last executing test programs:

27.183168997s ago: executing program 2:
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000280)={0xa, 0x0, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000000180)=[@rthdr={{0x38, 0x29, 0x39, {0x0, 0x4, 0x2, 0x0, 0x0, [@remote, @local]}}}], 0x38}}], 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="000000000038355bf0a06160bdaedc7ca2d487000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x4, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000200000000000000000818110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'gretap0\x00', <r6=>0x0})
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000000)=0x4, 0x4)
sendto$packet(r5, &(0x7f00000000c0)="3f050e007028120006001e0089e9aaa921d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000000)={@mcast1, r6}, 0x14)
r7 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
listen(r7, 0x0)
connect$rose(r7, &(0x7f0000000040)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x0, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast]}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='ext4_mballoc_prealloc\x00', r2}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='ext4_mballoc_prealloc\x00', r8}, 0x10)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r9, &(0x7f0000000180), 0x2000)
socket$nl_route(0x10, 0x3, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000e1378763009500000000000000c8d7a26e322c91637ab6ce638bb2d3cec25531d67be08a364f43598f11eac8d172c75b5bea741658750826a902f58c4c3dc268b98538d82085e9ea030f93729c70ca02a0b5081d3cae353c00fc9b8e930b485a7754bfe333ddfae5fea532e571bccd4695cc073d1ced42b7ac4cc5dde7a00dd5848d6e380ac5da26a4479cb1cb07c92dcee7e5659dfa57f9b20000f7638f43a63420916f17ee46374972f33f1f12c6"], 0x0}, 0x90)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x80, 0x1, 0x0, 0x44, 0xffffffffffffffff, 0xfffff801, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x48)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000140)={r10, r11}, 0xc)

26.847303474s ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000745f0020850000007200000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000010b00)=@o_path={&(0x7f0000000040)='\x00', 0x0, 0x8, r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x2, 0x2, 0x4}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000440)={{r1}, &(0x7f00000003c0), &(0x7f0000000400)='%pK    \x00'}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x15, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000100850000000100000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f80100ffb703000008c48f00b704000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='ext4_allocate_inode\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
r5 = socket(0x22, 0x2, 0x1)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r4)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r8, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x14, 0x6, 0x1, 0x700, 0x0, 0x0, {0x3, 0x0, 0xa}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x884}, 0x40)
sendmsg$NL80211_CMD_JOIN_MESH(r5, &(0x7f0000000480)={&(0x7f00000002c0), 0xc, &(0x7f0000000380)={&(0x7f0000000580)={0x54, r7, 0x4, 0x70bd2a, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x0, 0x61}}}}, [@NL80211_ATTR_MESH_SETUP={0x14, 0x70, [@NL80211_MESH_SETUP_USERSPACE_AMPE={0x4}, @NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC={0x5, 0x2, 0x1}, @NL80211_MESH_SETUP_USERSPACE_MPM={0x4}]}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x3f}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2e}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x3}]]}, 0x54}}, 0x40052)
getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r6, 0x84, 0x7a, 0x0, &(0x7f0000000300)=0x9b)
close(r5)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00d, 0x0, 0x0, 0x0, 0x0}, 0x50)

26.681438597s ago: executing program 2:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f00000001c0)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0xc000000, @mcast1}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108)

26.598616053s ago: executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f0000000940)={0x0, 0xfffffffffffffe03, &(0x7f0000000080)={&(0x7f00000009c0)=ANY=[@ANYBLOB="600000000002010400000000800000000200000024000280140001800800019c5b917c6805b1a97f000000000008000000ac1414000c00029f0df411800500010000030000200003801400018008000100ac1414aa08000200ac1414bb060003400012000008000600524153003c258086"], 0x60}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00'})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f00000001c0)={&(0x7f00000003c0)=@id, 0x10, &(0x7f00000007c0)=[{&(0x7f0000000180)="57e6e32083a328c2da3964066135e463f922081ae50887ede09da114c1daa077f9611f8aa81d", 0x26}, {&(0x7f0000000280)="b57af26468ffde59db204ffaa467c0af523b9e6d93dd62dad3d2f90b45e80eb530982e2a1a0b9ebc2c7113d4f93982f87d0ced6312bdcaa996c13c02d027870ae0bdbed8b104a10605ae3939cfa8e7d4ae5e2f97b5958bed4a4430c01d04f980fac5e88de756ec949e14a35bfb3f32197c05b451", 0x74}, {&(0x7f0000000300)="3d408cd47846fd99d1d1a4df38e0afdd03a817bf3b4673e575b2c253bae12d98c4f3e4e6d317ba457f2d0de6e1fbc5a43bae0d257cda31fb579139135de49db225bf75a3dea059b4a7a9808dd72eb1bd84d0cf9959907ad6b1e1ec718aa8d5004fd0acd19045d8d6e0f04b6b4497bb3126e4ad0d033ef175a58f55d0993d32bb3a10246c0e9ed8956592d6b51d", 0x8d}, {&(0x7f0000000540)="a840c8a67da22f1b2c4e068bb1ad9c499f093b4480b55eb7b9408f5400cc74932ab986ca937640a84378eb6446626516e84b0055936bb61fac109e2624e86903d729b0b10b4f16db7da1fa3aaa808fe333de0c9316c2412cb9ed2d604f8b3fa52416302221487c294ae9dc54783573eb5e7c1027fc39fa60c39afee14fb7cf3e6ef0041470dfd6a4a356a1d7e20a437bcadc7f0b5afa9f9d68bccd88", 0x9c}, {&(0x7f0000000600)="c016c55101fc98bba00b0c2946a2b285871ce0494875c9d8979d34a99a409dcb328a6ff1e31414ec38af8d9348d49550faf55f18c1d9f281054ffbe9a13132e9a05e0542a376762a4d799b6b4f0311f62189f67e7708285a203492767e25e6bc4d28d6d3f8d9f50c2660483f8f942ecb733e84f8619101c2ec2ec357bec450d092e6068a319a9f761d766e6ac151f3f3cb790dda0a6dbc381be1a87e4d992bc55e39f166e65d1a5997bc4d255f00c45f6264f7b459ce6fc78a91f8935fa3aa5fe8be532e06387d82f07e", 0xfec7}, {&(0x7f0000000700)="f32ced1978f6103c6709573259e317066e84d42f18d090e52035bcf2ddcf8761f30c8179d42f2d06e49766e18561147a88e7ab4a817816b9da02e1744bc7eb653eb04ab70b5bf5111e01923c9bd0f4b72df99f19253083a444b5fbf214a2e9fbbc352a08731643692912aebd09546ccb28837254a30d1e53084dd7f6b7114fa3825fcbae9443ec15fb31bca97a87824d4bc8b632cf971bfb523a", 0x9a}], 0x6, &(0x7f0000000840)="a6d462c399e20d9d7ab19933a9b3d0e1d617be45eb50440e1e51f20cd773cd1b34e2669a511f6292d81a777376560dc1daae580d2419af271bdd485f32ddaa3679178bcbe6ff6f5d5d758535afbe2a930342eaa16108a32d9d31fbfe8bf4d89784440c3ff3fef2f998aebc9634", 0x6d}, 0x80)
close(r3)
recvmsg(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a4c000000060a010400000000000000000200000018000480140001800c000100636f756e74657200040002800900010073797a30000000000900020073797a32000134"], 0x74}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000980), 0xffffffffffffffff)
unshare(0x400)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff})
setsockopt$sock_int(r7, 0x1, 0xc, &(0x7f00000002c0), 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000180))
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYRES64=r5, @ANYRES16=r6, @ANYBLOB="010000000000000000000f00000005002e000000000005002d000000000008002c000000000008000300", @ANYRES32=r7], 0x34}}, 0x0)
unshare(0x600)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="180200000004000000000000000000008500000028000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000180)='syzkaller\x00'}, 0x90)
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r8, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'bond0\x00'})
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r10}, 0x10)
pselect6(0x40, &(0x7f0000000040)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x846}, 0x0, &(0x7f0000000140)={0x1ff, 0x80000}, 0x0, 0x0)

26.446512932s ago: executing program 2:
socket$inet6(0xa, 0x2, 0x0)
ioctl$BTRFS_IOC_ADD_DEV(0xffffffffffffffff, 0x5000940a, &(0x7f0000000100)={{}, "c0c0c22bbea16920ec49c9ce2e43d353e64509c5e39f61e0ed13929ea8258ab02f879dab168c61288096b1d26c12f149c3c37e65737917541304c492b240ae9395c6bfea27f6b56249caea64cd5dc30967300d3c60c137ce1d7f58139a1da3c6dcfff2c4d78bb75c6b06004d474a24e8219dd025b52e9957edcc31fd4f525c2db8ee94494cfa71bed4a3fbf41a746c915879cf25d00ed452251ec8349da33dd8b79c5892b5fd771efa4d4f3d6186152501797174b0e4361a5226725a7f7c27c211b1ad9d89888684c596bd087630b5bb7969c9e337f4d88e980420c9a2be46d9179eef00796002d609ea76d417f8e256e341fc56d431257061c7ed9d46ede98a6d682feedacaa39352f937dcffac31efd19655dc5e7116a610511c3b07202c93e1fd0e91d7e763990af40bb1d154866c2a2878d58422dcccc7a922dc666c97d066b159486c00eb099fdb962b1817e264869fee173555754fd92b7bdb67f4723a19b03a110b47ccc7e35f0431ef50593e879286a6ca3ca92dd35c12389a49bb24955ee594c38622930baf0a7cf5d48e362daff21f6442337675b416f4c5c2795a396fc99ba0b8356ac82e5a6963b24b46432f0be437116ce38e479d886e08c77c527345ce293f8f5bae4086f96e5ec7756a3a61d8da48a7c177d9e90941ed83e5dc0236fcf587eed9cb3ed8f901054110fb9a8406d53e0ce42046c0f51c58df40642b9463823c4fa37f175a1b8ef78630af1522fa4f245fbb745cc9ec13263b622ebfd3dc4d9999136dc68fd7e1a89925be4fe06c566e1cd665bd09cddf854449ee0b865d353d1838150a955e6c5d48aceb2700985609d09231a91f84764bbba32449caadb99e766199a3faaa1e3a48588023751eb16d28b9db76feac56790189c5243d9c322c642ac3842e7e4a8b937fe814c4580ddadb3597cf41bdbda46824fdec9919151aa47c405f18e45288cbe08b46ab295dd78752ea2142f5860778284635f3e270ef6ed7e98f94e5d293f1e9192399fbfdc3967d28e03dd54bcb8c7f63ff83add34c077b6573ce047dae7edc5fac27060acad914f79372759d3eddf8ad532c3a044d5d07317084227c327de1bad6a04448b956a2c9f272da97b6b998e15db2ac82d6a8245131643f1cc8e2b4ccf8a30ad0252832188d8f32962882b0c4ad5059cc594526c1db9221c6c2db288bea615a8f5aad790002a7dc4c56e8b6141a15da62f99d228b69851e31a73a8d397a25281ecf4586b3b5de01ca4acd29568eb44d05150633ade727cf00dce52bb13dfac1bf0ff82cd3e66094eae15cf930425c3159f9e47a102efb59d49f08eec3ec04cf6f8b697ea7bc3b7fd9c4c2e590c658b671299f6ab2ee523146df4500baccdcbd1e191c4133fbc72f2e8eb88748feb75d821f56a22c325c33aada02b92e561ee8f006c27d2f7b6793c6f708b84b2848c8bf3f34a24352fcd527e9852128b838634b7030eb4ecff9f22b44aecf55ffa5c983d81505e250ebe1385f2b24d242358df4299820fd3b3ba52ca0aebeb702f49991bffff370f1879137d7397e4b49b42598d93d666d82d1ae79a60240541f4ee496dffe2d915a1d35d4d38798cb371565fec1b4117e555598456c0a694d0d5672c2b8e3b24c438cc0aa64708c7836fa0bbb22eb6cf0b7b406544526d437379b30fed8480d366945cdf2338e472130dab23b298b162330b271a590422d378d99be6ee5ec0221a1665ab9211d420806e409239ae37ae1b19aa9aa47690a25f7690fe98344e0c5627a12bbc10da09b0d57c5375d55ee726def19d712feffa6c86f3402958303dd485fb91b92d794fef752a5a047921ec3854883dca011cb571b9aa853b948197be3b4cb851c2dc7f3effba28c1a553de5202537adc4de8f2456f009dafca5fd93cc3fb954ab7c0e6bde09ff636ad4f786e36625cf15d0e6d17783b972f6e16ed7f1a44de0f788bd16f463979eed81c81f0434b5eb8d6b68f57ee3973ba6e60642e39472612821d662f1172798eaeafc40dc7523e82c15353ac88fc7640149ad4782d87bc92f6db2bf98922a8bac51480fdd469124dbe9a262360a3cabd84c177fa84fe419df1d7ca85db6b88db36ca0b8ffa331a5874a73d1bc53e91e2acd916108809a8690731a481fb8281ee2af17c626f665f317bb3de3f73fb1be1cd7661c6dc7c4b9e000c1ecaa98dfc06c132bc018c8387ede77685a56aec4cf3fb2450c16b68e6321a0cb9733d9b8c26ffa7b154212e3593da476c6aa4c7dc2e3bc82704253cf11af7e0ce5433ee00f9d79d578fb5f06b05c63c737b3a7c93f970d174a83b88d0e5536f89f09dbcf29a2e1303ed0e4cf918ec7ddbdbcbee76fb3f364180be56d1417b23eab2b0cd8c1d3c6e4427e89c1120fe6d8d9568aa9e797de5bedc76dadfa21aa607eeeee28a1a267b62f19305121cc70c2d10d7c290989d9e3a32c131a64ab73b5d9779b08fe60e9cb6cd541955124496a89ffcf79717165b9e345bf4d951514c3a9ccc80f0c0a96be48160fd5dfad65aa52e350b70167efe6810bf3e999815edc6ebda97ada4a32fb96cfdf6c55fb0e384f856806c5ac6e34cd267282599b217f6f3e60d25eb2ba93f7a7bf61d6cc2cc5c20142c33c0650c0dd8f54cda566de3f831e7084db18d22eef605c2be210ae24d55577417593a1561dd7b57b9988f162bf8a594711d1b6d09c9207952d1f208d1439b22f8871bc5d13f29c6aecbf56baccb85f4b02c5f1d9853d439332f2a6d6959b34e7d466d059b08137dd6c8e1e52b7e355ed14bb8e653e53ed3dc2ca087cd801a8611e83113ea7d3661048a98987b735a51a168b51f9e7d8e2ffa8cf146834bd0ed7afe4672cae0148a2bd72fbab5ba02668635c6ea6965868a87aab4a4e8c39942d1055b7de402192d8054d5f2443e40ddb6352affec4c89d18c48224c01378fa55532761b2a4e5b3f94c7278b695063ef6b9324d27337058170aa40ff23cc2287ffc2c441c9b774246f24ae774e57b2a61a5eb1e17e6d4f448e460a4c137c3cf2ea0b27eee9cb725150ce2d19acf6d3438ad89be616fe50f335911f04bb96d4e2887c317c3e753206ab7ceebb8c1edf2749f83edd19f26d6f5a890351c651936212ebe47621bd90d5542b1ff8b1ad47c44844e3b48551088e83ad05655055eac948521d2d8e9f7e1fb92f9c3a786b4d0d10400b34f0e8ca3f89f0f874643751d14ce09ef6a05cd46f6165a0ebf944095cfaa75c9a9aa38c35ab2a44bd402e64a0d0042b75b6d030662c9240cc93d7a6235cf770be7f77172b3a475103132bf0d17653d36522bd7e201c33738fe37ae81f8b63df2ce88e57a041d95dd01b5657fb0681feb306cf3bdee2d1e68b9be04d2348993ea8d33aa4c21f357f4395735332bc894d19f23dabe8dca433d127fe13eaa79d3ae14be7b237a111a1b21203873fae51cbd8b88e26869cf7b90608a193faddb41570e6aa7b5f737e494adba04b02e7aef44cb60f4f37b5c86d0b93ad59d113901ed37c27804ef65f1d5d5e19215f2d826a559200a8b22702b3215df5ea6bd663bf26f6bf08d0f1bb387d7e138e35943c05dc742aaf690b8f5ca54ffa2c01fdabfe275a8486178e9bd31a35bc92869367bcf792be21530e9d0f602b757d35ec88fa7f6af5b40c92dd2a1e4cae5dc80b9e0b6b3bb5e81bb5d2efcc767d7da24a2b7361e2b0dd78bd0d7a06cbb468631dd1d69a1d0d0883877184139a2dccde20cd6c58289d59b3799786cf4f35231e38941712aaec583516f527b381e6511967e78939668c0f28310ee03508b793691d1da8552fa72746fed89d1b0275f2f2d2c3243f0fce0fa720edf6dcd23b2983bd91f5ef286aceda7411e587929e465561a98062a9f553dd7dc0048077c0a043ec4b8ef8aeee78d11d2378ca54216cac27b9688143f303de5336177eb822e862d817efed9c38c5b45dd066c48c4d4ac82dd3092fded18a09e20ee112f6d35c4efde2221fe4eb59da329e8494b77d80eacb771c42489b4ca50003f26fb6164ec58809b6790ed9056d3c2f07a27999bb6e0816d30c53f5e5721cbe5743f3c84eba92e92213bec7103eee6df9735ad501631a6a6c714d9932a3adcc2ed431fece9cd25c43133858f38645ca541a96f5588015a9529699c217928c67f83adf82b7c76d3b4cbbe6e4ac1b5bb48ec3bff0c72eccec4a90e3875779205ca8b8715a60f974c1862b0e4b9cf279076982cd2f5e722cfc3ac919dd3cee0ff3657b0af5c0f2eebec3829045ee2071b1a13c8e8bab47d1172ccae0612629f2ced58adddb610afde382210f6a79a0d60c4c10105c1db616fd88d69817883922972b4264c7503277121fbf2f2e193fd25f0a74c040b46fef0cc59e47653a50394ffbe2add8ccae6d35ccae42f15d63a7b3354055a07225394720ad3807b9f718749c75b5f7cf5faa0df34727036ef0f16953973e1fda3c6691107c9844deaecac1882f2fed5ba4cac7620f2f7efc3140bd2c5a59bf34bb25cccbbe18ec6586537fd8a0c8e4bd641e11149e4c71edcd756c346ea84d2501f2d0ad2f6cc45d6928d5bb5a882863d4f0a386579dec0adeeaa46042d63e3891c6d119aeb857ff1689ffd6b8b7e03d8716440ee5a5621253e327b6e7616c0f38da77e82a0e9f6e1f3f51f6a9e421e4c855897c5c7207b824f28fd9e7f0d0de33ce122291ef1f019a8ecce91e4b49efdb481cdcb14166e20c5b082ecdd0ab2cc1dbf784c9b482fb970fe6ef8245608490bb6e05648cc0464783a21a50040a84f457c5b7109156dfa099cf31fd733e034a4d1934cce5fdbc07d77f3928c300cffd32a33dc228a10d410fd28c4a6a9a6ec82e88a0f557f21f013d5f563f9ca0c8272be719baaa7c13fc45331ce2709874bcb4ec45da871e49a1b56b12523a8452c57ae11d689431e3fa8bccb02836f707c7eb14e45be68d034bc71249063f898b7e4f6d14d3f0d09fb8ab19889231a4db1aee19f45207bbee44e0ee1a6dbe0070433078da98b7bd049ecbdb62966a29237c741723df0ebabac9c3ce25a6aabb40b1b4901a5fd3c970d8719b485b3261ca4305543d20dd8c018aa1f85fa63d99bc1cc782d5f69e7e54f20fb08329b3a1ae1b70af8a150f92b37d48a1136e0df0a855a7e838f5d5b2ea3906593ce83b750572e7e9e6c68b1af7a5bcd5df424980f42a47c5ffcce46e36ee9ef2c1adf02333370f52626ce031e0dfa00a574c9b1f0a4dd4e426f86a924248513941f418695f256cf8955cabf7dfcbbf7a837282f2cdae03e5897dd24115621651e0d85a09d3fcd36e38446bf322e553ef53fe4811337e58fb918ca0b52bde0d4f3178f39b3e5635b17c4442fd01d065c773d251665000d7a9c80d3e7d4241b4b98ed3527b748e644507171a958a7a0af04a1ae39f2b264d114690936c23d39f7f28addf0e9041653af7a84beea86b8ce1ee1e996af391142ef2f588cc929b8a88b107967b20c250d6788b68a0c23829b6a7e495c2da889358d998b47da1e2cf3f5b079ff2c90def2434aafd8dd7ecc8e0313db909b8d3850a8bd5e58cb5867295f41a8c396c4c3714873133c67a81f6bdb092591ce51f3e841c26efebc8f0b68f9cacbd1fafb5abda58b3b8a0d9c5fa6b89560e9d6db6fb140936b37ba8798ae177f6b0964d0ac738b27f7b9e48fce15f8aa3d919f716a0013060f5793422b7d039be98a6d951f709f0e97ebfb6693d538ede29bbc25a3d4f6c16b056f9571372b9e47ac62314ed2d745f2b881f07acc71bc957a530ef7f81bd9b4"})
socket$inet_udplite(0x2, 0x2, 0x88)
socket(0x1, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000001100)=@newqdisc={0x50, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xffff}, {0xa, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x24, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x4}, @TCA_FQ_BUCKETS_LOG={0x8, 0x8, 0x14}, @TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x9}, @TCA_FQ_FLOW_PLIMIT={0x8, 0x2, 0x1}]}}]}, 0x50}}, 0x0)
r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb08000300"], 0x2c}}, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r8, @ANYBLOB="ff830500000700ffffff", @ANYRES32=r0], 0x4}}, 0x0)
sendfile(r4, r3, 0x0, 0x100000002)

