdec8b3ee8aba06f494a5b4575bc848d5a9773d2346f75811cb82a078fc960c9bd374555d78b1b4ba0b438ef00e8aa75810ca5efc5c70936e2cb0e515912cb7f625a2130a9ad58f29e58ae6eac5c3f15f22f0163ee6dead6947c4390b92c8dfb146fec7bfc0b37e8ff2c9de90c30f2d8b5e334107f9835bc47fbc193c60ebd5ac4e677c7fd5b6261ff96e97c185c726ec02941bc2336946f181fd2aff43f0e95f06105a049fcb8e4e3738407d6356856f533f17fae281a3be9f2050ae3d19d1b8350d424087ac9b7875824a9b7e098775b53d6ec960fc052ecd165d17a7897de75f15316a072bb9ccf6ce1ec085bb5356c271b985a437a32f12308fc927410fd444bcded9859e7b8a3cfaaf29ebfb92cc7cbfad2559bbe4f90e189e8708e93827b221869cc78fa41fd5bcb6577b7dfe4c3927dc25a58aa84419f76e71d1f3c10cbb5e52ab2bebe0d39bdffda0fa1b55fe3a03683f882a82dd58498d62b101acd710fd436aa7409fe3cf5352dffb399d560323e14d564bdb3121b89c1f43fc9a892b799cd32f7ce2ededb868920b4547735ef0bf3e148251a4f65dddb7f96b2f33734522a8cffdc51520ac98926b3406e96618cf15a042a67239e755afc70ec6a9c99f8e08ec2946e5901364d85223a63d49572519137d93b6b0798e72acf9da120e706ee73367dec1450a68def886c149bcd734469e10b933899501011cd548e99d638821d5709fde050ab382d4896ecfd7999d40ea9c690c26d396545224c8f9e19705593df2688eb592e2476a0193f7054ab6f703d41c545a80bf285bbc7cc735bd306c9ea5eb64f40752fd4c741d9b6e03cd41b636ef8f5e810047a21c0b24c6fde1f2e98f2f27730c90d93af9e7564e4e209a61ff626b666fcc4f75f7d560da688169ff0af5e674a0b89a99fb54bb438a65f953c2db0faec2ce09cec33b6d25620b5a0393ac473fed48a38beaca5223997419876d571ce969b83b5b3ae54de83dd89fd92ed2a93c087828bef49a24ed1a97778c47fdc691a94fd5b437dfe494b5c6fadf499d9d15583b0439d3d5ecb61a32a2508a6960be6009accfd1d5d75a16dbc4121c6ef07bda12646792449c18a56e7aa3893f3f0e55a8e09ca64193dd29ea24ed8614ee8e717f046dd99a8e3750506655331125a502aa89c0d7e8e30c36a4be22cd911322695144d3bf034f38ef32d49431d50da583d08a3e4c5862483cdd52d031b12c89fdaafc3334e877e464134baece883d301193a9c27311a987d4dae82a061f48182cc747cd64441e88b68e26e4975f0fdde3129a9e6af80009962581d5349676df9c73b81514b175709d9193749660f480bd4009b528c1db4f76f42b6a175126603c39a374e890f871c97b2eebb4500451d827cc15497dc5ae89edc6f47f25db7efa4b4b2afbbb2ee543e3db8d20fe93faf300247f59075921e8b2f2a025af8a1d46f274e0c6cb4be0293c7c16c88e98d7d189e9733e4c0e3b96be4aa3fa6ecf42732e0b1432d38aeaf2330d92713cd5580ce42bfe47fb98fea64783de23f456300dd193008211a5ba408d32dedbf12aa8237a6e1a2c9890a2c1011855241fea186906a5139d1c300be57dc7ff493de80010520d10fc3eda0ee9cd413e075d3dc02258fdab567a16e43edbeecc366a69d8d75512f43a2b79cbb9132cdcd00c531730d05f1eabf66613d6e7ebb8c4c3f4f7efd415d41049786352808b22a3bde40121968af39c8f00296001662adc72b7963c8bafab4a496b50f3237a29d19ad4a51a62b1c77a04c14004734189cf7ec49e3d041a1e5658d080f09df77f39782e7133968c1f39ab3ae2a5f24a60073288f3c5825dafd614a379b8b905aaf961caa14ffa38de0d632918d31e4a9291b0f0789248e232e4276840a1ed0257300e522d83111dffd424b1b33148981e3794b2b649ba9174e6697bcc96049f4f3dcc7cf4ca97e2006ec8a146014bb49184632e4fb159a34b6530e959e60a6b4e0427cc697f14cfe6bb7a662a6f5012744f3cf2307abc19c58449864d98fcfebc5d598cd32a1c38c207896468fe8da75eb1edb1d6e7cb1eab671e4e92f139c81d79f15df2a2dc075acc982dec769e2f49aad0fdf594cb590e054616e4f4582b6c4a149ae45d844903ef68d211df2a180178e178b7c7a5012ccf8a1e677586588620365e6111f5192ecfdbd97e2284128de02e08ebc13d4bb4d114faa1e6c16c51c12da2c52d68f73640ce866ce4e794b9fafdc392c91c1f824bc301b3069a02b9c86d2ffac3ed63ddee130cbc248d6a3345d3f9553db78077072d569a6633f8bdbdb1a209a8be9b6830225994f9021b57ddd6a44e8ea40b205c6cf437f45bffaef053a5916dcc6de62ee02bdb8ce3acec8ad97fc95dab1307d254790c71f32e4678957cf0121dccabe73a03c6cacbcbdaad8801b04d9836555a982c357a06e2db7e9bf62aed8cdebbb7a71a2410b929015b61f16e54bffd038996a717b9c7cc3696d8a1205e8266bf782c3a45b0e31461d6a3ed62396088833f69248b24fbf6f81dcc08b98826c3bd2325ade54f614f2d4a153e3e3527d93978483f2bfeada6b64bc43f2a725c30e843d13e6ab34cfc38d488b3ef50cd04318fac1f89905f017644cfa2de058ad399871d1316264813c2289d0b6cfeddfbca36ce93fd4a1bfc93bb74453cfbb9c6ca22320ffc9cb0a3fff046a5678c066e617cd3ac024dfead04b99877f448b78208938585c7563efe815ff0cc47da5fff521d9730ddc89f4aeceadd06f2ea6b9ae72c9407aa550a0155db3b4bc6aaa382a30552f699cb6a1af9972a8ccc483f98952dfbde3d712ea8673eacdbb77490d833fc90f0f02e7c073d2917db70831496a88defc10667dc4c1b7399191bdc7857eb090e79c332bf9f71bb5377178e6232800c93d22318dc5ab8d5dfa2f074a6c23acb61c89f2f078ec91e9817e11a4c8295c19634b5ca2df74"}}}}}, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5}, 0x48)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x42082, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x102, 0x0)
close(r2)
socket(0x2a, 0x2, 0x0)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, 0x0, 0x4008054)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000200)=ANY=[@ANYRES16=r2, @ANYRES32=r1])
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
r5 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r5, 0x0, 0x0, 0x50040, &(0x7f00000001c0)={0x11, 0x3, r4, 0x1, 0xd8, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@nat={'nat\x00', 0x19, 0x1, 0x136, [0x200000000344, 0x0, 0xfffffffffffffffe, 0x200000000416, 0x200000000446], 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYRES8=r0, @ANYBLOB="54362e5fa546ba0a9ff91f4c81"]}, 0x86)

7.65584609s ago: executing program 32 (id=2038):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000700), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
r6 = socket$inet(0x10, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'virt_wifi0\x00', <r7=>0x0})
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x34, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r7, {}, {0xffff, 0xffff}, {0x3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}}, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_GET_SCAN(r9, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, 0x0, 0x200, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x2, 0x7d}}}}, ["", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000e80), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
sendmsg$inet(r12, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg(r11, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0)
pipe(0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @empty, @multicast1}, @address_request}}}}, 0x0)
r13 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r13, 0x89f3, &(0x7f0000000240)={'syztnl0\x00', &(0x7f00000001c0)={'ip6_vti0\x00', r7, 0x4, 0xf, 0x2, 0x80000000, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @empty, 0x80, 0x7, 0x1000, 0x7fff}})

5.57975857s ago: executing program 33 (id=2039):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea6086416ae0e99d3f3f55fe80002020800020500eab556a705251e618229b30051f60af4d4938037e786a6d0001000000e4509c5bbcd72c6c953000000000000000000", 0x5c}, {&(0x7f0000000080)="91bfec564e2afeacb773fcc1e949615261127af88cbde8fe739a3e4abc04ed80a2b2142443ac42f7f968967e183bccbd3e6ecc1abff391ef6fccde9d265a1d717c03ea7596e12d9da408c5d24cef4ee41774", 0x52}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x20004080)
ioctl$XFS_IOC_GOINGDOWN(r0, 0x8004587d, &(0x7f0000000000)) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0xfffffffffffffda3, &(0x7f0000000180)={&(0x7f0000000200)=@delnexthop={0x20, 0x69, 0xb, 0x0, 0x0, {}, [{0x8, 0x1, 0x1}]}, 0x20}}, 0x4000000) (async)
r4 = socket$kcm(0x23, 0x5, 0x0) (async)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (async)
setsockopt$sock_int(r4, 0x1, 0x6, &(0x7f0000000240)=0x9, 0x4) (async)
listen(r4, 0x800)
accept4(r4, 0x0, 0x0, 0x80000) (async)
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r5, &(0x7f0000000400)=ANY=[@ANYBLOB="1c0000f500000000000000862dfdff000000", @ANYBLOB="07b2bab740"], 0x78) (async)
r7 = socket$kcm(0x2, 0x200000000000001, 0x0) (async)
r8 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000000)={0x43, 0x0, 0x0, 0x3}, 0x10) (async)
bind$tipc(r8, 0x0, 0x0) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xa, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x63, 0x11, 0x22}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$tipc(r9, &(0x7f0000000140)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x43, 0x1}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x24004000}, 0x800)
sendmsg$inet(r7, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085) (async)
ioctl$sock_kcm_SIOCKCMUNATTACH(r7, 0x5411, 0x0) (async)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x1, 0x0, 0x0) (async)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000340)={'bridge0\x00'})

117.041051ms ago: executing program 34 (id=2043):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket$kcm(0x11, 0x3, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0xa0100, 0x0)
close(r4)
socket$unix(0x1, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r6, {0x0, 0x4}, {0xffff, 0xb}, {0x4, 0xffe0}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x61b01259}}]}, 0x38}, 0x1, 0x0, 0x0, 0x240040a1}, 0x4890)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$kcm(r3, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x8, r7, 0x17}, 0x80, &(0x7f0000000480)=[{&(0x7f00000002c0)='\'', 0x1}], 0x1}, 0x4)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r8, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @broadcast}, 0x2}}, 0x2e)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r10, 0x84, 0xf, &(0x7f0000001f40)={0x0, @in6={{0xa, 0x0, 0x0, @mcast1}}}, &(0x7f00000002c0)=0x98)
write$cgroup_subtree(r9, &(0x7f0000000000)=ANY=[], 0x3261e)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x100010, r9, 0xab75e000)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
getsockopt(r8, 0x111, 0x1, 0x0, &(0x7f0000000080))

70.155274ms ago: executing program 35 (id=2045):
syz_emit_ethernet(0xfcf, &(0x7f00000000c0)={@local, @multicast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0xf99, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, @local, {[], "223427d5c9a46b9fa14172170a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433c7b54c8dd4b59203f9a2e227e9b043eb430e606cf98f3428ac8511948dd553bc0728c0626fbda71bd2a1d734d605e27bdb0be93b7b91284689e31fccb70c15f2c39da9011c84d36fe4b4b36ff26e45a34685fc638dbdaa068a3d3d4f5d44b74afc0fc7956e5fcc3fe405ac6d292d1d90f257f18fe14a3192d28ed369956aa2f91f9fee773cf7fb5d90705347eeadc1af86de78a498fa1a20e5b3f481a0595769654d969299506d8ffbc172a7fb9453a8a3787e80b167936863f2cc16c1d03481bd40e1abcf87a292559771572136932bf30e48174012a1d4d5f138f93140af2ceb9c821c7966ea7592d762975b5b33ef141b6b91eb388c91b924945c3231d0f299adb5a36e0c95a17872e7ebf0bc0e33baf5c46f9e2087b77bad0794d519ce7bc8674a70f3545d020454ded22f164185df3b4f952b132947b75333993fd73a6bac5836dd5720e559bcb82a4926734c5c3b1287c5fec219a99f71eb398430001f007306e9232c269c2886357f75d935e8de054341ac36f1df1fc77fbc347d90660f4d5658cfeb9e289f70968a7c0b38ae34c4bfa46b47964e223ac34f472e3231e8c285add5713592c76c062c3477beb55b279846f04f8d6a5ce2743c6a2020f0c5164953b8dca7e57239dc8a7f507bcf77767ab0b4602437171a09c8e80f5a165c4c37eaae386cfcb927dd1a935fa717fa1608792b34bafbc20cf11a678455894ede62788309ab7a7075535847a2b48260a613e521b01d75648263ad78e6176528dbf3e6c4e4d72066e617be5387183a51dd97d2e846c5d173b51e17a4c8d78a49c914cbe44236c52c78de45b44f9d80bc6f77c75135922a84579bce77baa71311889f5b7b90c5124b8298d5e9c81c442d60df00795854d3213a1ac254c8963c109f68b3ff5451c381f6fb56c116f86b71f988d1e9f732280cbf3d4e9791fefc4bdec5dc293fb77b02d5aab6bd8cd179b7e425126b7f78c0d004bc6470ecc2bbc422bd06a6bd8f717009509e6a88b01347b7a62b9dea6f7a7446a371f422499a6e66eeb6a7b0beb4a86a61f875a9bfe0f5d5f0d0e4c85852afaea97d74ebc80d6491a8a1c998c4b5bc34b3edaeba2df902cd5e14e016720e6c3c8b15287b2471c34251e26dc442720cd5d984e30b110b7370f233f865b9ac129fdf49ff02b303d7d4f91039d3bb58a9d64d7a72d8b8eba6b45a000370d4f0e9c0d411768441372e7112e5d4e7d70a9d6b428b8b85ee6209d6f73e7b024740c052166deeb843e4ab78d1d354d75a5827ff0d49d8964e75785f3594c7299c0917b48f3b2efb81a4c3a7d6e0f1cf50efe0360963c2e3ee390ed2a4c39f42e856eced0f2ee7beacd2ecbece493e911ca0460584323ea6d4a0c00864693c979cae38f0c5841bfaeebf609d1075163c120fea0bd0207d2dd07e5e2e0a5afe3efee0ee6bb9a926a8dba7a27a82c5421a5b20bfb5dbdef532a12435fcd899f15603209831711e0dcfaaf2104b2016f087fce44848c70b65a34b9be83df2064391fc5a8d169dc1943d226e57ab5ba06c656273d4efba73a8a61aae19df4d2445f3ce7e649af1b4ffc86106c9092ddd0aafeb45653d181cb32b06a1dd41573495f15c3b8c0019ba72a2eb163dfcbdbb235322ae27d7116af506f295c2424ab9191aa8ce0e4617b212af21983f8d2b19d7fdeec881f6fa448acc7c3e133b6f281583fad4467c05801e69f6ffc1ae2e1f54655534d884c2f8f60303da33ccbe47a293643edb61c7d9fad4e3e54028bc64be8e5b1da53446869b136660b8e96ff96c48641ece275967b27b291c5c240b3399b5b901b699227735f821938bc88ded45bada2b257b1a4bcab7ed6647f2027e5680c87329e9cfdba6bde2f2a9b676be016001702bebbabb2eae3eba01d6f49ab70245a4c5ef0e136b531e1843487b3f69c5b811217d6d2f5e71b47f40c28117bd09a88bb21887a06e2cc164d4281d0df47cbd5781f1524098d89ccae32f24c5f9d86469106685fdc683ad5e873030b621dc00354e0621106da90aca69bb53848dd57251a45bc1898aca9bc84c9a8d2f8aabeed888560771c8cb03aab02620430fec8e9740880790060ccbffd5b8edaa219ca61587eff1b1b03ae8af53059f121efdec8b3ee8aba06f494a5b4575bc848d5a9773d2346f75811cb82a078fc960c9bd374555d78b1b4ba0b438ef00e8aa75810ca5efc5c70936e2cb0e515912cb7f625a2130a9ad58f29e58ae6eac5c3f15f22f0163ee6dead6947c4390b92c8dfb146fec7bfc0b37e8ff2c9de90c30f2d8b5e334107f9835bc47fbc193c60ebd5ac4e677c7fd5b6261ff96e97c185c726ec02941bc2336946f181fd2aff43f0e95f06105a049fcb8e4e3738407d6356856f533f17fae281a3be9f2050ae3d19d1b8350d424087ac9b7875824a9b7e098775b53d6ec960fc052ecd165d17a7897de75f15316a072bb9ccf6ce1ec085bb5356c271b985a437a32f12308fc927410fd444bcded9859e7b8a3cfaaf29ebfb92cc7cbfad2559bbe4f90e189e8708e93827b221869cc78fa41fd5bcb6577b7dfe4c3927dc25a58aa84419f76e71d1f3c10cbb5e52ab2bebe0d39bdffda0fa1b55fe3a03683f882a82dd58498d62b101acd710fd436aa7409fe3cf5352dffb399d560323e14d564bdb3121b89c1f43fc9a892b799cd32f7ce2ededb868920b4547735ef0bf3e148251a4f65dddb7f96b2f33734522a8cffdc51520ac98926b3406e96618cf15a042a67239e755afc70ec6a9c99f8e08ec2946e5901364d85223a63d49572519137d93b6b0798e72acf9da120e706ee73367dec1450a68def886c149bcd734469e10b933899501011cd548e99d638821d5709fde050ab382d4896ecfd7999d40ea9c690c26d396545224c8f9e19705593df2688eb592e2476a0193f7054ab6f703d41c545a80bf285bbc7cc735bd306c9ea5eb64f40752fd4c741d9b6e03cd41b636ef8f5e810047a21c0b24c6fde1f2e98f2f27730c90d93af9e7564e4e209a61ff626b666fcc4f75f7d560da688169ff0af5e674a0b89a99fb54bb438a65f953c2db0faec2ce09cec33b6d25620b5a0393ac473fed48a38beaca5223997419876d571ce969b83b5b3ae54de83dd89fd92ed2a93c087828bef49a24ed1a97778c47fdc691a94fd5b437dfe494b5c6fadf499d9d15583b0439d3d5ecb61a32a2508a6960be6009accfd1d5d75a16dbc4121c6ef07bda12646792449c18a56e7aa3893f3f0e55a8e09ca64193dd29ea24ed8614ee8e717f046dd99a8e3750506655331125a502aa89c0d7e8e30c36a4be22cd911322695144d3bf034f38ef32d49431d50da583d08a3e4c5862483cdd52d031b12c89fdaafc3334e877e464134baece883d301193a9c27311a987d4dae82a061f48182cc747cd64441e88b68e26e4975f0fdde3129a9e6af80009962581d5349676df9c73b81514b175709d9193749660f480bd4009b528c1db4f76f42b6a175126603c39a374e890f871c97b2eebb4500451d827cc15497dc5ae89edc6f47f25db7efa4b4b2afbbb2ee543e3db8d20fe93faf300247f59075921e8b2f2a025af8a1d46f274e0c6cb4be0293c7c16c88e98d7d189e9733e4c0e3b96be4aa3fa6ecf42732e0b1432d38aeaf2330d92713cd5580ce42bfe47fb98fea64783de23f456300dd193008211a5ba408d32dedbf12aa8237a6e1a2c9890a2c1011855241fea186906a5139d1c300be57dc7ff493de80010520d10fc3eda0ee9cd413e075d3dc02258fdab567a16e43edbeecc366a69d8d75512f43a2b79cbb9132cdcd00c531730d05f1eabf66613d6e7ebb8c4c3f4f7efd415d41049786352808b22a3bde40121968af39c8f00296001662adc72b7963c8bafab4a496b50f3237a29d19ad4a51a62b1c77a04c14004734189cf7ec49e3d041a1e5658d080f09df77f39782e7133968c1f39ab3ae2a5f24a60073288f3c5825dafd614a379b8b905aaf961caa14ffa38de0d632918d31e4a9291b0f0789248e232e4276840a1ed0257300e522d83111dffd424b1b33148981e3794b2b649ba9174e6697bcc96049f4f3dcc7cf4ca97e2006ec8a146014bb49184632e4fb159a34b6530e959e60a6b4e0427cc697f14cfe6bb7a662a6f5012744f3cf2307abc19c58449864d98fcfebc5d598cd32a1c38c207896468fe8da75eb1edb1d6e7cb1eab671e4e92f139c81d79f15df2a2dc075acc982dec769e2f49aad0fdf594cb590e054616e4f4582b6c4a149ae45d844903ef68d211df2a180178e178b7c7a5012ccf8a1e677586588620365e6111f5192ecfdbd97e2284128de02e08ebc13d4bb4d114faa1e6c16c51c12da2c52d68f73640ce866ce4e794b9fafdc392c91c1f824bc301b3069a02b9c86d2ffac3ed63ddee130cbc248d6a3345d3f9553db78077072d569a6633f8bdbdb1a209a8be9b6830225994f9021b57ddd6a44e8ea40b205c6cf437f45bffaef053a5916dcc6de62ee02bdb8ce3acec8ad97fc95dab1307d254790c71f32e4678957cf0121dccabe73a03c6cacbcbdaad8801b04d9836555a982c357a06e2db7e9bf62aed8cdebbb7a71a2410b929015b61f16e54bffd038996a717b9c7cc3696d8a1205e8266bf782c3a45b0e31461d6a3ed62396088833f69248b24fbf6f81dcc08b98826c3bd2325ade54f614f2d4a153e3e3527d93978483f2bfeada6b64bc43f2a725c30e843d13e6ab34cfc38d488b3ef50cd04318fac1f89905f017644cfa2de058ad399871d1316264813c2289d0b6cfeddfbca36ce93fd4a1bfc93bb74453cfbb9c6ca22320ffc9cb0a3fff046a5678c066e617cd3ac024dfead04b99877f448b78208938585c7563efe815ff0cc47da5fff521d9730ddc89f4aeceadd06f2ea6b9ae72c9407aa550a0155db3b4bc6aaa382a30552f699cb6a1af9972a8ccc483f98952dfbde3d712ea8673eacdbb77490d833fc90f0f02e7c073d2917db70831496a88defc10667dc4c1b7399191bdc7857eb090e79c332bf9f71bb5377178e6232800c93d22318dc5ab8d5dfa2f074a6c23acb61c89f2f078ec91e9817e11a4c8295c19634b5ca2df74"}}}}}, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5}, 0x48)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x42082, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x102, 0x0)
close(r2)
socket(0x2a, 0x2, 0x0)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, 0x0, 0x4008054)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000200)=ANY=[@ANYRES16=r2, @ANYRES32=r1])
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
r5 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r5, 0x0, 0x0, 0x50040, &(0x7f00000001c0)={0x11, 0x3, r4, 0x1, 0xd8, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@nat={'nat\x00', 0x19, 0x1, 0x136, [0x200000000344, 0x0, 0xfffffffffffffffe, 0x200000000416, 0x200000000446], 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYRES8=r0, @ANYBLOB="54362e5fa546ba0a9ff91f4c81"]}, 0x86)

0s ago: executing program 36 (id=2044):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x40, 0x10, 0x49920d862a921d1b, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x4}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x5}]}, 0x40}}, 0x0)
unshare(0x20000400)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r4=>0x0})
r5 = socket$packet(0x11, 0x3, 0x300)
getsockopt$sock_buf(r5, 0x1, 0x37, 0x0, &(0x7f0000001000)=0x29)
r6 = socket$alg(0x26, 0x5, 0x0)
ioctl$XFS_IOC_START_COMMIT(r5, 0x80585882, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
ioctl$sock_x25_SIOCDELRT(r7, 0x890c, &(0x7f0000000580)={@null, 0xb, 'veth1_to_bridge\x00'})
bind$alg(r6, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r8 = accept4(r6, 0x0, 0x0, 0x800)
sendmsg$alg(r8, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x890}, 0x0)
r9 = socket(0x22, 0x2, 0x1)
r10 = socket$pptp(0x18, 0x1, 0x2)
ioctl$FS_IOC_MEASURE_VERITY(r10, 0xc0046686, &(0x7f0000000680)={0x1, 0x7c, "93931c54dbd637b659d82f514dddf5ec048085e53b9b4ae9c976a049068e245a96bef9e46fc2488b6eec1feb6006820622bbcb8527ea5c2098c91bd09d4212ad8816a1c0f4ce1138d7f0006cc4dedd4cdb6746bb3dec0b3b0d7e50a8711b10221188f51a563f3674cd5d4570646bdf2c01298ec1742222cf37629cea"})
ioctl$sock_inet6_tcp_SIOCATMARK(r9, 0x8905, 0x0)
sendmsg$nl_route_sched_retired(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000700)=@delqdisc={0x100, 0x25, 0x800, 0x70bd2d, 0x25dfdafe, {0x0, 0x0, 0x0, 0x0, {0xfff2, 0x3}, {0x7, 0x9}, {0xe, 0xffe0}}, [@q_dsmark={{0xb}, {0x24, 0x2, [@TCA_DSMARK_SET_TC_INDEX, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x8}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x30}]}}, @q_dsmark={{0xb}, {0x18, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xff}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}]}}, @q_dsmark={{0xb}, {0x1c, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x9d}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0xf, 0x2, 0x3}]}}, @q_dsmark={{0xb}, {0x4}}, @q_dsmark={{0xb}, {0xc, 0x2, [@TCA_DSMARK_INDICES={0x6}]}}, @q_dsmark={{0x3d}, {0xc, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x2}]}}, @q_dsmark={{0xb}, {0x14}}]}, 0x100}, 0x1, 0x0, 0x0, 0x4008044}, 0x0)
recvmmsg(r8, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000300)=""/223, 0xdf}, {&(0x7f0000000840)=""/127, 0x7f}], 0x2}, 0x101}], 0x1, 0x60, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001e5ff0000080000000000000001000084060000000000000001"], 0x0, 0x42}, 0x20)
ioctl$sock_netdev_private(r0, 0x18, &(0x7f0000000480)="1bce6a7a9c6d342506ecaa84edb278f1ea5d60d4c15f5b17f3793201b71f29c523353f2231f2040dcc257dfb6624f0ade73c92e61e87b666b23715719727e0ac6111f9664b9babd203d8652ce8d822a1d1b4ae2a37ffba1cfd17c785b984ee222f5c5dbca5d30dd268a02b57c82cfdfce9a895864a50a0ecef9389a71b42a3f089caebe42242382b4312a411ab80af314918b8aa97d298c69ed110e904779d5fd3c0d8ab7b7257591ae1ca5990eccb07db424b12ded801d7edd77a667c642d435ae8a80afabb49ffaa")
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000001c0)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r4, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)

kernel console output (not intermixed with test programs):

nd device has slaves
[  103.321743][ T6722] syzkaller0: entered promiscuous mode
[  103.332512][ T6722] syzkaller0: entered allmulticast mode
[  103.429736][ T6732] netlink: 'syz.2.224': attribute type 30 has an invalid length.
[  103.582660][ T6737] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  103.729752][ T6749] netlink: 'syz.2.228': attribute type 1 has an invalid length.
[  103.759050][ T6748] Driver unsupported XDP return value 0 on prog  (id 23) dev N/A, expect packet loss!
[  103.760150][ T6749] netlink: 'syz.2.228': attribute type 2 has an invalid length.
[  103.831931][ T6754] x_tables: unsorted underflow at hook 3
[  103.902585][ T6758] syzkaller0: entered promiscuous mode
[  103.919916][ T6758] syzkaller0: entered allmulticast mode
[  103.961316][ T6760] FAULT_INJECTION: forcing a failure.