26.075087988s ago: executing program 2:
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x5, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000), 0x48) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vxcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000000)={0x1d, r2, 0x0, {}, 0xfe}, 0x18) (async, rerun: 32)
sendmsg$can_j1939(r1, &(0x7f0000005cc0)={&(0x7f00000009c0), 0x18, &(0x7f0000000d40)={&(0x7f0000004cc0)="0ddceb6a8ee63590325b46f2e04295621cfc5a4f8ee8fb24b27d1153389daaead8b1e623db192c792fd78a394874c019f8c3b110f1c9b70803749e629d2f4c4a7078e209e0113f32aefa91c65c88c072adc25dc2f4c262cd4835d777c05f6a7c2c38453a8ffa09660dd7b25a35a1008d67af807eda553a1361303a39d05d13cf11f2678b4e158db0dac90a63c7fa78c6434359caa4fe2ca96c57d2e2950ed8cc631e9fe94535a861140550c91a194747a29102d7d7523a76280f00a6734f3996759f774188cb7a826ac7f15917f6bc483b6ed07e047978796966c430b908172f668780e81d3575c21ad1a6f81cc5ceefcdeaa0c91e77d4f72b83d3ce3fdcbff0a0e1f4a97ed676346b1ffcfb1a9aa63026ddf6325da89c22b92169eb0331901f94c7dde58aab112312da739a22e6cc978f8667eda56d03778bbd58a302a02611d1a33836d73e1241dd4ede7991feac00fe64025f41991a502dbc28f175eaf6e9ddfed661b41873f064ee17a8b2cdc879d129587d2b636ebd2779fb25b7c7797d99f0e9059201d7286e9e8ab51c223c5cbf9c68882e3064558bc4315d26f44e6e8c5a764f9ef3c3556dc5678f42938205a68e271f78af91e89fb2e9d486640114663b839c05ca8a29620b4125e98213cd346c2472a1df75e1dd032eb856132b73c4d68ad4dc06c340e03ea75d077fed6f2e41a616c9d9ecedf46204537a35bedf2978d5812c469e07443f7ecedc3697084f98019ccb9d9fbd6a034ee45753838380aa39fe143b2dd49a32052fd399c0b34742bac7af796e3e021b6343e7b612b9c6922635a4f582c0589dfa339923e7146016d8d654e087e2f7bb19a3c74942baddeace9046772a4dab73ae09340b4c12e5384e644aaf3c266d75414f465db8a02bb84c349757dc9e95b2b2439a78e172404a01dbce4909db9c0d0027e5686cacd5a1a649996d6213501c8a8ee5e666fb31e91c6b1100c00c8b453d28efac0fae3eecc8b71a81169ebf510c1f7587f268c3e7b95df23fdeec599c441282fc5125c09bf872872f8f50abe866f5b3cfd96eb61da12fd208b02f98b2213d6cdf4c518dce2beb4c713b00f3452b1f6dc27c60712b50add466bcc61745e6f11e16cd0da8c6d98967462009845b5d65da139bbef151283d778cb5973a5f63bf37ebc9263ac82ad7fc253c8910a8147f08b5a5e0a4675b44ad78ecad432c6c3910581387f654bf56accb14f202f4b7343d6d796898d31c2c39e299e46e145eb23ac52ae1d9c31ed9105cd34f00e110633612f4472793a5f2a19bce685bed55b5e4c08ab2167981d919e18be7297a87922592696a11d700e7e3b4bd8fd0790e0078dbcf44f9074bd08385f125faa2eeeff5b726e0d8966af31b883f3d18ba76c4e6ef058c59adec4c5fca684c8ae4526134be5811c2292426a3ec841b15dc458ce9013d65c92d6c3f22965d1ef5ff4263d0eee5f2dfb5eda39add59dab3dd1ab2846ed6e39bf4c855785e8f1fd1586acf7332e3027acc387b68dd27fd0cb314b378068660957c2605443acd96d6e2bc6a3f255bf868e0dff3b1e91231eb15fc8fb4c695ce5879e9878b4b8031edc2fa4870a8616220f8f08bf44b887ff650d80e87c1f0fa12d1d2316767b634167444324cfb787123948acd527e9ad56a6424f71a49ccbbda4dc94ae7245b27055521efd8cbd5eac9ee4fd6b9a0c383a3431d4edb684c4655e068465e0d0269027f82420bc5eeb57c476c9580bfac5e9a3cf2344dad57519824cb014af827d4f0cbfe113cc86145d75b88bb9669a5045a8b0b38c9a06b2eb26872be930500d4379f6a2a7250fd6e4fe6987e40e3a3e96332273110df9d23dea86d0725b17b182bbffc903a77d799cb5552ba95564ae9bb166aecccc557a39e723fc0aaf82dd2e672a9c88252753d7d36abf90df46a6549f71f28498b77e9c793cb2b65ecea067717356a51312706f9a927bdee47119876d4b3195e3eb50a28fa8158d114550dda53b5b321237fe24b3b0f49be1dfef19379337c1d1521b23a4e6c87f28f07aa7e7ee32dacbf297023359276c3d4d29f53718f3148eb53cc3f8845fca1ce93c5775a775bbb55d0e41a710ca229f8f1707e6131bd0735a6c8789a207cf2540eac3faaa0284742f57fe53e166c9c196082c24680e2d2c77a77be5934a19d2151cf7ee11d31ca320b7c05b35055725194d04d45a0e3064294f7769ab71b0431089d8b52221de936c075ba489b889064ee94d3a283e37f3f033146b7a2b185fda3d5cd0e779eab24d61accc299e2ac2f1343ae2cff92c9bfb83e6bea76ce906b1360658c5bf0172f7e569eb4376608bec69de391cab9d92715c3fbc2fe9f1c7d66e2f0e0a4274b424030d66176ea35f81261c1ef072eb9a883155e724054848bb4d5d44fe372a2790e8a9219411d7105c1f3c07b0d98f3428e82ea0cbd1dc14405bf614eba00d9a94e73c42f133a482a4d8a155068ff1cab4fe3b6eca3740ae02c08e5c2937db880a7ca5c036773fb8c2a791164a2ba7214fecfccae89fe90f84065d8e33559aea7b143660e2fee4260a5f4129b2ff8991679605d6efaae6274ba974fd088aba8f4f7103ee23037dbb090a3da7e876fcb41885999854ae680b739df5fd1b3c0abe184db8ccf73381b2a01fd60d946413f165289823f802ce7ad044be3195672e3c72e07240368b6b2335477928cbe6bd0b4525dfe0cbc5d1784d7f25ddf210530b0c0e0184d7d94f5676722f95bcc70eda3e6dfa3162121e363caf8d46ab789802fe6004c096b4e49eff1fdcdf4782dfe1962d61e5e44a60a5b0b380bf5e55fca1b48882b11caab64d2dc7c941567183e8fb3776e4688e54f9d3828ddcb038a229c8d9b1fc536619208d2bf82183fb193da32e218c88a5a030337a8f8f4914e7a9b8421055e254dd2629894d768147d440173f0ccac0bd1bcd6261c4f8af6ea4d6afb93d26a1024a754e538f8818d90e14fbc70ab5f5f228bea5dd04e7aa7ceb1c0c06d98b0f1e700e03afb25e0b4858726594334c171115a6cf980de7d0b10744b93583cd294f37d7c7d519183fc5db477bea4a2db1f6ce8bbd0e0c9b4aaa7a2902a0da59a944cc10618aa94e1c3a14434e10798bbff0291993c343071fa7895c3bdb2a13cf8ce50f7a67924d3fd8149396d51eac2d7fbb95c4f568928e48f5c7c6f018b55c44d65d0f9efc9d6aebf86dfde444a2ab1e628cbb5cd5c383cb35b7fbf8ad8e430bedd61fff917e4f9bd33a6b1ec0d5f19bbec46dea70f668be12aa264c4fb5ae6fb5fc4f7f724068d8591081d6f2ec27be692d822f9e29168ee2793753820e0e753fb0a603c6cb88912969d4db18075de1a04d45ccbfb8cfe45108919197312d35bafb5646e34f03519e2af908c1c22ae82e0414612de5a39622d396ac05264afb371ff610c1b0e76a427edabf1c73781f7683814cd221a2fa452ac88fd87d213fa1d785eab5f512475e82aeac492f0801504fbe5787c48a16e82c9106ed70cf31a2c93969c0e77b33a8fe84c40f22169e07b544289927b46e048774092555379892e0ed3e1e34794b443afd96e0d47b2dcd23cc256cfebdbdf6f47c0f792c7bea64e90eeaf2929a92956415e62a0f9051421a85ad363ce6e7aec1aa6fef578ad62aade43ab9b879489fa8c7883234001f0576bfc02ec0a6557a0d9904881f86de0b96f54b60e4aaaa67ddb0ae37ea8c536f034323e076f43acaf24396c76b6d67023d794dfe43a3d921f436b32e2fe6dd65ee65e5c62c63fafb467d195eb416f81e578d51d7af3d87e64a129366c5d356b8a981bb09612f9c40f22807e5bd85b294b4e710d4eafaa11f30f1d335de7f59ee57a48ad25061fd635a898837484d781f53ef60b5831cd2994db0d452f481d4d872613751a19872785224189138615e75df8a6d40d8fd9fb58061ce36d74c06245ffee9d968def36456ebc7f08a19474e2eae75738928c1f14514f59b291c950408ac41e2023a13fed14f4ff9f99c7560bc8217ea76150b7b35a6b91c1cd7367bffa34cdd47f17f0066a8d03d9e78d66c1515ac6d89bc9ec377e1ddb7332df96ac6e3cb0ef4bfd05263c65e2c8af66a297f02d4a22012d7752601046cc9072c3b6027ea3456f1c67348407678cc8facc9a55de8363f04cd0b8d2d7ff58672801590772b8afe2e1ff11d9d94a1653b03176ead48868202590615dd301f339f360fda8196c994df5bb9a0d2891463042a45449e87d9e5a1f0286c635b4a52307b8c23c51d5659193fb63ff9b5fa9defc8f4de8322f8490beae14301408c1957d7d1f72c6c8ee3c332ba7e004a4b6816fdddaa3aa4deebb02d76130324f6f89b6986fc862649fda000fe925bf2665a6acf6e3d627d295d35e30273a55e621097a43ab4e52b4faee42982ff4ecc1e53b57a27592db171568345ba0dfd89a4b8bc360a383a82ab1b37b3933f776b0a231d92e269a1d66da98755447849f06dccec3884bf1c49118917b1a91f95f06bf7af31ca1faad192bd9f917f4ad072ba78db952389758cb8dc847ecaa491b59f8c547e170adbe80025a895eda1cbd57f3dc8aa165a828dbf8acccd4b59bca4ab7caaa17379187fda7d7e015fe063f0a8fb307a08bb2a54b44dd0ad46a585c21f614a4ec30975accc83e0ff89c8c3508bcdf4a86276898c9417d54cdd195af6fe01cbec9cc917f1578994d273ac414618cab1f55572351cf540e923880f9b3a7d4470aacd766d3bb956d0395eaf66aee6f82f3331cf74c41eb1dfbe35368c4686c37f0d73b52225f43d3e99a9f4cd75a36a59d9ca1643072a5049f7ac95d5fe13cdf00a64a8bdbe0bc3ed3908a835128416c8119b8ebb93e8a7cd763683b843fa0a424ce516d706cf269492e74fd8b20d333e1b216d5c7819942caff8181b0e01235f47aa3935d306757b47f6bc8248e8cd85cf350ad5eadcc0060af9b40fe8507597f219193f24bdc25231e35c6e196da298d6019b535cd6dc43f1499066dccd38a80a1f66a35093b90aec2a74157b4881f16fdf4a24f09afaa3d20d276d74c5c6d10", 0x6fffff9}}, 0x0) (rerun: 32)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r5=>0x0})
connect$can_j1939(r1, &(0x7f0000000300)={0x1d, r5, 0x0, {0x0, 0xf0}}, 0x18) (async, rerun: 64)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0) (async, rerun: 64)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x2, 0x8, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000002000000000000000002000018120000", @ANYRESOCT=r0, @ANYRESHEX=r3], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

14.191064708s ago: executing program 1:
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
sendmmsg(r0, &(0x7f00000001c0)=[{{0x0, 0x4, 0x0}}], 0x1, 0x0)

14.161144868s ago: executing program 1:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x64, 0x2, 0x6, 0x101, 0x0, 0x0, {0xa}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_MARKMASK={0x8}, @IPSET_ATTR_CADT_FLAGS={0x8}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x4004040}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000400)=@newqdisc={0x154, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x124, 0x2, [@TCA_CHOKE_MAX_P={0x8}, @TCA_CHOKE_STAB={0x104, 0x2, "29da2d3db47788403cce3c24667acfa0a7bb473baf0e6d8e72920c784843c8343b1b6c8084c956b51fb78aaff404814ac5a9ec07e0c1d984e0d2b6ca21cce48f8043df6d28fd53d72d4ef21cdc3d8b595abe72c79fc426b52fc76b597db54c7515fa4eacf0f327176c3dfdb67766ad86e44fe5444451062e46d774e91564706e8a2333878d2cf8aed5fe3b71acee268aea7cf1652a2d3d2bf5d25e8451f5b527d4ae6708e03dc2dd3896ddf226d90350efa20e9cdfb5f53deb6cf64465f31f3a25d1ba754a61ca4a2c6faaad5b7979403aeb066512c85e5bb8a30230227b75de12bacbd30bb27e7e42c1710d92c086d0e101a17936a9d3b15c1611510511ff91"}, @TCA_CHOKE_PARMS={0xfffffffffffffe83}]}}]}, 0x154}}, 0x0)

14.126703528s ago: executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000280)={'#! ', './file0'}, 0xb)
r1 = socket$inet6(0x10, 0x80002, 0x4)
sendto$inet6(r1, &(0x7f0000000140)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323456536005ad94a461cdbfee9bdb9423523598451d1ec0cffc8792cd8000080", 0x4c, 0x0, 0x0, 0x0)
setsockopt$MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000380)={{0xa, 0x4e24, 0x0, @local, 0x8001}, {0xa, 0x4e23, 0x1, @dev={0xfe, 0x80, '\x00', 0x43}, 0x8000}, 0x7, {[0x1, 0x0, 0x81, 0x4, 0x1, 0xed, 0xfffffd47, 0x80000000]}}, 0x5c)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'erspan0\x00', <r3=>0x0})
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000040)=0x200, 0x4)
sendto$packet(r2, &(0x7f00000000c0)="3f050e002be6120306001e0089e9aaa911d7c2290f0086dd1327c9167c64114a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe94f, 0x0, &(0x7f0000000540)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x54}}, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001280)=ANY=[@ANYBLOB], 0x34}}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000500), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000180)={@link_local={0xb}, @dev, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x40, 0x3a, 0x1, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x508, {0x0, 0x6, "800500", 0x0, 0x0, 0x0, @private1, @private1, [@hopopts={0x3a}, @routing]}}}}}}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000130000000000000000000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000010"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001030000000000000000fc0100000000000000000000000000003ed300000000000000000000000000000000000000000000020010"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="8801000014"], 0x188}}, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r5}}}, &(0x7f00000000c0)='GPL\x00', 0x5, 0x1000, &(0x7f0000000e80)=""/4096}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x4, &(0x7f0000000500)=@framed={{}, [@kfunc]}, &(0x7f0000000000)='GPL\x00', 0xa, 0xde, &(0x7f0000000180)=""/222}, 0x90)

14.074703738s ago: executing program 1:
socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={0x1, 0x58, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@deltfilter={0x2c, 0x2d, 0x800, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x5, 0x8}, {0xffff, 0x4}, {0xffff, 0xd}}, [@TCA_CHAIN={0x8, 0xb, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
close(r3)
socket(0x10, 0x2, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r0, 0x0, r3, 0x0, 0x4ffe6, 0x0)

13.195983272s ago: executing program 1:
socket$inet6(0xa, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f00000001c0)={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x0, @local}, 0x0, {0x2, 0x0, @broadcast}, 'netdevsim0\x00'})
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x1d, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
unshare(0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00d, 0x0, 0x0, 0x0, 0x0}, 0x50)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c070000", @ANYRES16=r1, @ANYBLOB="010700000000000000002000000008000300", @ANYRES32=r2], 0x1c}}, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)

12.995094794s ago: executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r1=>0x0})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_freezer_state(r2, &(0x7f00000000c0), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$cgroup_procs(r2, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f0000000180), 0x12)
socket$inet6(0xa, 0x2, 0x80)
write$cgroup_freezer_state(r3, &(0x7f0000000400)='FROZEN\x00', 0x7)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1, 0x9, 0xea, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r1, 0xffffffffffffffff, 0x200}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x15, 0x5, &(0x7f0000000400)=@framed={{}, [@map_fd={0x18, 0x0, 0x1, 0x0, r5}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.464253604s ago: executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000700)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000020000001d0000000c0006"], 0x44}}, 0x0)

1.379136946s ago: executing program 0:
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x7, [@var={0x4, 0x0, 0x0, 0xe, 0x3}, @func_proto={0x0, 0x0, 0x0, 0xd, 0x4}, @ptr={0x0, 0x0, 0x0, 0x10, 0x8}, @volatile={0x0, 0x0, 0x0, 0x9, 0x3}]}, {0x0, [0x0, 0x0, 0x0, 0x61, 0x4e]}}, 0x0, 0x53}, 0x20)
socket$unix(0x1, 0x0, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'erspan0\x00', &(0x7f0000000140)={'syztnl1\x00', 0x0, 0x700, 0x80, 0x401, 0x3bd9, {{0x1b, 0x4, 0x0, 0x37, 0x6c, 0x67, 0x0, 0x1, 0x2f, 0x0, @loopback, @multicast2, {[@rr={0x7, 0x7, 0x1, [@local]}, @timestamp={0x44, 0x24, 0x7d, 0x0, 0x6, [0x9, 0x1, 0x3ff, 0x1d, 0x1, 0x3e, 0x80, 0xfffffffc]}, @timestamp_addr={0x44, 0x2c, 0xa4, 0x1, 0x7, [{@local, 0x22}, {@dev={0xac, 0x14, 0x14, 0x3f}, 0x5}, {@loopback, 0x3}, {@remote, 0x6f82}, {@broadcast, 0x7f}]}]}}}}})
socket$unix(0x1, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x5, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r2 = socket(0x11, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000300)=0x16, 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r4=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r2, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="02011400012918000e3580009f0001140000002f0600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0aba61f6304000000ffffca88faca"], 0xdd12}], 0x1}, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000140), 0xfcb8)
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY(r5, 0x0, 0x1, &(0x7f0000000040)=0x1, 0x4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r6, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x35, 0x0, "317f83735b4bb1eadc74dde27798c831eec04c24eeec7ff3d3137a508003d2d5c89ab0220cefebd4687636457b9822766c1bfea4e01ff23c6a4caeaf049a572a9774d3b882eb3b4a66c5ec48c29f065d"}, 0xd8)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{0x303}, '\x00', "5171bb672965593497418688ac68cb126474cd3660dab9e2086e246728d7a040", "05e2e505", "12000700"}, 0x38)
setsockopt$inet6_tcp_int(r6, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
connect$inet6(r6, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000180), 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r7, 0x0)
unshare(0x24020400)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0x40305829, &(0x7f0000000000)={0x17c04, 0xffffffffffffffff, 0x80, 0x100000001, 0x0, 0xaad5})
close(r0)

1.186324129s ago: executing program 3:
connect$inet6(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64)
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) (async, rerun: 64)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) (async)
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, 0x0, 0x0) (async, rerun: 64)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(0xffffffffffffffff, 0x0, 0x20004061) (rerun: 64)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
writev(0xffffffffffffffff, 0x0, 0x0) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$igmp6(0xa, 0x3, 0x2)
getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000740)={{{@in6=@initdev, @in=@multicast1}}, {{@in=@multicast2}, 0x0, @in6=@initdev}}, 0x0) (async)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x20000044)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket$unix(0x1, 0x2, 0x0) (async)
socket$unix(0x1, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0) (async, rerun: 32)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f000000b500), 0xffffffffffffffff) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f000000d040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x20, r4, 0x8de13c6b70ae92c3, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x4}]}, 0x20}}, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="380000000a0603000000240000000000000000000900020073797a31000000000500010007000000100007800c000180"], 0x38}}, 0x0)

1.142901697s ago: executing program 3:
socket$nl_generic(0x10, 0x3, 0x10)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r0, &(0x7f0000514ff4), 0xc)
getpeername(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1c, 0x0, &(0x7f0000000b80)="e0b9547ed387dbe9abc89b6f5becda21cc10dbf39e5dadca038fd03a", 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
r1 = socket$netlink(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90224fc60", 0x8c0}], 0x1, 0x0, 0x0, 0x10}, 0x0)
setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000980)=0x200f4ad, 0x4)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000028001280090001007665746800000000180002801400010000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000004a0921fc7b21a134b9c6748d13cc7a4ba18fbed33353add3e2a10ad5eb0fa18d81000a1377e705e055156d6e57db60404e04374893771b662023b206729df33e03598b043c258123f1efe2b75ce8fd77f08bbb4c1ed1eea4b97270aa82b5b1"], 0xfde7}}, 0x0)
socket$unix(0x1, 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000100))
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000500)={0x34, 0x4, 0x6, 0x201, 0x0, 0x0, {0x1}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x6}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x34}}, 0x0)

1.081040099s ago: executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000001e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_HASH_SREG={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_HASH_MODULUS={0x8}, @NFTA_HASH_LEN={0x8, 0x3, 0x1, 0x0, 0xf2}, @NFTA_HASH_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_ro(r1, &(0x7f0000000080)='rdma.current\x00', 0x275a, 0x0)
read(r2, 0x0, 0x0)
r3 = accept4$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @local}, &(0x7f0000000140)=0x1c, 0x0)
bind$inet6(r3, &(0x7f0000000180)={0xa, 0x4e20, 0x9, @loopback, 0x1}, 0x1c)

1.030716035s ago: executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
write$cgroup_int(r0, &(0x7f0000000200), 0x12)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(r2, 0x28, 0x6, &(0x7f0000000080)={0x0, 0xea60}, 0x10)
connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @host}, 0x10)
connect$vsock_stream(r2, &(0x7f0000000000), 0x10)
connect$vsock_stream(r2, 0x0, 0x0)
connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @host}, 0x10)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
pipe(0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0xfdef)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x60, r3, 0x20, 0x70bd28, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x80000001}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x1c33cc33}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000000}, 0x40)
write$binfmt_script(r1, &(0x7f0000000240)={'#! ', './file0'}, 0xb)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)

963.841087ms ago: executing program 3:
syz_emit_ethernet(0x32, &(0x7f0000000000)={@random="34a5e153f6a7", @broadcast, @val, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x0, @local, @empty, @multicast, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8922, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000006c4fffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000800)={'geneve0\x00', <r5=>0x0})
r6 = socket(0x3a, 0x3, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, r7, 0x4, 0x7ff, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x1, 0x58}}}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x480c0}, 0x40010)
r8 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_opts(r8, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r8, 0x1, 0x19, &(0x7f00000000c0)='vlan0\x00', 0x10)
sendto$inet(r8, 0x0, 0x0, 0x0, &(0x7f0000e68000)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
sendto$packet(r6, &(0x7f0000000000)="1412e0c84935a9738e0ff2f788a8", 0x12, 0x0, &(0x7f00000007c0)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @broadcast}, 0x14)
ioctl$sock_FIOGETOWN(r6, 0x8903, &(0x7f00000003c0))
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r9, &(0x7f0000000140)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r10 = socket$inet6(0xa, 0x2, 0x3a)
bind$inet6(r6, &(0x7f0000000480)={0xa, 0x4e20, 0x4b, @private2, 0x3}, 0x1c)
connect$inet6(r10, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x2}, 0x1c)
sendto$inet6(r10, &(0x7f0000000100)="80000fdc2208a1ce", 0x8, 0x0, 0x0, 0x0)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r11, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x5, 0x0, 0x0, {0x3}}, @NFT_MSG_NEWCHAIN={0x6c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_COUNTERS={0x4c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0xcc}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0xfffffffffffffbff}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0xe5}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x9}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x80000000}]}]}, @NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xd0}}, 0x0)

485.446194ms ago: executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000900)=@newsa={0x138, 0x10, 0x1, 0x0, 0x0, {{@in6=@mcast2, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@remote, 0x0, 0x6c}, @in=@loopback, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'lzs\x00'}}}]}, 0x138}}, 0x0) (async)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
ioctl$SIOCAX25ADDUID(r1, 0x89e0, &(0x7f0000000240)={0x3, @bcast={0xa2, 0xa6, 0xa8, 0x40, 0x40, 0x2}, 0xee00})

437.303602ms ago: executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x14, &(0x7f0000000040)=0xfdfffdfd, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000440)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x19, &(0x7f0000000180)=0x40000000, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xb, &(0x7f0000000080)=@framed={{}, [@printk={@lli, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x2d}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5a}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x70)
sendmsg$rds(r1, &(0x7f0000000f40)={&(0x7f0000000080)={0x2, 0x0, @dev}, 0x10, 0x0, 0x0, &(0x7f0000000e40)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, 0x0}}], 0x48}, 0x0)
recvmmsg(r1, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/30, 0x1e}, 0xfffffffc}], 0x1, 0x12002, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
bind$unix(r3, &(0x7f00000000c0)=@abs={0x1}, 0x6e)
ioctl$int_in(r3, 0x5421, &(0x7f0000000000)=0xffffffffffffffff)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000001dc0)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000040)=[@op={0x18, 0x29, 0x4}], 0x18}], 0x1, 0x0)
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(r4, &(0x7f0000000180), 0x2ae, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
syz_emit_ethernet(0xb8, &(0x7f00000004c0)=ANY=[@ANYBLOB="93a56e60aa0caaaaaaaaaa3d0004aa01aea5ae0b88f75bd7b4a30e68fccf98851dd81418cee5bf4a51959f2dac016b490b9f7d6cb401e7da9ceb0c9fe99d894ca3c2ca0917da7ab2fe836b7743ae5d92b6ab4e926a622e9bf69bdc68f250e18c770cd9b080f1d889e59fb909dfdb90d80ab1e2562bdecd60eb780bdb6c573add6b3f668dc738bb36c0fc9d5cfee5e661887a2f3562abfe23c5fd00"/166], 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x26, 0x0, "8ddbb5062cfd03080000000000e4dc036d58b39fa8d54ee832040000bdfba71bc4b828c7de258b0172a1fc52bca0dd2a000000000000000000001600000000000000000000000000000000000000002c"}, 0xd8)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$inet_udplite(0x2, 0x2, 0x88)

336.085254ms ago: executing program 4:
socket$nl_generic(0x10, 0x3, 0x10)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r0, &(0x7f0000514ff4), 0xc)
getpeername(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x1c, 0x0, &(0x7f0000000b80)="e0b9547ed387dbe9abc89b6f5becda21cc10dbf39e5dadca038fd03a", 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
r1 = socket$netlink(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90224fc60", 0x8c0}], 0x1, 0x0, 0x0, 0x10}, 0x0)
setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000980)=0x200f4ad, 0x4)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000028001280090001007665746800000000180002801400010000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000004a0921fc7b21a134b9c6748d13cc7a4ba18fbed33353add3e2a10ad5eb0fa18d81000a1377e705e055156d6e57db60404e04374893771b662023b206729df33e03598b043c258123f1efe2b75ce8fd77f08bbb4c1ed1eea4b97270aa82b5b1"], 0xfde7}}, 0x0)
socket$unix(0x1, 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000100)={0xe017be05})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)

263.487696ms ago: executing program 0:
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x6, 0x4, &(0x7f0000000600)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x9e}]}, 0x0}, 0x90)
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000180), 0x2ae, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newlink={0x4c, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5000}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5, 0x9, 0x4}, @IFLA_IPTUN_LINK={0x8, 0x1, r3}]}}}, @IFLA_MTU={0x8, 0x4, 0x40000500}]}, 0x4c}}, 0x0)
r4 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}})
sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_DEL_DAEMON(r6, &(0x7f00000002c0)={0x0, 0x11, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000800000a0000000800050000000000080005000000000024000380080001"], 0x48}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r8=>0x0})
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000a00)=@newlink={0x2c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r8}, [@IFLA_AF_SPEC={0x4}, @IFLA_PROTO_DOWN={0x5}]}, 0x2c}}, 0x0)
r10 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x20)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000180)={0x1, <r11=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1b, 0x8, &(0x7f00000001c0)=@framed={{}, [@map_idx_val={0x18, 0xc, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, @ldst={0x3, 0x1, 0x0, 0x7, 0x5, 0xffffffffffffffff, 0x10}, @map_fd={0x18, 0x8, 0x1, 0x0, r11}]}, &(0x7f0000000000)='syzkaller\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r10, 0xc, &(0x7f00000000c0)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x22b}}, 0x0)
r12 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r12, &(0x7f0000000180), 0x229ffa1c4ce5369, 0x0)
syz_emit_ethernet(0x46, &(0x7f00000000c0)={@local, @random="7f0a00034011", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x3, 0x0, 0x12, 0x0, 0x2802, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, @loopback, @private}, "000088beffff0000"}}}}}, 0x0)

260.969905ms ago: executing program 4:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000002400)={{}, 0x0, 0x0, @inherit={0x70, &(0x7f0000000180)=ANY=[@ANYBLOB="000000000000000005000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000004"]}, @devid})
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r1, &(0x7f0000000040)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)
connect$802154_dgram(r1, &(0x7f0000000080)={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0302}}}, 0x14)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000200))
ioctl$sock_kcm_SIOCKCMUNATTACH(0xffffffffffffffff, 0x89e1, &(0x7f00000000c0))
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000003b0007010000000000000000027c00000400000014000180060006008847000004001c"], 0x2c}}, 0x0)
sendmsg$L2TP_CMD_SESSION_MODIFY(r2, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x14, 0x0, 0x300, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x4)
getsockopt$WPAN_WANTLQI(r0, 0x0, 0x3, 0x0, &(0x7f0000002e40))
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000006c4900000000000001000000bde00804f0402366c8000000040000009500000000ecff00"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='kfree\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x4, 0xd, &(0x7f0000000240)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x9b}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0x28, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000001e00)={'bond0\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv6_getnetconf={0x34, 0x52, 0x10, 0x70bd2a, 0x25dfdbfb, {}, [@NETCONFA_RP_FILTER={0x8, 0x3, 0x2}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0xffffff8d}, @IGNORE_ROUTES_WITH_LINKDOWN={0x8, 0x6, 0x693b}, @NETCONFA_RP_FILTER={0x8, 0x3, 0x81}]}, 0x34}}, 0x0)
r10 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r10, &(0x7f0000000140)={0x2, 0x0, @empty}, 0x10)
sendmsg$rds(r10, &(0x7f0000001780)={&(0x7f0000000500)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f00000001c0)=[@mask_fadd={0x58, 0x114, 0x8, {{}, &(0x7f00000000c0), 0x0}}], 0x58}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)=@delqdisc={0x4c, 0x25, 0x4, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r9, {0xffe4, 0xe}, {0x9, 0x1}, {0xe, 0xfff1}}, [@TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x3, 0x9, 0x8, 0x4, 0x0, 0x2, 0xa8f, 0x2}}, {0x8, 0x2, [0x2, 0x64e]}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4008850}, 0x40002)