[  103.961316][ T6760] name failslab, interval 1, probability 0, space 0, times 1
[  103.990155][ T6760] CPU: 1 UID: 0 PID: 6760 Comm: syz.1.231 Not tainted syzkaller #0 PREEMPT(full) 
[  103.990185][ T6760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  103.990198][ T6760] Call Trace:
[  103.990206][ T6760]  <TASK>
[  103.990215][ T6760]  dump_stack_lvl+0xe8/0x150
[  103.990252][ T6760]  should_fail_ex+0x412/0x560
[  103.990296][ T6760]  should_failslab+0xa8/0x100
[  103.990322][ T6760]  ? skb_clone+0x212/0x3a0
[  103.990352][ T6760]  kmem_cache_alloc_noprof+0x87/0x650
[  103.990385][ T6760]  ? __netlink_lookup+0xc6/0x8b0
[  103.990420][ T6760]  skb_clone+0x212/0x3a0
[  103.990455][ T6760]  __netlink_deliver_tap+0x404/0x850
[  103.990495][ T6760]  ? netlink_deliver_tap+0x2e/0x1b0
[  103.990527][ T6760]  netlink_deliver_tap+0x19c/0x1b0
[  103.990553][ T6760]  netlink_unicast+0x7e3/0x9b0
[  103.990586][ T6760]  ? __pfx_netlink_unicast+0x10/0x10
[  103.990611][ T6760]  ? netlink_sendmsg+0x650/0xb40
[  103.990635][ T6760]  ? skb_put+0x11b/0x210
[  103.990667][ T6760]  netlink_sendmsg+0x813/0xb40
[  103.990704][ T6760]  ? __pfx_netlink_sendmsg+0x10/0x10
[  103.990735][ T6760]  ? aa_sock_msg_perm+0xf1/0x1b0
[  103.990763][ T6760]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  103.990788][ T6760]  ____sys_sendmsg+0x972/0x9f0
[  103.990827][ T6760]  ? __pfx_____sys_sendmsg+0x10/0x10
[  103.990869][ T6760]  ? import_iovec+0x73/0xa0
[  103.990903][ T6760]  ___sys_sendmsg+0x2a5/0x360
[  103.990942][ T6760]  ? __pfx____sys_sendmsg+0x10/0x10
[  103.991012][ T6760]  ? __fget_files+0x2a/0x420
[  103.991042][ T6760]  ? __fget_files+0x3a0/0x420
[  103.991084][ T6760]  __x64_sys_sendmsg+0x1bd/0x2a0
[  103.991119][ T6760]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  103.991162][ T6760]  ? __pfx_ksys_write+0x10/0x10
[  103.991197][ T6760]  do_syscall_64+0x14d/0xf80
[  103.991227][ T6760]  ? trace_irq_disable+0x3b/0x150
[  103.991258][ T6760]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.991279][ T6760]  ? clear_bhb_loop+0x40/0x90
[  103.991315][ T6760]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.991336][ T6760] RIP: 0033:0x7f6136d9c799
[  103.991356][ T6760] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  103.991374][ T6760] RSP: 002b:00007f6137cd4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  103.991396][ T6760] RAX: ffffffffffffffda RBX: 00007f6137015fa0 RCX: 00007f6136d9c799
[  103.991412][ T6760] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000004
[  103.991425][ T6760] RBP: 00007f6137cd4090 R08: 0000000000000000 R09: 0000000000000000
[  103.991438][ T6760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.991450][ T6760] R13: 00007f6137016038 R14: 00007f6137015fa0 R15: 00007ffd60aea7a8
[  103.991484][ T6760]  </TASK>
[  104.268653][ T6760] netlink: 'syz.1.231': attribute type 39 has an invalid length.
[  104.485404][ T6769] bond1: option mode: unable to set because the bond device has slaves
[  104.969575][ T6787] netlink: 'syz.1.240': attribute type 11 has an invalid length.
[  104.999739][ T6790] netlink: 'syz.2.242': attribute type 10 has an invalid length.
[  105.210625][ T5829] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  105.282777][ T6800] FAULT_INJECTION: forcing a failure.
[  105.282777][ T6800] name failslab, interval 1, probability 0, space 0, times 0
[  105.333246][ T6800] CPU: 0 UID: 0 PID: 6800 Comm: syz.2.245 Not tainted syzkaller #0 PREEMPT(full) 
[  105.333275][ T6800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  105.333287][ T6800] Call Trace:
[  105.333295][ T6800]  <TASK>
[  105.333304][ T6800]  dump_stack_lvl+0xe8/0x150
[  105.333350][ T6800]  should_fail_ex+0x412/0x560
[  105.333382][ T6800]  should_failslab+0xa8/0x100
[  105.333408][ T6800]  ? skb_clone+0x212/0x3a0
[  105.333441][ T6800]  kmem_cache_alloc_noprof+0x87/0x650
[  105.333474][ T6800]  ? __netlink_lookup+0xc6/0x8b0
[  105.333510][ T6800]  skb_clone+0x212/0x3a0
[  105.333546][ T6800]  __netlink_deliver_tap+0x404/0x850
[  105.333586][ T6800]  ? netlink_deliver_tap+0x2e/0x1b0
[  105.333614][ T6800]  netlink_deliver_tap+0x19c/0x1b0
[  105.333641][ T6800]  netlink_unicast+0x7e3/0x9b0
[  105.333673][ T6800]  ? __pfx_netlink_unicast+0x10/0x10
[  105.333699][ T6800]  ? netlink_sendmsg+0x650/0xb40
[  105.333722][ T6800]  ? skb_put+0x11b/0x210
[  105.333755][ T6800]  netlink_sendmsg+0x813/0xb40
[  105.333789][ T6800]  ? __pfx_netlink_sendmsg+0x10/0x10
[  105.333820][ T6800]  ? aa_sock_msg_perm+0xf1/0x1b0
[  105.333847][ T6800]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  105.333874][ T6800]  ____sys_sendmsg+0x972/0x9f0
[  105.333915][ T6800]  ? __pfx_____sys_sendmsg+0x10/0x10
[  105.333957][ T6800]  ? import_iovec+0x73/0xa0
[  105.333991][ T6800]  ___sys_sendmsg+0x2a5/0x360
[  105.334029][ T6800]  ? __pfx____sys_sendmsg+0x10/0x10
[  105.334099][ T6800]  ? __fget_files+0x2a/0x420
[  105.334129][ T6800]  ? __fget_files+0x3a0/0x420
[  105.334170][ T6800]  __x64_sys_sendmsg+0x1bd/0x2a0
[  105.334205][ T6800]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  105.334247][ T6800]  ? __pfx_ksys_write+0x10/0x10
[  105.334287][ T6800]  do_syscall_64+0x14d/0xf80
[  105.334324][ T6800]  ? trace_irq_disable+0x3b/0x150
[  105.334355][ T6800]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.334377][ T6800]  ? clear_bhb_loop+0x40/0x90
[  105.334403][ T6800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.334424][ T6800] RIP: 0033:0x7f432579c799
[  105.334444][ T6800] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  105.334461][ T6800] RSP: 002b:00007f43265f4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  105.334484][ T6800] RAX: ffffffffffffffda RBX: 00007f4325a15fa0 RCX: 00007f432579c799
[  105.334499][ T6800] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000004
[  105.334512][ T6800] RBP: 00007f43265f4090 R08: 0000000000000000 R09: 0000000000000000
[  105.334524][ T6800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.334536][ T6800] R13: 00007f4325a16038 R14: 00007f4325a15fa0 R15: 00007ffd6b4cfd08
[  105.334570][ T6800]  </TASK>
[  105.336885][ T6800] netlink: 'syz.2.245': attribute type 39 has an invalid length.
[  106.116268][ T6829] __nla_validate_parse: 16 callbacks suppressed
[  106.116289][ T6829] netlink: 44 bytes leftover after parsing attributes in process `syz.2.254'.
[  106.168472][ T6829] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.176936][ T6829] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.320096][ T6831] syzkaller0: entered promiscuous mode
[  106.349499][ T6831] syzkaller0: entered allmulticast mode
[  106.365437][ T6829] lo: entered allmulticast mode
[  106.382415][ T6829] bridge_slave_0: left allmulticast mode
[  106.388126][ T6829] bridge_slave_0: left promiscuous mode
[  106.406379][ T6829] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.442474][ T6829] bridge_slave_1: left allmulticast mode
[  106.457275][ T6829] bridge_slave_1: left promiscuous mode
[  106.464003][ T6829] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.498757][ T6829] bond0: (slave bond_slave_0): Releasing backup interface
[  106.581299][ T6829] bond0: (slave bond_slave_1): Releasing backup interface
[  106.605737][ T6829] team0: Port device team_slave_0 removed
[  106.659663][ T6829] team0: Port device team_slave_1 removed
[  106.676064][ T6829] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  106.693229][ T6829] batman_adv: batadv0: Removing interface: batadv_slave_0
[  106.764753][ T6829] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  106.780106][ T6829] batman_adv: batadv0: Removing interface: batadv_slave_1
[  106.796940][ T6829] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  106.901172][ T6860] syzkaller0: entered promiscuous mode
[  106.906720][ T6860] syzkaller0: entered allmulticast mode
[  107.008977][ T6871] netlink: 'syz.3.264': attribute type 39 has an invalid length.
[  107.147888][ T6878] netlink: 8 bytes leftover after parsing attributes in process `syz.2.265'.
[  107.171058][ T6878] netlink: 'syz.2.265': attribute type 30 has an invalid length.
[  107.247770][ T6876] netlink: 8 bytes leftover after parsing attributes in process `syz.2.265'.
[  107.327045][   T36] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  107.347669][   T36] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  107.360646][ T6876] netlink: 'syz.2.265': attribute type 30 has an invalid length.
[  107.400635][   T36] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  107.403416][ T6887] netlink: 16 bytes leftover after parsing attributes in process `syz.3.268'.
[  107.430749][   T36] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  107.698948][ T6904] netlink: 8 bytes leftover after parsing attributes in process `syz.3.272'.
[  107.876007][ T6909] netlink: 24 bytes leftover after parsing attributes in process `syz.0.274'.
[  108.015873][ T6919] syzkaller0: entered promiscuous mode
[  108.022104][ T6919] syzkaller0: entered allmulticast mode
[  108.094288][ T6924] syzkaller0: entered promiscuous mode
[  108.100043][ T6924] syzkaller0: entered allmulticast mode
[  108.185373][ T6927] netlink: 'syz.0.278': attribute type 39 has an invalid length.
[  108.310471][ T6933] netlink: 'syz.4.282': attribute type 3 has an invalid length.
[  108.342912][ T6933] netlink: 4 bytes leftover after parsing attributes in process `syz.4.282'.
[  108.358726][ T6933] netlink: 36 bytes leftover after parsing attributes in process `syz.4.282'.
[  108.601463][ T6942] netlink: 'syz.0.285': attribute type 2 has an invalid length.
[  108.609452][ T6942] netlink: 'syz.0.285': attribute type 8 has an invalid length.
[  108.617715][ T6942] netlink: 132 bytes leftover after parsing attributes in process `syz.0.285'.
[  108.959251][ T6957] sctp: [Deprecated]: syz.1.290 (pid 6957) Use of int in max_burst socket option.
[  108.959251][ T6957] Use struct sctp_assoc_value instead
[  109.020004][ T6960] syzkaller1: entered promiscuous mode
[  109.026034][ T6960] syzkaller1: entered allmulticast mode
[  109.157790][ T6965] netlink: 'syz.3.295': attribute type 39 has an invalid length.
[  109.179499][ T6965] FAULT_INJECTION: forcing a failure.
[  109.179499][ T6965] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  109.196457][ T6965] CPU: 0 UID: 0 PID: 6965 Comm: syz.3.295 Not tainted syzkaller #0 PREEMPT(full) 
[  109.196484][ T6965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  109.196497][ T6965] Call Trace:
[  109.196505][ T6965]  <TASK>
[  109.196514][ T6965]  dump_stack_lvl+0xe8/0x150
[  109.196551][ T6965]  should_fail_ex+0x412/0x560
[  109.196582][ T6965]  _copy_to_user+0x31/0xb0
[  109.196618][ T6965]  simple_read_from_buffer+0xe1/0x170
[  109.196653][ T6965]  proc_fail_nth_read+0x1bb/0x230
[  109.196686][ T6965]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  109.196719][ T6965]  ? rw_verify_area+0x2a6/0x4d0
[  109.196740][ T6965]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  109.196771][ T6965]  vfs_read+0x20c/0xa70
[  109.196791][ T6965]  ? fdget_pos+0x246/0x320
[  109.196826][ T6965]  ? __pfx___mutex_lock+0x10/0x10
[  109.196859][ T6965]  ? __pfx_vfs_read+0x10/0x10
[  109.196882][ T6965]  ? __fget_files+0x2a/0x420
[  109.196916][ T6965]  ? __fget_files+0x3a0/0x420
[  109.196944][ T6965]  ? __fget_files+0x2a/0x420
[  109.196983][ T6965]  ksys_read+0x150/0x270
[  109.197008][ T6965]  ? __pfx_ksys_read+0x10/0x10
[  109.197043][ T6965]  do_syscall_64+0x14d/0xf80
[  109.197073][ T6965]  ? trace_irq_disable+0x3b/0x150
[  109.197104][ T6965]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.197125][ T6965]  ? clear_bhb_loop+0x40/0x90
[  109.197152][ T6965]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.197174][ T6965] RIP: 0033:0x7fc486f5cfce
[  109.197194][ T6965] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  109.197211][ T6965] RSP: 002b:00007fc487f05fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  109.197234][ T6965] RAX: ffffffffffffffda RBX: 00007fc487f066c0 RCX: 00007fc486f5cfce
[  109.197249][ T6965] RDX: 000000000000000f RSI: 00007fc487f060a0 RDI: 000000000000000c
[  109.197262][ T6965] RBP: 00007fc487f06090 R08: 0000000000000000 R09: 0000000000000000
[  109.197275][ T6965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.197287][ T6965] R13: 00007fc487216038 R14: 00007fc487215fa0 R15: 00007ffc78984408
[  109.197323][ T6965]  </TASK>
[  109.553879][ T6979] sctp: [Deprecated]: syz.2.299 (pid 6979) Use of int in maxseg socket option.
[  109.553879][ T6979] Use struct sctp_assoc_value instead
[  110.529337][ T7042] netlink: 4 bytes leftover after parsing attributes in process `syz.0.310'.
[  111.060481][ T7061] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  111.395257][ T7068] openvswitch: netlink: Duplicate or invalid key (type 0).
[  111.431076][ T7068] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  111.766547][ T7085] netlink: 'syz.0.323': attribute type 4 has an invalid length.
[  111.817619][ T7090] netlink: 'syz.0.323': attribute type 4 has an invalid length.
[  111.980402][ T7093] __nla_validate_parse: 2 callbacks suppressed
[  111.980423][ T7093] netlink: 8 bytes leftover after parsing attributes in process `syz.2.325'.
[  112.233502][ T7093] netlink: 36 bytes leftover after parsing attributes in process `syz.2.325'.
[  112.622109][ T7113] netlink: 12 bytes leftover after parsing attributes in process `syz.3.332'.
[  112.668255][ T7117] netlink: 8 bytes leftover after parsing attributes in process `syz.2.333'.
[  112.677727][ T7117] netlink: 8 bytes leftover after parsing attributes in process `syz.2.333'.
[  113.867980][ T7141] netlink: 'syz.1.337': attribute type 1 has an invalid length.
[  114.228691][ T7113] vxcan2: entered allmulticast mode
[  114.319940][ T7141] bond2: entered promiscuous mode
[  114.338978][ T7141] 8021q: adding VLAN 0 to HW filter on device bond2
[  114.386388][ T7147] netlink: 12 bytes leftover after parsing attributes in process `syz.2.338'.
[  114.397761][ T7147] openvswitch: netlink: Flow actions attr not present in new flow.
[  114.503774][ T7142] bond2: (slave bridge2): making interface the new active one
[  114.536335][ T7142] bridge2: entered promiscuous mode
[  114.553854][ T7142] bond2: (slave bridge2): Enslaving as an active interface with an up link
[  114.606219][ T7143] bond2: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  114.649719][ T7143] bond2: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  114.881419][ T7172] xt_hashlimit: max too large, truncated to 1048576
[  115.579171][ T7214] netlink: 8 bytes leftover after parsing attributes in process `syz.4.353'.
[  115.588746][ T7214] netlink: 2 bytes leftover after parsing attributes in process `syz.4.353'.
[  116.588065][ T7202] syzkaller0: entered promiscuous mode
[  116.593912][ T7202] syzkaller0: entered allmulticast mode
[  116.621154][ T7215] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  117.017121][ T7232] netlink: 'syz.2.359': attribute type 10 has an invalid length.
[  118.039700][ T7227] tipc: Started in network mode
[  118.050680][ T7227] tipc: Node identity ac14140f, cluster identity 4711
[  118.058310][ T7227] tipc: New replicast peer: 255.255.255.255
[  118.066152][ T7227] tipc: Enabled bearer <udp:syz2>, priority 10
[  118.073420][ T7229] netlink: 12 bytes leftover after parsing attributes in process `syz.0.358'.
[  118.110878][ T7232] batman_adv: batadv0: Adding interface: netdevsim0
[  118.117843][ T7232] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  118.147728][ T7232] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active
[  118.326898][ T7246] netlink: 48 bytes leftover after parsing attributes in process `syz.1.362'.
[  118.631525][ T7269] netlink: 'syz.1.367': attribute type 1 has an invalid length.
[  118.639399][ T7269] netlink: 280 bytes leftover after parsing attributes in process `syz.1.367'.
[  118.840983][ T7275] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  119.128482][ T7288] netlink: 40 bytes leftover after parsing attributes in process `syz.0.373'.
[  119.301378][ T7295] netlink: 'syz.0.373': attribute type 1 has an invalid length.
[  120.677148][    T9] tipc: Node number set to 2886997007
[  120.758541][ T7291] syzkaller0: entered promiscuous mode
[  120.764574][ T7291] syzkaller0: entered allmulticast mode
[  120.902503][ T7330] netlink: 8 bytes leftover after parsing attributes in process `syz.3.379'.
[  120.922752][ T7330] netlink: 8 bytes leftover after parsing attributes in process `syz.3.379'.
[  120.932312][ T7330] netlink: 8 bytes leftover after parsing attributes in process `syz.3.379'.
[  121.112857][ T7342] netlink: 24 bytes leftover after parsing attributes in process `syz.2.381'.
[  122.420690][ T7340] syzkaller0: entered promiscuous mode
[  122.426416][ T7340] syzkaller0: entered allmulticast mode
[  122.551847][ T7370] netlink: 4 bytes leftover after parsing attributes in process `syz.4.385'.
[  122.675031][ T7376] netlink: 8 bytes leftover after parsing attributes in process `syz.1.387'.
[  122.732861][ T7376] bond1: option mode: unable to set because the bond device has slaves
[  122.886450][ T7387] TC_ACT_REPEAT abuse ?
[  123.027793][ T7395] syzkaller0: entered promiscuous mode
[  123.067624][ T7395] syzkaller0: entered allmulticast mode
[  123.303037][ T7408] syzkaller1: entered promiscuous mode
[  123.320019][ T7408] syzkaller1: entered allmulticast mode
[  123.332320][ T7408] __nla_validate_parse: 2 callbacks suppressed
[  123.332341][ T7408] netlink: 48 bytes leftover after parsing attributes in process `syz.1.394'.
[  123.498828][ T7416] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  123.654635][ T7423] syzkaller0: entered promiscuous mode
[  123.690951][ T7423] syzkaller0: entered allmulticast mode
[  124.008185][ T7453] netlink: 'syz.4.401': attribute type 11 has an invalid length.
[  124.083282][ T7453] netlink: 'syz.4.401': attribute type 12 has an invalid length.
[  124.137257][ T7453] netlink: 210020 bytes leftover after parsing attributes in process `syz.4.401'.
[  124.151062][ T7453] netlink: 4 bytes leftover after parsing attributes in process `syz.4.401'.
[  124.160146][   T30] audit: type=1800 audit(1772719784.079:2): pid=7457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.404" name=4996AE17DFFC2E43C8174B54B620636894AAACF28FF62616363C70A440AEC4014CAF28C0ADC04308 dev="tmpfs" ino=449 res=0 errno=0
[  126.766158][ T7429] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  127.029869][ T7499] netlink: 'syz.3.415': attribute type 1 has an invalid length.
[  127.236706][ T7513] netlink: 8 bytes leftover after parsing attributes in process `syz.1.416'.
[  127.277500][ T7499] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[  127.297572][ T7519] syzkaller0: entered promiscuous mode
[  127.316815][ T7519] syzkaller0: entered allmulticast mode
[  127.519310][ T7528] netlink: 'syz.2.420': attribute type 1 has an invalid length.
[  127.578079][ T7528] 8021q: adding VLAN 0 to HW filter on device bond2
[  127.895331][ T7548] IPVS: set_ctl: invalid protocol: 43 0.0.0.0:20001
[  128.044063][ T7554] openvswitch: netlink: Unexpected mask (mask=2200040, allowed=2010048)
[  128.774739][ T7586] netlink: 84 bytes leftover after parsing attributes in process `syz.4.440'.
[  128.807654][ T7591] syzkaller0: entered promiscuous mode
[  128.813980][ T7591] syzkaller0: entered allmulticast mode
[  129.077380][ T7599] º
: renamed from veth1_vlan (while UP)
[  129.110973][ T7600] netlink: 4 bytes leftover after parsing attributes in process `syz.2.442'.
[  129.161691][ T7603] netlink: 28 bytes leftover after parsing attributes in process `syz.2.442'.
[  129.190674][ T7603] netlink: 'syz.2.442': attribute type 7 has an invalid length.
[  129.198390][ T7603] netlink: 20 bytes leftover after parsing attributes in process `syz.2.442'.
[  129.368639][ T7618] netlink: 16 bytes leftover after parsing attributes in process `syz.1.449'.
[  129.649838][ T7628] vlan1: entered allmulticast mode
[  129.662059][ T7628] veth0_vlan: entered allmulticast mode
[  129.744500][ T7631] netlink: 8 bytes leftover after parsing attributes in process `syz.1.454'.
[  129.754101][ T7631] netlink: 24 bytes leftover after parsing attributes in process `syz.1.454'.
[  129.764843][ T7631] netlink: 8 bytes leftover after parsing attributes in process `syz.1.454'.
[  129.791060][ T7631] netlink: 24 bytes leftover after parsing attributes in process `syz.1.454'.
[  130.002565][ T7644] netlink: 8 bytes leftover after parsing attributes in process `syz.4.456'.
[  130.090844][ T5833] Bluetooth: hci3: command 0x0405 tx timeout
[  130.112339][   T58] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  130.136767][   T58] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  130.186521][   T58] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  130.202022][   T58] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  130.545626][   T58] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  130.578719][   T58] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  130.610626][   T12] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  130.641121][   T12] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  130.678121][ T7668] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  130.807721][ T7673] x_tables: duplicate underflow at hook 2
[  131.414141][ T7707] netlink: 'syz.1.473': attribute type 1 has an invalid length.
[  131.507991][ T7713] netlink: 'syz.3.474': attribute type 4 has an invalid length.
[  131.534158][ T7707] 8021q: adding VLAN 0 to HW filter on device bond3
[  131.597238][ T7717] netlink: 'syz.3.474': attribute type 4 has an invalid length.
[  131.684498][ T7714] smc: net device ip6gre0 applied user defined pnetid SYZ1
[  131.694161][ T7714] netlink: 'syz.4.476': attribute type 2 has an invalid length.
[  131.717509][ T7718] netdevsim netdevsim2: Direct firmware load for . failed with error -2
[  131.735326][ T7718] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  132.189328][ T7739] bond3: option miimon: invalid value (18446744073709551585)
[  132.216744][ T7739] bond3: option miimon: allowed values 0 - 2147483647
[  132.227687][ T7739] bond3 (unregistering): Released all slaves
[  132.257555][ T7737] x_tables: duplicate underflow at hook 1
[  132.286697][ T7737] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  132.308392][ T7756] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  132.393247][ T7741] syz.2.483 (7741) used greatest stack depth: 17472 bytes left
[  132.758637][ T7756] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  132.896735][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  132.910000][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  133.174568][ T7795] netlink: 'syz.0.490': attribute type 4 has an invalid length.
[  134.699335][ T7822] openvswitch: netlink: IP tunnel TTL not specified.
[  134.886614][ T7829] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  134.932787][ T7829] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.142038][ T7829] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  135.157426][ T7829] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.184924][ T7842] __nla_validate_parse: 11 callbacks suppressed
[  135.184944][ T7842] netlink: 4 bytes leftover after parsing attributes in process `syz.0.500'.
[  135.364709][ T7829] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  135.411111][ T7829] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.569946][ T7871] netlink: 27 bytes leftover after parsing attributes in process `syz.4.507'.
[  135.644525][ T7829] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  135.693160][ T7829] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.980857][  T166] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  136.009602][  T166] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  136.075953][   T58] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  136.101979][   T58] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  136.130766][   T58] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  136.139112][   T58] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  136.171130][ T7901] netlink: 16 bytes leftover after parsing attributes in process `syz.3.511'.
[  136.183644][   T58] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  136.220576][   T58] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  136.261551][ T7901] netlink: 32 bytes leftover after parsing attributes in process `syz.3.511'.
[  136.289946][ T7901] netlink: 32 bytes leftover after parsing attributes in process `syz.3.511'.
[  136.417099][ T7910] netlink: 'syz.1.514': attribute type 12 has an invalid length.
[  136.516188][ T7919] unsupported nlmsg_type 40
[  136.558447][ T7916] netlink: 'syz.2.516': attribute type 4 has an invalid length.
[  136.665599][ T7922] netlink: 'syz.4.518': attribute type 1 has an invalid length.
[  136.723394][ T7922] bond0: entered promiscuous mode
[  136.729009][ T7922] 8021q: adding VLAN 0 to HW filter on device bond0
[  136.799712][ T7922] bond0: (slave bridge2): making interface the new active one
[  136.809964][ T7922] bridge2: entered promiscuous mode
[  136.824326][ T7922] bridge2: left promiscuous mode
[  137.161977][ T7939] syzkaller0: entered promiscuous mode
[  137.167537][ T7939] syzkaller0: entered allmulticast mode
[  137.218934][ T7943] netlink: 60 bytes leftover after parsing attributes in process `syz.0.525'.
[  137.469413][ T7961] Cannot find map_set index 65533 as target
[  137.479069][ T7967] netlink: 8 bytes leftover after parsing attributes in process `syz.0.530'.
[  137.489930][ T7964] netlink: 8 bytes leftover after parsing attributes in process `syz.0.530'.
[  137.499179][ T7964] netlink: 4 bytes leftover after parsing attributes in process `syz.0.530'.
[  137.550206][ T7971] netlink: 12 bytes leftover after parsing attributes in process `syz.2.532'.
[  137.581375][ T7971] netlink: 'syz.2.532': attribute type 3 has an invalid length.
[  137.612246][ T7971] netlink: 'syz.2.532': attribute type 3 has an invalid length.
[  137.663970][ T7974] delete_channel: no stack
[  137.672745][ T7974] No such timeout policy "syz0"
[  137.942440][ T7989] PF_CAN: dropped non conform CAN XL skbuff: dev type 280, len 40
[  137.959809][ T7998] openvswitch: netlink: Flow key attr not present in new flow.
[  138.244891][ T8005] syzkaller0: entered promiscuous mode
[  138.257207][ T8005] syzkaller0: entered allmulticast mode
[  138.378871][ T8013] netlink: 'syz.3.544': attribute type 10 has an invalid length.
[  138.391166][ T8013] team0: Device vxcan1 is of different type
[  140.449304][ T8061] macsec0: entered allmulticast mode
[  140.455691][ T8061] veth1_macvtap: entered allmulticast mode
[  140.647999][ T8069] bridge0: port 1(batadv1) entered blocking state
[  140.685671][ T8069] bridge0: port 1(batadv1) entered disabled state
[  140.698567][ T8078] x_tables: ip6_tables: mh match: only valid for protocol 135
[  140.721181][ T8069] batadv1: entered allmulticast mode
[  140.758810][ T8069] batadv1: entered promiscuous mode
[  140.814235][ T8083] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  141.071947][ T8087] syzkaller0: entered promiscuous mode
[  141.088094][ T8087] syzkaller0: entered allmulticast mode
[  141.113941][   T36] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  141.124272][   T36] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  141.253241][ T8101] delete_channel: no stack
[  142.948957][ T8127] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  143.245493][ T8137] syzkaller0: entered promiscuous mode
[  143.277648][ T8137] syzkaller0: entered allmulticast mode
[  143.508474][ T8154] xt_cgroup: invalid path, errno=-2
[  143.546905][ T8161] netlink: 'syz.3.587': attribute type 1 has an invalid length.
[  143.789928][ T8171] __nla_validate_parse: 11 callbacks suppressed
[  143.789948][ T8171] netlink: 256 bytes leftover after parsing attributes in process `syz.1.590'.
[  143.818707][ T8171] syzkaller0: entered promiscuous mode
[  143.824348][ T8171] syzkaller0: entered allmulticast mode
[  143.841093][ T8171] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  143.864629][ T8174] ieee802154 phy0 wpan0: encryption failed: -22
[  143.917261][ T8175] block nbd0: not configured, cannot reconfigure
[  144.247516][ T8182] ieee802154 phy0 wpan0: encryption failed: -22
[  144.288221][ T8187] netlink: 100 bytes leftover after parsing attributes in process `syz.1.598'.
[  144.448218][ T8195] netlink: 20 bytes leftover after parsing attributes in process `syz.3.600'.
[  144.528929][ T8197] syzkaller0: entered promiscuous mode
[  144.552701][ T8197] syzkaller0: entered allmulticast mode
[  144.565768][ T8199] netlink: 4 bytes leftover after parsing attributes in process `syz.0.603'.
[  144.768146][ T8199] macvtap1: entered promiscuous mode
[  144.799383][ T8199] vlan0: entered promiscuous mode
[  144.806057][ T8199] macvtap1: entered allmulticast mode
[  144.830613][ T8199] vlan0: entered allmulticast mode
[  144.835798][ T8199] veth0_vlan: entered allmulticast mode
[  144.876748][ T8218] netlink: 67 bytes leftover after parsing attributes in process `syz.4.608'.
[  145.114652][ T8228] netlink: 'syz.0.609': attribute type 1 has an invalid length.
[  145.155443][ T8216] syzkaller0: entered promiscuous mode
[  145.161446][ T8216] syzkaller0: entered allmulticast mode
[  145.215980][ T8228] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[  145.352866][ T8239] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  145.744351][ T8255] netlink: 40 bytes leftover after parsing attributes in process `syz.0.614'.
[  145.793936][ T8254] netlink: 'syz.3.615': attribute type 39 has an invalid length.
[  146.057575][ T8261] netlink: 'syz.0.616': attribute type 1 has an invalid length.
[  146.067403][ T8261] netlink: 224 bytes leftover after parsing attributes in process `syz.0.616'.
[  147.128012][ T8266] syzkaller0: entered promiscuous mode
[  147.140944][ T8266] syzkaller0: entered allmulticast mode
[  147.241613][ T8277] SET target dimension over the limit!
[  147.300191][ T8277] syzkaller0: entered promiscuous mode
[  147.306410][ T8277] syzkaller0: entered allmulticast mode
[  147.386743][ T8279] syzkaller0: entered promiscuous mode
[  147.392509][ T8279] syzkaller0: entered allmulticast mode
[  147.405331][ T8279] 0: reclassify loop, rule prio 0, protocol 800
[  147.468236][ T8287] netlink: 232 bytes leftover after parsing attributes in process `syz.0.626'.
[  147.513393][ T8291] netlink: 'syz.1.625': attribute type 5 has an invalid length.
[  147.656791][ T8297] netlink: 28 bytes leftover after parsing attributes in process `syz.0.628'.
[  147.768595][ T8302] netlink: 20 bytes leftover after parsing attributes in process `syz.1.629'.
[  148.218050][ T8326] syzkaller0: entered promiscuous mode
[  148.254076][ T8326] syzkaller0: entered allmulticast mode
[  148.278151][ T8326] FAULT_INJECTION: forcing a failure.
[  148.278151][ T8326] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  148.385674][ T8326] CPU: 0 UID: 0 PID: 8326 Comm: syz.2.636 Not tainted syzkaller #0 PREEMPT(full) 
[  148.385711][ T8326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  148.385724][ T8326] Call Trace:
[  148.385732][ T8326]  <TASK>
[  148.385741][ T8326]  dump_stack_lvl+0xe8/0x150
[  148.385786][ T8326]  should_fail_ex+0x412/0x560
[  148.385816][ T8326]  _copy_from_user+0x2d/0xb0
[  148.385848][ T8326]  ___sys_sendmsg+0x1c6/0x360
[  148.385886][ T8326]  ? __pfx____sys_sendmsg+0x10/0x10
[  148.385957][ T8326]  ? __fget_files+0x2a/0x420
[  148.385986][ T8326]  ? __fget_files+0x3a0/0x420
[  148.386025][ T8326]  __x64_sys_sendmsg+0x1bd/0x2a0
[  148.386059][ T8326]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  148.386100][ T8326]  ? __pfx_ksys_write+0x10/0x10
[  148.386133][ T8326]  do_syscall_64+0x14d/0xf80
[  148.386163][ T8326]  ? trace_irq_disable+0x3b/0x150
[  148.386193][ T8326]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.386215][ T8326]  ? clear_bhb_loop+0x40/0x90
[  148.386241][ T8326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.386261][ T8326] RIP: 0033:0x7f432579c799
[  148.386289][ T8326] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  148.386306][ T8326] RSP: 002b:00007f43265f4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  148.386335][ T8326] RAX: ffffffffffffffda RBX: 00007f4325a15fa0 RCX: 00007f432579c799
[  148.386351][ T8326] RDX: 0000000000000005 RSI: 0000200000000280 RDI: 0000000000000005
[  148.386364][ T8326] RBP: 00007f43265f4090 R08: 0000000000000000 R09: 0000000000000000
[  148.386376][ T8326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.386388][ T8326] R13: 00007f4325a16038 R14: 00007f4325a15fa0 R15: 00007ffd6b4cfd08
[  148.386421][ T8326]  </TASK>
[  148.875042][ T8358] __nla_validate_parse: 1 callbacks suppressed
[  148.875064][ T8358] netlink: 8 bytes leftover after parsing attributes in process `syz.2.638'.
[  150.974008][ T8311] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  151.240778][ T8388] netlink: 8 bytes leftover after parsing attributes in process `syz.1.642'.
[  151.249663][ T8385] syzkaller0: entered promiscuous mode
[  151.249689][ T8385] syzkaller0: entered allmulticast mode
[  151.495902][ T8388] netlink: 'syz.1.642': attribute type 1 has an invalid length.
[  151.507852][ T8388] netlink: 'syz.1.642': attribute type 2 has an invalid length.
[  151.804997][ T8414] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.649'.
[  151.817641][ T8414] netlink: 68 bytes leftover after parsing attributes in process `syz.0.649'.
[  153.565606][ T8448] vxcan0: tx drop: invalid sa for name 0x0000000000000001
[  153.604480][ T8449] netlink: 4 bytes leftover after parsing attributes in process `syz.4.656'.
[  153.653068][ T8455] netlink: 72 bytes leftover after parsing attributes in process `syz.0.655'.
[  153.822165][ T8464] netlink: 4 bytes leftover after parsing attributes in process `syz.4.660'.
[  153.937477][ T8466] netlink: 84 bytes leftover after parsing attributes in process `syz.0.661'.
[  154.336345][ T8486] netlink: 24 bytes leftover after parsing attributes in process `syz.0.667'.
[  154.409503][ T8491] netlink: 'syz.2.670': attribute type 32 has an invalid length.
[  154.418804][ T8491] netlink: 8 bytes leftover after parsing attributes in process `syz.2.670'.
[  155.884165][ T8491] bond4: Setting coupled_control to off (0)
[  155.917700][ T8498] lo: entered promiscuous mode
[  155.947228][ T8498] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  156.021068][ T8515] Dead loop on virtual device ip6_vti0, fix it urgently!
[  156.035280][ T8515] netlink: 24 bytes leftover after parsing attributes in process `syz.0.674'.
[  156.143754][ T8521] netlink: 12 bytes leftover after parsing attributes in process `syz.1.677'.
[  156.508563][ T8537] netlink: 12 bytes leftover after parsing attributes in process `syz.0.684'.
[  156.762304][ T8546] openvswitch: netlink: Unexpected mask (mask=840, allowed=10048)
[  156.819036][ T8549] netlink: 12 bytes leftover after parsing attributes in process `syz.3.687'.
[  156.879616][ T8550] Cannot find add_set index 0 as target
[  157.245236][ T8553] netlink: 4 bytes leftover after parsing attributes in process `syz.4.688'.
[  158.076234][ T8553] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  158.466468][ T8571] netlink: 36 bytes leftover after parsing attributes in process `syz.1.693'.
[  158.544299][ T8575] netlink: 4 bytes leftover after parsing attributes in process `syz.3.695'.
[  158.572955][ T8579] netlink: 'syz.0.694': attribute type 30 has an invalid length.
[  158.909734][ T8587] bond3: entered promiscuous mode
[  158.915546][ T8587] bond3: entered allmulticast mode
[  158.922851][ T8587] 8021q: adding VLAN 0 to HW filter on device bond3
[  159.646627][ T8636] __nla_validate_parse: 1 callbacks suppressed
[  159.646652][ T8636] netlink: 16 bytes leftover after parsing attributes in process `syz.3.712'.
[  159.670377][ T8636] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.712'.
[  159.736194][ T8641] netlink: 8 bytes leftover after parsing attributes in process `syz.1.711'.
[  159.794866][ T8645] netlink: 8 bytes leftover after parsing attributes in process `syz.1.711'.
[  159.805296][ T8645] netlink: 4 bytes leftover after parsing attributes in process `syz.1.711'.
[  159.840604][ T8645] bond1: (slave bond0): Releasing active interface
[  159.848064][ T8641] netlink: 'syz.1.711': attribute type 4 has an invalid length.
[  159.868427][ T8641] netlink: 152 bytes leftover after parsing attributes in process `syz.1.711'.
[  159.903573][ T8641] .`: renamed from bond0
[  160.161135][ T8663] netlink: 256 bytes leftover after parsing attributes in process `syz.2.719'.
[  160.184457][ T8665] bridge0: entered allmulticast mode
[  160.240211][ T8667] netlink: 52 bytes leftover after parsing attributes in process `syz.0.721'.
[  160.428617][ T8682] netlink: 'syz.0.724': attribute type 3 has an invalid length.
[  160.437514][ T8682] netlink: 32 bytes leftover after parsing attributes in process `syz.0.724'.
[  160.623267][ T8693] netlink: 8 bytes leftover after parsing attributes in process `syz.2.727'.
[  160.792602][ T8693] 8021q: adding VLAN 0 to HW filter on device bond5
[  160.863981][ T8693] netlink: 'syz.2.727': attribute type 4 has an invalid length.
[  160.895122][ T8700] 8021q: adding VLAN 0 to HW filter on device bond0
[  160.905658][ T8700] bond5: (slave bond0): Enslaving as an active interface with a down link
[  160.917923][ T8693] .`: renamed from bond0 (while UP)
[  161.144303][ T8719] veth1_vlan: left promiscuous mode
[  161.193276][ T8719] macvlan1: entered allmulticast mode
[  163.168972][ T8760] xt_hashlimit: size too large, truncated to 1048576
[  163.187830][ T8764] netlink: 'syz.4.750': attribute type 1 has an invalid length.
[  163.285190][ T8758] netlink: 'syz.2.748': attribute type 7 has an invalid length.
[  163.303399][ T8764] SET target dimension over the limit!
[  164.049340][ T8797] netlink: 'syz.1.759': attribute type 4 has an invalid length.
[  164.072249][ T8791] syzkaller0: entered promiscuous mode
[  164.077880][ T8791] syzkaller0: entered allmulticast mode
[  164.592137][ T8819] openvswitch: netlink: IP tunnel dst address not specified
[  165.099743][ T8837] __nla_validate_parse: 9 callbacks suppressed
[  165.099773][ T8837] netlink: 20 bytes leftover after parsing attributes in process `syz.1.769'.
[  165.128020][ T8845] netlink: 56 bytes leftover after parsing attributes in process `syz.3.770'.
[  165.369687][ T8850] netlink: 8 bytes leftover after parsing attributes in process `syz.4.771'.
[  165.421016][ T8850] netlink: 12 bytes leftover after parsing attributes in process `syz.4.771'.
[  165.577025][ T8855] syzkaller0: entered promiscuous mode
[  165.611572][ T8855] syzkaller0: entered allmulticast mode
[  165.939583][ T6063] udevd[6063]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  166.076232][ T8870] netlink: 32 bytes leftover after parsing attributes in process `syz.1.777'.
[  166.424983][ T8887] syzkaller0: entered allmulticast mode
[  166.567278][ T8890] vlan2: entered promiscuous mode
[  166.573166][ T8890] bridge0: entered promiscuous mode
[  166.616103][ T8892] syzkaller0: entered promiscuous mode
[  166.622170][ T8892] syzkaller0: entered allmulticast mode
[  166.693947][ T8894] syzkaller0: entered promiscuous mode
[  166.699609][ T8894] syzkaller0: entered allmulticast mode
[  166.743640][ T8894] netlink: 80 bytes leftover after parsing attributes in process `syz.4.787'.
[  166.753854][ T8894] netlink: 80 bytes leftover after parsing attributes in process `syz.4.787'.
[  166.883239][ T8904] IPVS: length: 206 != 8
[  167.069784][ T8913] netlink: 'syz.0.791': attribute type 16 has an invalid length.
[  167.077822][ T8913] netlink: 20 bytes leftover after parsing attributes in process `syz.0.791'.
[  167.140721][ T8916] netlink: 'syz.3.792': attribute type 10 has an invalid length.
[  167.509083][ T8929] xt_hashlimit: overflow, rate too high: 0
[  168.580914][ T5829] Bluetooth: hci3: command 0x0405 tx timeout
[  168.622098][ T8916] batman_adv: batadv0: Adding interface: netdevsim0
[  168.641276][ T8916] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  168.675044][ T8916] batman_adv: batadv0: Not using interface netdevsim0 (retrying later): interface not active
[  168.711338][ T8935] netlink: 81 bytes leftover after parsing attributes in process `syz.2.798'.
[  168.813905][ T8941] syzkaller0: entered promiscuous mode
[  168.820150][ T8941] syzkaller0: entered allmulticast mode
[  168.869091][ T5839] IPVS: starting estimator thread 0...
[  168.907995][ T8946] syzkaller0: entered promiscuous mode
[  168.913787][ T8946] syzkaller0: entered allmulticast mode
[  168.992023][ T8943] IPVS: using max 27 ests per chain, 64800 per kthread
[  169.211340][ T8957] netlink: 32 bytes leftover after parsing attributes in process `syz.4.805'.
[  170.084292][ T8997] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  170.231871][ T9004] __nla_validate_parse: 5 callbacks suppressed
[  170.231893][ T9004] netlink: 12 bytes leftover after parsing attributes in process `syz.4.815'.
[  170.514183][ T9018] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  170.532561][ T9020] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  170.556966][ T9016] tipc: Started in network mode
[  170.563541][ T9016] tipc: Node identity a6df51195b54, cluster identity 4711
[  170.572448][ T9016] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  170.582992][ T9004] syzkaller0: entered promiscuous mode
[  170.588530][ T9004] syzkaller0: entered allmulticast mode
[  170.689272][ T9003] tipc: Resetting bearer <eth:syzkaller0>
[  170.752448][ T9003] tipc: Disabling bearer <eth:syzkaller0>
[  170.776027][ T9024] tipc: Trying to set illegal importance in message
[  170.837509][ T9023] tipc: Invalid UDP bearer configuration
[  170.837568][ T9023] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  171.976362][ T9069] netlink: 12 bytes leftover after parsing attributes in process `syz.4.832'.
[  171.996877][ T9072] netlink: 12 bytes leftover after parsing attributes in process `syz.4.832'.
[  172.326759][ T9088] syzkaller1: entered promiscuous mode
[  172.343271][ T9088] syzkaller1: entered allmulticast mode
[  172.457859][ T9095] netlink: 'syz.0.842': attribute type 1 has an invalid length.
[  172.468049][ T9095] netlink: 96 bytes leftover after parsing attributes in process `syz.0.842'.
[  172.478595][ T9095] netlink: 658 bytes leftover after parsing attributes in process `syz.0.842'.
[  172.488261][ T9095] netlink: 1 bytes leftover after parsing attributes in process `syz.0.842'.
[  172.761787][ T9100] netlink: 64 bytes leftover after parsing attributes in process `syz.4.844'.
[  173.052841][ T9109] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  173.272108][ T9117] netlink: 'syz.1.849': attribute type 1 has an invalid length.
[  175.233413][ T9138] netlink: 104 bytes leftover after parsing attributes in process `syz.0.856'.
[  175.714249][ T9173] netlink: 4396 bytes leftover after parsing attributes in process `syz.4.865'.
[  175.971917][ T9190] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5
[  176.366660][ T9201] netlink: 4 bytes leftover after parsing attributes in process `syz.0.872'.
[  176.560420][ T9203] netlink: 8 bytes leftover after parsing attributes in process `syz.1.871'.
[  176.754791][ T9206] netlink: 'syz.1.871': attribute type 25 has an invalid length.
[  177.688217][ T9201] geneve2: entered promiscuous mode
[  177.697360][ T9201] geneve2: entered allmulticast mode
[  177.724356][ T1108] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 19999 - 0
[  177.736637][ T1108] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 19999 - 0
[  177.749217][ T1108] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 19999 - 0
[  177.771693][ T1108] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 19999 - 0
[  177.854514][ T9213] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  177.929367][ T9216] sctp: [Deprecated]: syz.4.875 (pid 9216) Use of struct sctp_assoc_value in delayed_ack socket option.
[  177.929367][ T9216] Use struct sctp_sack_info instead
[  178.124044][ T9220] syzkaller1: entered promiscuous mode
[  178.129588][ T9220] syzkaller1: entered allmulticast mode
[  178.364246][ T9227] netlink: 8 bytes leftover after parsing attributes in process `syz.4.878'.
[  178.373513][ T9227] netlink: 4 bytes leftover after parsing attributes in process `syz.4.878'.
[  178.382957][ T9227] bond0: left promiscuous mode
[  178.394031][ T9227] netlink: 'syz.4.878': attribute type 4 has an invalid length.
[  178.402385][ T9227] netlink: 152 bytes leftover after parsing attributes in process `syz.4.878'.
[  178.658693][ T9171] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  178.867075][ T9243] netlink: 14 bytes leftover after parsing attributes in process `syz.0.883'.
[  179.098118][ T9254] netlink: 4 bytes leftover after parsing attributes in process `syz.4.887'.
[  179.226042][ T9262] netlink: 224 bytes leftover after parsing attributes in process `syz.4.887'.
[  179.280794][ T9264] netlink: 4 bytes leftover after parsing attributes in process `syz.0.889'.
[  179.460136][ T9271] netlink: 'syz.0.889': attribute type 4 has an invalid length.
[  180.610776][ T9264] bond1: option mode: unable to set because the bond device has slaves
[  180.663172][ T9271] .`: renamed from bond0
[  180.732140][  T166] bond1: (slave .`): link status definitely down, disabling slave
[  180.759477][  T166] bond1: now running without any active interface!
[  180.800700][ T9275] __nla_validate_parse: 4 callbacks suppressed
[  180.800721][ T9275] netlink: 12 bytes leftover after parsing attributes in process `syz.4.892'.
[  180.849775][ T9280] netlink: 12 bytes leftover after parsing attributes in process `syz.4.892'.
[  180.879939][ T9277] netlink: 'syz.3.893': attribute type 1 has an invalid length.
[  180.950837][ T9284] netlink: 'syz.0.894': attribute type 4 has an invalid length.
[  180.997561][ T9285] netlink: 'syz.0.894': attribute type 4 has an invalid length.
[  181.010791][ T9282] netlink: 20 bytes leftover after parsing attributes in process `syz.0.894'.
[  181.087481][ T9275] tun0: tun_chr_ioctl cmd 1074025675
[  181.104613][ T9275] tun0: persist disabled
[  181.402507][ T9304] netlink: 4 bytes leftover after parsing attributes in process `syz.3.901'.
[  181.430242][ T9305] netlink: 'syz.2.900': attribute type 7 has an invalid length.
[  181.465249][ T9305] netlink: 168 bytes leftover after parsing attributes in process `syz.2.900'.
[  181.532755][ T9305] : entered promiscuous mode
[  181.744487][ T9320] x_tables: unsorted entry at hook 2
[  183.223145][ T9327] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  183.265835][ T9329] macvtap1: entered allmulticast mode
[  183.278893][ T9329] veth0_macvtap: entered allmulticast mode
[  183.571273][ T9354] openvswitch: netlink: Unexpected mask (mask=2200040, allowed=2010048)
[  183.622765][ T9354] netlink: 8 bytes leftover after parsing attributes in process `syz.0.914'.
[  183.669449][ T9354] netlink: 4 bytes leftover after parsing attributes in process `syz.0.914'.
[  183.682391][ T9356] netlink: 'syz.0.914': attribute type 4 has an invalid length.
[  183.719103][ T9356] netlink: 152 bytes leftover after parsing attributes in process `syz.0.914'.
[  183.836739][ T9360] syzkaller0: entered promiscuous mode
[  183.857270][ T9360] syzkaller0: entered allmulticast mode
[  184.087309][ T9371] netlink: 'syz.1.919': attribute type 1 has an invalid length.
[  184.139293][ T9371] netlink: 224 bytes leftover after parsing attributes in process `syz.1.919'.
[  184.175919][ T9371] NCSI netlink: No device for ifindex 0
[  184.384909][ T9373] netlink: 28 bytes leftover after parsing attributes in process `syz.2.923'.
[  184.763083][ T9411] openvswitch: netlink: Message has 592 unknown bytes.
[  184.790992][ T9411] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  184.937409][ T9416] IPv6: sit1: Disabled Multicast RS
[  184.944916][ T9416] sit1: entered allmulticast mode
[  185.076235][ T9420] syzkaller0: entered promiscuous mode
[  185.082413][ T9420] syzkaller0: entered allmulticast mode
[  185.419860][ T9432] dvmrp6: entered allmulticast mode
[  185.843470][ T9457] __nla_validate_parse: 53 callbacks suppressed
[  185.843582][ T9457] netlink: 104 bytes leftover after parsing attributes in process `syz.2.946'.
[  187.158943][ T9465] netlink: 20 bytes leftover after parsing attributes in process `syz.1.948'.
[  187.308719][ T9473] Cannot find set identified by id 4 to match
[  187.335507][ T9476] netlink: 'syz.4.951': attribute type 1 has an invalid length.
[  187.362646][ T9476] netlink: 280 bytes leftover after parsing attributes in process `syz.4.951'.
[  187.374786][ T9476] netlink: 'syz.4.951': attribute type 1 has an invalid length.
[  187.383414][ T9476] netlink: 280 bytes leftover after parsing attributes in process `syz.4.951'.
[  187.602599][ T9493] netlink: 8 bytes leftover after parsing attributes in process `syz.1.955'.
[  187.619408][ T9493] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  188.777133][ T9458] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  189.482040][ T9535] netlink: 8 bytes leftover after parsing attributes in process `syz.4.966'.
[  189.563401][ T9544] netlink: 8 bytes leftover after parsing attributes in process `syz.3.970'.
[  189.887197][ T9558] netlink: 4 bytes leftover after parsing attributes in process `syz.1.977'.
[  189.919864][ T9558] batadv1: left allmulticast mode
[  189.935507][ T9558] batadv1: left promiscuous mode
[  189.952895][ T9558] bridge0: port 1(batadv1) entered disabled state
[  190.032137][ T9558] bridge0 (unregistering): left allmulticast mode
[  190.388096][ T9574] unsupported nla_type 33542
[  190.453724][ T9584] bridge0: port 3(gretap0) entered blocking state
[  190.460399][ T9584] bridge0: port 3(gretap0) entered disabled state
[  190.468421][ T9581] netlink: 'syz.0.985': attribute type 7 has an invalid length.
[  190.504860][ T9584] gretap0: entered allmulticast mode
[  190.530375][ T9584] gretap0: entered promiscuous mode
[  190.549811][ T9584] bridge0: port 3(gretap0) entered blocking state
[  190.556447][ T9584] bridge0: port 3(gretap0) entered forwarding state
[  190.606552][ T9581] netlink: 'syz.0.985': attribute type 7 has an invalid length.
[  190.618458][ T9580] netlink: 'syz.4.984': attribute type 1 has an invalid length.
[  190.637636][ T9591] block nbd1: not configured, cannot reconfigure
[  190.644945][ T9590] block nbd1: not configured, cannot reconfigure
[  190.691278][ T9580] netlink: 'syz.4.984': attribute type 3 has an invalid length.
[  190.876420][ T9599] netlink: 52 bytes leftover after parsing attributes in process `syz.3.989'.
[  190.964026][ T9599] bridge0: port 3(gretap0) entered disabled state
[  190.970898][ T9599] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.978329][ T9599] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.271900][ T9607] syzkaller0: entered promiscuous mode
[  191.286216][ T9607] syzkaller0: entered allmulticast mode
[  191.293986][ T9610] netlink: 44 bytes leftover after parsing attributes in process `syz.3.994'.
[  191.324129][ T9610] netlink: 8 bytes leftover after parsing attributes in process `syz.3.994'.
[  191.627315][ T9628] netlink: 8 bytes leftover after parsing attributes in process `syz.3.999'.
[  191.689673][ T9633] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  191.769236][ T9628] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  191.792443][ T9636] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1000'.
[  191.965615][ T9646] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1004'.
[  191.975841][ T9646] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1004'.
[  192.058677][ T9650] netlink: 'syz.1.1005': attribute type 1 has an invalid length.
[  192.281915][ T9661] xt_CT: You must specify a L4 protocol and not use inversions on it
[  192.282822][ T9661] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1006'.
[  192.307928][ T9661] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  192.317682][ T9661] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1006'.
[  192.572894][ T9671] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1012'.
[  192.586747][ T9666] syzkaller0: entered promiscuous mode
[  192.592710][ T9666] syzkaller0: entered allmulticast mode
[  192.794168][ T9678] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  192.893973][ T9687] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  192.995546][ T9689] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  193.132117][ T9696] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  193.142628][ T9699] netlink: 'syz.0.1013': attribute type 11 has an invalid length.
[  193.544924][ T9722] x_tables: duplicate underflow at hook 3
[  194.340354][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  194.348316][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  194.447590][ T9772] IPVS: set_ctl: invalid protocol: 60 127.0.0.1:20003
[  194.618161][ T9781] macvtap2: entered allmulticast mode
[  194.653023][ T9781] veth0_macvtap: entered allmulticast mode
[  195.771508][ T9832] syzkaller0: entered promiscuous mode
[  195.823523][ T9832] syzkaller0: entered allmulticast mode
[  196.141852][ T9846] netlink: 'syz.4.1059': attribute type 10 has an invalid length.
[  196.302315][ T5938] IPVS: starting estimator thread 0...
[  196.348730][ T9857] __nla_validate_parse: 9 callbacks suppressed
[  196.348750][ T9857] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1062'.
[  196.401819][ T9856] IPVS: using max 29 ests per chain, 69600 per kthread
[  196.719408][ T9877] netlink: 'syz.0.1066': attribute type 1 has an invalid length.
[  196.739236][ T9877] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1066'.
[  196.760960][ T9873] netlink: 'syz.4.1067': attribute type 33 has an invalid length.
[  196.803747][ T9877] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1066'.
[  196.866916][ T9877] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1066'.
[  196.925962][ T9877] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1066'.
[  196.952226][ T9877] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1066'.
[  196.982830][ T1108] nci: nci_rx_work: unknown MT 0x1
[  197.302462][ T9908] workqueue: Failed to create a rescuer kthread for wq "nfc3_nci_tx_wq": -EINTR
[  197.519755][ T9892] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  197.548890][ T9924] netlink: 'syz.1.1080': attribute type 2 has an invalid length.