157.822338ms ago: executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="b5008000", @ANYRES16=r1, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r3, @ANYRESHEX=r0], 0x54}}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_LEAVE_MESH(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x20, r4, 0x20, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x101, 0x52}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4048055}, 0x20000050)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000004c0)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xaf, 0xaf, 0x5, [@int={0x0, 0x0, 0x0, 0x1, 0x0, 0x3e, 0x0, 0x52, 0x4}, @datasec={0x8, 0x6, 0x0, 0xf, 0x3, [{0x5, 0x1, 0x6}, {0x3, 0x1, 0x80}, {0x2, 0x81, 0x660e}, {0x1, 0x5d, 0xa8}, {0x1, 0x20, 0xbc6e}, {0x2, 0x9, 0x400}], "a1dc87"}, @typedef={0x8, 0x0, 0x0, 0x8, 0x5}, @func={0xf, 0x0, 0x0, 0xc, 0x1}, @const={0x5, 0x0, 0x0, 0xa, 0x1}, @restrict={0x7, 0x0, 0x0, 0xb, 0x1}, @volatile={0x1, 0x0, 0x0, 0x9, 0x1}, @typedef={0x9, 0x0, 0x0, 0x8, 0x3}]}, {0x0, [0x2e, 0x61, 0x2e]}}, &(0x7f0000000440), 0xcd, 0x0, 0x0, 0x15961946}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x90)
r6 = socket$rds(0x15, 0x5, 0x0)
ioctl$BTRFS_IOC_INO_PATHS(r6, 0xc0389423, &(0x7f0000000280)={0x7e, 0x28, [0x1, 0x3ff, 0xffffffff, 0xa49], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0]})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=@framed={{0xffffffb7, 0x0, 0x0, 0x0, 0x0, 0x4e}, [@ldst={0x0, 0x0, 0x2}]}, &(0x7f0000003ff6)='GPL\x00', 0x4, 0xb579, &(0x7f000000cf3d)=""/195}, 0x23)
bind$rds(r6, &(0x7f00000000c0)={0xa}, 0x1c)

155.819727ms ago: executing program 0:
r0 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000f00)=ANY=[@ANYBLOB="00020201ffffff00"/24], 0x58)

92.211281ms ago: executing program 0:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000000)={0x81, 0x10000, 0xfffffffa, 0x9, <r1=>0x0}, &(0x7f0000000040)=0x10)
setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000080)={r1, 0x0, 0x9, 0x101}, 0x10)
syz_init_net_socket$ax25(0x3, 0x5, 0xcc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_PUBL_GET(r2, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000140)={0x160, r3, 0x2, 0x70bd25, 0x25dfdbfb, {}, [@TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xff}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8000}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfffff293}]}, @TIPC_NLA_BEARER={0xa0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5ce}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5b}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0xff, @rand_addr=' \x01\x00', 0x6}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x6, @mcast2, 0x31a766d7}}}}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x88}]}, @TIPC_NLA_NET={0x58, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xffff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x76c9c4c5}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x6}, @TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x81}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xffffffff}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x46}]}]}, 0x160}, 0x1, 0x0, 0x0, 0xc801}, 0x44014)
syz_80211_inject_frame(&(0x7f0000000340), &(0x7f0000000380)=@data_frame={@msdu=@type10={{0x0, 0x2, 0x7}, {0x1f}, @from_mac=@device_b, @broadcast, @device_b, {0xc, 0xa54}}, @a_msdu=[{@device_b, @device_a, 0x1000, "2e3d7cd25a8b61456cf7dfc82c4c1ad4cafb35e0e50ee2ef4e84dbd09e303ce7d2434672fcc129dd1caedd1d2259c44e9df37ce150cd619e874ce3962dcc6b3d6bc8cf9ba9f493e3da561715adbef6abc9ee9d3d521df3598059f0007b27e69feba5560f25e717e7c5a95fd4de7f25708ae4892d75404f77f07c40a4309890f09489995b0155ebd1a1fa143540b2da38eb180f0a14b3586865478c5fa790f1407b05a7e1d3e46d854cf50dfde98b84c802b33c648b83ce59e0259c2d326b323b83931b1226a54b2ef27b1de73e3a688170dc76b8e19a846cae23d6418b0df8a92e212cc7a430233b9a3d3d906adc465e1f5c8e81c67a614e749c866fb92fdbaa6af2c12a75abb0b5fb178cb60183947d64b6f81635ac404e250abbfdbc2cbf04ec9e400b9910979c47cdba4c5da0a357898062821016b8fa9113e8d90681759720875fc36ed84da5229ea2cd48afe0e5bdb4abba204ed23e829480448d8d0ee24994cc823fb60e12325790f4e212025ca489b468f37b3a9cc8756eea51fcece3e685ef9fd8ce9c5c1c0986465a467df5471dffc5f7ff3e6dce4d56bae26b6d39ed05c82d990877af0ace378b6e795255fae2af9a6ede23039785230eebc3d4bfe8765063c8fa6c3ecd845d872d1b6236a0b71bb1a2d6fa0902a05bf016f42e26b87aec968c0944778e74a8c2b479f4f4644d662d6183a7f09a2012b97aeec121fb994b0e345ed9c329a718b58bb415e108307fcbe9b208642c8ccb73add3b3b1bc504dc54f3c29432e3d788441af818bf2e5f4d664f9a7d0deaf3775c0b938d9fce5e5971b971bf973c70e711dfb303ec5f95fe9c26693a531644fa1d1ebcf0e223a87054681943e36615dad90a862d9dd7f74b29022a65d970e272e241ff9d4a0eafcb1291c58564aa5939143164a8ad662663f6d396d24a9ff9fb413c683e9be17b8a9b98ae218c4e6620379d91737278b431a4b8d61f709fbceb2b255193efa50f1d58285c6e9acf65a028e10345fa371a3c6a418725dbb0e298d20be0bf6bf39131c078ea89b0317d59ba2f02d1a3ec885004ae571aabe1bd44f52a6b96ff90b2e3a12ce08f4e5a71dfb45ffb7c3d538fed79102b8bae8c6d44b20bef099752342a67134e1fadf4a7309ae1554248e32082f60d3a9d866047e03923a58b0ac1fad98068735410e1c3fa152061858368b67ac117de58f95fa36c7a1f9a59a318624d494721c8fbdbd1a5025666834c51b51bcb286cfb949f15f19da50ad4e771e8a0ec228beee2b515a85cec7768355026d0dc8e216e96a327f9912b8ad6a123625d418bade8fc24bcce863f3ab419d69d2d8f78bc964ac452bf09188bb61ccf40d83d15a9f944e99efb1c4b4b1bec8afb9e551bc218f5e1be1acfe7af41ae493117c9540748e66415484d49db35313bffe0a1b45fc76e95ad2b8070f2a1a2006f51e09c1957c78f5a642c9a5fcb351a9a69d1935d29f7a08b509bf19bf9f3a269cc7d1fe41863e454d026682f4905090d5e57c6b3ee39b3a3a89fedd3c0d9e7ac89538a54b374c0ec7337c862ebdfe134d0e1cae78cf6120d5b990132814f181999c0beb400f37adafc27cb7dbaecbb1520d879dd6481b8831c724d918248413e1a0f9dcc9fef6c176a1c95cdca0336cf4ef086af89c9e62c71b3f07a073693b9988a4e4db8ab078a49d9542f77264711fe73aab600ff412ed9ed33302ce7b256f18598ccaffc609f3bc99f36199e041a79ea578b737a376c713d0be8951a9c461e301aa126c35f2ac24c34805cb7c4ad27fb502641e8e06f6684a5886726bcc68b895fe5ec15d4b5e4b911e4651a6632140ac6ab89e7747a75997e3e4f604437f2822e01e7f96d50b431af3786211deec40df445bfc9468d36ec07279b3c963acdc74240742fb70d6dc7a2bf77ad5237b137aa94f0952215e19da36f528c92d4e5fdd25a35d767f1b1bb947d7fe4cef582a9fc3a529d50bf8cf806c5050d10e57c3426998b5928f92dfdd79fda6578d424174a2b42f0275c408db220c88bfe104fb773dab07b9dd041922575fd6fed0e7ab058a747185e74046963bdd28f98846b459563a1ecd0e6213053c67c7e9cce2219e294513f02523cd0c4742d9b76b4f69c66467e288fdfb95db4742de5416d12ac618947d9eb48cbfdd70b31701a21fea39949227695bee5a5bf59924db3da560445e630a07883cefd44d7f1346b3e6f29a4cff063767f86c0e49a1aca6bd29d0e5436f7d9b778209be0e0e5df5225a828154d3c23ee9eca80c74c58d73c86ec822719bf09ccd29ddeba4461781cb4284d40f25c8fef96328bfd6ea47d270ca6895b0c41d662b88da3478e71224e8b72a29e049e46f230e5f5274fda1e0a7f4d32e804c33f0cd1991bd19869c2120227ae7bfda013ecaa9418e0adf0a9c0cf021aaef0d0d278f97942d4b6c5158976cf2974699ab1e34a9bdfe71e9a8d94c96ce51309f56a6fed687ec1d61ebdaca6ddbfe68283cd467c7ec29e8e77645ac5b57d3bf0105444f193a9c7cbaab19ee9f760ea2a344f643512101d4e31889218959969aa4863957fac28d5ec415494b56ffed0e5e2914fa44d5e335e65f54ed528c6a5283a27cfe7bc82b979b4a7108a12a7af7afa46f479c4552c3d98ba7c8a11084e67261c83551360092e63159dc8103c68032f83cfa19bafb32f6ec7ba20cefef8cae9d10a652fb0ba4cdee8b5199ec48b32f5bf3716fa3ceaddaf8f01129966f85dddd4c4392cfd1cb27c7048d8468f835c247a4c6a993bcb5945bc09c339d2437c82d229ce383788433a938ea6ccd464d4d838d42aa50dc0449b941b1c20bb63d6f6fb71704292a4ec2bbb7300fd837e9e532e539deb400e9c3b8791d0ce17eb2972ab1996fa30e3671a6574aa7d2957fc6bae249693b92fc52b87b009aa5018213282c368ae75cdffddda0cfd6e3b0d1b871959c6afffef425ade22b6df42832224e4f38c7511d250e9dcba35719f0d1340c9f789356106d75f061433367430e754e58fc0779b606dbdb2dc6b2dba4170ddcbdb78fac2c99b7c26efe3dc562298b398078eaed077a453ca06294a73bee93e50508136045ad5174acb4227e30b831cad3757b2db1dc0ad01b4b93aaeb42471bc739eb9e4497589a8f7355a6d993265f15cda3943802cc1526032107ad4a00c72686c4a35a62cb061a0252017e0b6bb3af161ddfc8c4176da1f8dbebecff21df93c576579d27efa262ab043e59841dd6fffeca9cce8786e4d89b97f3a058b4d5f55adafdadee400db3476b52c2a28ced4979dd9686fe4eab4fe8f332eb9b2e325dd6f488594587d629369d281350275f706b23561d60e000774f076b5c516ef6b61625f139049b534a26fb2ad9f2d7795bb8b230d2ca188fde00ba4109e6536b92aa1d084e991e64fdb6204975499e4634b77a1c0bf1af010dc4fd2ad4c052a034c54ece23edda992af2eefff9be9010e380d13ef7e0f8c27c4edf9c76e05ca1126fbacdf08b67b299bd5c17905ea410511870eb312ac8b27711771b270c8b625a2e879ec72fef48b732f210945be8106e7881d04727505657b3ef9bb5ae665e241eb9eb8ca3bc087ecb8f4a70c9dd6e2225954823c5eef430e613fc741bcbc19ca992875162e346810b39bc2a6986d671d8de5381e19879f81f15b19f0f261a30f3caba9acfb78f5c12f4a96f5b0ae54962001ed71b003e07380fd412f9830d984f1f2440e018591d8430861df47c208f25b93427ababf39df2f890aa9facb9c2c4f4452d2582948f79a5bbc41d0f80a21c9279e84b77bf34d39ad11a2eba33e39eb77911309e912d7ab9265cf60fa2d8fc166bf4318ba53d810cdfd12dca308977d6e1ac6dd05906afb522abeb2fb59d1ae970d4cc6795784c98012f9e3b61c8e0c59d84e8ed37b1b4d6d945b2450cdb441c8f190d6c8faa4cda2dfe2841ed1882d9c77d989bfd0b7a311f53e6793ad49f4c6bc89774d85311757a8db8e5a4a70dc3d9df7b607e68858ded8f9a7ae18e403dcb8a1e780949a212e7062b31ac5c367c38b54de7b27b4b2193bc0bc2d5304ed2927eb13d598738fde0a9903a9dabc0ba9e45c7be62ea0b7768582fcf830c63ebedabc6c5f0f5b577d1ded1c9717b6a23672268b85f3a0944bb33378df533a05b7b437bd0d27d83ab9156f24f6d5696a4ebbf6f21a0f5d1fbad21418d2b9e06f5d4d9f13116e135e51677cbedc5b8fded4f709085d5cb39ace5d1a8a726e93ba8a8acc4fcaf59c0f1bf09fe56c15fba23370af230644c99950e4acde56f1942fcd08e33eafbfcaedeab9a975379d129133f7cf3a79682994bd3ec8e38256deac0d0a7755b184bea16a700b0878baa8e6d3cf630490d96b02906d931c936bd17f8f404a82ed78fdfa1b4f91bfdd41015de05fb79662f3c3bb2a743ee3ba024de06c35f06a43f656ae6d6412369e7f4e9395f363bbabb2417826eaa87ff5dc34009dd6334bbef49fe07eb8424f06b2c9eea3c508e0d47fc2f72a23b65a83b4959bea548bbe1b17f4fbae3cb5951bee9fd5af54bfb0b2de4712c1aed61d799d057b57c07c0ae29d905a60da7a54e267abe2b35b5f14b4f9a12bb030af3ec7deb723114fb1b8323c7c4c956847e626aebdd81d6ce2e598c28ff7bb5dc197ef8def1340b8281b16438e66aaf3c0501c80ed1bb0e012cc51875b6d53ba1a93a2b75e79507710898e4178e791c01b6bfc19c43cc6c3d78cf61c8010cc292306525a593ff41095ec5c25a2eb158a41493911782b47dddf1dfdf8b66b8e6673f28d8192ca4f8126709107c1669b1cf84db5422fda5845cfb04afb9978a3abdba5d3d87405402f7aa130dcd99910f27902ca66a861ae859c4b22474d6eb9786ff067eac6a6a745ac89857e90e1678cd6c110472c69273f2306e5cfca0e376ee8d2f810cbb90d8a788549265e251d6ab28fe835a8af5fa43c6229834516dff3c76285a8965abd7fc7be2400511e39ad5d46467e70ed9547db47bbd2c0c7ffd8e1274950a4658c4519e01d60fd491d1a72b87d58f83ddf47aa422a73634948cf1ca30a0cf03a594ff3243a64d5bcc4d068f6ff32963370597f6de641dc4734bc5a8dda8fd45ec783139272821b9c016c0e9f2c5dfc9ca093439c3125cef3dfb268984add3145243b1c7ecdc8e6a11527ebbb9f9012c6b21ebb9fe8caac7ea554007a9493ee2ce4dfab7134f9ad03e8bea444607ccf57d4b3340b8a9bef69f6b41f0c6e9be627b1e90879b4103168be5b383d316948a6f65eec1f7d5939cb55a67080d36e3798af179976fd4c7e37625995875246a461bc613624478a9e850fc5daa85c2c46367582fffb56c963c3df1242de255f974a2fb660ac2de6f77b41fff7e0faec1a5b322105e65fa0de6ef4a57dfd15d93653ca4c05ccce5473cee7e327fc4572c44ffe5b429cdfcacdd413b323ff1aa5efa395b864a82ddb8085fd741f20c5a655b7833211b1aa628e71bf8c92712c9857e1bbaa78ac650289d6f9d2f3fe2d0b714d44d8be59efbf9c79f7a002751927e8f22536f76df629264a5b3fcb8e62fe19734dc2a849e161a23e4eb0cffc9468c0b4f0cc5c919dc50a692d1bb506aec9acb3686a9f90312d86f4f4480d482dd6b73df580f706727a8bbfcf325db5bed42398382cdf7d274ecfc4d84df435d2f3488fde6ed7d47286b511d34e0f796fc64bf481271276f12123bf7788c8a51ef48de4bc11de1232a4382d4c3f12aab8ebf64e8fcc4ff61abed86f0828c108281755319a6527ebb629af15dded88661dd19233de42c14ef31"}, {@device_b, @device_b, 0x9a, "a631031fe2213f42abd7c2024d1adc7eb25b9a7a100ad236d6688b87ef9ca235aba65af4693eb0f5e79cd846b2a8e5a90b3ebd1c10de436c59a861d524b96f17c8b615715495094ff1ae8cd52f8d53904431c7209624242286b21c2dbe5fb1ab426cab1092199cccd308e8bcda8e6faa94e9a7c78b79838046edf23b9511bc53baad154ab565d56bc06d0b6001166b76cd048156f2bdb69020fc"}, {@broadcast, @broadcast, 0x7a, "aeded45d1aad5b6e3ccb837c3bd7518d8c898c9c1102d6f79e01cde1f9a9dc077827fe63f2e20a7b5329d12e08b2a6396853731052c3fcdc48b9232640cf688747c5403f192fcad6bebcd5f447a2e0578b994666faff45933dc15283451116f7374eabcc2334ea5146718d9919189670452bf3c782497a6e4161"}]}, 0x1158)
r4 = socket$rxrpc(0x21, 0x2, 0xa)
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r4, 0x110, 0x4, &(0x7f0000001500)=0x1, 0x4)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000001540)={0x1f, 0x8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x7, 0x1}, 0xe)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000001580)={r1, 0x3ff, 0x2, [0x7ff, 0x4]}, 0xc)
r5 = syz_init_net_socket$ax25(0x3, 0x3, 0xcd)
setsockopt$ax25_SO_BINDTODEVICE(r5, 0x101, 0x19, &(0x7f00000015c0)=@bpq0, 0x10)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000001600)={r1, 0x6}, &(0x7f0000001640)=0x8)
r6 = accept4$ax25(r5, &(0x7f0000001680)={{}, [@null, @remote, @rose, @netrom, @netrom, @null, @remote, @default]}, &(0x7f0000001700)=0x48, 0x800)
ioctl$SIOCAX25ADDFWD(r6, 0x89ea, &(0x7f0000001740)={@null, @bcast})
connect$rxrpc(0xffffffffffffffff, &(0x7f0000001780)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @empty}}, 0x24)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000017c0)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
ioctl$FS_IOC_SETVERSION(r4, 0x40087602, &(0x7f0000001800)=0x1f)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r7, &(0x7f0000001940)={&(0x7f0000001840)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001900)={&(0x7f0000001880)={0x78, 0x3, 0x8, 0x5, 0x0, 0x0, {0x0, 0x0, 0x4}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x21}, @CTA_TIMEOUT_DATA={0x4c, 0x4, 0x0, 0x1, @icmp=[@CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x727}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0xffffffff}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0xfffffdd4}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x6}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x1ff}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x6cb}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x2000}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x5}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x6004}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x1a}]}, 0x78}, 0x1, 0x0, 0x0, 0x4004800}, 0x40080)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r8 = socket$rxrpc(0x21, 0x2, 0xa)
sendto$ax25(r7, &(0x7f0000001980)="b73dc009cec42b8f41239d3ac33d0899a57285f1b7716c3700cd31d40bee63510c6b994322b4482884da7dc4f08533de66e367b169be1eec323df296e89a854ae48c537c4af9756ea66d00a2ab5351748bcc56449b95c26c973d9fc2ae6d860d978bd66146b1e0f89c38c9b34601759192f342ee81b81a6eb6ddea5f117820a6", 0x80, 0x40010, &(0x7f0000001a00)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6}, [@bcast, @null, @bcast, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]}, 0x48)
setsockopt$packet_int(r7, 0x107, 0x8, &(0x7f0000001a80)=0x6, 0x4)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r7, 0x8008f513, &(0x7f0000001ac0))
socket$inet_tcp(0x2, 0x1, 0x0)
connect$netrom(r8, &(0x7f0000001b00)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x4}, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
setsockopt$IP_VS_SO_SET_DEL(r7, 0x0, 0x484, &(0x7f0000001b80)={0x88, @dev={0xac, 0x14, 0x14, 0x32}, 0x4e20, 0x1, 'dh\x00', 0x12, 0x3ff, 0x7e}, 0x2c)
sendmsg$nl_route(r7, &(0x7f0000001d80)={&(0x7f0000001bc0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001d40)={&(0x7f0000001cc0)=@ipv4_deladdr={0x80, 0x15, 0x20, 0x70bd28, 0x25dfdbfd, {0x2, 0x18, 0x104, 0xfe}, [@IFA_RT_PRIORITY={0x8, 0x9, 0x7}, @IFA_BROADCAST={0x8, 0x4, @loopback}, @IFA_LABEL={0x14, 0x3, 'veth0_virt_wifi\x00'}, @IFA_LABEL={0x14, 0x3, 'veth0_to_batadv\x00'}, @IFA_TARGET_NETNSID={0x8, 0xa, 0x2}, @IFA_TARGET_NETNSID={0x8, 0xa, 0x2}, @IFA_RT_PRIORITY={0x8, 0x9, 0x3}, @IFA_BROADCAST={0x8, 0x4, @multicast2}, @IFA_TARGET_NETNSID={0x8, 0xa, 0x3}, @IFA_ADDRESS={0x8, 0x1, @private=0xa010102}]}, 0x80}, 0x1, 0x0, 0x0, 0x20000000}, 0x8805)