[  197.593969][ T9924] netlink: 'syz.1.1080': attribute type 1 has an invalid length.
[  197.652645][ T9924] netlink: 'syz.1.1080': attribute type 1 has an invalid length.
[  197.653068][ T9925] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1080'.
[  197.912546][ T9937] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1084'.
[  198.024776][ T9943] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1088'.
[  198.121111][ T9949] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1088'.
[  198.266753][  T166] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.491744][  T796] page_pool_release_retry() stalled pool shutdown: id 31, 1 inflight 60 sec
[  199.393260][T10011] syzkaller0: entered promiscuous mode
[  199.398893][T10011] syzkaller0: entered allmulticast mode
[  199.991072][T10016] macvlan1: left allmulticast mode
[  200.068012][T10016] bond2: left promiscuous mode
[  200.075486][T10016] bridge2: left promiscuous mode
[  200.126305][   T36] netdevsim netdevsim1 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  200.151051][   T36] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.274486][   T36] netdevsim netdevsim1 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  200.318908][   T36] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.375542][   T36] netdevsim netdevsim1 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  200.403412][   T36] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.489010][   T36] netdevsim netdevsim1 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  200.520926][   T36] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.571484][T10072] netlink: 'syz.0.1116': attribute type 9 has an invalid length.
[  200.672673][T10076] netlink: 'syz.4.1120': attribute type 3 has an invalid length.
[  200.709665][T10059] syzkaller0: entered promiscuous mode
[  200.715415][T10059] syzkaller0: entered allmulticast mode
[  201.533583][ T5833] Bluetooth: hci1: command 0x0406 tx timeout
[  201.533628][ T5838] Bluetooth: hci4: command 0x0406 tx timeout
[  201.546065][ T5838] Bluetooth: hci2: command 0x0406 tx timeout
[  202.314156][T10089] netlink: 'syz.3.1126': attribute type 2 has an invalid length.
[  202.339503][T10089] __nla_validate_parse: 8 callbacks suppressed
[  202.339522][T10089] netlink: 244 bytes leftover after parsing attributes in process `syz.3.1126'.
[  202.365197][T10094] netlink: 'syz.4.1124': attribute type 32 has an invalid length.
[  202.373439][T10094] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1124'.
[  202.407240][T10090] bond3: option arp_validate: mode dependency failed, not supported in mode balance-alb(6)
[  202.421416][T10090] bond3 (unregistering): Released all slaves
[  202.558290][T10094] bond1: option coupled_control: invalid value (108)
[  202.615124][T10094] bond1 (unregistering): Released all slaves
[  202.659544][T10108] netlink: 'syz.3.1128': attribute type 13 has an invalid length.
[  202.673538][T10108] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1128'.
[  202.768008][T10114] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1130'.
[  202.808647][T10114] netlink: 'syz.4.1130': attribute type 3 has an invalid length.
[  203.092753][T10127] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  203.178122][T10132] bond5: option mode: unable to set because the bond device has slaves
[  203.196083][T10132] bond5: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  203.209582][T10132] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  203.334292][T10141] sctp: [Deprecated]: syz.4.1138 (pid 10141) Use of int in max_burst socket option deprecated.
[  203.334292][T10141] Use struct sctp_assoc_value instead
[  203.367680][T10141] netlink: 'syz.4.1138': attribute type 1 has an invalid length.
[  203.447496][T10141] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  203.496123][T10151] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1139'.
[  203.540146][T10151] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1139'.
[  203.967994][T10169] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  203.975331][T10169] IPv6: NLM_F_CREATE should be set when creating new route
[  204.199562][T10178] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1149'.
[  204.245208][T10178] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1149'.
[  204.467800][T10187] netlink: 'syz.0.1153': attribute type 17 has an invalid length.
[  204.479005][T10187] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1153'.
[  204.489514][T10187] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1153'.
[  204.506611][T10187] gretap0: entered promiscuous mode
[  204.538084][T10187] gretap0: left promiscuous mode
[  204.857345][T10201] delete_channel: no stack
[  204.929978][T10206] ksmbd: Unknown IPC event: 3, ignore.
[  205.820034][T10241] syzkaller0: entered promiscuous mode
[  205.825774][T10241] syzkaller0: entered allmulticast mode
[  205.908885][T10248] syzkaller0: entered promiscuous mode
[  205.928190][T10251] netlink: 'syz.3.1174': attribute type 10 has an invalid length.
[  205.937368][T10248] syzkaller0: entered allmulticast mode
[  205.965379][T10251] bridge_slave_1: left allmulticast mode
[  206.000685][T10251] bridge_slave_1: left promiscuous mode
[  206.035623][T10251] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.097781][T10251] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  206.195245][T10262] xt_ecn: cannot match TCP bits for non-tcp packets
[  206.353932][T10269] netlink: 'syz.3.1180': attribute type 5 has an invalid length.
[  206.366503][T10269] netlink: 'syz.3.1180': attribute type 21 has an invalid length.
[  206.388358][T10269] netlink: 'syz.3.1180': attribute type 5 has an invalid length.
[  206.650385][T10279] syzkaller1: entered promiscuous mode
[  206.663094][T10279] syzkaller1: entered allmulticast mode
[  206.808095][T10287] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  207.057012][T10313] openvswitch: netlink: IP tunnel dst address not specified
[  207.316847][T10319] syzkaller0: entered promiscuous mode
[  207.322841][T10319] syzkaller0: entered allmulticast mode
[  207.332252][T10319] 0: reclassify loop, rule prio 0, protocol 800
[  207.362729][T10322] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  207.408287][T10325] netlink: 'syz.3.1198': attribute type 4 has an invalid length.
[  207.415110][T10322] __nla_validate_parse: 15 callbacks suppressed
[  207.415162][T10322] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1197'.
[  207.452878][T10325] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1198'.
[  207.476861][T10325] netlink: 'syz.3.1198': attribute type 83 has an invalid length.
[  207.604747][T10333] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1199'.
[  207.624231][T10331] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING
[  207.643961][T10334] FAULT_INJECTION: forcing a failure.
[  207.643961][T10334] name failslab, interval 1, probability 0, space 0, times 0
[  207.658257][T10334] CPU: 1 UID: 0 PID: 10334 Comm: syz.2.1201 Not tainted syzkaller #0 PREEMPT(full) 
[  207.658287][T10334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  207.658300][T10334] Call Trace:
[  207.658309][T10334]  <TASK>
[  207.658318][T10334]  dump_stack_lvl+0xe8/0x150
[  207.658354][T10334]  should_fail_ex+0x412/0x560
[  207.658385][T10334]  should_failslab+0xa8/0x100
[  207.658413][T10334]  __kvmalloc_node_noprof+0x178/0x8a0
[  207.658444][T10334]  ? bpf_test_run_xdp_live+0x223/0x1cf0
[  207.658473][T10334]  ? __kvmalloc_node_noprof+0x393/0x8a0
[  207.658501][T10334]  bpf_test_run_xdp_live+0x223/0x1cf0
[  207.658534][T10334]  ? bpf_dispatcher_change_prog+0xae0/0xd70
[  207.658576][T10334]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  207.658610][T10334]  ? __pfx_autoremove_wake_function+0x10/0x10
[  207.658636][T10334]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  207.658684][T10334]  ? 0xffffffffa02019d0
[  207.658732][T10334]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  207.658771][T10334]  ? _copy_from_user+0x94/0xb0
[  207.658801][T10334]  ? bpf_test_init+0x113/0x150
[  207.658823][T10334]  ? xdp_convert_md_to_buff+0x5b/0x330
[  207.658851][T10334]  bpf_prog_test_run_xdp+0x81c/0x1160
[  207.658894][T10334]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  207.658926][T10334]  ? __fget_files+0x2a/0x420
[  207.658962][T10334]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  207.658989][T10334]  bpf_prog_test_run+0x2c7/0x340
[  207.659014][T10334]  __sys_bpf+0x643/0x950
[  207.659048][T10334]  ? __pfx___sys_bpf+0x10/0x10
[  207.659097][T10334]  ? ksys_write+0x242/0x270
[  207.659121][T10334]  ? __pfx_ksys_write+0x10/0x10
[  207.659150][T10334]  __x64_sys_bpf+0x7c/0x90
[  207.659180][T10334]  do_syscall_64+0x14d/0xf80
[  207.659210][T10334]  ? trace_irq_disable+0x3b/0x150
[  207.659240][T10334]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.659262][T10334]  ? clear_bhb_loop+0x40/0x90
[  207.659288][T10334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.659309][T10334] RIP: 0033:0x7f432579c799
[  207.659328][T10334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  207.659346][T10334] RSP: 002b:00007f43265f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  207.659369][T10334] RAX: ffffffffffffffda RBX: 00007f4325a15fa0 RCX: 00007f432579c799
[  207.659384][T10334] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  207.659397][T10334] RBP: 00007f43265f4090 R08: 0000000000000000 R09: 0000000000000000
[  207.659409][T10334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  207.659421][T10334] R13: 00007f4325a16038 R14: 00007f4325a15fa0 R15: 00007ffd6b4cfd08
[  207.659460][T10334]  </TASK>
[  207.668023][T10329] IPv6: sit3: Disabled Multicast RS
[  207.741326][T10331] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING
[  208.068507][T10345] xt_connbytes: Forcing CT accounting to be enabled
[  208.222449][T10361] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1206'.
[  208.344064][T10361] bond0: option xmit_hash_policy: invalid value (64)
[  208.353530][T10361] bond0 (unregistering): Released all slaves
[  208.488970][T10365] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1208'.
[  208.507599][T10365] openvswitch: netlink: Flow actions attr not present in new flow.
[  208.525407][T10378] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1210'.
[  208.551293][T10378] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1210'.
[  208.560712][T10375] netlink: 'syz.2.1209': attribute type 1 has an invalid length.
[  208.699877][T10383] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1212'.
[  208.732666][T10383] bridge_slave_1: left allmulticast mode
[  208.738441][T10383] bridge_slave_1: left promiscuous mode
[  208.751647][T10383] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.763432][T10383] bridge_slave_0: left allmulticast mode
[  208.771371][T10383] bridge_slave_0: left promiscuous mode
[  208.779745][T10383] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.961702][T10395] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1214'.
[  209.063182][T10395] hsr_slave_1 (unregistering): left promiscuous mode
[  209.137801][T10391] netlink: 'syz.0.1214': attribute type 1 has an invalid length.
[  209.149119][T10391] xt_hashlimit: overflow, try lower: 18446744073709551613/4
[  209.157303][T10391] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1214'.
[  209.478347][T10418] netlink: 'syz.1.1221': attribute type 29 has an invalid length.
[  209.511989][T10418] netlink: 'syz.1.1221': attribute type 29 has an invalid length.
[  209.747963][   T36] nci: nci_rsp_packet: unsupported rsp opcode 0xf00
[  209.764095][T10430] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  209.796413][T10435] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  210.062506][T10452] netlink: 'syz.4.1229': attribute type 16 has an invalid length.
[  210.090816][T10452] netlink: 'syz.4.1229': attribute type 17 has an invalid length.
[  210.145943][T10452] 8021q: adding VLAN 0 to HW filter on device team0
[  210.171318][T10452] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  210.373381][T10466] block nbd0: Unsupported socket: should be TCP or UNIX.
[  210.920894][T10052] tipc: Node number set to 4253765913
[  210.988555][T10497] netlink: 'syz.4.1239': attribute type 11 has an invalid length.
[  211.013907][T10497] netlink: 'syz.4.1239': attribute type 11 has an invalid length.
[  211.241581][   T30] audit: type=1800 audit(1772719871.179:3): pid=10503 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1242" name=4996AE17DFFC2E43C8174B54B620636894AAACF28FF62616363C70A440AEC4014CAF28C0ADC04308 dev="tmpfs" ino=1286 res=0 errno=0
[  211.662308][T10515] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  211.723722][T10524] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  211.751325][T10524] syzkaller0: entered promiscuous mode
[  211.779401][T10524] syzkaller0: entered allmulticast mode
[  211.866747][T10526] bond1: option all_slaves_active: invalid value (222)
[  211.887270][T10526] bond1 (unregistering): Released all slaves
[  211.922301][T10522] openvswitch: netlink: nsh attribute has 4 unknown bytes.
[  211.968627][T10530] ip6gre1: entered promiscuous mode
[  211.999681][T10528] openvswitch: netlink: Flow key attr not present in new flow.
[  212.046185][T10542] tipc: Resetting bearer <eth:syzkaller0>
[  212.157297][T10523] tipc: Resetting bearer <eth:syzkaller0>
[  212.219658][T10523] tipc: Disabling bearer <eth:syzkaller0>
[  212.819708][T10577] bridge: RTM_NEWNEIGH with unconfigured vlan 1 on bridge0
[  213.025363][T10590] 8021q: adding VLAN 0 to HW filter on device bond0
[  213.077697][T10590] bond0: (slave rose0): Enslaving as an active interface with an up link
[  213.161459][T10590] syzkaller0: entered promiscuous mode
[  213.168953][T10590] syzkaller0: entered allmulticast mode
[  213.497153][T10620] netlink: 'syz.4.1273': attribute type 17 has an invalid length.
[  213.555159][T10620] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  213.773947][T10630] lo: left promiscuous mode
[  213.778794][T10630] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  213.867879][T10635] syz.4.1278: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  213.885685][T10635] CPU: 1 UID: 0 PID: 10635 Comm: syz.4.1278 Not tainted syzkaller #0 PREEMPT(full) 
[  213.885716][T10635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  213.885730][T10635] Call Trace:
[  213.885739][T10635]  <TASK>
[  213.885748][T10635]  dump_stack_lvl+0xe8/0x150
[  213.885787][T10635]  warn_alloc+0x249/0x340
[  213.885814][T10635]  ? stack_trace_save+0xa9/0x100
[  213.885841][T10635]  ? __pfx_warn_alloc+0x10/0x10
[  213.885874][T10635]  ? kasan_save_track+0x4f/0x80
[  213.885895][T10635]  ? kasan_save_track+0x3e/0x80
[  213.885915][T10635]  ? __kasan_kmalloc+0x93/0xb0
[  213.885936][T10635]  ? __kmalloc_cache_noprof+0x31c/0x660
[  213.885958][T10635]  ? xskq_create+0x56/0x170
[  213.885986][T10635]  ? xsk_setsockopt+0x54c/0x990
[  213.886010][T10635]  ? do_sock_setsockopt+0x17c/0x1b0
[  213.886041][T10635]  ? __x64_sys_setsockopt+0x13d/0x1b0
[  213.886070][T10635]  ? do_syscall_64+0x14d/0xf80
[  213.886106][T10635]  __vmalloc_node_range_noprof+0x132/0x1730
[  213.886163][T10635]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  213.886205][T10635]  ? __kasan_kmalloc+0x93/0xb0
[  213.886237][T10635]  vmalloc_user_noprof+0xad/0xe0
[  213.886260][T10635]  ? xskq_create+0xbf/0x170
[  213.886290][T10635]  xskq_create+0xbf/0x170
[  213.886322][T10635]  xsk_init_queue+0x8a/0xe0
[  213.886352][T10635]  xsk_setsockopt+0x54c/0x990
[  213.886381][T10635]  ? __pfx_xsk_setsockopt+0x10/0x10
[  213.886411][T10635]  ? __pfx_aa_sk_perm+0x10/0x10
[  213.886438][T10635]  ? aa_sock_opt_perm+0xff/0x1a0
[  213.886466][T10635]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  213.886489][T10635]  ? __pfx_xsk_setsockopt+0x10/0x10
[  213.886517][T10635]  do_sock_setsockopt+0x17c/0x1b0
[  213.886553][T10635]  __x64_sys_setsockopt+0x13d/0x1b0
[  213.886590][T10635]  do_syscall_64+0x14d/0xf80
[  213.886620][T10635]  ? trace_irq_disable+0x3b/0x150
[  213.886652][T10635]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.886674][T10635]  ? clear_bhb_loop+0x40/0x90
[  213.886700][T10635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.886721][T10635] RIP: 0033:0x7f1b8639c799
[  213.886741][T10635] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  213.886759][T10635] RSP: 002b:00007f1b8718c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  213.886782][T10635] RAX: ffffffffffffffda RBX: 00007f1b86615fa0 RCX: 00007f1b8639c799
[  213.886798][T10635] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000006
[  213.886811][T10635] RBP: 00007f1b86432bd9 R08: 0000000000000004 R09: 0000000000000000
[  213.886823][T10635] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  213.886836][T10635] R13: 00007f1b86616038 R14: 00007f1b86615fa0 R15: 00007ffc38320858
[  213.886869][T10635]  </TASK>
[  213.886890][T10635] Mem-Info:
[  214.256489][T10635] active_anon:5827 inactive_anon:0 isolated_anon:0
[  214.256489][T10635]  active_file:3539 inactive_file:39984 isolated_file:0
[  214.256489][T10635]  unevictable:768 dirty:60 writeback:0
[  214.256489][T10635]  slab_reclaimable:11412 slab_unreclaimable:99540
[  214.256489][T10635]  mapped:29657 shmem:1390 pagetables:1341
[  214.256489][T10635]  sec_pagetables:0 bounce:0
[  214.256489][T10635]  kernel_misc_reclaimable:0
[  214.256489][T10635]  free:1326553 free_pcp:8898 free_cma:0
[  214.393169][T10635] Node 0 active_anon:23308kB inactive_anon:0kB active_file:14156kB inactive_file:159728kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:118528kB dirty:240kB writeback:0kB shmem:3924kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13020kB pagetables:5220kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  214.467462][T10650] syzkaller1: entered promiscuous mode
[  214.494587][T10635] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:144kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  214.516268][T10650] syzkaller1: entered allmulticast mode
[  214.630637][T10635] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  214.686723][T10635] lowmem_reserve[]: 0 2492 2493 2493 2493
[  214.696857][T10635] Node 0 DMA32 free:1352868kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB free_highatomic:0KB active_anon:23208kB inactive_anon:0kB active_file:14156kB inactive_file:159728kB unevictable:1536kB writepending:240kB zspages:0kB present:3129332kB managed:2552824kB mlocked:0kB bounce:0kB free_pcp:35096kB local_pcp:20592kB free_cma:0kB
[  214.757830][T10635] lowmem_reserve[]: 0 0 0 0 0
[  214.794090][T10635] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:884kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB
[  214.848297][T10669] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  214.873535][T10673] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  214.900606][T10635] lowmem_reserve[]: 0 0 0 0 0
[  214.910560][T10635] Node 1 Normal free:3938184kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  214.995219][T10635] lowmem_reserve[]: 0 0 0 0 0
[  215.022539][T10635] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  215.106908][T10635] Node 0 DMA32: 4485*4kB (UM) 1910*8kB (UME) 867*16kB (UME) 345*32kB (UME) 54*64kB (UM) 97*128kB (UM) 104*256kB (UM) 86*512kB (UM) 72*1024kB (UME) 54*2048kB (UME) 250*4096kB (UM) = 1352980kB
[  215.166518][T10635] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  215.214016][T10635] Node 1 Normal: 2*4kB (UM) 2*8kB (UM) 11*16kB (UME) 8*32kB (UME) 7*64kB (UME) 6*128kB (UM) 5*256kB (UM) 2*512kB (M) 2*1024kB (ME) 2*2048kB (UE) 959*4096kB (M) = 3938184kB
[  215.286505][T10635] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  215.356869][T10635] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  215.369962][T10635] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  215.379876][T10635] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  215.408632][T10635] 44900 total pagecache pages
[  215.417958][T10635] 0 pages in swap cache
[  215.422588][T10635] Free swap  = 124996kB
[  215.426778][T10635] Total swap = 124996kB
[  215.432125][T10635] 2097051 pages RAM
[  215.436119][T10635] 0 pages HighMem/MovableOnly
[  215.441213][T10635] 427009 pages reserved
[  215.449975][T10635] 0 pages cma reserved
[  215.688824][T10717] atomic_op ffff888031edf998 conn xmit_atomic 0000000000000000
[  215.845221][T10728] syzkaller0: entered promiscuous mode
[  215.850910][T10728] syzkaller0: entered allmulticast mode
[  215.928949][T10732] __nla_validate_parse: 11 callbacks suppressed
[  215.928969][T10732] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1303'.
[  215.969206][T10732] netlink: 'syz.3.1303': attribute type 62 has an invalid length.
[  216.003467][T10732] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1303'.
[  216.051948][T10741] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1304'.
[  216.583072][T10766] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1308'.
[  216.674251][ T6101] udevd[6101]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  216.730167][T10757] netlink: 64985 bytes leftover after parsing attributes in process `syz.3.1305'.
[  216.851090][T10774] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1309'.
[  217.055530][T10789] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1313'.
[  217.119187][T10789] vlan3: entered allmulticast mode
[  217.125622][T10789] bridge3: entered allmulticast mode
[  217.179075][T10789] bridge3: port 1(veth5) entered blocking state
[  217.186122][T10789] bridge3: port 1(veth5) entered disabled state
[  217.195346][T10789] veth5: entered allmulticast mode
[  217.204517][T10789] veth5: entered promiscuous mode
[  217.402081][T10809] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1316'.
[  217.498512][T10809] 8021q: adding VLAN 0 to HW filter on device bond7
[  217.498895][T10815] Unsupported ieee802154 address type: 0
[  217.927963][T10840] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1325'.
[  217.985196][T10840] netlink: 'syz.3.1325': attribute type 7 has an invalid length.
[  218.021513][T10840] netlink: 'syz.3.1325': attribute type 8 has an invalid length.
[  218.042056][T10849] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.1328'.
[  218.058167][T10851] openvswitch: netlink: Port 167772160 exceeds max allowable 65535
[  218.430370][T10870] x_tables: duplicate underflow at hook 3
[  218.849463][T10889] netlink: 'syz.2.1336': attribute type 5 has an invalid length.
[  219.029591][T10895] netlink: 'syz.4.1337': attribute type 1 has an invalid length.
[  219.133651][T10895] 8021q: adding VLAN 0 to HW filter on device bond1
[  219.266716][T10907] SET target dimension over the limit!
[  219.486257][T10927] openvswitch: netlink: Flow key attr not present in new flow.
[  219.495517][T10926] netlink: 'syz.3.1346': attribute type 1 has an invalid length.
[  219.598435][T10926] bond4: entered promiscuous mode
[  219.624120][T10926] 8021q: adding VLAN 0 to HW filter on device bond4
[  219.679108][T10933] bond4: (slave bridge2): making interface the new active one
[  219.726134][T10933] bridge2: entered promiscuous mode
[  219.729005][T10944] netlink: 'syz.2.1351': attribute type 3 has an invalid length.
[  219.751497][T10933] bond4: (slave bridge2): Enslaving as an active interface with an up link
[  220.183667][T10964] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  220.191073][T10964] IPv6: NLM_F_CREATE should be set when creating new route
[  220.449492][T10981] netlink: 'syz.3.1364': attribute type 1 has an invalid length.
[  220.957738][T11009] __nla_validate_parse: 18 callbacks suppressed
[  220.957761][T11009] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1376'.
[  221.202915][T11021] netlink: 'syz.2.1381': attribute type 21 has an invalid length.
[  221.244707][T11021] netlink: 'syz.2.1381': attribute type 6 has an invalid length.
[  221.272408][T11021] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1381'.
[  221.316739][T11021] syzkaller0: entered promiscuous mode
[  221.342368][T11021] syzkaller0: entered allmulticast mode
[  221.369511][T11021] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1381'.
[  221.384874][T11034] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1386'.
[  221.543162][T10996] Bluetooth: hci2: Opcode 0x0401 failed: -4
[  222.212631][T11063] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  222.269247][T11063] tipc: Resetting bearer <eth:syzkaller0>
[  222.376864][T11074] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1399'.
[  222.730959][ T5829] Bluetooth: hci2: command 0x0406 tx timeout
[  222.749054][T11096] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1404'.
[  222.783203][T11096] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1404'.
[  222.934639][T11109] netlink: 'syz.0.1409': attribute type 1 has an invalid length.
[  222.944992][T11108] tipc: Started in network mode
[  222.956330][T11108] tipc: Node identity 926b777c9c89, cluster identity 4711
[  222.970310][T11111] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1411'.
[  222.977053][T11114] netlink: 'syz.0.1409': attribute type 1 has an invalid length.
[  222.993476][T11108] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  223.000444][T11112] syzkaller0: entered promiscuous mode
[  223.024015][T11112] syzkaller0: entered allmulticast mode
[  223.060045][T11111] bond8: option xmit_hash_policy: invalid value (64)
[  223.073266][T11111] bond8 (unregistering): Released all slaves
[  223.102371][T11109] workqueue: Failed to create a rescuer kthread for wq "bond0": -EINTR
[  223.103593][T11114] workqueue: Failed to create a rescuer kthread for wq "bond0": -EINTR
[  223.119902][T11112] tipc: Resetting bearer <eth:syzkaller0>
[  223.208715][T11112] tipc: Disabling bearer <eth:syzkaller0>
[  240.974295][T11167] lo: entered allmulticast mode
[  241.037530][T11176] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1418'.
[  241.099388][T11174] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  241.205856][T11162] lo: left allmulticast mode
[  241.285595][T11189] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1422'.
[  241.388185][T11193] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1425'.
[  241.409993][T11193] netlink: 'syz.1.1425': attribute type 1 has an invalid length.
[  241.424172][T11193] netlink: 'syz.1.1425': attribute type 2 has an invalid length.
[  241.476018][T11193] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1425'.
[  241.642359][T11211] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1430'.
[  242.013476][T11222] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1433'.
[  242.105352][T11222] hsr_slave_0 (unregistering): left promiscuous mode
[  242.142681][T11225] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1434'.
[  242.184444][T11224] bond8: option arp_all_targets: invalid value (18446744073709551613)
[  242.203249][T11224] bond8 (unregistering): Released all slaves
[  242.442180][T11237] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1436'.
[  242.451655][T11237] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  242.667162][T11250] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1440'.
[  242.740628][T10019] IPVS: starting estimator thread 0...
[  242.840631][T11255] IPVS: using max 23 ests per chain, 55200 per kthread
[  243.406831][T11294] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1451'.
[  243.552345][T11299] netlink: 'syz.1.1452': attribute type 1 has an invalid length.
[  243.606718][T11289] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  243.652147][T11289] vlan2: left promiscuous mode
[  243.657041][T11289] bridge0: left promiscuous mode
[  243.672537][T11289] veth0_macvtap: left allmulticast mode
[  243.678374][T11289] macvtap1: left allmulticast mode
[  243.694367][T11289] vlan3: left allmulticast mode
[  243.699376][T11289] bridge3: left allmulticast mode
[  243.732191][   T58] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  243.753913][   T58] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  243.781446][   T58] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  243.812135][   T58] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  243.830945][T11301] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.838860][T11301] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.873881][T11302] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.881155][T11302] bridge0: port 2(bridge_slave_1) entered forwarding state
[  243.888711][T11302] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.896004][T11302] bridge0: port 1(bridge_slave_0) entered forwarding state
[  243.920047][T11302] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.927398][T11302] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.976758][   T58] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  243.987802][   T58] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  244.027149][T11310] ip6erspan0: entered promiscuous mode
[  244.062870][   T58] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  244.096796][   T58] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  244.203230][T11322] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  244.486900][T10019] IPVS: starting estimator thread 0...
[  244.601933][T11341] IPVS: using max 26 ests per chain, 62400 per kthread
[  244.721436][T11355] netlink: 'syz.3.1467': attribute type 1 has an invalid length.
[  244.771825][T11355] bond5: entered promiscuous mode
[  244.777405][T11355] 8021q: adding VLAN 0 to HW filter on device bond5
[  245.281458][T11392] syzkaller0: entered promiscuous mode
[  245.287004][T11392] syzkaller0: entered allmulticast mode
[  245.473952][T11407] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  245.749251][T11421] IPVS: set_ctl: invalid protocol: 50 10.1.1.2:20001
[  245.757864][T11413] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  245.765882][T11421] netlink: 'syz.4.1487': attribute type 4 has an invalid length.
[  245.811000][T11426] block nbd0: not configured, cannot reconfigure
[  246.409528][T11468] nbd: couldn't find device at index 1073741824
[  246.496789][T11469] syzkaller0: entered promiscuous mode
[  246.502463][T11469] syzkaller0: entered allmulticast mode
[  246.893978][T11495] __nla_validate_parse: 7 callbacks suppressed
[  246.894002][T11495] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1504'.
[  247.027745][T11503] tipc: Can't bind to reserved service type 2
[  247.064990][T11501] bond6: option lp_interval: invalid value (0)
[  247.071728][T11501] bond6: option lp_interval: allowed values 1 - 2147483647
[  247.097654][T11501] bond6 (unregistering): Released all slaves
[  247.293038][T11506] bond0: option all_slaves_active: invalid value (222)
[  247.313064][T11506] bond0 (unregistering): Released all slaves
[  247.494374][T11523] sctp: [Deprecated]: syz.1.1514 (pid 11523) Use of struct sctp_assoc_value in delayed_ack socket option.
[  247.494374][T11523] Use struct sctp_sack_info instead
[  247.598615][T11533] x_tables: duplicate underflow at hook 1
[  247.609710][T11529] netlink: 'syz.2.1516': attribute type 1 has an invalid length.
[  247.637200][T11529] netlink: 'syz.2.1516': attribute type 2 has an invalid length.
[  247.657139][T11529] netlink: 'syz.2.1516': attribute type 1 has an invalid length.
[  247.675327][T11529] netlink: 'syz.2.1516': attribute type 3 has an invalid length.
[  247.687122][T11529] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1516'.
[  247.777223][T11540] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1520'.
[  247.848141][T11544] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1521'.
[  247.917767][T11548] ieee802154 phy0 wpan0: encryption failed: -90
[  247.970753][T11544] ieee80211 phy29: Failed to add default virtual iface
[  248.314247][T11565] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1527'.
[  248.335720][T11566] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1526'.
[  248.544485][T11577] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1531'.
[  248.556233][T11577] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1531'.
[  248.566424][T11577] tipc: Started in network mode
[  248.576760][T11577] tipc: Node identity 7, cluster identity 4711
[  248.584427][T11577] tipc: Node number set to 7
[  248.924119][T11592] netlink: 'syz.3.1537': attribute type 1 has an invalid length.
[  248.934256][T11592] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1537'.
[  248.945787][T11592] netlink: 658 bytes leftover after parsing attributes in process `syz.3.1537'.
[  248.965403][T11591] netlink: 'syz.3.1537': attribute type 1 has an invalid length.
[  249.179061][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.187360][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.195297][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.202677][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.217331][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.228982][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.237215][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.245693][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.253951][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.279126][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.297930][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.319207][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.325963][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.358149][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.365123][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.375516][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.382320][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.389093][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.437312][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.453501][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.459977][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.478305][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.538422][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.548276][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.566435][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.595803][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.603676][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.612718][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.629621][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.639582][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.652496][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.658996][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.672960][T11604] ieee802154 phy0 wpan0: encryption failed: -22
[  249.770796][T11646] vlan2: entered allmulticast mode
[  249.776735][T11646] hsr0: entered allmulticast mode
[  249.789716][T11646] hsr_slave_0: entered allmulticast mode
[  249.802305][ T5829] block nbd0: Receive control failed (result -32)
[  250.228163][T11679] x_tables: duplicate underflow at hook 2
[  250.665422][T11692] netlink: 'syz.0.1565': attribute type 39 has an invalid length.
[  252.109038][T11686] bridge_slave_1: left allmulticast mode
[  252.115151][T11686] bridge_slave_1: left promiscuous mode
[  252.121468][T11686] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.132323][T11686] bridge_slave_0: left allmulticast mode
[  252.138392][T11686] bridge_slave_0: left promiscuous mode
[  252.145503][T11686] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.260414][T11699] __nla_validate_parse: 7 callbacks suppressed
[  252.260436][T11699] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1567'.
[  252.387768][T11707] ipt_REJECT: TCP_RESET invalid for non-tcp
[  252.409379][T11708] veth0: entered promiscuous mode
[  253.093551][T11758] openvswitch: netlink: Flow key attr not present in new flow.
[  253.100390][T11756] veth0: left promiscuous mode
[  253.136877][T11751] netlink: 'syz.0.1581': attribute type 13 has an invalid length.
[  253.196378][T11751] 8021q: adding VLAN 0 to HW filter on device .`
[  253.198678][T11761] netlink: 'syz.4.1583': attribute type 1 has an invalid length.
[  253.220890][T11761] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  253.241155][T11751] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  253.281538][   T49] bond1: (slave .`): link status definitely up, 10000 Mbps full duplex
[  253.291017][   T49] bond1: (slave .`): making interface the new active one
[  253.330093][   T49] bond1: active interface up!
[  253.512313][T11780] netlink: 7064 bytes leftover after parsing attributes in process `syz.2.1588'.
[  253.522681][T11780] openvswitch: netlink: Missing key (keys=40, expected=100)
[  253.820660][T11794] ieee802154 phy0 wpan0: encryption failed: -22
[  254.223172][T11818] Cannot find set identified by id 0 to match
[  254.492950][T11831] openvswitch: netlink: IP tunnel dst address not specified
[  254.707913][T11842] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  254.772308][T11849] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1609'.
[  254.888561][T11851] netlink: 'syz.3.1610': attribute type 2 has an invalid length.
[  254.899462][T11851] netlink: 'syz.3.1610': attribute type 11 has an invalid length.
[  254.922905][T11851] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1610'.
[  255.000064][T11854] netlink: 'syz.4.1611': attribute type 2 has an invalid length.
[  255.019914][T11856] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.1612'.
[  255.029806][T11854] netlink: 244 bytes leftover after parsing attributes in process `syz.4.1611'.
[  255.052449][T11856] netlink: 144 bytes leftover after parsing attributes in process `syz.2.1612'.
[  255.071583][T11857] netlink: 144 bytes leftover after parsing attributes in process `syz.2.1612'.
[  255.324168][T11871] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1616'.
[  255.518152][T11877] --map-set only usable from mangle table
[  255.660948][T11890] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1621'.
[  255.775130][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  255.782265][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  255.805184][T11904] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  255.875752][T11904] xt_SECMARK: invalid mode: 9
[  256.055592][T11917] openvswitch: netlink: IPv4 tunnel dst address is zero
[  256.212873][T11920] veth7: entered allmulticast mode
[  256.289483][T11925] lo: entered allmulticast mode
[  256.320421][T11926] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  256.320814][T11929] af_packet: tpacket_rcv: packet too big, clamped from 65354 to 4294967272. macoff=96
[  256.423613][T11933] sctp: [Deprecated]: syz.2.1632 (pid 11933) Use of struct sctp_assoc_value in delayed_ack socket option.
[  256.423613][T11933] Use struct sctp_sack_info instead
[  256.549142][T11941] syzkaller1: entered promiscuous mode
[  256.557900][T11941] syzkaller1: entered allmulticast mode
[  259.355964][T11936] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  259.366061][T11944] __nla_validate_parse: 1 callbacks suppressed
[  259.366083][T11944] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1639'.
[  259.383147][T11944] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  259.656834][T11973] syzkaller0: entered promiscuous mode
[  259.670566][T11973] syzkaller0: entered allmulticast mode
[  259.991209][T11987] openvswitch: netlink: IP tunnel dst address not specified
[  260.398059][T12007] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1656'.
[  260.553063][T12013] xt_hashlimit: size too large, truncated to 1048576
[  260.836600][T12021] bond6: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  260.937213][T12021] bond6 (unregistering): Released all slaves
[  261.015188][T12025] geneve2: entered promiscuous mode
[  261.024777][T12025] geneve2: entered allmulticast mode
[  261.037278][   T49] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 19999 - 0
[  261.082437][   T49] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 19999 - 0
[  261.163989][ T1108] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 19999 - 0
[  261.441238][T12037] syzkaller0: entered promiscuous mode
[  261.451706][T12037] syzkaller0: entered allmulticast mode
[  261.529389][T12060] IPVS: set_ctl: invalid protocol: 33 255.255.255.255:20000
[  261.664640][T12063] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1669'.
[  261.686319][T12066] netlink: 'syz.1.1670': attribute type 10 has an invalid length.
[  261.704540][T12063] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1669'.
[  261.710430][T12070] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.1672'.
[  262.973485][T12066] .`: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  262.990428][T12063] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1669'.
[  263.000140][T12063] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1669'.
[  263.100814][  T166] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  263.118148][  T166] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  263.175500][  T166] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  263.243092][T12090] netlink: 'syz.1.1676': attribute type 1 has an invalid length.
[  263.277218][T12090] netlink: 244 bytes leftover after parsing attributes in process `syz.1.1676'.
[  263.342201][T12096] syzkaller0: entered promiscuous mode
[  263.380951][T12096] syzkaller0: entered allmulticast mode
[  263.391062][T12099] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1679'.
[  263.523195][T12111] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1683'.
[  263.540100][T12111] netlink: 'syz.2.1683': attribute type 3 has an invalid length.
[  263.550248][T12108] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  263.559950][T12109] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  263.573892][T12111] netlink: 'syz.2.1683': attribute type 2 has an invalid length.
[  263.586312][T12111] netlink: 'syz.2.1683': attribute type 3 has an invalid length.
[  263.596622][T12111] netlink: 'syz.2.1683': attribute type 2 has an invalid length.
[  263.888472][T12123] netlink: 'syz.0.1684': attribute type 11 has an invalid length.
[  264.539839][T12169] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  264.607125][T12165] __nla_validate_parse: 8 callbacks suppressed
[  264.607148][T12165] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1698'.
[  264.727155][T12173] syzkaller0: entered promiscuous mode
[  264.760694][T12173] syzkaller0: entered allmulticast mode
[  264.972173][T12198] netlink: 'syz.2.1706': attribute type 32 has an invalid length.
[  265.919164][T12237] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1718'.
[  266.751231][T12222] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1712'.
[  267.067817][T12255] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1723'.
[  267.139220][T12258] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1725'.
[  267.312445][T12273] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1729'.
[  267.332248][T12272] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1730'.
[  267.349657][T12273] block nbd1: Unsupported socket: should be TCP or UNIX.
[  267.408608][T12285] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1732'.
[  267.508778][T12290] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1732'.
[  267.546347][T12285] bond6: entered promiscuous mode
[  267.552585][T12285] 8021q: adding VLAN 0 to HW filter on device bond6
[  267.574441][T12289] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1734'.
[  267.637071][T12289] bridge5: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  267.866095][T12300] netlink: 'syz.2.1737': attribute type 32 has an invalid length.
[  267.930279][T12308] syzkaller0: entered promiscuous mode
[  267.937067][T12308] syzkaller0: entered allmulticast mode
[  267.946827][T12303] pim6reg1: entered promiscuous mode
[  267.952673][T12303] pim6reg1: entered allmulticast mode
[  268.507818][T12337] veth0_to_bond: entered allmulticast mode
[  268.791413][T12352] netlink: 'syz.1.1752': attribute type 3 has an invalid length.
[  268.806212][T12352] netlink: 'syz.1.1752': attribute type 1 has an invalid length.
[  269.247604][T12388] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  269.290808][T12387] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  269.465726][T12403] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  269.688151][T12414] pimreg: entered allmulticast mode
[  269.847563][T12428] __nla_validate_parse: 4 callbacks suppressed
[  269.847584][T12428] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1771'.
[  269.999971][T12433] Cannot find add_set index 2 as target
[  270.047484][T12438] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1774'.
[  270.192979][T12449] netlink: 'syz.3.1777': attribute type 30 has an invalid length.
[  270.265493][T12446] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  270.322651][    C0] vcan0: j1939_tp_rxtimer: 0xffff888028223c00: rx timeout, send abort
[  270.651820][T12473] bond7: entered promiscuous mode
[  270.722616][T12473] macvlan4: entered promiscuous mode
[  270.728119][T12473] macvlan4: entered allmulticast mode
[  270.774683][T12473] bond7: (slave macvlan4): Opening slave failed
[  270.822762][    C0] vcan0: j1939_tp_rxtimer: 0xffff888031821c00: rx timeout, send abort
[  270.832865][    C0] vcan0: j1939_tp_rxtimer: 0xffff888028223c00: abort rx timeout. Force session deactivation
[  270.883899][T12489] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1786'.
[  271.062993][T12502] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1790'.
[  271.187930][T12504] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1792'.
[  271.331091][    C0] vcan0: j1939_tp_rxtimer: 0xffff888031821c00: abort rx timeout. Force session deactivation
[  271.413729][T12518] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  271.525338][T12525] syzkaller1: entered allmulticast mode
[  271.674027][T12530] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1797'.
[  273.988627][T12495] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  274.202791][T12538] syzkaller0: entered promiscuous mode
[  274.224730][T12538] syzkaller0: entered allmulticast mode
[  274.470973][T12562] netdevsim netdevsim4 
: renamed from netdevsim0 (while UP)
[  274.642598][T12578] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1807'.
[  274.776877][T12584] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1807'.
[  274.987098][T12591] syzkaller0: entered promiscuous mode
[  274.996070][T12591] syzkaller0: entered allmulticast mode
[  275.073240][T12595] xt_addrtype: ipv6 BLACKHOLE matching not supported
[  275.497393][T12620] netlink: 'syz.2.1815': attribute type 21 has an invalid length.
[  275.530939][T12620] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1815'.
[  275.760737][T12641] netlink: 'syz.1.1818': attribute type 1 has an invalid length.
[  275.856008][T12641] netlink: 'syz.1.1818': attribute type 1 has an invalid length.
[  275.951483][T12655] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1818'.
[  276.027216][T12641] netlink: 'syz.1.1818': attribute type 2 has an invalid length.
[  276.080990][T12641] netlink: 'syz.1.1818': attribute type 2 has an invalid length.
[  276.085895][T12659] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1820'.
[  276.089058][T12641] netlink: 'syz.1.1818': attribute type 2 has an invalid length.
[  276.089078][T12641] netlink: 'syz.1.1818': attribute type 1 has an invalid length.
[  276.089092][T12641] netlink: 'syz.1.1818': attribute type 2 has an invalid length.
[  276.160185][T12659] netlink: 'syz.4.1820': attribute type 4 has an invalid length.
[  276.232132][T12663] netlink: 'syz.2.1821': attribute type 1 has an invalid length.
[  276.326732][T12645] syzkaller0: entered promiscuous mode
[  276.339903][T12645] syzkaller0: entered allmulticast mode
[  276.723901][T12697] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1830'.
[  276.776749][T12701] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1830'.
[  276.834542][T12706] macsec0: left allmulticast mode
[  276.839627][T12706] veth1_macvtap: left allmulticast mode
[  276.858020][T12704] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1833'.
[  277.048164][T12713] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma?
[  277.111958][T12722] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1837'.
[  277.144914][T12724] netlink: 136 bytes leftover after parsing attributes in process `syz.2.1838'.
[  277.178221][T12724] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1838'.
[  277.211155][T12727] erspan0: entered promiscuous mode
[  277.248300][T12724] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1838'.
[  277.721557][T12756] 8021q: adding VLAN 0 to HW filter on device bond8
[  277.736200][T12763] gtp0: entered promiscuous mode
[  277.741701][T12763] gtp0: entered allmulticast mode
[  277.943859][T12775] openvswitch: netlink: Missing valid actions attribute.
[  277.964285][T12775] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  278.242294][T12795] ip6gre0: Master is either lo or non-ether device
[  278.431632][T12803] 8021q: VLANs not supported on ip_vti0
[  278.482794][T12805] pim6reg: entered allmulticast mode
[  278.499933][T12805] pim6reg: left allmulticast mode
[  279.355938][T12866] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 64993
[  280.090714][T12906] syzkaller0: entered promiscuous mode
[  280.111415][T12906] syzkaller0: entered allmulticast mode
[  280.303934][T12914] syzkaller0: entered promiscuous mode
[  280.341039][T12914] syzkaller0: entered allmulticast mode
[  280.362558][T12920] syzkaller0: entered promiscuous mode
[  280.368260][T12920] syzkaller0: entered allmulticast mode
[  280.690751][T12936] __nla_validate_parse: 12 callbacks suppressed
[  280.690772][T12936] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1904'.
[  282.194096][T12935] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1904'.
[  282.431528][T12985] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1917'.
[  282.523713][T12993] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  282.830845][T13013] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1920'.
[  283.032135][T13024] netlink: 16178 bytes leftover after parsing attributes in process `syz.4.1924'.
[  283.073510][T13025] pim6reg: entered allmulticast mode
[  283.181548][T13030] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1927'.
[  283.195664][T13032] .`: entered promiscuous mode
[  283.210150][T13032] bridge_slave_1: entered promiscuous mode
[  283.600133][T13055] netlink: 280 bytes leftover after parsing attributes in process `syz.4.1935'.
[  283.643679][T13057] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1936'.
[  283.720240][T13059] syzkaller0: entered promiscuous mode
[  283.733193][T13059] syzkaller0: entered allmulticast mode
[  284.202157][T13093] syzkaller0: left promiscuous mode
[  284.220677][T13093] syzkaller0: left allmulticast mode
[  284.226964][T13096] lo speed is unknown, defaulting to 1000
[  284.240418][T13096] lo speed is unknown, defaulting to 1000
[  284.250318][T13096] lo speed is unknown, defaulting to 1000
[  284.314992][T13096] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  284.407365][T13096] lo speed is unknown, defaulting to 1000
[  284.428144][T13096] lo speed is unknown, defaulting to 1000
[  284.456706][T13096] lo speed is unknown, defaulting to 1000
[  284.479632][T13096] lo speed is unknown, defaulting to 1000
[  284.509264][T13096] lo speed is unknown, defaulting to 1000
[  284.853729][T13117] syzkaller0: entered promiscuous mode
[  284.859834][T13117] syzkaller0: entered allmulticast mode
[  284.899099][T13119] syzkaller0: entered promiscuous mode
[  284.919218][T13119] syzkaller0: entered allmulticast mode
[  284.928180][T13122] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1961'.
[  284.949606][T13119] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1960'.
[  285.206219][T13133] validate_nla: 11 callbacks suppressed
[  285.206243][T13133] netlink: 'syz.1.1963': attribute type 4 has an invalid length.
[  286.680202][T13140] 8021q: adding VLAN 0 to HW filter on device bond1
[  286.809981][T13165] __nla_validate_parse: 5 callbacks suppressed
[  286.810001][T13165] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.1967'.
[  286.878115][T13165] netlink: Conntrack attr type has unexpected length (type=2, length=0, expected=2)
[  286.941050][T13171] netlink: 'syz.1.1969': attribute type 3 has an invalid length.
[  287.161924][T13192] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1972'.
[  287.325480][T13202] sock: sock_timestamping_bind_phc: sock not bind to device
[  287.413037][T13207] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.1976'.
[  287.493734][T13213] netlink: 'syz.1.1979': attribute type 20 has an invalid length.
[  287.501942][T13213] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1979'.
[  287.521611][T12648] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  287.530268][T13213] netlink: 'syz.1.1979': attribute type 20 has an invalid length.
[  287.538757][T12648] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  287.550027][T13213] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1979'.
[  287.564778][T12648] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  287.587003][T12648] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  287.678617][T13223] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1980'.
[  287.734567][T13228] netlink: 240 bytes leftover after parsing attributes in process `syz.4.1978'.
[  287.887525][T13234] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1981'.
[  287.954810][T13234] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1981'.
[  287.975630][T13238] lo speed is unknown, defaulting to 1000
[  288.033691][T13234] gretap1: entered promiscuous mode
[  288.048994][T13234] gretap1: entered allmulticast mode
[  288.141033][ T5489] veth1_macvtap: left promiscuous mode
[  288.188983][T13248] netlink: 'syz.0.1985': attribute type 1 has an invalid length.
[  288.356489][T13252] Bluetooth: MGMT ver 1.23
[  288.479832][T13261] openvswitch: netlink: Missing key (keys=40, expected=80)
[  288.553516][T13264] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1988'.
[  289.400789][T13310] netlink: 'syz.4.2000': attribute type 4 has an invalid length.
[  289.412598][T13311] tipc: Failed to remove unknown binding: 66,0,0/0:3553133325/3553133326
[  289.442840][T13310] netlink: 'syz.4.2000': attribute type 1 has an invalid length.
[  289.509441][T13311] tipc: Failed to remove unknown binding: 66,0,0/0:3553133325/3553133326
[  289.667412][T13323] netlink: 'syz.4.2003': attribute type 15 has an invalid length.
[  289.726869][   T58] netdevsim netdevsim4 
: set [0, 1] type 1 family 0 port 256 - 0
[  289.735464][T13323] netlink: 'syz.4.2003': attribute type 15 has an invalid length.
[  289.745385][   T58] netdevsim netdevsim4 netdevsim1: set [0, 1] type 1 family 0 port 256 - 0
[  289.776671][   T58] netdevsim netdevsim4 netdevsim2: set [0, 1] type 1 family 0 port 256 - 0
[  289.814158][   T58] netdevsim netdevsim4 netdevsim3: set [0, 1] type 1 family 0 port 256 - 0
[  295.461412][T13396] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  295.764779][T13398] openvswitch: netlink: Tunnel attr 3 has unexpected len 0 expected 1
[  295.841609][T13402] __nla_validate_parse: 15 callbacks suppressed
[  295.841631][T13402] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2023'.
[  296.415766][T13406] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2024'.
[  296.425012][T13406] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2024'.
[  296.490553][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  300.103827][T13411] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2026'.
[  300.302046][T13418] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  300.343291][T13420] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  300.852945][T13438] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2033'.
[  300.921634][T13441] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2033'.
[  301.450551][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  302.490936][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  303.530571][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  309.122799][T13438] xfrm2: entered promiscuous mode
[  309.128562][T13438] xfrm2: entered allmulticast mode
[  309.968305][T13485] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2044'.
[  317.351517][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  318.051858][ T5842] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  318.062719][ T5842] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  318.071756][ T5842] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  318.079767][ T5842] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  318.088342][ T5842] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  320.116990][ T5829] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  320.127411][ T5829] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  320.136326][ T5829] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  320.145357][ T5829] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  320.159016][ T5829] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  320.173433][ T5829] Bluetooth: hci5: command tx timeout
[  322.170962][ T5842] Bluetooth: hci6: command tx timeout
[  322.252642][ T5842] Bluetooth: hci5: command tx timeout
[  324.251038][ T5842] Bluetooth: hci6: command tx timeout
[  324.330584][ T5842] Bluetooth: hci5: command tx timeout
[  325.869146][ T5829] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  325.891471][ T5829] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  325.900082][ T5829] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  325.912054][ T5829] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  325.920056][ T5829] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  326.022019][ T5842] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  326.042353][ T5842] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  326.137772][ T5838] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  326.146599][ T5841] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  326.156734][ T5838] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  326.169376][ T5841] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  326.179671][ T5838] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  326.188506][ T5841] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  326.208340][ T5841] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  326.223668][ T5841] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  326.333062][ T5841] Bluetooth: hci6: command tx timeout
[  326.410574][ T5841] Bluetooth: hci5: command tx timeout
[  328.010745][ T5841] Bluetooth: hci7: command tx timeout
[  328.251405][ T5842] Bluetooth: hci8: command tx timeout
[  328.257977][ T5841] Bluetooth: hci9: command tx timeout
[  328.410571][ T5841] Bluetooth: hci6: command tx timeout
[  330.090666][ T5841] Bluetooth: hci7: command tx timeout
[  330.330596][ T5841] Bluetooth: hci9: command tx timeout
[  330.336049][ T5841] Bluetooth: hci8: command tx timeout
[  332.170630][ T5841] Bluetooth: hci7: command tx timeout
[  332.411519][ T5842] Bluetooth: hci9: command tx timeout
[  332.427279][ T5841] Bluetooth: hci8: command tx timeout
[  334.251049][ T5841] Bluetooth: hci7: command tx timeout
[  334.490655][ T5841] Bluetooth: hci8: command tx timeout
[  334.496147][ T5841] Bluetooth: hci9: command tx timeout
[  370.650649][ T5841] Bluetooth: hci3: command 0x0405 tx timeout
[  378.136014][ T5833] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  378.147525][ T5833] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  378.156858][ T5833] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  378.172630][ T5833] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  378.181149][ T5833] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  378.657644][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  380.207557][ T5838] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  380.216865][ T5838] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  380.231901][ T5838] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  380.241970][ T5838] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  380.249834][ T5838] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  385.630044][ T5829] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  385.640681][ T5829] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  385.649865][ T5829] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  385.661960][ T5829] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  385.671556][ T5829] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  386.930922][   T51] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  386.942977][   T51] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  386.960240][T13548] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  386.968791][   T51] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  386.980075][T13548] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  387.005598][T13548] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  387.012997][T13548] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  387.023812][T13548] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  387.032146][T13548] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  387.054008][T13548] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  438.752820][   T51] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  438.771018][   T51] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  438.779838][   T51] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  438.788528][   T51] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  438.797224][   T51] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  440.256094][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  440.786396][T13559] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1
[  440.796113][T13559] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9
[  440.806717][T13559] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9
[  440.815674][T13559] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4
[  440.823919][T13559] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2
[  442.181334][T13559] Bluetooth: hci5: command 0x0406 tx timeout
[  445.828829][T13563] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1
[  445.839882][T13563] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9
[  445.849370][T13563] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9
[  445.861885][T13563] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4
[  445.871466][T13563] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2
[  447.004213][T13570] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1
[  447.013649][T13570] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9
[  447.023290][T13570] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9
[  447.033096][T13570] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4
[  447.042348][T13570] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2
[  447.106027][T13573] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1
[  447.116156][T13573] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9
[  447.124487][T13573] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9
[  447.133407][T13573] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4
[  447.142987][T13573] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2
[  447.298806][T13560] Bluetooth: hci6: command 0x0406 tx timeout
[  452.416116][T13577] Bluetooth: hci7: command 0x0406 tx timeout
[  452.450801][T13577] Bluetooth: hci8: command 0x0406 tx timeout
[  452.456867][T13577] Bluetooth: hci9: command 0x0406 tx timeout
[  463.131095][   T31] INFO: task dhcpcd:5489 blocked for more than 143 seconds.