72.402159ms ago: executing program 4:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="300000003b0007010000000000000000047c0000040000001800018006000600884700000c00150000000000fdff0000"], 0x30}}, 0x0)

41.501258ms ago: executing program 3:
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c80)={0x28, r2, 0x1, 0x0, 0x0, {0x2, 0x2, 0x2}, [@SMC_PNETID_IBPORT={0x5, 0x3}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x2a}, 0x1, 0x40030000000000}, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=ANY=[@ANYBLOB="2c0000002600bdab"], 0x2c}}, 0x0)
sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r3, &(0x7f00000007c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000780)={&(0x7f0000000100)={0x668, r1, 0x4, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_PMSR_ATTR_PEERS={0x4}, @NL80211_PMSR_ATTR_PEERS={0x43c, 0x5, 0x0, 0x1, [{0x1c4, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x1c, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7fffffff}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x98a}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xc}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_REQ={0x18c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xac, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xff}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xfffd}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0xd4, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x17}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xff}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xfa}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x8}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}]}, {0x274, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x104, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x70, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xe9f}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1f}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xffff}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x13c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xb8, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x40}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1ff}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1f}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xfff}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x74, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2b}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1a}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x17}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1f}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1d}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}]}]}, @NL80211_PMSR_ATTR_PEERS={0x20c, 0x5, 0x0, 0x1, [{0x134, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_REQ={0x34, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x3c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1644}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x31}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2c0}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1f}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_REQ={0x88, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x60, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xe}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7f}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}]}, {0xd4, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_REQ={0xc4, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x94, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x15}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x14}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}]}]}]}]}, 0x668}, 0x1, 0x0, 0x0, 0x80}, 0x8810)

0s ago: executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) (async)
r1 = socket$l2tp6(0xa, 0x2, 0x73) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0xa7ac60b316ee3c1d, 0x0)
bind$l2tp6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20) (async, rerun: 64)
syz_emit_ethernet(0x8e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa1acd1f78800d86dd608a37f200587300fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000000", @ANYRES8], 0x0) (async, rerun: 64)
r3 = socket$rxrpc(0x21, 0x2, 0x2)
bind$rxrpc(r3, &(0x7f0000000140)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x0, @multicast2}}, 0x24) (async)
bind$rxrpc(r3, &(0x7f0000000240)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, 0x24) (async)
ioctl$EXT4_IOC_CHECKPOINT(r3, 0x4004662b, &(0x7f0000000000)) (async, rerun: 64)
socketpair(0x25, 0x5, 0x0, &(0x7f0000000640)) (async, rerun: 64)
r4 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f0000001580)=[{{0x0, 0x0, &(0x7f0000000d80)=[{&(0x7f0000000c40)=""/169, 0xa9}, {&(0x7f0000000d00)=""/72, 0x48}], 0x2}}], 0x1, 0x0, 0x0) (async)
ioctl$SIOCGIFHWADDR(r2, 0x8927, &(0x7f0000000180)={'batadv_slave_1\x00'}) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000a00)=@ipv4_delroute={0x24, 0x19, 0x105, 0x0, 0x0, {0x2, 0x20, 0x0, 0x0, 0xff}, [@RTA_DST={0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x18}}]}, 0x24}}, 0x0) (async)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000080)=0x14) (async, rerun: 64)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x0, '\x00', 0x0, 0x0, 0x0, 0x3}, 0x48) (async, rerun: 64)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETQUEUE(r6, 0x400454d9, &(0x7f0000000000)={'syz_tun\x00', 0x200}) (async)
sendmsg$ETHTOOL_MSG_RINGS_GET(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000480)={0xd0, 0x0, 0x0, 0x0, 0x0, {}, [@HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0xd0}}, 0x0)

kernel console output (not intermixed with test programs):