[  463.138703][   T31]       Not tainted syzkaller #0
[  463.161675][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  463.179765][   T31] task:dhcpcd          state:D stack:21024 pid:5489  tgid:5489  ppid:5488   task_flags:0x400140 flags:0x00080000
[  463.211216][   T31] Call Trace:
[  463.214627][   T31]  <TASK>
[  463.217636][   T31]  __schedule+0x1585/0x5340
[  463.281071][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  463.286325][   T31]  ? rcu_is_watching+0x15/0xb0
[  463.328153][   T31]  ? __pfx___schedule+0x10/0x10
[  463.350784][   T31]  ? schedule+0x90/0x360
[  463.355130][   T31]  schedule+0x164/0x360
[  463.359333][   T31]  schedule_preempt_disabled+0x13/0x30
[  463.367720][   T31]  __mutex_lock+0x7fe/0x1300
[  463.375341][   T31]  ? __mutex_lock+0x5ac/0x1300
[  463.380174][   T31]  ? inet_rtm_newaddr+0x404/0x1ad0
[  463.385963][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  463.391401][   T31]  ? __nla_parse+0x40/0x60
[  463.395971][   T31]  inet_rtm_newaddr+0x404/0x1ad0
[  463.403912][   T31]  ? __kernel_text_address+0xd/0x30
[  463.409189][   T31]  ? unwind_get_return_address+0x4d/0x90
[  463.415627][   T31]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  463.422165][   T31]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  463.427649][   T31]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  463.434553][   T31]  rtnetlink_rcv_msg+0x7d5/0xbe0
[  463.439666][   T31]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  463.445436][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  463.451275][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  463.456272][   T31]  netlink_rcv_skb+0x232/0x4b0
[  463.462826][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  463.468341][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  463.476618][   T31]  ? netlink_deliver_tap+0x2e/0x1b0
[  463.482159][   T31]  netlink_unicast+0x80f/0x9b0
[  463.486989][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  463.493065][   T31]  ? netlink_sendmsg+0x650/0xb40
[  463.498051][   T31]  ? skb_put+0x11b/0x210
[  463.502902][   T31]  netlink_sendmsg+0x813/0xb40
[  463.507730][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  463.515029][   T31]  ? aa_sock_msg_perm+0xf1/0x1b0
[  463.520144][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  463.527745][   T31]  ____sys_sendmsg+0x972/0x9f0
[  463.534375][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  463.539765][   T31]  ? import_iovec+0x73/0xa0
[  463.545146][   T31]  ___sys_sendmsg+0x2a5/0x360
[  463.550086][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  463.556141][   T31]  ? count_memcg_event_mm+0x21/0x260
[  463.566059][   T31]  ? __pfx_handle_mm_fault+0x10/0x10
[  463.577232][   T31]  __x64_sys_sendmsg+0x1bd/0x2a0
[  463.584958][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  463.590842][   T31]  ? do_user_addr_fault+0xc6f/0x1340
[  463.596369][   T31]  do_syscall_64+0x14d/0xf80
[  463.611394][   T31]  ? trace_irq_disable+0x3b/0x150
[  463.616522][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  463.640761][   T31]  ? clear_bhb_loop+0x40/0x90
[  463.645511][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  463.661677][   T31] RIP: 0033:0x7f4a664b4407
[  463.666167][   T31] RSP: 002b:00007ffffac0c2f0 EFLAGS: 00000202 ORIG_RAX: 000000000000002e
[  463.681655][   T31] RAX: ffffffffffffffda RBX: 00007f4a6642a740 RCX: 00007f4a664b4407
[  463.689691][   T31] RDX: 0000000000000000 RSI: 00007ffffac204d0 RDI: 0000000000000004
[  463.700344][   T31] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  463.709515][   T31] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffffac30700
[  463.717880][   T31] R13: 00007f4a6642a6c8 R14: 0000000000000044 R15: 00007ffffac204d0
[  463.726183][   T31]  </TASK>
[  463.729261][   T31] INFO: task kworker/1:3:5836 blocked for more than 143 seconds.
[  463.739816][   T31]       Not tainted syzkaller #0
[  463.746058][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  463.755319][   T31] task:kworker/1:3     state:D stack:25656 pid:5836  tgid:5836  ppid:2      task_flags:0x4208060 flags:0x00080000
[  463.767993][   T31] Workqueue: events xfrm_state_gc_task
[  463.774567][   T31] Call Trace:
[  463.777983][   T31]  <TASK>
[  463.781442][   T31]  __schedule+0x1585/0x5340
[  463.786039][   T31]  ? do_raw_spin_lock+0x12b/0x2f0
[  463.792586][   T31]  ? __pfx___schedule+0x10/0x10
[  463.797515][   T31]  ? schedule+0x90/0x360
[  463.810498][   T31]  schedule+0x164/0x360
[  463.814745][   T31]  synchronize_rcu_expedited+0x619/0x770
[  463.822455][   T31]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  463.828686][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[  463.836012][   T31]  xfrm_state_gc_task+0xdc/0x950
[  463.842581][   T31]  ? __pfx_xfrm_state_gc_task+0x10/0x10
[  463.848192][   T31]  ? process_scheduled_works+0xa25/0x1830
[  463.855205][   T31]  ? process_scheduled_works+0xa25/0x1830
[  463.861341][   T31]  process_scheduled_works+0xb02/0x1830
[  463.866972][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  463.874386][   T31]  ? assign_work+0x3d5/0x5e0
[  463.879036][   T31]  worker_thread+0xa50/0xfc0
[  463.884458][   T31]  kthread+0x388/0x470
[  463.888577][   T31]  ? __pfx_worker_thread+0x10/0x10
[  463.894782][   T31]  ? __pfx_kthread+0x10/0x10
[  463.899422][   T31]  ret_from_fork+0x51e/0xb90
[  463.904534][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  463.909730][   T31]  ? __switch_to+0xc7d/0x1450
[  463.917216][   T31]  ? __pfx_kthread+0x10/0x10
[  463.923000][   T31]  ret_from_fork_asm+0x1a/0x30
[  463.927870][   T31]  </TASK>
[  463.932514][   T31] INFO: task syz.1.2038:13457 blocked for more than 144 seconds.
[  463.940272][   T31]       Not tainted syzkaller #0
[  463.946685][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  463.957268][   T31] task:syz.1.2038      state:D stack:26688 pid:13457 tgid:13456 ppid:5823   task_flags:0x400140 flags:0x00080002
[  463.969662][   T31] Call Trace:
[  463.973571][   T31]  <TASK>
[  463.976550][   T31]  __schedule+0x1585/0x5340
[  463.981598][   T31]  ? do_raw_spin_lock+0x12b/0x2f0
[  463.986675][   T31]  ? __pfx___schedule+0x10/0x10
[  463.992926][   T31]  ? schedule+0x90/0x360
[  463.997231][   T31]  schedule+0x164/0x360
[  464.002818][   T31]  synchronize_rcu_expedited+0x619/0x770
[  464.008522][   T31]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  464.015264][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[  464.023939][   T31]  ? __is_module_percpu_address+0x28/0x3f0
[  464.029819][   T31]  ? lockdep_unregister_key+0x2d5/0x350
[  464.037126][   T31]  qdisc_create+0xd18/0xf20
[  464.042026][   T31]  tc_modify_qdisc+0x16f0/0x2290
[  464.047011][   T31]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  464.053988][   T31]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  464.059592][   T31]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  464.071472][   T31]  rtnetlink_rcv_msg+0x77e/0xbe0
[  464.076496][   T31]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  464.088105][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  464.095586][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  464.100964][   T31]  netlink_rcv_skb+0x232/0x4b0
[  464.105780][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  464.112647][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  464.118010][   T31]  ? netlink_deliver_tap+0x2e/0x1b0
[  464.124615][   T31]  netlink_unicast+0x80f/0x9b0
[  464.129443][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  464.137428][   T31]  ? netlink_sendmsg+0x650/0xb40
[  464.142759][   T31]  ? skb_put+0x11b/0x210
[  464.147053][   T31]  netlink_sendmsg+0x813/0xb40
[  464.153524][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  464.159102][   T31]  ? aa_sock_msg_perm+0xf1/0x1b0
[  464.165133][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  464.173712][   T31]  ____sys_sendmsg+0x972/0x9f0
[  464.178538][   T31]  ? futex_unqueue+0x211/0x240
[  464.184188][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  464.189538][   T31]  ? import_iovec+0x73/0xa0
[  464.194610][   T31]  ___sys_sendmsg+0x2a5/0x360
[  464.199358][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  464.205681][   T31]  ? futex_wait+0x29a/0x380
[  464.210266][   T31]  ? __fget_files+0x2a/0x420
[  464.216091][   T31]  ? __fget_files+0x3a0/0x420
[  464.222138][   T31]  __x64_sys_sendmsg+0x1bd/0x2a0
[  464.227148][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  464.233184][   T31]  ? rcu_is_watching+0x15/0xb0
[  464.238019][   T31]  do_syscall_64+0x14d/0xf80
[  464.246177][   T31]  ? trace_irq_disable+0x3b/0x150
[  464.252211][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.258327][   T31]  ? clear_bhb_loop+0x40/0x90
[  464.263764][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.269706][   T31] RIP: 0033:0x7f6136d9c799
[  464.274925][   T31] RSP: 002b:00007f6137cd4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  464.285085][   T31] RAX: ffffffffffffffda RBX: 00007f6137015fa0 RCX: 00007f6136d9c799
[  464.294316][   T31] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000082
[  464.303038][   T31] RBP: 00007f6136e32bd9 R08: 0000000000000000 R09: 0000000000000000
[  464.312176][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  464.320190][   T31] R13: 00007f6137016038 R14: 00007f6137015fa0 R15: 00007ffd60aea7a8
[  464.328696][   T31]  </TASK>
[  464.332383][   T31] INFO: task syz.2.2039:13462 blocked for more than 144 seconds.
[  464.340234][   T31]       Not tainted syzkaller #0
[  464.346541][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  464.365040][   T31] task:syz.2.2039      state:D stack:28016 pid:13462 tgid:13461 ppid:5827   task_flags:0x400140 flags:0x00080002
[  464.378215][   T31] Call Trace:
[  464.381883][   T31]  <TASK>
[  464.384865][   T31]  __schedule+0x1585/0x5340
[  464.389452][   T31]  ? __pfx___schedule+0x10/0x10
[  464.396782][   T31]  ? schedule+0x90/0x360
[  464.402236][   T31]  schedule+0x164/0x360
[  464.406447][   T31]  schedule_preempt_disabled+0x13/0x30
[  464.414100][   T31]  __mutex_lock+0x7fe/0x1300
[  464.418773][   T31]  ? __mutex_lock+0x5ac/0x1300
[  464.424406][   T31]  ? rtnetlink_rcv_msg+0x722/0xbe0
[  464.429578][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  464.435123][   T31]  rtnetlink_rcv_msg+0x722/0xbe0
[  464.440143][   T31]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  464.445698][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  464.452697][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  464.457698][   T31]  netlink_rcv_skb+0x232/0x4b0
[  464.465437][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  464.471493][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  464.476836][   T31]  ? netlink_deliver_tap+0x2e/0x1b0
[  464.482816][   T31]  netlink_unicast+0x80f/0x9b0
[  464.487639][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  464.494850][   T31]  ? netlink_sendmsg+0x650/0xb40
[  464.499846][   T31]  ? skb_put+0x11b/0x210
[  464.505980][   T31]  netlink_sendmsg+0x813/0xb40
[  464.511441][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  464.516777][   T31]  ? aa_sock_msg_perm+0xf1/0x1b0
[  464.522157][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  464.527494][   T31]  ____sys_sendmsg+0x972/0x9f0
[  464.533844][   T31]  ? futex_unqueue+0x211/0x240
[  464.538675][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  464.545705][   T31]  ? import_iovec+0x73/0xa0
[  464.550269][   T31]  ___sys_sendmsg+0x2a5/0x360
[  464.555535][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  464.561055][   T31]  ? futex_wait+0x29a/0x380
[  464.565651][   T31]  ? __fget_files+0x2a/0x420
[  464.570950][   T31]  ? __fget_files+0x3a0/0x420
[  464.575714][   T31]  __x64_sys_sendmsg+0x1bd/0x2a0
[  464.590176][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  464.596225][   T31]  ? rcu_is_watching+0x15/0xb0
[  464.601990][   T31]  do_syscall_64+0x14d/0xf80
[  464.606751][   T31]  ? trace_irq_disable+0x3b/0x150
[  464.624324][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.630759][   T31]  ? clear_bhb_loop+0x40/0x90
[  464.635504][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.647017][   T31] RIP: 0033:0x7f432579c799
[  464.652929][   T31] RSP: 002b:00007f43265f4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  464.661734][   T31] RAX: ffffffffffffffda RBX: 00007f4325a15fa0 RCX: 00007f432579c799
[  464.669758][   T31] RDX: 0000000020004080 RSI: 0000200000000040 RDI: 0000000000000004
[  464.678819][   T31] RBP: 00007f4325832bd9 R08: 0000000000000000 R09: 0000000000000000
[  464.688016][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  464.698400][   T31] R13: 00007f4325a16038 R14: 00007f4325a15fa0 R15: 00007ffd6b4cfd08
[  464.707107][   T31]  </TASK>
[  464.710178][   T31] INFO: task syz.2.2039:13463 blocked for more than 144 seconds.
[  464.718967][   T31]       Not tainted syzkaller #0
[  464.724638][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  464.735797][   T31] task:syz.2.2039      state:D stack:26824 pid:13463 tgid:13461 ppid:5827   task_flags:0x400140 flags:0x00080002
[  464.748182][   T31] Call Trace:
[  464.753233][   T31]  <TASK>
[  464.756211][   T31]  __schedule+0x1585/0x5340
[  464.761547][   T31]  ? __pfx___schedule+0x10/0x10
[  464.766462][   T31]  ? schedule+0x90/0x360
[  464.771136][   T31]  schedule+0x164/0x360
[  464.775604][   T31]  schedule_preempt_disabled+0x13/0x30
[  464.781585][   T31]  __mutex_lock+0x7fe/0x1300
[  464.786237][   T31]  ? __mutex_lock+0x5ac/0x1300
[  464.791814][   T31]  ? rtm_new_nexthop+0xfbc/0x8620
[  464.796976][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  464.805460][   T31]  rtm_new_nexthop+0xfbc/0x8620
[  464.810750][   T31]  ? do_raw_spin_lock+0x12b/0x2f0
[  464.815930][   T31]  ? __pfx_rtm_new_nexthop+0x10/0x10
[  464.822990][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  464.828001][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  464.836969][   T31]  ? rcu_is_watching+0x15/0xb0
[  464.843502][   T31]  ? unwind_next_frame+0xa5/0x23c0
[  464.848729][   T31]  ? kernel_text_address+0xa5/0xe0
[  464.854648][   T31]  ? __pfx_rtm_new_nexthop+0x10/0x10
[  464.860171][   T31]  rtnetlink_rcv_msg+0x7d5/0xbe0
[  464.866550][   T31]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  464.872017][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  464.877769][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  464.884103][   T31]  netlink_rcv_skb+0x232/0x4b0
[  464.888937][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  464.894952][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  464.900307][   T31]  ? netlink_deliver_tap+0x2e/0x1b0
[  464.907005][   T31]  netlink_unicast+0x80f/0x9b0
[  464.914569][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  464.919922][   T31]  ? netlink_sendmsg+0x650/0xb40
[  464.926361][   T31]  ? skb_put+0x11b/0x210
[  464.930947][   T31]  netlink_sendmsg+0x813/0xb40
[  464.935775][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  464.941883][   T31]  ? aa_sock_msg_perm+0xf1/0x1b0
[  464.946879][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  464.954827][   T31]  ____sys_sendmsg+0x972/0x9f0
[  464.959648][   T31]  ? futex_unqueue+0x211/0x240
[  464.964739][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  464.970084][   T31]  ? import_iovec+0x73/0xa0
[  464.976446][   T31]  ___sys_sendmsg+0x2a5/0x360
[  464.982366][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  464.987629][   T31]  ? futex_wait+0x29a/0x380
[  464.992682][   T31]  ? __fget_files+0x2a/0x420
[  464.997322][   T31]  ? __fget_files+0x3a0/0x420
[  465.003695][   T31]  __x64_sys_sendmsg+0x1bd/0x2a0
[  465.008696][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  465.014603][   T31]  ? rcu_is_watching+0x15/0xb0
[  465.019430][   T31]  do_syscall_64+0x14d/0xf80
[  465.027090][   T31]  ? trace_irq_disable+0x3b/0x150
[  465.032779][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.038894][   T31]  ? clear_bhb_loop+0x40/0x90
[  465.044069][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.050023][   T31] RIP: 0033:0x7f432579c799
[  465.056071][   T31] RSP: 002b:00007f43265d3028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  465.067677][   T31] RAX: ffffffffffffffda RBX: 00007f4325a16090 RCX: 00007f432579c799
[  465.075987][   T31] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000005
[  465.085425][   T31] RBP: 00007f4325832bd9 R08: 0000000000000000 R09: 0000000000000000
[  465.094084][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  465.102778][   T31] R13: 00007f4325a16128 R14: 00007f4325a16090 R15: 00007ffd6b4cfd08
[  465.112032][   T31]  </TASK>
[  465.115098][   T31] INFO: task syz.0.2043:13478 blocked for more than 145 seconds.
[  465.129025][   T31]       Not tainted syzkaller #0
[  465.137334][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  465.147010][   T31] task:syz.0.2043      state:D stack:23904 pid:13478 tgid:13478 ppid:5825   task_flags:0x400040 flags:0x00080002
[  465.159780][   T31] Call Trace:
[  465.164258][   T31]  <TASK>
[  465.167230][   T31]  __schedule+0x1585/0x5340
[  465.173470][   T31]  ? is_bpf_text_address+0x26/0x2b0
[  465.178721][   T31]  ? do_raw_spin_lock+0x12b/0x2f0
[  465.184882][   T31]  ? __pfx___schedule+0x10/0x10
[  465.189798][   T31]  ? schedule+0x90/0x360
[  465.195203][   T31]  schedule+0x164/0x360
[  465.199503][   T31]  synchronize_rcu_expedited+0x619/0x770
[  465.205648][   T31]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  465.219665][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[  465.226208][   T31]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  465.232568][   T31]  packet_release+0x9ea/0xcc0
[  465.237438][   T31]  ? __pfx_packet_release+0x10/0x10
[  465.245940][   T31]  ? down_write+0x16d/0x200
[  465.250870][   T31]  sock_close+0xc3/0x240
[  465.255170][   T31]  ? __pfx_sock_close+0x10/0x10
[  465.260153][   T31]  __fput+0x44f/0xa70
[  465.264826][   T31]  task_work_run+0x1d9/0x270
[  465.269484][   T31]  ? __pfx_task_work_run+0x10/0x10
[  465.275433][   T31]  exit_to_user_mode_loop+0xed/0x480
[  465.283945][   T31]  ? rcu_is_watching+0x15/0xb0
[  465.289040][   T31]  do_syscall_64+0x32d/0xf80
[  465.298125][   T31]  ? trace_irq_disable+0x3b/0x150
[  465.303899][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.310016][   T31]  ? clear_bhb_loop+0x40/0x90
[  465.315193][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.322041][   T31] RIP: 0033:0x7fc9a5d9c799
[  465.326494][   T31] RSP: 002b:00007ffe7f686168 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  465.336727][   T31] RAX: 0000000000000000 RBX: 00007fc9a6017da0 RCX: 00007fc9a5d9c799
[  465.345123][   T31] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  465.358162][   T31] RBP: 00007fc9a6017da0 R08: 0000000000000006 R09: 0000000000000000
[  465.368374][   T31] R10: 00007fc9a6017cb0 R11: 0000000000000246 R12: 000000000004bd3f
[  465.376695][   T31] R13: 00007fc9a601654c R14: 000000000004bbd6 R15: 00007fc9a6016540
[  465.385100][   T31]  </TASK>
[  465.388400][   T31] INFO: task syz.0.2043:13479 blocked for more than 145 seconds.
[  465.398266][   T31]       Not tainted syzkaller #0
[  465.403538][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  465.413142][   T31] task:syz.0.2043      state:D stack:28160 pid:13479 tgid:13478 ppid:5825   task_flags:0x400040 flags:0x00080002
[  465.425834][   T31] Call Trace:
[  465.429158][   T31]  <TASK>
[  465.433434][   T31]  __schedule+0x1585/0x5340
[  465.438043][   T31]  ? __pfx___schedule+0x10/0x10
[  465.443381][   T31]  ? schedule+0x90/0x360
[  465.447682][   T31]  schedule+0x164/0x360
[  465.452664][   T31]  schedule_preempt_disabled+0x13/0x30
[  465.458176][   T31]  __mutex_lock+0x7fe/0x1300
[  465.465970][   T31]  ? __mutex_lock+0x5ac/0x1300
[  465.471118][   T31]  ? __tun_chr_ioctl+0x3bc/0x1e10
[  465.476298][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  465.483018][   T31]  __tun_chr_ioctl+0x3bc/0x1e10
[  465.487933][   T31]  ? __pfx___tun_chr_ioctl+0x10/0x10
[  465.493885][   T31]  ? __fget_files+0x2a/0x420
[  465.498542][   T31]  ? __fget_files+0x3a0/0x420
[  465.505254][   T31]  ? __fget_files+0x2a/0x420
[  465.509903][   T31]  ? bpf_lsm_file_ioctl+0x9/0x20
[  465.515641][   T31]  ? __pfx_tun_chr_ioctl+0x10/0x10
[  465.521103][   T31]  __se_sys_ioctl+0xfc/0x170
[  465.525752][   T31]  do_syscall_64+0x14d/0xf80
[  465.532709][   T31]  ? trace_irq_disable+0x3b/0x150
[  465.537801][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.544743][   T31]  ? clear_bhb_loop+0x40/0x90
[  465.549469][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.555848][   T31] RIP: 0033:0x7fc9a5d9c799
[  465.560308][   T31] RSP: 002b:00007fc9a6beb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  465.569216][   T31] RAX: ffffffffffffffda RBX: 00007fc9a6015fa0 RCX: 00007fc9a5d9c799
[  465.594270][   T31] RDX: 0000200000000040 RSI: 00000000400454ca RDI: 0000000000000005
[  465.602950][   T31] RBP: 00007fc9a5e32bd9 R08: 0000000000000000 R09: 0000000000000000
[  465.614835][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  465.623258][   T31] R13: 00007fc9a6016038 R14: 00007fc9a6015fa0 R15: 00007ffe7f686008
[  465.632933][   T31]  </TASK>
[  465.636004][   T31] INFO: task syz.0.2043:13480 blocked for more than 145 seconds.
[  465.644788][   T31]       Not tainted syzkaller #0
[  465.649755][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  465.658879][   T31] task:syz.0.2043      state:D stack:28160 pid:13480 tgid:13478 ppid:5825   task_flags:0x400140 flags:0x00080002
[  465.672676][   T31] Call Trace:
[  465.676002][   T31]  <TASK>
[  465.678971][   T31]  __schedule+0x1585/0x5340
[  465.685960][   T31]  ? __pfx___schedule+0x10/0x10
[  465.692808][   T31]  ? schedule+0x90/0x360
[  465.697354][   T31]  schedule+0x164/0x360
[  465.702340][   T31]  schedule_preempt_disabled+0x13/0x30
[  465.707875][   T31]  __mutex_lock+0x7fe/0x1300
[  465.712976][   T31]  ? __mutex_lock+0x5ac/0x1300
[  465.717813][   T31]  ? tun_chr_close+0x3e/0x1c0
[  465.725095][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  465.730208][   T31]  ? __pfx_tun_chr_close+0x10/0x10
[  465.736151][   T31]  tun_chr_close+0x3e/0x1c0
[  465.741425][   T31]  __fput+0x44f/0xa70
[  465.745478][   T31]  fput_close_sync+0x11f/0x240
[  465.750289][   T31]  ? __pfx_fput_close_sync+0x10/0x10
[  465.756922][   T31]  __x64_sys_close+0x7e/0x110
[  465.763156][   T31]  do_syscall_64+0x14d/0xf80
[  465.767799][   T31]  ? trace_irq_disable+0x3b/0x150
[  465.773301][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.779411][   T31]  ? clear_bhb_loop+0x40/0x90
[  465.785082][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.793556][   T31] RIP: 0033:0x7fc9a5d9c799
[  465.798267][   T31] RSP: 002b:00007fc9a6bca028 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  465.808158][   T31] RAX: ffffffffffffffda RBX: 00007fc9a6016090 RCX: 00007fc9a5d9c799
[  465.816477][   T31] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  465.825818][   T31] RBP: 00007fc9a5e32bd9 R08: 0000000000000000 R09: 0000000000000000
[  465.840633][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  465.848742][   T31] R13: 00007fc9a6016128 R14: 00007fc9a6016090 R15: 00007ffe7f686008
[  465.864350][   T31]  </TASK>
[  465.867431][   T31] INFO: task syz.0.2043:13483 blocked for more than 146 seconds.
[  465.876576][   T31]       Not tainted syzkaller #0
[  465.882282][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  465.891262][   T31] task:syz.0.2043      state:D stack:28832 pid:13483 tgid:13478 ppid:5825   task_flags:0x400140 flags:0x00080002
[  465.905801][   T31] Call Trace:
[  465.909126][   T31]  <TASK>
[  465.913733][   T31]  __schedule+0x1585/0x5340
[  465.918318][   T31]  ? kasan_quarantine_put+0xbb/0x1f0
[  465.924164][   T31]  ? do_raw_spin_lock+0x12b/0x2f0
[  465.929241][   T31]  ? __pfx___schedule+0x10/0x10
[  465.935239][   T31]  ? schedule+0x90/0x360
[  465.939539][   T31]  schedule+0x164/0x360
[  465.946032][   T31]  schedule_preempt_disabled+0x13/0x30
[  465.951853][   T31]  __mutex_lock+0x7fe/0x1300
[  465.956499][   T31]  ? __mutex_lock+0x5ac/0x1300
[  465.962725][   T31]  ? dev_ioctl+0x7a4/0x1150
[  465.967355][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  465.973138][   T31]  ? apparmor_capable+0x126/0x170
[  465.978284][   T31]  ? dev_load+0x21/0x1f0
[  465.983732][   T31]  dev_ioctl+0x7a4/0x1150
[  465.988121][   T31]  sock_do_ioctl+0x23e/0x320
[  465.993175][   T31]  ? __pfx_sock_do_ioctl+0x10/0x10
[  465.998347][   T31]  ? do_futex+0x333/0x420
[  466.003703][   T31]  sock_ioctl+0x5c6/0x7f0
[  466.008096][   T31]  ? __pfx_sock_ioctl+0x10/0x10
[  466.016518][   T31]  ? __fget_files+0x2a/0x420
[  466.021575][   T31]  ? __fget_files+0x3a0/0x420
[  466.026303][   T31]  ? __fget_files+0x2a/0x420
[  466.032691][   T31]  ? bpf_lsm_file_ioctl+0x9/0x20
[  466.037949][   T31]  ? __pfx_sock_ioctl+0x10/0x10
[  466.043310][   T31]  __se_sys_ioctl+0xfc/0x170
[  466.047949][   T31]  do_syscall_64+0x14d/0xf80
[  466.055020][   T31]  ? trace_irq_disable+0x3b/0x150
[  466.060116][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  466.067109][   T31]  ? clear_bhb_loop+0x40/0x90
[  466.072159][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  466.078097][   T31] RIP: 0033:0x7fc9a5d9c799
[  466.083820][   T31] RSP: 002b:00007fc9a6ba9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  466.092967][   T31] RAX: ffffffffffffffda RBX: 00007fc9a6016180 RCX: 00007fc9a5d9c799
[  466.101399][   T31] RDX: 0000200000002280 RSI: 0000000000008914 RDI: 0000000000000007
[  466.109643][   T31] RBP: 00007fc9a5e32bd9 R08: 0000000000000000 R09: 0000000000000000
[  466.118153][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  466.136355][   T31] R13: 00007fc9a6016218 R14: 00007fc9a6016180 R15: 00007ffe7f686008
[  466.145995][   T31]  </TASK>
[  466.149073][   T31] INFO: task syz.0.2043:13486 blocked for more than 146 seconds.