  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.979950][ T7690] RIP: 0033:0x7fb0f6e7d0a9
[  127.984366][ T7690] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  128.003975][ T7690] RSP: 002b:00007fb0f7cde0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  128.012390][ T7690] RAX: ffffffffffffffda RBX: 00007fb0f6fb3f80 RCX: 00007fb0f6e7d0a9
[  128.020355][ T7690] RDX: 000000000000e90c RSI: 00000000200000c0 RDI: 0000000000000007
[  128.028318][ T7690] RBP: 00007fb0f7cde120 R08: 0000000020000540 R09: 0000000000000014
[  128.036283][ T7690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  128.044245][ T7690] R13: 000000000000000b R14: 00007fb0f6fb3f80 R15: 00007fffc85c1ad8
[  128.052223][ T7690]  </TASK>
[  128.156625][ T7706] xt_TCPMSS: Only works on TCP SYN packets
[  128.315381][   T29] audit: type=1804 audit(1719119129.313:4): pid=7709 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1834808130/syzkaller.wM1rae/182/cgroup.controllers" dev="sda1" ino=1966 res=1 errno=0
[  128.732849][ T7722] __sock_release: fasync list not empty!
[  130.241416][ T7736] netem: incorrect ge model size
[  130.326461][ T7753] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  130.369571][ T7753] batman_adv: batadv0: Adding interface: team0
[  130.375781][ T7753] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.378576][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  130.419058][ T7753] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  130.463795][ T7761] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  130.519228][ T7761] __nla_validate_parse: 1 callbacks suppressed
[  130.519249][ T7761] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.4'.
[  130.573053][ T7761] team0: entered promiscuous mode
[  130.578155][ T7761] team_slave_0: entered promiscuous mode
[  130.584333][ T7761] team_slave_1: entered promiscuous mode
[  130.603878][ T7761] 8021q: adding VLAN 0 to HW filter on device team0
[  130.617561][ T7761] batman_adv: batadv0: Interface activated: team0
[  130.629777][ T7761] batman_adv: batadv0: Interface deactivated: team0
[  130.636512][ T7761] batman_adv: batadv0: Removing interface: team0
[  130.645763][ T7761] bridge0: port 3(team0) entered blocking state
[  130.652635][ T7761] bridge0: port 3(team0) entered disabled state
[  130.659075][ T7761] team0: entered allmulticast mode
[  130.667414][ T7761] team_slave_0: entered allmulticast mode
[  130.684633][ T7761] team_slave_1: entered allmulticast mode
[  130.694748][ T7761] bridge0: port 3(team0) entered blocking state
[  130.701180][ T7761] bridge0: port 3(team0) entered forwarding state
[  130.896444][   T29] audit: type=1804 audit(1719119131.893:5): pid=7776 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir359298346/syzkaller.CEvMzp/22/cgroup.controllers" dev="sda1" ino=1965 res=1 errno=0
[  132.114900][ T7822] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  132.124654][ T7822] netlink: 'syz-executor.0': attribute type 2 has an invalid length.
[  132.143109][ T7822] netlink: 'syz-executor.0': attribute type 3 has an invalid length.
[  132.157424][ T7822] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.0'.
[  132.452030][ T7835] IPVS: sync thread started: state = BACKUP, mcast_ifn = ipvlan1, syncid = 1, id = 0
[  132.563091][   T29] audit: type=1804 audit(1719119133.563:6): pid=7832 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir4088968928/syzkaller.L7sZWm/210/cgroup.controllers" dev="sda1" ino=1962 res=1 errno=0
[  132.701548][ T7842] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  132.711394][ T7843] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  132.721009][ T7843] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  132.801285][ T7844] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.4'.
[  132.963987][ T7850] bond0: Unable to set down delay as MII monitoring is disabled
[  133.233858][ T1246] ieee802154 phy0 wpan0: encryption failed: -22
[  133.240369][ T1246] ieee802154 phy1 wpan1: encryption failed: -22
[  133.482111][ T7872] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  133.492935][ T7872] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  133.647187][   T29] audit: type=1804 audit(1719119134.643:7): pid=7877 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir4088968928/syzkaller.L7sZWm/214/memory.events" dev="sda1" ino=1942 res=1 errno=0
[  133.681881][ T7879] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  133.696297][ T7880] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  133.708712][   T29] audit: type=1804 audit(1719119134.703:8): pid=7881 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir4088968928/syzkaller.L7sZWm/214/memory.events" dev="sda1" ino=1942 res=1 errno=0
[  133.736933][   T29] audit: type=1800 audit(1719119134.733:9): pid=7877 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.0" name="memory.events" dev="sda1" ino=1942 res=0 errno=0
[  133.817979][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  133.950441][ T5117] Bluetooth: hci0: command tx timeout
[  134.011703][ T7891] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  134.028846][ T7891] batman_adv: batadv0: Removing interface: batadv_slave_0
[  134.380938][ T7906] tipc: Failed to remove unknown binding: 66,1,1/0:1898954603/1898954605
[  134.391579][ T7907] tipc: Failed to remove unknown binding: 66,1,1/0:1898954603/1898954605
[  134.504912][ T7906] 8021q: adding VLAN 0 to HW filter on device bond0
[  134.532424][ T7906] team0: Port device bond0 added
[  135.088182][ T7944] tap0: tun_chr_ioctl cmd 1074025677
[  135.097871][ T7944] tap0: linktype set to 768
[  135.167839][   T29] audit: type=1804 audit(1719119136.163:10): pid=7947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir11619177/syzkaller.3rleHs/150/memory.events" dev="sda1" ino=1938 res=1 errno=0
[  135.248132][   T29] audit: type=1804 audit(1719119136.243:11): pid=7947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir11619177/syzkaller.3rleHs/150/memory.events" dev="sda1" ino=1938 res=1 errno=0
[  135.312536][ T7955] syzkaller1: entered promiscuous mode
[  135.323740][ T7955] syzkaller1: entered allmulticast mode
[  135.827173][ T7984] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  135.843748][ T7984] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  135.856149][ T7984] __nla_validate_parse: 2 callbacks suppressed
[  135.856168][ T7984] netlink: 9328 bytes leftover after parsing attributes in process `syz-executor.4'.
[  135.878800][ T7986] FAULT_INJECTION: forcing a failure.
[  135.878800][ T7986] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.885579][ T7984] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  135.893167][ T7986] CPU: 1 PID: 7986 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  135.910578][ T7986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  135.920632][ T7986] Call Trace:
[  135.923922][ T7986]  <TASK>
[  135.926861][ T7986]  dump_stack_lvl+0x241/0x360
[  135.931547][ T7986]  ? __pfx_dump_stack_lvl+0x10/0x10
[  135.936746][ T7986]  ? __pfx__printk+0x10/0x10
[  135.941342][ T7986]  ? __pfx_lock_release+0x10/0x10
[  135.946367][ T7986]  should_fail_ex+0x3b0/0x4e0
[  135.951060][ T7986]  _copy_from_user+0x2f/0xe0
[  135.955699][ T7986]  copy_msghdr_from_user+0xae/0x680
[  135.960896][ T7986]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  135.966703][ T7986]  __sys_sendmsg+0x23d/0x3a0
[  135.971322][ T7986]  ? __pfx___sys_sendmsg+0x10/0x10
[  135.976430][ T7986]  ? vfs_write+0x7c4/0xc90
[  135.980871][ T7986]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  135.987196][ T7986]  ? do_syscall_64+0x100/0x230
[  135.991960][ T7986]  ? do_syscall_64+0xb6/0x230
[  135.996636][ T7986]  do_syscall_64+0xf3/0x230
[  136.001570][ T7986]  ? clear_bhb_loop+0x35/0x90
[  136.006248][ T7986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.012147][ T7986] RIP: 0033:0x7f04bdc7d0a9
[  136.016555][ T7986] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  136.036154][ T7986] RSP: 002b:00007f04bd7ff0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  136.044561][ T7986] RAX: ffffffffffffffda RBX: 00007f04bddb3f80 RCX: 00007f04bdc7d0a9
[  136.052527][ T7986] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  136.060488][ T7986] RBP: 00007f04bd7ff120 R08: 0000000000000000 R09: 0000000000000000
[  136.068456][ T7986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.076421][ T7986] R13: 000000000000000b R14: 00007f04bddb3f80 R15: 00007ffcd28a7f88
[  136.084418][ T7986]  </TASK>
[  136.158320][ T7984] macvlan2: entered promiscuous mode
[  136.222951][ T7994] syzkaller1: entered promiscuous mode
[  136.228775][ T7994] syzkaller1: entered allmulticast mode
[  136.286132][ T7996] tipc: Can't bind to reserved service type 2
[  136.666800][ T8020] netlink: 300 bytes leftover after parsing attributes in process `syz-executor.4'.
[  136.804280][   T29] audit: type=1804 audit(1719119137.803:12): pid=8024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir11619177/syzkaller.3rleHs/154/memory.events" dev="sda1" ino=1962 res=1 errno=0
[  136.821955][ T8030] syzkaller1: entered promiscuous mode
[  136.844504][ T8030] syzkaller1: entered allmulticast mode
[  136.910325][   T29] audit: type=1804 audit(1719119137.913:13): pid=8024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir11619177/syzkaller.3rleHs/154/memory.events" dev="sda1" ino=1962 res=1 errno=0
[  137.402919][ T8061] netlink: 'syz-executor.3': attribute type 11 has an invalid length.
[  138.635051][   T29] audit: type=1804 audit(1719119139.633:14): pid=8107 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir11619177/syzkaller.3rleHs/156/memory.events" dev="sda1" ino=1964 res=1 errno=0
[  138.712369][   T29] audit: type=1804 audit(1719119139.693:15): pid=8107 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir11619177/syzkaller.3rleHs/156/memory.events" dev="sda1" ino=1964 res=1 errno=0
[  138.901745][ T8115] batadv_slave_0: entered allmulticast mode
[  138.925441][ T8115] pim6reg: entered allmulticast mode
[  140.071834][ T8150] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  140.642151][ T8193] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  140.925708][ T8205] netlink: 184 bytes leftover after parsing attributes in process `syz-executor.3'.
[  141.145491][   T53] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  141.155676][   T53] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  141.165228][   T53] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  141.176706][   T53] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  141.192563][   T53] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  141.200057][   T53] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  141.218831][ T8221] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  141.383979][ T8229] syzkaller1: entered promiscuous mode
[  141.400116][ T8229] syzkaller1: entered allmulticast mode
[  141.455520][ T8235] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  141.697433][ T8215] chnl_net:caif_netlink_parms(): no params data found
[  141.752796][ T8246] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[  141.914879][ T8215] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.934564][ T8215] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.944908][ T8215] bridge_slave_0: entered allmulticast mode
[  141.960164][ T8215] bridge_slave_0: entered promiscuous mode
[  141.984786][ T8215] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.013185][ T8215] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.044968][ T8215] bridge_slave_1: entered allmulticast mode
[  142.071188][ T8215] bridge_slave_1: entered promiscuous mode
[  142.162185][ T8215] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  142.217886][ T8215] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  142.285882][ T8215] team0: Port device team_slave_0 added
[  142.296012][ T8215] team0: Port device team_slave_1 added
[  142.369959][ T8215] batman_adv: batadv0: Adding interface: batadv_slave_0
[  142.377124][ T8215] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.413358][ T8215] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  142.435300][ T8281] syzkaller1: entered promiscuous mode
[  142.441406][ T8281] syzkaller1: entered allmulticast mode
[  142.500737][ T8288] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[  142.517724][ T8215] batman_adv: batadv0: Adding interface: batadv_slave_1
[  142.528577][ T8215] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.559075][ T8290] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  142.568461][ T8215] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  142.596053][ T8285] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'.
[  142.673148][ T8215] hsr_slave_0: entered promiscuous mode
[  142.703873][ T8215] hsr_slave_1: entered promiscuous mode
[  142.717879][ T8215] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  142.727483][ T8215] Cannot create hsr debugfs directory
[  142.826810][ T8299] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  142.920921][ T8309] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  142.953355][ T8302] hsr_slave_0: left promiscuous mode
[  142.962454][ T8302] hsr_slave_1: left promiscuous mode
[  143.056486][ T8313] xt_SECMARK: invalid mode: 0
[  143.324282][ T5117] Bluetooth: hci5: command tx timeout
[  143.344496][ T8215] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.379324][ T8323] syzkaller1: entered promiscuous mode
[  143.385023][ T8323] syzkaller1: entered allmulticast mode
[  143.511560][ T8215] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.768767][ T8362] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.2'.
[  143.782879][ T8215] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.821450][ T8356] tipc: Started in network mode
[  143.826422][ T8356] tipc: Node identity fe8000000000000000000000000000bb, cluster identity 4711
[  143.839433][ T8356] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  143.981777][ T8215] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.007243][ T8361] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  144.018580][ T8361] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  144.032735][ T8361] bridge0: port 4(batadv0) entered blocking state
[  144.047890][ T8361] bridge0: port 4(batadv0) entered disabled state
[  144.055202][ T8361] batadv0: entered allmulticast mode
[  144.063633][ T8361] batadv0: entered promiscuous mode
[  144.070141][ T8361] bridge0: port 4(batadv0) entered blocking state
[  144.070667][   T11] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  144.076659][ T8361] bridge0: port 4(batadv0) entered forwarding state
[  144.086109][   T11] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  144.184543][ T8377] Bluetooth: MGMT ver 1.22
[  144.296988][ T8215] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  144.352789][ T8215] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  144.366791][ T8215] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  144.412934][ T8215] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  144.484714][ T8386] netlink: 'syz-executor.0': attribute type 25 has an invalid length.
[  144.493657][ T8386] netlink: 'syz-executor.0': attribute type 7 has an invalid length.
[  144.530126][ T8389] syzkaller1: entered promiscuous mode
[  144.536210][ T8389] syzkaller1: entered allmulticast mode
[  144.715623][ T8394] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  144.751959][ T8215] 8021q: adding VLAN 0 to HW filter on device bond0
[  144.780740][ T8215] 8021q: adding VLAN 0 to HW filter on device team0
[  144.800779][  T784] bridge0: port 1(bridge_slave_0) entered blocking state
[  144.808128][  T784] bridge0: port 1(bridge_slave_0) entered forwarding state
[  144.832183][  T784] bridge0: port 2(bridge_slave_1) entered blocking state
[  144.839438][  T784] bridge0: port 2(bridge_slave_1) entered forwarding state
[  145.194317][ T8421] bond2: entered promiscuous mode
[  145.262636][ T8426] 8021q: adding VLAN 0 to HW filter on device bond3
[  145.270998][ T8426] bond3: entered promiscuous mode
[  145.276979][ T8426] bond2: (slave bond3): Enslaving as an active interface with an up link
[  145.295655][ T8421] bond2 (unregistering): (slave bond3): Releasing backup interface
[  145.307769][ T8421] bond3: left promiscuous mode
[  145.321808][ T8421] bond2 (unregistering): Released all slaves
[  145.352610][ T8430] A link change request failed with some changes committed already. Interface veth0_to_bond may have been left with an inconsistent configuration, please check.
[  145.391164][ T5117] Bluetooth: hci5: command tx timeout
[  145.488084][ T8215] 8021q: adding VLAN 0 to HW filter on device batadv0
[  145.607206][ T8436] syzkaller1: entered promiscuous mode
[  145.613908][ T8436] syzkaller1: entered allmulticast mode
[  145.634876][ T8215] veth0_vlan: entered promiscuous mode
[  145.680337][ T8442] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  145.688433][ T8442] macvtap2: entered allmulticast mode
[  145.699470][ T8442] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  145.721243][ T8442] netdevsim netdevsim0 netdevsim0: left allmulticast mode
[  145.735642][ T8442] netdevsim netdevsim0 netdevsim0: left promiscuous mode
[  145.838465][ T8215] veth1_vlan: entered promiscuous mode
[  145.982190][ T8215] veth0_macvtap: entered promiscuous mode
[  146.013380][ T8215] veth1_macvtap: entered promiscuous mode
[  146.073705][ T8215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.092182][ T8215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.128678][ T8215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.146976][ T8215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.157297][ T8215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.174803][ T8215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.191106][ T8215] batman_adv: batadv0: Interface activated: batadv_slave_0
[  146.238408][ T8215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.260713][ T8215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.279529][ T8215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.303399][ T8215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.316649][ T8215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.327783][ T8480] __nla_validate_parse: 5 callbacks suppressed
[  146.327801][ T8480] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.2'.
[  146.343804][ T8215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.354487][ T8215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.376614][ T8215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.397339][ T8215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.419607][ T8215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.431360][ T8482] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xf
[  146.453881][ T8215] batman_adv: batadv0: Interface activated: batadv_slave_1
[  146.482413][ T8484] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  146.557639][ T8215] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  146.596111][ T8215] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  146.627092][ T8215] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  146.647759][ T8215] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  146.680659][ T8484] bond1 (unregistering): Released all slaves
[  146.714031][ T8488] netlink: 'syz-executor.0': attribute type 12 has an invalid length.
[  146.728547][ T8488] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.0'.
[  146.986704][ T7011] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.017707][ T7011] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.089892][ T8494] syzkaller1: entered promiscuous mode
[  147.095410][ T8494] syzkaller1: entered allmulticast mode
[  147.160249][ T2812] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.190982][ T2812] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.455919][ T8519] netlink: 'syz-executor.3': attribute type 3 has an invalid length.
[  147.476016][ T8519] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.3'.
[  147.486467][ T5117] Bluetooth: hci5: command tx timeout
[  147.729057][ T8519] xt_CT: No such helper "pptp"
[  147.996071][   T29] audit: type=1800 audit(1719119148.993:16): pid=8540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="memory.events" dev="sda1" ino=1969 res=0 errno=0
[  148.071749][   T29] audit: type=1804 audit(1719119149.033:17): pid=8540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir359298346/syzkaller.CEvMzp/86/memory.events" dev="sda1" ino=1969 res=1 errno=0
[  148.220419][ T8545] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  148.247631][ T8545] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  148.273346][ T8545] batman_adv: batadv0: Removing interface: batadv_slave_0
[  148.291307][ T8545] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  148.305589][ T8545] batman_adv: batadv0: Removing interface: batadv_slave_1
[  148.331698][ T8545] batman_adv: batadv0: Interface deactivated: macvtap1
[  148.349060][ T8545] batman_adv: batadv0: Removing interface: macvtap1
[  148.427504][ T8545] team0: Port device batadv0 removed
[  148.497391][ T8548] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  148.588915][ T8553] syzkaller1: entered promiscuous mode
[  148.602215][ T8553] syzkaller1: entered allmulticast mode