[  466.157663][   T31]       Not tainted syzkaller #0
[  466.165136][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  466.175415][   T31] task:syz.0.2043      state:D stack:27144 pid:13486 tgid:13478 ppid:5825   task_flags:0x400140 flags:0x00080002
[  466.188372][   T31] Call Trace:
[  466.192058][   T31]  <TASK>
[  466.195039][   T31]  __schedule+0x1585/0x5340
[  466.199637][   T31]  ? __pfx___schedule+0x10/0x10
[  466.206053][   T31]  ? schedule+0x90/0x360
[  466.210843][   T31]  schedule+0x164/0x360
[  466.215064][   T31]  schedule_preempt_disabled+0x13/0x30
[  466.221409][   T31]  __mutex_lock+0x7fe/0x1300
[  466.226068][   T31]  ? __mutex_lock+0x5ac/0x1300
[  466.233909][   T31]  ? rtnetlink_rcv_msg+0x722/0xbe0
[  466.239091][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  466.245519][   T31]  rtnetlink_rcv_msg+0x722/0xbe0
[  466.253000][   T31]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  466.258166][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  466.264161][   T31]  ? ref_tracker_free+0x693/0x840
[  466.269559][   T31]  ? __copy_skb_header+0xa3/0x4a0
[  466.276447][   T31]  ? __pfx_ref_tracker_free+0x10/0x10
[  466.282501][   T31]  netlink_rcv_skb+0x232/0x4b0
[  466.287326][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  466.293225][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  466.298575][   T31]  ? netlink_deliver_tap+0x2e/0x1b0
[  466.305035][   T31]  netlink_unicast+0x80f/0x9b0
[  466.310137][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  466.317117][   T31]  ? netlink_sendmsg+0x650/0xb40
[  466.322396][   T31]  ? skb_put+0x11b/0x210
[  466.326697][   T31]  netlink_sendmsg+0x813/0xb40
[  466.332641][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  466.337986][   T31]  ? __se_sys_ioctl+0x47/0x170
[  466.345566][   T31]  ? do_syscall_64+0x14d/0xf80
[  466.351819][   T31]  ? aa_sock_msg_perm+0xf1/0x1b0
[  466.356820][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  466.363235][   T31]  ____sys_sendmsg+0x972/0x9f0
[  466.368079][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  466.374152][   T31]  ? import_iovec+0x73/0xa0
[  466.378715][   T31]  ___sys_sendmsg+0x2a5/0x360
[  466.390449][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  466.395727][   T31]  ? tomoyo_path_number_perm+0x219/0x630
[  466.403394][   T31]  ? __fget_files+0x2a/0x420
[  466.408040][   T31]  ? __fget_files+0x3a0/0x420
[  466.413396][   T31]  __x64_sys_sendmsg+0x1bd/0x2a0
[  466.418397][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  466.425059][   T31]  ? rcu_is_watching+0x15/0xb0
[  466.429895][   T31]  ? __pfx_kcov_ioctl+0x10/0x10
[  466.440435][   T31]  do_syscall_64+0x14d/0xf80
[  466.445094][   T31]  ? trace_irq_disable+0x3b/0x150
[  466.450158][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  466.460243][   T31]  ? clear_bhb_loop+0x40/0x90
[  466.465682][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  466.471964][   T31] RIP: 0033:0x7fc9a5d9c799
[  466.476424][   T31] RSP: 002b:00007fc9a6b88028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  466.485287][   T31] RAX: ffffffffffffffda RBX: 00007fc9a6016270 RCX: 00007fc9a5d9c799
[  466.496587][   T31] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008
[  466.504970][   T31] RBP: 00007fc9a5e32bd9 R08: 0000000000000000 R09: 0000000000000000
[  466.513308][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  466.523038][   T31] R13: 00007fc9a6016308 R14: 00007fc9a6016270 R15: 00007ffe7f686008
[  466.531439][   T31]  </TASK>
[  466.534496][   T31] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  466.544675][   T31] INFO: task syz.0.2043:13488 blocked for more than 146 seconds.
[  466.553098][   T31]       Not tainted syzkaller #0
[  466.558153][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  466.570225][   T31] task:syz.0.2043      state:D stack:27144 pid:13488 tgid:13478 ppid:5825   task_flags:0x400140 flags:0x00080002
[  466.583239][   T31] Call Trace:
[  466.586566][   T31]  <TASK>
[  466.589528][   T31]  __schedule+0x1585/0x5340
[  466.595179][   T31]  ? __pfx___schedule+0x10/0x10
[  466.600102][   T31]  ? schedule+0x90/0x360
[  466.607240][   T31]  schedule+0x164/0x360
[  466.612086][   T31]  schedule_preempt_disabled+0x13/0x30
[  466.617843][   T31]  __mutex_lock+0x7fe/0x1300
[  466.623120][   T31]  ? __mutex_lock+0x5ac/0x1300
[  466.627991][   T31]  ? rtnetlink_rcv_msg+0x722/0xbe0
[  466.634771][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  466.639888][   T31]  rtnetlink_rcv_msg+0x722/0xbe0
[  466.645669][   T31]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  466.652853][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  466.658374][   T31]  ? ref_tracker_free+0x693/0x840
[  466.663967][   T31]  ? __copy_skb_header+0xa3/0x4a0
[  466.669047][   T31]  ? __pfx_ref_tracker_free+0x10/0x10
[  466.677792][   T31]  netlink_rcv_skb+0x232/0x4b0
[  466.683041][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  466.688553][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  466.694471][   T31]  ? netlink_deliver_tap+0x2e/0x1b0
[  466.699728][   T31]  netlink_unicast+0x80f/0x9b0
[  466.706818][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  466.713760][   T31]  ? netlink_sendmsg+0x650/0xb40
[  466.718983][   T31]  ? skb_put+0x11b/0x210
[  466.727578][   T31]  netlink_sendmsg+0x813/0xb40
[  466.733454][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  466.738792][   T31]  ? __se_sys_ioctl+0x47/0x170
[  466.744123][   T31]  ? do_syscall_64+0x14d/0xf80
[  466.748939][   T31]  ? aa_sock_msg_perm+0xf1/0x1b0
[  466.755251][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  466.762199][   T31]  ____sys_sendmsg+0x972/0x9f0
[  466.767032][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  466.772758][   T31]  ? import_iovec+0x73/0xa0
[  466.777330][   T31]  ___sys_sendmsg+0x2a5/0x360
[  466.784436][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  466.789703][   T31]  ? tomoyo_path_number_perm+0x219/0x630
[  466.796186][   T31]  ? __fget_files+0x2a/0x420
[  466.801110][   T31]  ? __fget_files+0x3a0/0x420
[  466.805854][   T31]  __x64_sys_sendmsg+0x1bd/0x2a0
[  466.811970][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  466.817507][   T31]  ? rcu_is_watching+0x15/0xb0
[  466.825563][   T31]  ? __pfx_kcov_ioctl+0x10/0x10
[  466.830778][   T31]  do_syscall_64+0x14d/0xf80
[  466.835433][   T31]  ? trace_irq_disable+0x3b/0x150
[  466.840938][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  466.847055][   T31]  ? clear_bhb_loop+0x40/0x90
[  466.852512][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  466.858462][   T31] RIP: 0033:0x7fc9a5d9c799
[  466.864451][   T31] RSP: 002b:00007fc9a37f2028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  466.873856][   T31] RAX: ffffffffffffffda RBX: 00007fc9a6016360 RCX: 00007fc9a5d9c799
[  466.882545][   T31] RDX: 0000000000004890 RSI: 00002000000003c0 RDI: 0000000000000008
[  466.896243][   T31] RBP: 00007fc9a5e32bd9 R08: 0000000000000000 R09: 0000000000000000
[  466.905586][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  466.914237][   T31] R13: 00007fc9a60163f8 R14: 00007fc9a6016360 R15: 00007ffe7f686008
[  466.923228][   T31]  </TASK>
[  466.926516][   T31] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  466.937797][   T31] INFO: task syz.4.2044:13482 blocked for more than 147 seconds.
[  466.946299][   T31]       Not tainted syzkaller #0
[  466.951555][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  466.960342][   T31] task:syz.4.2044      state:D stack:26344 pid:13482 tgid:13481 ppid:5822   task_flags:0x400140 flags:0x00080002
[  466.975102][   T31] Call Trace:
[  466.978428][   T31]  <TASK>
[  466.981763][   T31]  __schedule+0x1585/0x5340
[  466.986365][   T31]  ? __pfx___schedule+0x10/0x10
[  466.992009][   T31]  ? schedule+0x90/0x360
[  466.996331][   T31]  schedule+0x164/0x360
[  467.003316][   T31]  schedule_preempt_disabled+0x13/0x30
[  467.008847][   T31]  __mutex_lock+0x7fe/0x1300
[  467.017255][   T31]  ? __mutex_lock+0x5ac/0x1300
[  467.022622][   T31]  ? rtnl_newlink+0x8a1/0x1be0
[  467.027684][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  467.033765][   T31]  ? ns_capable+0x89/0xe0
[  467.038190][   T31]  rtnl_newlink+0x8a1/0x1be0
[  467.046115][   T31]  ? netlink_deliver_tap+0x19c/0x1b0
[  467.052747][   T31]  ? netlink_unicast+0x7e3/0x9b0
[  467.057737][   T31]  ? __pfx_rtnl_newlink+0x10/0x10
[  467.063597][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.069746][   T31]  ? kasan_quarantine_put+0xbb/0x1f0
[  467.075646][   T31]  ? lockdep_hardirqs_on+0x7a/0x110
[  467.082684][   T31]  ? kmem_cache_free+0x187/0x630
[  467.087697][   T31]  ? nlmon_xmit+0xb0/0x100
[  467.092987][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  467.097979][   T31]  ? __local_bh_enable_ip+0xd0/0x130
[  467.103804][   T31]  ? lockdep_hardirqs_on+0x7a/0x110
[  467.109055][   T31]  ? __dev_queue_xmit+0x277/0x3890
[  467.116825][   T31]  ? __local_bh_enable_ip+0xd0/0x130
[  467.123367][   T31]  ? __dev_queue_xmit+0x277/0x3890
[  467.128783][   T31]  ? __pfx_rtnl_newlink+0x10/0x10
[  467.135221][   T31]  rtnetlink_rcv_msg+0x7d5/0xbe0
[  467.140308][   T31]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  467.146467][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  467.159398][   T31]  ? ref_tracker_free+0x693/0x840
[  467.164735][   T31]  ? __copy_skb_header+0xa3/0x4a0
[  467.169810][   T31]  ? __pfx_ref_tracker_free+0x10/0x10
[  467.177251][   T31]  netlink_rcv_skb+0x232/0x4b0
[  467.182750][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  467.188267][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  467.194075][   T31]  ? netlink_deliver_tap+0x2e/0x1b0
[  467.199336][   T31]  netlink_unicast+0x80f/0x9b0
[  467.204691][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  467.210023][   T31]  ? netlink_sendmsg+0x650/0xb40
[  467.216849][   T31]  ? skb_put+0x11b/0x210
[  467.223526][   T31]  netlink_sendmsg+0x813/0xb40
[  467.228358][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  467.235840][   T31]  ? aa_sock_msg_perm+0xf1/0x1b0
[  467.241410][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  467.246744][   T31]  ____sys_sendmsg+0x972/0x9f0
[  467.251977][   T31]  ? futex_unqueue+0x211/0x240
[  467.256801][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  467.264003][   T31]  ? import_iovec+0x73/0xa0
[  467.268573][   T31]  ___sys_sendmsg+0x2a5/0x360
[  467.274492][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  467.279758][   T31]  ? futex_wait+0x29a/0x380
[  467.285961][   T31]  ? __fget_files+0x2a/0x420
[  467.292153][   T31]  ? __fget_files+0x3a0/0x420
[  467.296897][   T31]  __x64_sys_sendmsg+0x1bd/0x2a0
[  467.303297][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  467.308824][   T31]  ? rcu_is_watching+0x15/0xb0
[  467.314095][   T31]  do_syscall_64+0x14d/0xf80
[  467.318736][   T31]  ? trace_irq_disable+0x3b/0x150
[  467.324205][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.330322][   T31]  ? clear_bhb_loop+0x40/0x90
[  467.338011][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.344296][   T31] RIP: 0033:0x7f1b8639c799
[  467.348755][   T31] RSP: 002b:00007f1b8718c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  467.359181][   T31] RAX: ffffffffffffffda RBX: 00007f1b86615fa0 RCX: 00007f1b8639c799
[  467.367784][   T31] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000005
[  467.378616][   T31] RBP: 00007f1b86432bd9 R08: 0000000000000000 R09: 0000000000000000
[  467.386970][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  467.396592][   T31] R13: 00007f1b86616038 R14: 00007f1b86615fa0 R15: 00007ffc38320858
[  467.404899][   T31]  </TASK>
[  467.407949][   T31] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  467.418034][   T31] INFO: task syz.4.2044:13485 blocked for more than 147 seconds.
[  467.426426][   T31]       Not tainted syzkaller #0
[  467.431695][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  467.445730][   T31] task:syz.4.2044      state:D stack:26216 pid:13485 tgid:13481 ppid:5822   task_flags:0x400140 flags:0x00080002
[  467.458388][   T31] Call Trace:
[  467.463487][   T31]  <TASK>
[  467.466465][   T31]  __schedule+0x1585/0x5340
[  467.471507][   T31]  ? __pfx___schedule+0x10/0x10
[  467.476416][   T31]  ? schedule+0x90/0x360
[  467.482695][   T31]  schedule+0x164/0x360
[  467.486912][   T31]  schedule_preempt_disabled+0x13/0x30
[  467.492855][   T31]  __mutex_lock+0x7fe/0x1300
[  467.497502][   T31]  ? __mutex_lock+0x5ac/0x1300
[  467.503415][   T31]  ? nl80211_pre_doit+0x5f/0x930
[  467.508530][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  467.515329][   T31]  ? rcu_is_watching+0x15/0xb0
[  467.520277][   T31]  ? __nla_parse+0x40/0x60
[  467.525230][   T31]  nl80211_pre_doit+0x5f/0x930
[  467.530060][   T31]  ? genl_family_rcv_msg_attrs_parse+0x212/0x2a0
[  467.538630][   T31]  genl_family_rcv_msg_doit+0x1d7/0x330
[  467.544972][   T31]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  467.553380][   T31]  ? bpf_lsm_capable+0x9/0x20
[  467.558251][   T31]  ? security_capable+0x7e/0x2c0
[  467.564675][   T31]  genl_rcv_msg+0x61c/0x7a0
[  467.569244][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  467.577497][   T31]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  467.583359][   T31]  ? __pfx_nl80211_tx_mgmt+0x10/0x10
[  467.588692][   T31]  ? __pfx_nl80211_post_doit+0x10/0x10
[  467.596089][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  467.602513][   T31]  netlink_rcv_skb+0x232/0x4b0
[  467.607499][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  467.616891][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  467.623533][   T31]  ? down_read+0x272/0x2e0
[  467.628008][   T31]  ? genl_rcv+0xd/0x40
[  467.632915][   T31]  genl_rcv+0x28/0x40
[  467.636950][   T31]  netlink_unicast+0x80f/0x9b0
[  467.643009][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  467.648346][   T31]  ? netlink_sendmsg+0x650/0xb40
[  467.653824][   T31]  ? skb_put+0x11b/0x210
[  467.658125][   T31]  netlink_sendmsg+0x813/0xb40
[  467.665798][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  467.671459][   T31]  ? trace_sched_set_need_resched_tp+0x3e/0x160
[  467.677828][   T31]  ? aa_sock_msg_perm+0xf1/0x1b0
[  467.689213][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  467.699280][   T31]  ____sys_sendmsg+0x972/0x9f0
[  467.706023][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  467.711875][   T31]  ? import_iovec+0x73/0xa0
[  467.716440][   T31]  ___sys_sendmsg+0x2a5/0x360
[  467.721893][   T31]  ? try_to_wake_up+0x832/0x1390
[  467.726894][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  467.733166][   T31]  ? futex_wake+0x4ac/0x580
[  467.737772][   T31]  __x64_sys_sendmsg+0x1bd/0x2a0
[  467.744313][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  467.749849][   T31]  ? rcu_is_watching+0x15/0xb0
[  467.755452][   T31]  do_syscall_64+0x14d/0xf80
[  467.760100][   T31]  ? trace_irq_disable+0x3b/0x150
[  467.765583][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.776381][   T31]  ? clear_bhb_loop+0x40/0x90
[  467.782242][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.788193][   T31] RIP: 0033:0x7f1b8639c799
[  467.794029][   T31] RSP: 002b:00007f1b845f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  467.802753][   T31] RAX: ffffffffffffffda RBX: 00007f1b86616090 RCX: 00007f1b8639c799
[  467.812827][   T31] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[  467.821263][   T31] RBP: 00007f1b86432bd9 R08: 0000000000000000 R09: 0000000000000000
[  467.829304][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  467.838444][   T31] R13: 00007f1b86616128 R14: 00007f1b86616090 R15: 00007ffc38320858
[  467.847755][   T31]  </TASK>
[  467.852013][   T31] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  467.861434][   T31] INFO: task dhcpcd:13494 blocked for more than 148 seconds.
[  467.868841][   T31]       Not tainted syzkaller #0
[  467.874584][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  467.885576][   T31] task:dhcpcd          state:D stack:24576 pid:13494 tgid:13494 ppid:5489   task_flags:0x400140 flags:0x00080000
[  467.898798][   T31] Call Trace:
[  467.903392][   T31]  <TASK>
[  467.906385][   T31]  __schedule+0x1585/0x5340
[  467.911455][   T31]  ? stack_trace_save+0xa9/0x100
[  467.916450][   T31]  ? do_raw_spin_lock+0x12b/0x2f0
[  467.923255][   T31]  ? __pfx___schedule+0x10/0x10
[  467.928178][   T31]  ? schedule+0x90/0x360
[  467.934020][   T31]  schedule+0x164/0x360
[  467.938250][   T31]  synchronize_rcu_expedited+0x619/0x770
[  467.944523][   T31]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  467.956859][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[  467.965129][   T31]  __unregister_prot_hook+0x503/0x6e0
[  467.970910][   T31]  ? packet_do_bind+0x90/0xe10
[  467.975743][   T31]  ? packet_do_bind+0x90/0xe10
[  467.981261][   T31]  packet_do_bind+0x536/0xe10
[  467.986012][   T31]  ? packet_do_bind+0x90/0xe10
[  467.993592][   T31]  __sys_bind+0x2e3/0x410
[  467.997997][   T31]  ? __pfx___sys_bind+0x10/0x10
[  468.003439][   T31]  __x64_sys_bind+0x7a/0x90
[  468.008001][   T31]  do_syscall_64+0x14d/0xf80
[  468.013115][   T31]  ? trace_irq_disable+0x3b/0x150
[  468.018197][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.026007][   T31]  ? clear_bhb_loop+0x40/0x90
[  468.033033][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.038981][   T31] RIP: 0033:0x7f4a6652f2d7
[  468.043893][   T31] RSP: 002b:00007ffffac101d8 EFLAGS: 00000213 ORIG_RAX: 0000000000000031
[  468.053222][   T31] RAX: ffffffffffffffda RBX: 00005625b7a3d9c0 RCX: 00007f4a6652f2d7
[  468.061577][   T31] RDX: 0000000000000014 RSI: 00007ffffac101f0 RDI: 0000000000000003
[  468.069586][   T31] RBP: 0000562585f584b0 R08: 00007f4a665feac0 R09: 0000000000000000
[  468.078959][   T31] R10: 0000000000000003 R11: 0000000000000213 R12: 0000000000000000
[  468.087623][   T31] R13: 00005625b7a36af0 R14: 0000000000000000 R15: 0000562585f6dac0
[  468.098147][   T31]  </TASK>
[  468.103522][   T31] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  468.113267][   T31] INFO: task syz.3.2045:13496 blocked for more than 148 seconds.
[  468.122206][   T31]       Not tainted syzkaller #0
[  468.127194][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  468.136357][   T31] task:syz.3.2045      state:D stack:23904 pid:13496 tgid:13496 ppid:5831   task_flags:0x400040 flags:0x00080002
[  468.154707][   T31] Call Trace:
[  468.158035][   T31]  <TASK>
[  468.161375][   T31]  __schedule+0x1585/0x5340
[  468.165954][   T31]  ? do_raw_spin_lock+0x12b/0x2f0
[  468.171889][   T31]  ? __pfx___schedule+0x10/0x10
[  468.176824][   T31]  ? schedule+0x90/0x360
[  468.182567][   T31]  schedule+0x164/0x360
[  468.186788][   T31]  synchronize_rcu_expedited+0x619/0x770
[  468.192939][   T31]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  468.199150][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[  468.206035][   T31]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  468.217295][   T31]  packet_release+0x9ea/0xcc0
[  468.222594][   T31]  ? __pfx_packet_release+0x10/0x10
[  468.227873][   T31]  ? down_write+0x16d/0x200
[  468.233168][   T31]  sock_close+0xc3/0x240
[  468.237456][   T31]  ? __pfx_sock_close+0x10/0x10
[  468.242789][   T31]  __fput+0x44f/0xa70
[  468.246835][   T31]  task_work_run+0x1d9/0x270
[  468.257242][   T31]  ? __pfx_task_work_run+0x10/0x10
[  468.263956][   T31]  exit_to_user_mode_loop+0xed/0x480
[  468.269298][   T31]  ? rcu_is_watching+0x15/0xb0
[  468.275135][   T31]  do_syscall_64+0x32d/0xf80
[  468.279807][   T31]  ? trace_irq_disable+0x3b/0x150
[  468.285299][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.292358][   T31]  ? clear_bhb_loop+0x40/0x90
[  468.297096][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.304436][   T31] RIP: 0033:0x7fc486f9c799
[  468.308897][   T31] RSP: 002b:00007ffc78984568 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  468.317785][   T31] RAX: 0000000000000000 RBX: 00007fc487217da0 RCX: 00007fc486f9c799
[  468.329113][   T31] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  468.338965][   T31] RBP: 00007fc487217da0 R08: 0000000000000006 R09: 0000000000000000
[  468.348242][   T31] R10: 00007fc487217cb0 R11: 0000000000000246 R12: 000000000004bf80
[  468.356878][   T31] R13: 00007fc48721645c R14: 000000000004bdae R15: 00007fc487216450
[  468.366093][   T31]  </TASK>
[  468.369156][   T31] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  468.380036][   T31] INFO: task syz.3.2045:13497 blocked for more than 148 seconds.
[  468.388483][   T31]       Not tainted syzkaller #0
[  468.393965][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  468.402981][   T31] task:syz.3.2045      state:D stack:28160 pid:13497 tgid:13496 ppid:5831   task_flags:0x400140 flags:0x00080002
[  468.418926][   T31] Call Trace:
[  468.422599][   T31]  <TASK>
[  468.425569][   T31]  __schedule+0x1585/0x5340
[  468.430161][   T31]  ? __pfx___schedule+0x10/0x10
[  468.438192][   T31]  ? schedule+0x90/0x360
[  468.443366][   T31]  schedule+0x164/0x360
[  468.447588][   T31]  schedule_preempt_disabled+0x13/0x30
[  468.453488][   T31]  __mutex_lock+0x7fe/0x1300
[  468.458135][   T31]  ? __mutex_lock+0x5ac/0x1300
[  468.463691][   T31]  ? __tun_chr_ioctl+0x3bc/0x1e10
[  468.468771][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  468.475291][   T31]  __tun_chr_ioctl+0x3bc/0x1e10
[  468.480234][   T31]  ? __pfx___tun_chr_ioctl+0x10/0x10
[  468.490082][   T31]  ? __fget_files+0x2a/0x420
[  468.495172][   T31]  ? __fget_files+0x3a0/0x420
[  468.499907][   T31]  ? __fget_files+0x2a/0x420
[  468.506007][   T31]  ? bpf_lsm_file_ioctl+0x9/0x20
[  468.511285][   T31]  ? __pfx_tun_chr_ioctl+0x10/0x10
[  468.516445][   T31]  __se_sys_ioctl+0xfc/0x170
[  468.521442][   T31]  do_syscall_64+0x14d/0xf80
[  468.526088][   T31]  ? trace_irq_disable+0x3b/0x150
[  468.531849][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.538044][   T31]  ? clear_bhb_loop+0x40/0x90
[  468.545271][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.552393][   T31] RIP: 0033:0x7fc486f9c799
[  468.556858][   T31] RSP: 002b:00007fc487f06028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  468.566633][   T31] RAX: ffffffffffffffda RBX: 00007fc487215fa0 RCX: 00007fc486f9c799
[  468.576108][   T31] RDX: 0000200000000040 RSI: 00000000400454ca RDI: 0000000000000005
[  468.586053][   T31] RBP: 00007fc487032bd9 R08: 0000000000000000 R09: 0000000000000000
[  468.595551][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  468.604002][   T31] R13: 00007fc487216038 R14: 00007fc487215fa0 R15: 00007ffc78984408
[  468.612313][   T31]  </TASK>
[  468.615411][   T31] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  468.625288][   T31] INFO: task syz.3.2045:13498 blocked for more than 148 seconds.
[  468.634780][   T31]       Not tainted syzkaller #0
[  468.639752][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  468.648893][   T31] task:syz.3.2045      state:D stack:28160 pid:13498 tgid:13496 ppid:5831   task_flags:0x400040 flags:0x00080002
[  468.663934][   T31] Call Trace:
[  468.667495][   T31]  <TASK>
[  468.670978][   T31]  __schedule+0x1585/0x5340
[  468.675568][   T31]  ? __pfx___schedule+0x10/0x10
[  468.681607][   T31]  ? schedule+0x90/0x360
[  468.685914][   T31]  schedule+0x164/0x360
[  468.690118][   T31]  schedule_preempt_disabled+0x13/0x30
[  468.697103][   T31]  __mutex_lock+0x7fe/0x1300
[  468.704270][   T31]  ? __mutex_lock+0x5ac/0x1300
[  468.709102][   T31]  ? tun_chr_close+0x3e/0x1c0
[  468.718280][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  468.724802][   T31]  ? __pfx_tun_chr_close+0x10/0x10
[  468.729973][   T31]  tun_chr_close+0x3e/0x1c0
[  468.736202][   T31]  __fput+0x44f/0xa70
[  468.740276][   T31]  fput_close_sync+0x11f/0x240
[  468.745588][   T31]  ? __pfx_fput_close_sync+0x10/0x10
[  468.752417][   T31]  __x64_sys_close+0x7e/0x110
[  468.758061][   T31]  do_syscall_64+0x14d/0xf80
[  468.763154][   T31]  ? trace_irq_disable+0x3b/0x150
[  468.768474][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.781538][   T31]  ? clear_bhb_loop+0x40/0x90
[  468.786285][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.793964][   T31] RIP: 0033:0x7fc486f9c799
[  468.798435][   T31] RSP: 002b:00007fc487ee5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  468.808487][   T31] RAX: ffffffffffffffda RBX: 00007fc487216090 RCX: 00007fc486f9c799
[  468.819327][   T31] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  468.828443][   T31] RBP: 00007fc487032bd9 R08: 0000000000000000 R09: 0000000000000000
[  468.836792][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  468.845436][   T31] R13: 00007fc487216128 R14: 00007fc487216090 R15: 00007ffc78984408
[  468.854045][   T31]  </TASK>
[  468.857102][   T31] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  468.866845][   T31] INFO: task syz.3.2045:13499 blocked for more than 149 seconds.
[  468.877263][   T31]       Not tainted syzkaller #0
[  468.884920][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  468.897930][   T31] task:syz.3.2045      state:D stack:28832 pid:13499 tgid:13496 ppid:5831   task_flags:0x400040 flags:0x00080002
[  468.913298][   T31] Call Trace:
[  468.916635][   T31]  <TASK>
[  468.919628][   T31]  __schedule+0x1585/0x5340
[  468.925747][   T31]  ? __pfx___schedule+0x10/0x10
[  468.931339][   T31]  ? schedule+0x90/0x360
[  468.935655][   T31]  schedule+0x164/0x360
[  468.939861][   T31]  schedule_preempt_disabled+0x13/0x30
[  468.946208][   T31]  __mutex_lock+0x7fe/0x1300
[  468.952899][   T31]  ? __mutex_lock+0x5ac/0x1300
[  468.957740][   T31]  ? __tun_chr_ioctl+0x3bc/0x1e10
[  468.963638][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  468.968742][   T31]  ? do_futex+0x395/0x420
[  468.973943][   T31]  ? __fget_files+0x2a/0x420
[  468.978611][   T31]  __tun_chr_ioctl+0x3bc/0x1e10
[  468.984079][   T31]  ? __pfx___tun_chr_ioctl+0x10/0x10
[  468.989453][   T31]  ? __fget_files+0x2a/0x420
[  469.000444][   T31]  ? __fget_files+0x3a0/0x420
[  469.005198][   T31]  ? __fget_files+0x2a/0x420
[  469.009849][   T31]  ? bpf_lsm_file_ioctl+0x9/0x20
[  469.017046][   T31]  ? __pfx_tun_chr_ioctl+0x10/0x10
[  469.023519][   T31]  __se_sys_ioctl+0xfc/0x170
[  469.028163][   T31]  do_syscall_64+0x14d/0xf80
[  469.033953][   T31]  ? trace_irq_disable+0x3b/0x150
[  469.039038][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.046288][   T31]  ? clear_bhb_loop+0x40/0x90
[  469.052549][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.058530][   T31] RIP: 0033:0x7fc486f9c799
[  469.063548][   T31] RSP: 002b:00007fc487ec4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  469.072384][   T31] RAX: ffffffffffffffda RBX: 00007fc487216180 RCX: 00007fc486f9c799
[  469.081268][   T31] RDX: 0000200000000200 RSI: 00000000400454d1 RDI: 0000000000000005
[  469.089290][   T31] RBP: 00007fc487032bd9 R08: 0000000000000000 R09: 0000000000000000
[  469.097801][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  469.108692][   T31] R13: 00007fc487216218 R14: 00007fc487216180 R15: 00007ffc78984408
[  469.118323][   T31]  </TASK>
[  469.121711][   T31] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  469.132632][   T31] INFO: task syz.3.2045:13500 blocked for more than 149 seconds.