[  148.899539][ T8569] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  149.000001][ T8569] 8021q: adding VLAN 0 to HW filter on device batadv0
[  149.016721][ T8568] batman_adv: batadv0: Adding interface: netdevsim0
[  149.037108][ T8568] batman_adv: batadv0: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  149.066208][ T8568] batman_adv: batadv0: Interface activated: netdevsim0
[  149.086156][ T8585] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  149.095806][ T8585] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  149.103112][ T8585] IPv6: NLM_F_CREATE should be set when creating new route
[  149.110435][ T8585] IPv6: NLM_F_CREATE should be set when creating new route
[  149.550074][ T5117] Bluetooth: hci5: command tx timeout
[  149.578170][ T7011] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.762551][ T7011] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.818495][ T8608] xt_bpf: check failed: parse error
[  149.939736][ T7011] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.122071][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88805d774000: rx timeout, send abort
[  150.133485][ T7011] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.263380][   T53] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  150.295612][   T53] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  150.308586][   T53] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  150.316861][   T53] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  150.328341][   T53] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  150.350343][   T53] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  150.497353][ T7011] bridge_slave_1: left allmulticast mode
[  150.522784][ T7011] bridge_slave_1: left promiscuous mode
[  150.547451][ T7011] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.577201][ T7011] bridge_slave_0: left allmulticast mode
[  150.596547][ T7011] bridge_slave_0: left promiscuous mode
[  150.617868][ T7011] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.632163][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88805d774000: abort rx timeout. Force session deactivation
[  150.641975][ T8629] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  151.245565][ T7011] team0: Port device bond0 removed
[  151.253794][ T7011] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  151.269051][ T7011] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  151.284621][ T7011] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  151.303523][ T7011] bond0 (unregistering): Released all slaves
[  151.349500][ T8643] syzkaller0: tun_chr_ioctl cmd 1074025677
[  151.355583][ T8643] syzkaller0: linktype set to 0
[  151.395289][ T8640] syzkaller1: entered promiscuous mode
[  151.401799][ T8640] syzkaller1: entered allmulticast mode
[  151.713549][ T8658] netlink: 596 bytes leftover after parsing attributes in process `syz-executor.4'.
[  151.864994][ T8614] chnl_net:caif_netlink_parms(): no params data found
[  151.963047][ T7011] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  151.983099][ T7011] batman_adv: batadv0: Removing interface: batadv_slave_1
[  152.002057][ T7011] batman_adv: batadv0: Interface deactivated: macvtap1
[  152.012141][ T7011] batman_adv: batadv0: Removing interface: macvtap1
[  152.068608][ T7011] dummy0: left promiscuous mode
[  152.088920][ T7011] veth1_macvtap: left promiscuous mode
[  152.107439][ T7011] veth0_macvtap: left promiscuous mode
[  152.123021][ T7011] veth1_vlan: left promiscuous mode
[  152.135482][ T7011] veth0_vlan: left promiscuous mode
[  152.429582][ T5117] Bluetooth: hci3: command tx timeout
[  153.259926][ T7011] team0 (unregistering): Port device team_slave_1 removed
[  153.300802][ T7011] team0 (unregistering): Port device team_slave_0 removed
[  153.852324][ T8695] syzkaller1: entered promiscuous mode
[  153.858108][ T8695] syzkaller1: entered allmulticast mode
[  153.865896][ T8697] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  153.867956][ T8614] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.874368][ T8697] nbd: illegal input index 19464200
[  153.883186][ T8614] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.895487][ T8614] bridge_slave_0: entered allmulticast mode
[  153.903120][ T8614] bridge_slave_0: entered promiscuous mode
[  153.988118][ T8614] bridge0: port 2(bridge_slave_1) entered blocking state
[  154.000553][ T8614] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.007898][ T8614] bridge_slave_1: entered allmulticast mode
[  154.020728][ T8614] bridge_slave_1: entered promiscuous mode
[  154.103762][ T8701] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  154.180477][ T8710] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.1'.
[  154.182544][ T8614] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  154.213947][ T8614] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  154.345876][ T8614] team0: Port device team_slave_0 added
[  154.380178][ T8614] team0: Port device team_slave_1 added
[  154.469821][ T8614] batman_adv: batadv0: Adding interface: batadv_slave_0
[  154.503510][ T8614] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.509379][ T5117] Bluetooth: hci3: command tx timeout
[  154.608083][ T8614] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  154.640636][ T8614] batman_adv: batadv0: Adding interface: batadv_slave_1
[  154.652614][ T8614] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.680877][ T8614] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  154.824528][ T8614] hsr_slave_0: entered promiscuous mode
[  154.838438][ T8614] hsr_slave_1: entered promiscuous mode
[  154.845615][ T8614] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  154.854977][ T8614] Cannot create hsr debugfs directory
[  155.246291][ T8736] team0: Port device team_slave_0 removed
[  155.657337][ T8751] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  155.709655][ T8753] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  155.747897][ T8614] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  155.778048][ T8614] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  155.820478][ T8614] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  155.935890][ T8614] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  156.025440][ T8774] x_tables: duplicate underflow at hook 3
[  156.118361][ T8776] pim6reg1: entered promiscuous mode
[  156.124371][ T8776] pim6reg1: entered allmulticast mode
[  156.162189][ T8779] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.4'.
[  156.175096][ T8776] syzkaller0: entered allmulticast mode
[  156.288549][ T8787] netlink: 'syz-executor.0': attribute type 10 has an invalid length.
[  156.319059][ T8614] 8021q: adding VLAN 0 to HW filter on device bond0
[  156.414800][ T8793] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  156.425804][ T8793] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.0'.
[  156.436413][ T8793] batman_adv: batadv0: Interface deactivated: netdevsim0
[  156.462745][ T8793] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  156.512742][ T8796] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  156.563686][ T8614] 8021q: adding VLAN 0 to HW filter on device team0
[  156.589549][ T5117] Bluetooth: hci3: command tx timeout
[  156.593088][  T784] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.603007][  T784] bridge0: port 1(bridge_slave_0) entered forwarding state
[  156.682015][ T5164] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.689254][ T5164] bridge0: port 2(bridge_slave_1) entered forwarding state
[  156.786713][ T8614] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  157.218988][ T8830] syzkaller1: entered promiscuous mode
[  157.247114][ T8830] syzkaller1: entered allmulticast mode
[  157.342883][ T8614] 8021q: adding VLAN 0 to HW filter on device batadv0
[  157.464129][ T8614] veth0_vlan: entered promiscuous mode
[  157.504860][ T8839] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  157.577227][ T8614] veth1_vlan: entered promiscuous mode
[  157.667712][ T8614] veth0_macvtap: entered promiscuous mode
[  157.694847][ T8614] veth1_macvtap: entered promiscuous mode
[  157.771346][ T8614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  157.813858][ T8614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.830195][ T8614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  157.846771][ T8614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.867067][ T8614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  157.883750][ T8614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.903828][ T8614] batman_adv: batadv0: Interface activated: batadv_slave_0
[  157.940922][ T8852] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  158.015151][ T8852] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.3'.
[  158.046518][ T8614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.077955][ T8614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.106309][ T8614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.138650][ T8614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.155622][ T8614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.166593][ T8614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.185960][ T8614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.205325][ T8614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.217344][ T8614] batman_adv: batadv0: Interface activated: batadv_slave_1
[  158.294502][ T8614] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  158.308394][ T8614] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  158.318241][ T8614] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  158.327199][ T8614] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  158.414412][ T8878] syzkaller1: entered promiscuous mode
[  158.425287][ T8878] syzkaller1: entered allmulticast mode
[  158.577033][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  158.596153][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  158.656284][ T2812] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  158.671084][ T5117] Bluetooth: hci3: command tx timeout
[  158.693869][ T8887] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'.
[  158.707103][ T2812] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  159.256549][ T8909] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  159.273483][ T8909] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.2'.
[  159.313053][ T8909] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  159.353293][ T8912] sit1: entered promiscuous mode
[  159.369011][ T8912] sit1: entered allmulticast mode
[  159.678366][ T8918] syzkaller1: entered promiscuous mode
[  159.703497][ T8918] syzkaller1: entered allmulticast mode
[  159.942760][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  160.077036][ T8940] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  160.080736][ T8942] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  160.087745][ T8940] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  160.149090][ T8942] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.2'.
[  160.300981][ T8953] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  160.394554][ T8946] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  160.428770][ T8946] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  160.745406][ T8972] hsr0: entered promiscuous mode
[  160.756843][ T8967] hsr0: left promiscuous mode
[  161.029081][ T8982] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  161.096293][ T8982] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  161.440897][ T9002] openvswitch: netlink: nsh attribute has 1 unknown bytes.
[  161.485056][ T9014] netlink: 'syz-executor.1': attribute type 11 has an invalid length.
[  161.540829][ T9016] hsr0: entered promiscuous mode
[  161.630248][ T9018] bridge0: entered promiscuous mode
[  161.636199][ T9018] macvtap1: entered promiscuous mode
[  161.644610][ T9018] macvtap1: entered allmulticast mode
[  161.650500][ T9018] bridge0: entered allmulticast mode
[  161.657632][ T9007] hsr0: left promiscuous mode
[  161.672290][ T9020] Bluetooth: MGMT ver 1.22
[  161.837743][ T9027] FAULT_INJECTION: forcing a failure.
[  161.837743][ T9027] name failslab, interval 1, probability 0, space 0, times 0
[  161.867302][ T9027] CPU: 0 PID: 9027 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  161.877954][ T9027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  161.888043][ T9027] Call Trace:
[  161.891343][ T9027]  <TASK>
[  161.894374][ T9027]  dump_stack_lvl+0x241/0x360
[  161.899095][ T9027]  ? __pfx_dump_stack_lvl+0x10/0x10
[  161.904420][ T9027]  ? __pfx__printk+0x10/0x10
[  161.909055][ T9027]  should_fail_ex+0x3b0/0x4e0
[  161.913762][ T9027]  ? ioctl_standard_iw_point+0x4ae/0xcb0
[  161.919521][ T9027]  should_failslab+0x9/0x20
[  161.924054][ T9027]  __kmalloc_noprof+0xd8/0x400
[  161.928851][ T9027]  ioctl_standard_iw_point+0x4ae/0xcb0
[  161.934332][ T9027]  ? do_raw_spin_unlock+0x13c/0x8b0
[  161.939665][ T9027]  ? __pfx_cfg80211_wext_siwencode+0x10/0x10
[  161.945685][ T9027]  ? __pfx_ioctl_standard_iw_point+0x10/0x10
[  161.951688][ T9027]  ? __mutex_lock+0x527/0xd70
[  161.956389][ T9027]  ? wext_ioctl_dispatch+0x106/0x640
[  161.962222][ T9027]  ? __pfx___mutex_lock+0x10/0x10
[  161.967264][ T9027]  ? full_name_hash+0x93/0xe0
[  161.971974][ T9027]  ioctl_standard_call+0xc7/0x290
[  161.977030][ T9027]  ? __pfx_cfg80211_wext_siwencode+0x10/0x10
[  161.983036][ T9027]  ? __pfx_cfg80211_wext_siwencode+0x10/0x10
[  161.989153][ T9027]  wext_ioctl_dispatch+0x58e/0x640
[  161.994301][ T9027]  ? __pfx_ioctl_standard_call+0x10/0x10
[  161.997823][ T9031] Cannot find add_set index 0 as target
[  161.999977][ T9027]  ? __pfx_ioctl_private_call+0x10/0x10
[  162.000003][ T9027]  ? __pfx_wext_ioctl_dispatch+0x10/0x10
[  162.000030][ T9027]  ? __might_fault+0xc6/0x120
[  162.021414][ T9027]  wext_handle_ioctl+0x15f/0x270
[  162.026379][ T9027]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  162.031885][ T9027]  sock_ioctl+0x17f/0x8e0
[  162.036251][ T9027]  ? __pfx_sock_ioctl+0x10/0x10
[  162.041123][ T9027]  ? __fget_files+0x29/0x470
[  162.045734][ T9027]  ? __fget_files+0x3f6/0x470
[  162.050428][ T9027]  ? __fget_files+0x29/0x470
[  162.055043][ T9027]  ? bpf_lsm_file_ioctl+0x9/0x10
[  162.059995][ T9027]  ? security_file_ioctl+0x87/0xb0
[  162.065210][ T9027]  ? __pfx_sock_ioctl+0x10/0x10
[  162.070085][ T9027]  __se_sys_ioctl+0xfc/0x170
[  162.074717][ T9027]  do_syscall_64+0xf3/0x230
[  162.079251][ T9027]  ? clear_bhb_loop+0x35/0x90
[  162.083961][ T9027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.089879][ T9027] RIP: 0033:0x7f04bdc7d0a9
[  162.094306][ T9027] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  162.113935][ T9027] RSP: 002b:00007f04bd7ff0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  162.122378][ T9027] RAX: ffffffffffffffda RBX: 00007f04bddb3f80 RCX: 00007f04bdc7d0a9
[  162.130368][ T9027] RDX: 0000000020000040 RSI: 0000000000008b2a RDI: 0000000000000003
[  162.138450][ T9027] RBP: 00007f04bd7ff120 R08: 0000000000000000 R09: 0000000000000000
[  162.146443][ T9027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  162.154428][ T9027] R13: 000000000000000b R14: 00007f04bddb3f80 R15: 00007ffcd28a7f88
[  162.162433][ T9027]  </TASK>
[  162.654619][ T9046] IPVS: set_ctl: invalid protocol: 1 0.0.0.0:20003
[  163.101522][ T9065] hsr0: entered promiscuous mode
[  163.301574][ T9062] hsr0: left promiscuous mode
[  163.516962][ T9081] __nla_validate_parse: 2 callbacks suppressed
[  163.516983][ T9081] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  163.552772][ T9080] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.0'.
[  163.606486][ T9074] netlink: 105120 bytes leftover after parsing attributes in process `syz-executor.2'.
[  163.637509][ T9074] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  163.721863][ T9090] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  164.634377][ T9111] syzkaller1: entered promiscuous mode
[  164.648160][ T9111] syzkaller1: entered allmulticast mode
[  164.829626][ T9116] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.1'.
[  164.973734][ T9122] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  165.130361][ T9133] netlink: 64138 bytes leftover after parsing attributes in process `syz-executor.2'.
[  165.147971][ T9134] tipc: Failed to remove unknown binding: 66,1,1/0:1970295489/1970295491
[  165.211159][ T9134] 8021q: adding VLAN 0 to HW filter on device bond0
[  165.235276][ T9134] bond0: entered promiscuous mode
[  165.241814][ T9134] bond_slave_0: entered promiscuous mode
[  165.247847][ T9134] bond_slave_1: entered promiscuous mode
[  165.256891][ T9134] bond0: entered allmulticast mode
[  165.258465][ T9138] netlink: 165 bytes leftover after parsing attributes in process `syz-executor.2'.
[  165.263771][ T9134] bond_slave_0: entered allmulticast mode
[  165.278125][ T9134] bond_slave_1: entered allmulticast mode
[  165.286170][ T9134] team0: Port device bond0 added
[  165.478109][ T9145] bridge0: port 3(macsec0) entered blocking state
[  165.502704][ T9145] bridge0: port 3(macsec0) entered disabled state
[  165.516963][ T9145] macsec0: entered allmulticast mode
[  165.523107][ T9145] veth1_macvtap: entered allmulticast mode
[  165.539427][ T9145] macsec0: entered promiscuous mode
[  165.546741][ T9145] bridge0: port 3(macsec0) entered blocking state
[  165.553819][ T9145] bridge0: port 3(macsec0) entered forwarding state
[  165.712410][ T9151] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  165.739371][ T9151] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  166.065151][ T9162] sctp: [Deprecated]: syz-executor.2 (pid 9162) Use of int in max_burst socket option.
[  166.065151][ T9162] Use struct sctp_assoc_value instead
[  166.176532][ T9166] tipc: Failed to remove unknown binding: 66,1,1/0:504294244/504294246
[  166.285958][ T9166] 8021q: adding VLAN 0 to HW filter on device bond0
[  166.289923][ T9172] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  166.307824][ T9166] team0: Port device bond0 added
[  166.315705][ T9172] netlink: 'syz-executor.2': attribute type 3 has an invalid length.
[  166.531611][ T9184] ieee802154 phy0 wpan0: encryption failed: -90
[  167.268563][ T9244] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes.
[  167.393062][ T9249] tap0: tun_chr_ioctl cmd 1074025677
[  167.406622][ T9249] tap0: linktype set to 780
[  168.148615][ T9256] vlan3: entered promiscuous mode
[  168.157100][ T9256] bond0: entered promiscuous mode
[  168.169315][ T9256] bond_slave_0: entered promiscuous mode
[  168.178031][ T9256] bond_slave_1: entered promiscuous mode
[  168.193582][ T9256] vlan3: entered allmulticast mode
[  168.208185][ T9256] bond0: entered allmulticast mode
[  168.220019][ T9256] bond_slave_0: entered allmulticast mode
[  168.229359][ T9256] bond_slave_1: entered allmulticast mode
[  168.243469][ T9256] bond0: left allmulticast mode
[  168.248682][ T9256] bond_slave_0: left allmulticast mode
[  168.258991][ T9256] bond_slave_1: left allmulticast mode
[  168.267468][ T9256] bond0: left promiscuous mode
[  168.280133][ T9256] bond_slave_0: left promiscuous mode
[  168.285766][ T9256] bond_slave_1: left promiscuous mode
[  169.101591][ T9287] netlink: 'syz-executor.1': attribute type 11 has an invalid length.
[  169.408682][ T9292] x_tables: duplicate underflow at hook 1
[  169.474039][ T9299] tipc: Enabled bearer <udp:s>, priority 10
[  169.499028][ T9294] __nla_validate_parse: 5 callbacks suppressed
[  169.499051][ T9294] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.0'.
[  169.536986][ T9294] 0ͺXΉ¦Dφ»: renamed from gretap0 (while UP)
[  169.581426][ T9294] 0ͺXΉ¦Dφ»: entered allmulticast mode
[  169.661651][ T9308] xt_TCPMSS: Only works on TCP SYN packets
[  169.684240][ T9308] rdma_op ffff888050acb9f0 conn xmit_rdma 0000000000000000
[  169.890528][ T9318] netlink: 92 bytes leftover after parsing attributes in process `syz-executor.1'.
[  170.047115][ T9321] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  170.082482][ T9324] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.2'.
[  170.154586][ T9323] netlink: 'syz-executor.4': attribute type 11 has an invalid length.
[  170.506914][ T9332] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  170.522123][ T9332] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  170.591551][ T5169] tipc: Node number set to 4269801659
[  170.798763][ T9339] tipc: Started in network mode
[  170.819581][    C1] syz_tun: tun_net_xmit 54
[  170.825289][ T9339] tipc: Node identity ac1414aa, cluster identity 4711
[  170.834636][ T9339] syz_tun: tun_net_xmit 118
[  170.848642][ T9339] tipc: Enabled bearer <udp:s>, priority 10
[  170.868968][ T9342] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.4'.
[  170.887382][ T9342] 0ͺXΉ¦Dφ»: renamed from gretap0 (while UP)
[  170.899113][ T9342] 0ͺXΉ¦Dφ»: entered allmulticast mode
[  170.930550][ T9346] netlink: 9412 bytes leftover after parsing attributes in process `syz-executor.2'.
[  170.969487][    C1] syz_tun: tun_net_xmit 118
[  171.110825][    C1] syz_tun: tun_net_xmit 118
[  171.249459][    C1] syz_tun: tun_net_xmit 118
[  171.373005][ T9371] syzkaller1: entered promiscuous mode
[  171.390383][    C1] syz_tun: tun_net_xmit 118
[  171.408180][ T9371] syzkaller1: entered allmulticast mode
[  171.529997][    C1] syz_tun: tun_net_xmit 118