[  469.141808][   T31]       Not tainted syzkaller #0
[  469.146783][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  469.156900][   T31] task:syz.3.2045      state:D stack:28832 pid:13500 tgid:13496 ppid:5831   task_flags:0x400140 flags:0x00080002
[  469.169166][   T31] Call Trace:
[  469.173750][   T31]  <TASK>
[  469.176962][   T31]  __schedule+0x1585/0x5340
[  469.182082][   T31]  ? kasan_quarantine_put+0xbb/0x1f0
[  469.187425][   T31]  ? do_raw_spin_lock+0x12b/0x2f0
[  469.192976][   T31]  ? __pfx___schedule+0x10/0x10
[  469.197911][   T31]  ? schedule+0x90/0x360
[  469.202977][   T31]  schedule+0x164/0x360
[  469.207191][   T31]  schedule_preempt_disabled+0x13/0x30
[  469.215942][   T31]  __mutex_lock+0x7fe/0x1300
[  469.221576][   T31]  ? __mutex_lock+0x5ac/0x1300
[  469.226398][   T31]  ? dev_ioctl+0x7a4/0x1150
[  469.231742][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  469.236910][   T31]  ? apparmor_capable+0x126/0x170
[  469.243140][   T31]  ? dev_load+0x21/0x1f0
[  469.247442][   T31]  dev_ioctl+0x7a4/0x1150
[  469.252920][   T31]  sock_do_ioctl+0x23e/0x320
[  469.257558][   T31]  ? __pfx_sock_do_ioctl+0x10/0x10
[  469.263514][   T31]  sock_ioctl+0x5c6/0x7f0
[  469.267895][   T31]  ? __pfx_sock_ioctl+0x10/0x10
[  469.273246][   T31]  ? __fget_files+0x2a/0x420
[  469.277888][   T31]  ? __fget_files+0x3a0/0x420
[  469.284699][   T31]  ? __fget_files+0x2a/0x420
[  469.289347][   T31]  ? bpf_lsm_file_ioctl+0x9/0x20
[  469.307237][   T31]  ? __pfx_sock_ioctl+0x10/0x10
[  469.313534][   T31]  __se_sys_ioctl+0xfc/0x170
[  469.318212][   T31]  do_syscall_64+0x14d/0xf80
[  469.325780][   T31]  ? trace_irq_disable+0x3b/0x150
[  469.331182][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.337295][   T31]  ? clear_bhb_loop+0x40/0x90
[  469.343961][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.349907][   T31] RIP: 0033:0x7fc486f9c799
[  469.355806][   T31] RSP: 002b:00007fc487ea3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  469.365339][   T31] RAX: ffffffffffffffda RBX: 00007fc487216270 RCX: 00007fc486f9c799
[  469.375176][   T31] RDX: 0000200000002280 RSI: 0000000000008914 RDI: 0000000000000007
[  469.384354][   T31] RBP: 00007fc487032bd9 R08: 0000000000000000 R09: 0000000000000000
[  469.392750][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  469.401938][   T31] R13: 00007fc487216308 R14: 00007fc487216270 R15: 00007ffc78984408
[  469.409979][   T31]  </TASK>
[  469.414448][   T31] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  469.424057][   T31] INFO: task syz-executor:13508 blocked for more than 149 seconds.
[  469.434402][   T31]       Not tainted syzkaller #0
[  469.439374][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  469.449864][   T31] task:syz-executor    state:D stack:27304 pid:13508 tgid:13508 ppid:1      task_flags:0x400140 flags:0x00080002
[  469.463537][   T31] Call Trace:
[  469.466946][   T31]  <TASK>
[  469.469912][   T31]  __schedule+0x1585/0x5340
[  469.476781][   T31]  ? __pfx___schedule+0x10/0x10
[  469.482923][   T31]  ? schedule+0x90/0x360
[  469.487451][   T31]  schedule+0x164/0x360
[  469.492098][   T31]  schedule_preempt_disabled+0x13/0x30
[  469.497607][   T31]  __mutex_lock+0x7fe/0x1300
[  469.503088][   T31]  ? __mutex_lock+0x5ac/0x1300
[  469.507908][   T31]  ? inet_rtm_newaddr+0x404/0x1ad0
[  469.514115][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  469.519242][   T31]  ? __nla_parse+0x40/0x60
[  469.524145][   T31]  inet_rtm_newaddr+0x404/0x1ad0
[  469.529145][   T31]  ? __kernel_text_address+0xd/0x30
[  469.535636][   T31]  ? unwind_get_return_address+0x4d/0x90
[  469.548587][   T31]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  469.555804][   T31]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  469.561876][   T31]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  469.567346][   T31]  rtnetlink_rcv_msg+0x7d5/0xbe0
[  469.573568][   T31]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  469.578735][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  469.585451][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  469.591319][   T31]  netlink_rcv_skb+0x232/0x4b0
[  469.596137][   T31]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  469.602889][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  469.608253][   T31]  ? netlink_deliver_tap+0x2e/0x1b0
[  469.615818][   T31]  netlink_unicast+0x80f/0x9b0
[  469.621473][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  469.626814][   T31]  ? netlink_sendmsg+0x650/0xb40
[  469.632211][   T31]  ? skb_put+0x11b/0x210
[  469.636514][   T31]  netlink_sendmsg+0x813/0xb40
[  469.641767][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  469.647127][   T31]  ? aa_sock_msg_perm+0xf1/0x1b0
[  469.655291][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  469.661865][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  469.667214][   T31]  __sys_sendto+0x672/0x710
[  469.672192][   T31]  ? __pfx___sys_sendto+0x10/0x10
[  469.677296][   T31]  ? exc_page_fault+0x6a/0xc0
[  469.683351][   T31]  ? do_user_addr_fault+0xc6f/0x1340
[  469.688939][   T31]  __x64_sys_sendto+0xde/0x100
[  469.695039][   T31]  do_syscall_64+0x14d/0xf80
[  469.699710][   T31]  ? trace_irq_disable+0x3b/0x150
[  469.705313][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.712673][   T31]  ? clear_bhb_loop+0x40/0x90
[  469.717411][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.724658][   T31] RIP: 0033:0x7fa208b5cfce
[  469.729132][   T31] RSP: 002b:00007ffd32631478 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  469.738121][   T31] RAX: ffffffffffffffda RBX: 0000555574fb0500 RCX: 00007fa208b5cfce
[  469.746846][   T31] RDX: 0000000000000028 RSI: 00007fa209944670 RDI: 0000000000000003
[  469.755941][   T31] RBP: 0000000000000001 R08: 00007ffd326314f4 R09: 000000000000000c
[  469.766199][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[  469.776527][   T31] R13: 0000000000000000 R14: 00007fa209944670 R15: 0000000000000000
[  469.784960][   T31]  </TASK>
[  469.788049][   T31] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  469.798729][   T31] 
[  469.798729][   T31] Showing all locks held in the system:
[  469.815147][   T31] 7 locks held by kworker/0:1/10:
[  469.820291][   T31] 1 lock held by khungtaskd/31:
[  469.826092][   T31]  #0: ffffffff8e7602e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  469.836847][   T31] 5 locks held by kworker/u9:0/51:
[  469.842365][   T31]  #0: ffff888032554948 ((wq_completion)hci5){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  469.855153][   T31]  #1: ffffc90000bb7c40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  469.876010][   T31]  #2: ffff888022b84ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
[  469.886502][   T31]  #3: ffff888022b840c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190
[  469.898002][   T31]  #4: ffffffff8fd590e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340
[  469.909835][   T31] 3 locks held by kworker/1:2/980:
[  469.916147][   T31]  #0: ffff88813fe0e148 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  469.929169][   T31]  #1: ffffc900048dfc40 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  469.942482][   T31]  #2: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: reg_check_chans_work+0xa5/0xfe0
[  469.952860][   T31] 1 lock held by dhcpcd/5489:
[  469.957568][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[  469.967486][   T31] 2 locks held by getty/5582:
[  469.972457][   T31]  #0: ffff888035c6b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  469.985197][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x45c/0x13c0
[  469.996821][   T31] 4 locks held by kworker/u9:2/5829:
[  470.003149][   T31]  #0: ffff888048b78948 ((wq_completion)hci15#2){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  470.015899][   T31]  #1: ffffc90003c97c40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  470.029225][   T31]  #2: ffff88804d8380c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x950
[  470.040543][   T31]  #3: ffffffff8fd590e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x54c/0x950
[  470.051757][   T31] 4 locks held by kworker/u9:4/5833:
[  470.057089][   T31]  #0: ffff88807bd7b148 ((wq_completion)hci11#2){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  470.069485][   T31]  #1: ffffc90003cc7c40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  470.082515][   T31]  #2: ffff88807ad180c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x950
[  470.100416][   T31]  #3: ffffffff8fd590e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x54c/0x950
[  470.113583][   T31] 2 locks held by kworker/1:3/5836:
[  470.118844][   T31]  #0: ffff88813fe0f548 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  470.131681][   T31]  #1: ffffc90003cf7c40 (xfrm_state_gc_work){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  470.144080][   T31] 4 locks held by kworker/u9:6/5838:
[  470.149407][   T31]  #0: ffff88807c501148 ((wq_completion)hci12#2){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  470.162308][   T31]  #1: ffffc90003d17c40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  470.176107][   T31]  #2: ffff88807acf80c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x950
[  470.186567][   T31]  #3: ffffffff8fd590e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x54c/0x950
[  470.197477][   T31] 4 locks held by kworker/u9:7/5841:
[  470.207097][   T31]  #0: ffff88806df92948 ((wq_completion)hci10#2){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  470.218631][   T31]  #1: ffffc90003d37c40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  470.231472][   T31]  #2: ffff888032e6c0c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x950
[  470.243034][   T31]  #3: ffffffff8fd590e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x54c/0x950
[  470.255597][   T31] 6 locks held by kworker/u9:8/5842:
[  470.261739][   T31]  #0: ffff888047e07948 ((wq_completion)hci3){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  470.272963][   T31]  #1: ffffc90003d47c40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  470.285884][   T31]  #2: ffff888028c50ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
[  470.297415][   T31]  #3: ffff888028c500c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190
[  470.308474][   T31]  #4: ffffffff8fd590e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340
[  470.320922][   T31]  #5: ffff8880369152f8 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x7b/0x5c0
[  470.335551][   T31] 4 locks held by kworker/0:7/10019:
[  470.342149][   T31] 3 locks held by kworker/u8:12/12648:
[  470.347654][   T31]  #0: ffff888031a03148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  470.360802][   T31]  #1: ffffc90006017c40 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  470.381724][   T31]  #2: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[  470.392922][   T31] 1 lock held by syz.1.2038/13457:
[  470.398073][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x722/0xbe0
[  470.408253][   T31] 1 lock held by syz.2.2039/13462:
[  470.415633][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x722/0xbe0
[  470.428291][   T31] 1 lock held by syz.2.2039/13463:
[  470.434436][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: rtm_new_nexthop+0xfbc/0x8620
[  470.450250][   T31] 1 lock held by syz.0.2043/13478:
[  470.455986][   T31]  #0: ffff88806a9ab008 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: sock_close+0x9b/0x240
[  470.468035][   T31] 1 lock held by syz.0.2043/13479:
[  470.474063][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: __tun_chr_ioctl+0x3bc/0x1e10
[  470.484665][   T31] 1 lock held by syz.0.2043/13480:
[  470.489821][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[  470.502429][   T31] 1 lock held by syz.0.2043/13483:
[  470.507834][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: dev_ioctl+0x7a4/0x1150
[  470.517312][   T31] 1 lock held by syz.0.2043/13486:
[  470.522836][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x722/0xbe0
[  470.535069][   T31] 1 lock held by syz.0.2043/13488:
[  470.540223][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x722/0xbe0
[  470.550241][   T31] 2 locks held by syz.4.2044/13482:
[  470.557274][   T31]  #0: ffffffff90135eb0 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  470.567494][   T31]  #1: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8a1/0x1be0
[  470.577506][   T31] 2 locks held by syz.4.2044/13485:
[  470.583897][   T31]  #0: ffffffff8fc3a670 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  470.593647][   T31]  #1: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: nl80211_pre_doit+0x5f/0x930
[  470.603407][   T31] 1 lock held by dhcpcd/13494:
[  470.608206][   T31]  #0: ffff888046a74260 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x33/0xe10
[  470.619612][   T31] 1 lock held by syz.3.2045/13496:
[  470.626167][   T31]  #0: ffff88806a9c6988 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: sock_close+0x9b/0x240
[  470.636840][   T31] 1 lock held by syz.3.2045/13497:
[  470.649692][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: __tun_chr_ioctl+0x3bc/0x1e10
[  470.662074][   T31] 1 lock held by syz.3.2045/13498:
[  470.667238][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[  470.676762][   T31] 1 lock held by syz.3.2045/13499:
[  470.683313][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: __tun_chr_ioctl+0x3bc/0x1e10
[  470.693539][   T31] 1 lock held by syz.3.2045/13500:
[  470.698690][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: dev_ioctl+0x7a4/0x1150
[  470.708919][   T31] 1 lock held by syz-executor/13508:
[  470.715728][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[  470.726484][   T31] 1 lock held by syz-executor/13514:
[  470.737303][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[  470.747244][   T31] 1 lock held by syz-executor/13519:
[  470.755267][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[  470.766018][   T31] 1 lock held by syz-executor/13523:
[  470.772376][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[  470.782569][   T31] 1 lock held by syz-executor/13524:
[  470.787898][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[  470.798353][   T31] 1 lock held by syz-executor/13529:
[  470.804177][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[  470.816654][   T31] 1 lock held by syz-executor/13534:
[  470.823353][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[  470.833215][   T31] 1 lock held by syz-executor/13537:
[  470.838535][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[  470.849942][   T31] 1 lock held by syz-executor/13543:
[  470.855844][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[  470.869655][   T31] 1 lock held by syz-executor/13545:
[  470.875657][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[  470.885452][   T31] 4 locks held by kworker/u9:1/13547:
[  470.892394][   T31]  #0: ffff888058fdd148 ((wq_completion)hci14#2){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  470.904725][   T31]  #1: ffffc9000696fc40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  470.918185][   T31]  #2: ffff88807c7680c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x950
[  470.929290][   T31]  #3: ffffffff8fd590e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x54c/0x950
[  470.940454][   T31] 4 locks held by kworker/u9:3/13548:
[  470.945895][   T31]  #0: ffff888058fda148 ((wq_completion)hci13#2){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  470.959138][   T31]  #1: ffffc9000697fc40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  470.974409][   T31]  #2: ffff8880593240c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x950
[  470.984859][   T31]  #3: ffffffff8fd590e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x54c/0x950
[  470.995815][   T31] 1 lock held by syz-executor/13551:
[  471.001711][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[  471.012942][   T31] 4 locks held by kworker/u9:9/13555:
[  471.018379][   T31]  #0: ffff888058fd2148 ((wq_completion)hci16#2){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  471.033630][   T31]  #1: ffffc90003b47c40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  471.047340][   T31]  #2: ffff88804d8440c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x950
[  471.058700][   T31]  #3: ffffffff8fd590e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x54c/0x950
[  471.069643][   T31] 1 lock held by syz-executor/13557:
[  471.075610][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[  471.087431][   T31] 5 locks held by kworker/u9:10/13559:
[  471.093883][   T31]  #0: ffff888033e4a148 ((wq_completion)hci6){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  471.105454][   T31]  #1: ffffc900069dfc40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  471.118411][   T31]  #2: ffff88807b294ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
[  471.130236][   T31]  #3: ffff88807b2940c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190
[  471.141056][   T31]  #4: ffffffff8fd590e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340
[  471.153669][   T31] 5 locks held by kworker/u9:11/13560:
[  471.159276][   T31]  #0: ffff88806c59a148 ((wq_completion)hci9){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  471.170773][   T31]  #1: ffffc900069cfc40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  471.184174][   T31]  #2: ffff888048a88ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
[  471.199161][   T31]  #3: ffff888048a880c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190
[  471.210219][   T31]  #4: ffffffff8fd590e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340
[  471.222405][   T31] 1 lock held by syz-executor/13562:
[  471.227974][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[  471.238454][   T31] 4 locks held by kworker/u9:12/13563:
[  471.244287][   T31]  #0: ffff88805741c948 ((wq_completion)hci17#2){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  471.257103][   T31]  #1: ffffc900069ffc40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  471.270485][   T31]  #2: ffff88804d8500c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x950
[  471.281338][   T31]  #3: ffffffff8fd590e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x54c/0x950
[  471.293081][   T31] 1 lock held by syz-executor/13569:
[  471.298406][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[  471.311964][   T31] 4 locks held by kworker/u9:13/13570:
[  471.317466][   T31]  #0: ffff888057e8b148 ((wq_completion)hci18#2){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  471.329263][   T31]  #1: ffffc90006a57c40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  471.343228][   T31]  #2: ffff8880358cc0c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x950
[  471.354045][   T31]  #3: ffffffff8fd590e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x54c/0x950
[  471.365115][   T31] 1 lock held by syz-executor/13572:
[  471.372784][   T31]  #0: ffffffff8fbcc908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
[  471.383556][   T31] 4 locks held by kworker/u9:14/13573:
[  471.389052][   T31]  #0: ffff888058352148 ((wq_completion)hci19#2){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  471.400738][   T31]  #1: ffffc90006a67c40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  471.415980][   T31]  #2: ffff8880567a40c0 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x950
[  471.429896][   T31]  #3: ffffffff8fd590e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x54c/0x950
[  471.442032][   T31] 5 locks held by kworker/u9:15/13575:
[  471.447528][   T31]  #0: ffff88802b5a2948 ((wq_completion)hci8){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  471.462638][   T31]  #1: ffffc90006a87c40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  471.476918][   T31]  #2: ffff8880334a0ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
[  471.488083][   T31]  #3: ffff8880334a00c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190
[  471.498253][   T31]  #4: ffffffff8fd590e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340
[  471.508861][   T31] 5 locks held by kworker/u9:16/13576:
[  471.514663][   T31]  #0: ffff88802a9ab148 ((wq_completion)hci7){+.+.}-{0:0}, at: process_scheduled_works+0x9ea/0x1830
[  471.529188][   T31]  #1: ffffc900069efc40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa25/0x1830
[  471.543469][   T31]  #2: ffff888058518ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
[  471.553692][   T31]  #3: ffff8880585180c0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190
[  471.564824][   T31]  #4: ffffffff8fd590e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340
[  471.576462][   T31] 
[  471.578830][   T31] =============================================
[  471.578830][   T31] 
[  471.588067][   T31] NMI backtrace for cpu 1
[  471.588093][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  471.588117][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  471.588130][   T31] Call Trace:
[  471.588139][   T31]  <TASK>
[  471.588148][   T31]  dump_stack_lvl+0xe8/0x150
[  471.588183][   T31]  nmi_cpu_backtrace+0x274/0x2d0
[  471.588267][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  471.588298][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  471.588327][   T31]  sys_info+0x135/0x170
[  471.588347][   T31]  watchdog+0xfd9/0x1030
[  471.588385][   T31]  ? watchdog+0x21a/0x1030
[  471.588424][   T31]  kthread+0x388/0x470
[  471.588446][   T31]  ? __pfx_watchdog+0x10/0x10
[  471.588484][   T31]  ? __pfx_kthread+0x10/0x10
[  471.588506][   T31]  ret_from_fork+0x51e/0xb90
[  471.588536][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  471.588563][   T31]  ? __switch_to+0xc7d/0x1450
[  471.588590][   T31]  ? __pfx_kthread+0x10/0x10
[  471.588613][   T31]  ret_from_fork_asm+0x1a/0x30
[  471.588660][   T31]  </TASK>
[  471.588668][   T31] Sending NMI from CPU 1 to CPUs 0:
[  471.701167][    C0] NMI backtrace for cpu 0
[  471.701185][    C0] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted syzkaller #0 PREEMPT(full) 
[  471.701206][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  471.701218][    C0] Workqueue: events_power_efficient neigh_periodic_work
[  471.701311][    C0] RIP: 0010:__sanitizer_cov_trace_switch+0x4/0x130
[  471.701342][    C0] Code: 89 44 0a 20 e9 0d a8 ea 09 cc 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa <48> 8b 06 48 8b 4e 08 48 83 c1 f8 48 c1 c1 3d 48 83 f9 02 7f 1e 48
[  471.701358][    C0] RSP: 0018:ffffc90000007460 EFLAGS: 00000246
[  471.701373][    C0] RAX: 0000000000000000 RBX: ffff88803c25a000 RCX: ffff88801d6fbc80
[  471.701385][    C0] RDX: ffff88803c25a07e RSI: ffffffff8fbb9900 RDI: 0000000000000000
[  471.701398][    C0] RBP: ffff88803c25a000 R08: ffff88807ade6223 R09: 1ffff1100f5bcc44
[  471.701411][    C0] R10: dffffc0000000000 R11: ffffed100f5bcc45 R12: ffffc90000007538
[  471.701432][    C0] R13: dffffc0000000000 R14: 0000000000000000 R15: dffffc0000000000
[  471.701445][    C0] FS:  0000000000000000(0000) GS:ffff888125464000(0000) knlGS:0000000000000000
[  471.701459][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  471.701472][    C0] CR2: 00007f694ca97e9c CR3: 000000000e54c000 CR4: 00000000003526f0
[  471.701488][    C0] Call Trace:
[  471.701495][    C0]  <IRQ>
[  471.701501][    C0]  __kfree_skb+0x90/0x210
[  471.701530][    C0]  enqueue_to_backlog+0x69b/0xee0
[  471.701580][    C0]  netif_rx_internal+0x120/0x590
[  471.701604][    C0]  ? kasan_quarantine_put+0xbb/0x1f0
[  471.701623][    C0]  ? __pfx_netif_rx_internal+0x10/0x10
[  471.701650][    C0]  ? rcu_is_watching+0x15/0xb0
[  471.701677][    C0]  netif_rx+0x59/0x90
[  471.701703][    C0]  vxcan_xmit+0x4cf/0x780
[  471.701749][    C0]  ? vxcan_xmit+0x49/0x780
[  471.701770][    C0]  dev_hard_start_xmit+0x2d8/0x870
[  471.701806][    C0]  __dev_queue_xmit+0x16d1/0x3890
[  471.701825][    C0]  ? skb_clone+0x212/0x3a0
[  471.701852][    C0]  ? __dev_queue_xmit+0x277/0x3890
[  471.701868][    C0]  ? __kasan_slab_alloc+0x6c/0x80
[  471.701886][    C0]  ? skb_ext_add+0x1b6/0x8f0
[  471.701933][    C0]  ? can_can_gw_rcv+0x4a3/0xf70
[  471.702010][    C0]  ? can_rcv_filter+0x126/0x7d0
[  471.702028][    C0]  ? can_rcv+0x1f9/0x330
[  471.702046][    C0]  ? process_backlog+0xc66/0x1950
[  471.702066][    C0]  ? __napi_poll+0xae/0x340
[  471.702085][    C0]  ? net_rx_action+0x627/0xf70
[  471.702105][    C0]  ? do_softirq+0x76/0xd0
[  471.702127][    C0]  ? __local_bh_enable_ip+0xf8/0x130
[  471.702148][    C0]  ? neigh_periodic_work+0xc28/0xe50
[  471.702169][    C0]  ? process_scheduled_works+0xb02/0x1830
[  471.702190][    C0]  ? worker_thread+0xa50/0xfc0
[  471.702214][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[  471.702250][    C0]  ? rcu_is_watching+0x15/0xb0
[  471.702276][    C0]  can_send+0x921/0xd20
[  471.702299][    C0]  ? __pfx_can_send+0x10/0x10
[  471.702317][    C0]  ? skb_ext_add+0x3b3/0x8f0
[  471.702343][    C0]  ? skb_clone+0x246/0x3a0
[  471.702368][    C0]  ? can_can_gw_rcv+0x474/0xf70
[  471.702394][    C0]  can_can_gw_rcv+0xcb0/0xf70
[  471.702431][    C0]  ? __pfx_can_can_gw_rcv+0x10/0x10
[  471.702456][    C0]  can_rcv_filter+0x126/0x7d0
[  471.702476][    C0]  ? can_receive+0x16c/0x440
[  471.702496][    C0]  can_receive+0x2c6/0x440
[  471.702517][    C0]  can_rcv+0x1f9/0x330
[  471.702535][    C0]  ? __pfx_can_rcv+0x10/0x10
[  471.702553][    C0]  ? process_backlog+0x3eb/0x1950
[  471.702575][    C0]  process_backlog+0xc66/0x1950
[  471.702607][    C0]  __napi_poll+0xae/0x340
[  471.702626][    C0]  ? skb_defer_free_flush+0x233/0x260
[  471.702649][    C0]  net_rx_action+0x627/0xf70
[  471.702669][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[  471.702701][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  471.702734][    C0]  ? try_to_wake_up+0x7fc/0x1390
[  471.702758][    C0]  handle_softirqs+0x22a/0x870
[  471.702782][    C0]  ? do_softirq+0x76/0xd0
[  471.702807][    C0]  ? neigh_periodic_work+0xc28/0xe50
[  471.702829][    C0]  do_softirq+0x76/0xd0
[  471.702850][    C0]  </IRQ>
[  471.702855][    C0]  <TASK>
[  471.702862][    C0]  __local_bh_enable_ip+0xf8/0x130
[  471.702885][    C0]  neigh_periodic_work+0xc28/0xe50
[  471.702910][    C0]  ? process_scheduled_works+0xa25/0x1830
[  471.702935][    C0]  process_scheduled_works+0xb02/0x1830
[  471.702974][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  471.703000][    C0]  ? assign_work+0x3d5/0x5e0
[  471.703025][    C0]  worker_thread+0xa50/0xfc0
[  471.703064][    C0]  kthread+0x388/0x470
[  471.703080][    C0]  ? __pfx_worker_thread+0x10/0x10
[  471.703102][    C0]  ? __pfx_kthread+0x10/0x10
[  471.703120][    C0]  ret_from_fork+0x51e/0xb90
[  471.703144][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  471.703166][    C0]  ? __switch_to+0xc7d/0x1450
[  471.703188][    C0]  ? __pfx_kthread+0x10/0x10
[  471.703204][    C0]  ret_from_fork_asm+0x1a/0x30
[  471.703241][    C0]  </TASK>
[  472.203151][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  472.210070][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  472.219213][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  472.229300][   T31] Call Trace:
[  472.232609][   T31]  <TASK>
[  472.235574][   T31]  vpanic+0x56c/0xa60
[  472.239625][   T31]  ? __pfx___schedule+0x10/0x10
[  472.244565][   T31]  ? __pfx_vpanic+0x10/0x10
[  472.249110][   T31]  ? __pfx_console_unlock+0x10/0x10
[  472.254358][   T31]  panic+0xc5/0xd0
[  472.258138][   T31]  ? __pfx_panic+0x10/0x10
[  472.262596][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  472.268043][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  472.274231][   T31]  watchdog+0x1023/0x1030
[  472.278607][   T31]  ? watchdog+0x21a/0x1030
[  472.283072][   T31]  kthread+0x388/0x470
[  472.287168][   T31]  ? __pfx_watchdog+0x10/0x10
[  472.291895][   T31]  ? __pfx_kthread+0x10/0x10
[  472.296523][   T31]  ret_from_fork+0x51e/0xb90
[  472.301245][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  472.306408][   T31]  ? __switch_to+0xc7d/0x1450
[  472.311132][   T31]  ? __pfx_kthread+0x10/0x10
[  472.315756][   T31]  ret_from_fork_asm+0x1a/0x30
[  472.320748][   T31]  </TASK>
[  472.324406][   T31] Kernel Offset: disabled
[  472.328737][   T31] Rebooting in 86400 seconds..