[  171.547067][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88805ceb5000: rx timeout, send abort
[  171.559453][    C1] syz_tun: tun_net_xmit 54
[  171.671536][    C1] syz_tun: tun_net_xmit 118
[  171.810381][    C1] syz_tun: tun_net_xmit 118
[  171.950580][ T5169] tipc: Node number set to 2886997162
[  172.043016][ T9392] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  172.055580][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88805ceb5000: abort rx timeout. Force session deactivation
[  172.080220][ T9392] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.4'.
[  172.099427][    C1] syz_tun: tun_net_xmit 118
[  172.099563][ T9392] 1ͺXΉ¦Dφ»: renamed from 
00ͺXΉ¦Dφ» (while UP)
[  172.187860][ T9396] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
[  172.219547][ T9396] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  172.292791][ T9401] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  172.371337][    C1] syz_tun: tun_net_xmit 118
[  172.699459][    C0] syz_tun: tun_net_xmit 58
[  172.899499][    C1] syz_tun: tun_net_xmit 118
[  173.128196][ T9440] tipc: Started in network mode
[  173.152996][ T9440] tipc: Node identity ac1414aa, cluster identity 4711
[  173.179924][ T9440] tipc: Enabled bearer <udp:s>, priority 10
[  173.206520][ T9434] 0ͺXΉ¦Dφ»: renamed from gretap0 (while UP)
[  173.212700][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88807b721000: rx timeout, send abort
[  173.252270][ T9434] 0ͺXΉ¦Dφ»: entered allmulticast mode
[  173.629493][    C0] syz_tun: tun_net_xmit 58
[  173.712802][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88807b721000: abort rx timeout. Force session deactivation
[  173.930183][ T9467] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  173.949469][    C1] syz_tun: tun_net_xmit 118
[  174.004396][ T9468] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  174.310217][   T45] tipc: Node number set to 2886997162
[  174.807742][ T9502] syzkaller1: entered promiscuous mode
[  174.815081][ T9502] syzkaller1: entered allmulticast mode
[  174.989438][    C1] syz_tun: tun_net_xmit 118
[  175.258245][ T9524] __nla_validate_parse: 7 callbacks suppressed
[  175.258267][ T9524] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.4'.
[  175.285652][ T9524] openvswitch: netlink: Multiple metadata blocks provided
[  175.295685][ T9525] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'.
[  175.487419][ T9535] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  175.552487][ T9535] syz-executor.0 (9535) used greatest stack depth: 18032 bytes left
[  175.590238][ T9542] syzkaller1: entered promiscuous mode
[  175.598536][ T9542] syzkaller1: entered allmulticast mode
[  175.809592][ T9557] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  176.029487][    C1] syz_tun: tun_net_xmit 118
[  176.207987][ T9577] syzkaller1: entered promiscuous mode
[  176.221980][ T9577] syzkaller1: entered allmulticast mode
[  176.284190][ T9578] syzkaller1: entered promiscuous mode
[  176.292180][ T9578] syzkaller1: entered allmulticast mode
[  176.542488][ T9589] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  177.069471][    C1] syz_tun: tun_net_xmit 118
[  177.142000][ T9617] syzkaller1: entered promiscuous mode
[  177.153757][ T9617] syzkaller1: entered allmulticast mode
[  177.368220][ T9624] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  177.730587][ T9650] FAULT_INJECTION: forcing a failure.
[  177.730587][ T9650] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  177.738357][ T9649] syzkaller1: entered promiscuous mode
[  177.761412][ T9649] syzkaller1: entered allmulticast mode
[  177.780805][ T9650] CPU: 1 PID: 9650 Comm: syz-executor.3 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  177.791281][ T9650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  177.801381][ T9650] Call Trace:
[  177.804688][ T9650]  <TASK>
[  177.807641][ T9650]  dump_stack_lvl+0x241/0x360
[  177.812372][ T9650]  ? __pfx_dump_stack_lvl+0x10/0x10
[  177.817609][ T9650]  ? __pfx__printk+0x10/0x10
[  177.822244][ T9650]  should_fail_ex+0x3b0/0x4e0
[  177.826965][ T9650]  _copy_from_user+0x2f/0xe0
[  177.831591][ T9650]  sctp_setsockopt+0xcc/0x11c0
[  177.836388][ T9650]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  177.842310][ T9650]  do_sock_setsockopt+0x3af/0x720
[  177.847380][ T9650]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  177.852961][ T9650]  ? __fget_files+0x29/0x470
[  177.857585][ T9650]  ? __fget_files+0x3f6/0x470
[  177.862308][ T9650]  __sys_setsockopt+0x1ae/0x250
[  177.867196][ T9650]  __x64_sys_setsockopt+0xb5/0xd0
[  177.872288][ T9650]  do_syscall_64+0xf3/0x230
[  177.876825][ T9650]  ? clear_bhb_loop+0x35/0x90
[  177.881540][ T9650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.887466][ T9650] RIP: 0033:0x7fb0f6e7d0a9
[  177.891902][ T9650] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  177.911540][ T9650] RSP: 002b:00007fb0f7cde0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  177.919987][ T9650] RAX: ffffffffffffffda RBX: 00007fb0f6fb3f80 RCX: 00007fb0f6e7d0a9
[  177.927985][ T9650] RDX: 0000000000000077 RSI: 0000000000000084 RDI: 0000000000000004
[  177.935987][ T9650] RBP: 00007fb0f7cde120 R08: 0000000000000008 R09: 0000000000000000
[  177.943992][ T9650] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001
[  177.951994][ T9650] R13: 000000000000000b R14: 00007fb0f6fb3f80 R15: 00007fffc85c1ad8
[  177.960010][ T9650]  </TASK>
[  178.109361][    C1] syz_tun: tun_net_xmit 118
[  178.168491][ T9661] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  178.323443][ T9669] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  178.717253][ T9693] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  178.737525][ T9693] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  178.755317][ T9693] batman_adv: batadv0: Removing interface: batadv_slave_0
[  178.779102][ T9693] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  178.802307][ T9693] batman_adv: batadv0: Removing interface: batadv_slave_1
[  178.840146][ T9693] bridge0: port 4(batadv0) entered disabled state
[  178.876764][ T9693] batadv0 (unregistering): left allmulticast mode
[  178.893863][ T9693] batadv0 (unregistering): left promiscuous mode
[  178.920135][ T9693] bridge0: port 4(batadv0) entered disabled state
[  178.997763][ T9714] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  179.059020][ T9690] syzkaller1: entered promiscuous mode
[  179.087397][ T9690] syzkaller1: entered allmulticast mode
[  179.149470][    C1] syz_tun: tun_net_xmit 118
[  179.291012][ T9722] Unsupported ieee802154 address type: 0
[  179.380737][ T9730] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  179.400445][ T9738] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  179.467110][ T9736] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  179.608655][ T9750] FAULT_INJECTION: forcing a failure.
[  179.608655][ T9750] name failslab, interval 1, probability 0, space 0, times 0
[  179.641542][ T9750] CPU: 0 PID: 9750 Comm: syz-executor.4 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  179.652199][ T9750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  179.661011][ T9754] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.2'.
[  179.662255][ T9750] Call Trace:
[  179.674833][ T9750]  <TASK>
[  179.677780][ T9750]  dump_stack_lvl+0x241/0x360
[  179.682490][ T9750]  ? __pfx_dump_stack_lvl+0x10/0x10
[  179.687710][ T9750]  ? __pfx__printk+0x10/0x10
[  179.692343][ T9750]  should_fail_ex+0x3b0/0x4e0
[  179.697054][ T9750]  ? sctp_add_bind_addr+0x89/0x3a0
[  179.702397][ T9750]  should_failslab+0x9/0x20
[  179.706912][ T9750]  kmalloc_trace_noprof+0x6c/0x2c0
[  179.712023][ T9750]  sctp_add_bind_addr+0x89/0x3a0
[  179.716961][ T9750]  sctp_copy_local_addr_list+0x311/0x500
[  179.722663][ T9750]  ? sctp_copy_local_addr_list+0xab/0x500
[  179.728381][ T9750]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  179.734557][ T9750]  ? sctp_v6_is_any+0x60/0x70
[  179.739253][ T9750]  sctp_bind_addr_copy+0xad/0x3b0
[  179.744364][ T9750]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  179.750696][ T9750]  sctp_connect_new_asoc+0x2f3/0x6c0
[  179.755980][ T9750]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  179.761790][ T9750]  ? sctp_get_af_specific+0x2a/0x80
[  179.766988][ T9750]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  179.772795][ T9750]  __sctp_connect+0x66d/0xe30
[  179.777480][ T9750]  ? __pfx___sctp_connect+0x10/0x10
[  179.782675][ T9750]  ? __might_fault+0xc6/0x120
[  179.787433][ T9750]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  179.792977][ T9750]  ? security_sctp_bind_connect+0x90/0xb0
[  179.798714][ T9750]  sctp_getsockopt_connectx3+0x46f/0x730
[  179.804350][ T9750]  ? __local_bh_enable_ip+0x168/0x200
[  179.809723][ T9750]  ? __pfx_sctp_getsockopt_connectx3+0x10/0x10
[  179.815881][ T9750]  ? __local_bh_enable_ip+0x168/0x200
[  179.821253][ T9750]  ? sctp_getsockopt+0x13a/0xbb0
[  179.826186][ T9750]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  179.832002][ T9750]  sctp_getsockopt+0x8de/0xbb0
[  179.836766][ T9750]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  179.842664][ T9750]  do_sock_getsockopt+0x373/0x850
[  179.847698][ T9750]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  179.853238][ T9750]  ? __fget_files+0x3f6/0x470
[  179.857919][ T9750]  __sys_getsockopt+0x271/0x330
[  179.862768][ T9750]  ? __pfx___sys_getsockopt+0x10/0x10
[  179.868140][ T9750]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  179.874465][ T9750]  ? do_syscall_64+0x100/0x230
[  179.879230][ T9750]  __x64_sys_getsockopt+0xb5/0xd0
[  179.884257][ T9750]  do_syscall_64+0xf3/0x230
[  179.888761][ T9750]  ? clear_bhb_loop+0x35/0x90
[  179.893442][ T9750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.899342][ T9750] RIP: 0033:0x7fce6ee7d0a9
[  179.903764][ T9750] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  179.923381][ T9750] RSP: 002b:00007fce6fbc60c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  179.931798][ T9750] RAX: ffffffffffffffda RBX: 00007fce6efb3f80 RCX: 00007fce6ee7d0a9
[  179.939762][ T9750] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000007
[  179.947756][ T9750] RBP: 00007fce6fbc6120 R08: 0000000020000140 R09: 0000000000000000
[  179.955723][ T9750] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000002
[  179.963709][ T9750] R13: 000000000000000b R14: 00007fce6efb3f80 R15: 00007ffd922cfdf8
[  179.971697][ T9750]  </TASK>
[  180.084165][ T9754] syzkaller0: entered promiscuous mode
[  180.102758][ T9754] syzkaller0: entered allmulticast mode
[  180.114719][ T9758] syzkaller1: entered promiscuous mode
[  180.120678][ T9758] syzkaller1: entered allmulticast mode
[  180.199401][    C1] syz_tun: tun_net_xmit 118
[  181.232904][ T5116] Bluetooth: hci0: command 0x0401 tx timeout
[  181.234157][ T5117] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  181.239688][    C1] syz_tun: tun_net_xmit 118
[  181.393360][ T5117] Bluetooth: hci1: command 0x0406 tx timeout
[  181.393554][ T5116] Bluetooth: hci2: command 0x0406 tx timeout
[  182.279357][    C1] syz_tun: tun_net_xmit 118
[  182.556206][ T9748] syz-executor.2 (9748) used greatest stack depth: 17592 bytes left
[  182.626229][ T9780] __nla_validate_parse: 1 callbacks suppressed
[  182.626249][ T9780] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  182.754765][ T9806] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  182.766890][ T9806] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  182.780442][ T9808] lo speed is unknown, defaulting to 1000
[  182.786551][ T9808] lo speed is unknown, defaulting to 1000
[  182.795086][ T9810] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  182.814515][ T9810] xfrm1: entered promiscuous mode
[  182.826152][ T9810] xfrm1: entered allmulticast mode
[  182.839612][ T9808] lo speed is unknown, defaulting to 1000
[  182.869945][ T9808] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  182.900471][ T9808] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  182.971074][ T9808] lo speed is unknown, defaulting to 1000
[  182.978618][ T9808] lo speed is unknown, defaulting to 1000
[  182.986162][ T9808] lo speed is unknown, defaulting to 1000
[  182.993772][ T9808] lo speed is unknown, defaulting to 1000
[  183.001369][ T9808] lo speed is unknown, defaulting to 1000
[  183.008639][ T9808] lo speed is unknown, defaulting to 1000
[  183.319605][    C1] syz_tun: tun_net_xmit 118
[  183.325170][ T5123] Bluetooth: hci0: command 0x0401 tx timeout
[  183.358383][ T9833] FAULT_INJECTION: forcing a failure.
[  183.358383][ T9833] name failslab, interval 1, probability 0, space 0, times 0
[  183.388836][ T9833] CPU: 0 PID: 9833 Comm: syz-executor.2 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  183.399407][ T9833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  183.409488][ T9833] Call Trace:
[  183.412772][ T9833]  <TASK>
[  183.415709][ T9833]  dump_stack_lvl+0x241/0x360
[  183.420414][ T9833]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.425713][ T9833]  ? __pfx__printk+0x10/0x10
[  183.430294][ T9833]  ? ksys_write+0x1a0/0x2c0
[  183.434786][ T9833]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.440879][ T9833]  should_fail_ex+0x3b0/0x4e0
[  183.445577][ T9833]  ? __alloc_skb+0x1c3/0x440
[  183.450169][ T9833]  should_failslab+0x9/0x20
[  183.454671][ T9833]  kmem_cache_alloc_node_noprof+0x71/0x320
[  183.460488][ T9833]  __alloc_skb+0x1c3/0x440
[  183.464903][ T9833]  ? __pfx___alloc_skb+0x10/0x10
[  183.469843][ T9833]  mgmt_cmd_complete+0x47/0x580
[  183.474692][ T9833]  ? trace_kmalloc+0x1f/0xd0
[  183.479298][ T9833]  ? get_connections+0x29f/0x580
[  183.484293][ T9833]  get_connections+0x4b8/0x580
[  183.489087][ T9833]  hci_mgmt_cmd+0xc47/0x11d0
[  183.493699][ T9833]  hci_sock_sendmsg+0x7b8/0x11c0
[  183.498652][ T9833]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  183.504028][ T9833]  ? aa_sock_msg_perm+0x91/0x160
[  183.508968][ T9833]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  183.514338][ T9833]  ? security_socket_sendmsg+0x87/0xb0
[  183.519801][ T9833]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  183.525169][ T9833]  __sock_sendmsg+0x221/0x270
[  183.529853][ T9833]  sock_write_iter+0x2dd/0x400
[  183.534632][ T9833]  ? __pfx_sock_write_iter+0x10/0x10
[  183.539934][ T9833]  ? bpf_lsm_file_permission+0x9/0x10
[  183.545326][ T9833]  ? security_file_permission+0x7f/0xa0
[  183.550906][ T9833]  vfs_write+0xa72/0xc90
[  183.555162][ T9833]  ? __pfx_sock_write_iter+0x10/0x10
[  183.560456][ T9833]  ? __pfx_vfs_write+0x10/0x10
[  183.565244][ T9833]  ksys_write+0x1a0/0x2c0
[  183.569585][ T9833]  ? __pfx_ksys_write+0x10/0x10
[  183.574437][ T9833]  ? do_syscall_64+0x100/0x230
[  183.579205][ T9833]  ? do_syscall_64+0xb6/0x230
[  183.583886][ T9833]  do_syscall_64+0xf3/0x230
[  183.588388][ T9833]  ? clear_bhb_loop+0x35/0x90
[  183.593105][ T9833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.599008][ T9833] RIP: 0033:0x7ff46647d0a9
[  183.603423][ T9833] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  183.623984][ T9833] RSP: 002b:00007ff4672c10c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  183.632484][ T9833] RAX: ffffffffffffffda RBX: 00007ff4665b3f80 RCX: 00007ff46647d0a9
[  183.640543][ T9833] RDX: 0000000000000006 RSI: 0000000020000000 RDI: 0000000000000005
[  183.648511][ T9833] RBP: 00007ff4672c1120 R08: 0000000000000000 R09: 0000000000000000
[  183.656477][ T9833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.664535][ T9833] R13: 000000000000000b R14: 00007ff4665b3f80 R15: 00007ffcf069a758
[  183.672603][ T9833]  </TASK>
[  183.777391][ T9837] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  183.808381][ T9841] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'.
[  183.968821][ T9851] dccp_invalid_packet: P.CsCov 15 exceeds packet length 256
[  184.065840][ T9854] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
[  184.141486][ T9863] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  184.178242][ T9866] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  184.218235][ T9869] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  184.291959][ T9872] syz-executor.1: vmalloc error: size 16781312, failed to allocated page array size 32776, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  184.312683][ T9872] CPU: 0 PID: 9872 Comm: syz-executor.1 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  184.323140][ T9872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  184.333192][ T9872] Call Trace:
[  184.336467][ T9872]  <TASK>
[  184.339392][ T9872]  dump_stack_lvl+0x241/0x360
[  184.344075][ T9872]  ? __pfx_dump_stack_lvl+0x10/0x10
[  184.349278][ T9872]  ? __pfx__printk+0x10/0x10
[  184.353869][ T9872]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  184.360282][ T9872]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  184.366783][ T9872]  warn_alloc+0x278/0x410
[  184.370312][    C1] syz_tun: tun_net_xmit 118
[  184.371112][ T9872]  ? __pfx_warn_alloc+0x10/0x10
[  184.380475][ T9872]  ? xskq_create+0xb6/0x170
[  184.384987][ T9872]  ? __get_vm_area_node+0x23d/0x270
[  184.390191][ T9872]  __vmalloc_node_range_noprof+0x69f/0x1460
[  184.396115][ T9872]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  184.402455][ T9872]  ? __kasan_kmalloc+0x98/0xb0
[  184.407226][ T9872]  ? xskq_create+0x54/0x170
[  184.411731][ T9872]  vmalloc_user_noprof+0x74/0x80
[  184.416668][ T9872]  ? xskq_create+0xb6/0x170
[  184.421166][ T9872]  xskq_create+0xb6/0x170
[  184.425494][ T9872]  xsk_init_queue+0xa1/0x100
[  184.430086][ T9872]  xsk_setsockopt+0x598/0x950
[  184.434763][ T9872]  ? __pfx_xsk_setsockopt+0x10/0x10
[  184.439960][ T9872]  ? __pfx_lock_acquire+0x10/0x10
[  184.444980][ T9872]  ? aa_sock_opt_perm+0x79/0x120
[  184.449922][ T9872]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  184.455465][ T9872]  ? security_socket_setsockopt+0x87/0xb0
[  184.461193][ T9872]  ? __pfx_xsk_setsockopt+0x10/0x10
[  184.466387][ T9872]  do_sock_setsockopt+0x3af/0x720
[  184.471430][ T9872]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  184.476999][ T9872]  ? __fget_files+0x29/0x470
[  184.481609][ T9872]  ? __fget_files+0x3f6/0x470
[  184.486344][ T9872]  __sys_setsockopt+0x1ae/0x250
[  184.491461][ T9872]  __x64_sys_setsockopt+0xb5/0xd0
[  184.496488][ T9872]  do_syscall_64+0xf3/0x230
[  184.500992][ T9872]  ? clear_bhb_loop+0x35/0x90
[  184.505690][ T9872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.511604][ T9872] RIP: 0033:0x7f56b0e7d0a9
[  184.516038][ T9872] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  184.535726][ T9872] RSP: 002b:00007f56b1c130c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  184.544239][ T9872] RAX: ffffffffffffffda RBX: 00007f56b0fb3f80 RCX: 00007f56b0e7d0a9
[  184.552215][ T9872] RDX: 0000000000000003 RSI: 000000000000011b RDI: 000000000000000e
[  184.560179][ T9872] RBP: 00007f56b0eec074 R08: 0000000000000004 R09: 0000000000000000
[  184.568171][ T9872] R10: 00000000200001c0 R11: 0000000000000246 R12: 0000000000000000
[  184.576152][ T9872] R13: 000000000000000b R14: 00007f56b0fb3f80 R15: 00007ffc65696c38
[  184.584226][ T9872]  </TASK>
[  184.599887][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88805c354400: rx timeout, send abort
[  184.629783][ T9872] Mem-Info:
[  184.633083][ T9872] active_anon:16190 inactive_anon:0 isolated_anon:0
[  184.633083][ T9872]  active_file:0 inactive_file:46842 isolated_file:0
[  184.633083][ T9872]  unevictable:768 dirty:15 writeback:0
[  184.633083][ T9872]  slab_reclaimable:11843 slab_unreclaimable:98060
[  184.633083][ T9872]  mapped:20486 shmem:1636 pagetables:711
[  184.633083][ T9872]  sec_pagetables:0 bounce:0
[  184.633083][ T9872]  kernel_misc_reclaimable:0
[  184.633083][ T9872]  free:1376953 free_pcp:713 free_cma:0
[  184.694975][ T9872] Node 0 active_anon:64760kB inactive_anon:0kB active_file:0kB inactive_file:187304kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:81944kB dirty:60kB writeback:0kB shmem:5008kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10880kB pagetables:2844kB sec_pagetables:0kB all_unreclaimable? no
[  184.786450][ T9872] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:64kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  184.837989][ T9872] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  184.889360][ T9872] lowmem_reserve[]: 0 2571 2571 0 0
[  184.894808][ T9872] Node 0 DMA32 free:1543580kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:64712kB inactive_anon:0kB active_file:0kB inactive_file:186992kB unevictable:1536kB writepending:60kB present:3129332kB managed:2659872kB mlocked:0kB bounce:0kB free_pcp:3180kB local_pcp:1964kB free_cma:0kB
[  184.927341][ T9872] lowmem_reserve[]: 0 0 0 0 0
[  184.933807][ T9872] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:312kB unevictable:0kB writepending:0kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  184.961550][ T9872] lowmem_reserve[]: 0 0 0 0 0
[  184.966399][ T9872] Node 1 Normal free:3949040kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:64kB unevictable:1536kB writepending:0kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:492kB local_pcp:0kB free_cma:0kB
[  185.003134][ T9872] lowmem_reserve[]: 0 0 0 0 0
[  185.009004][ T9872] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  185.025803][ T9872] Node 0 DMA32: 210*4kB (ME) 549*8kB (ME) 354*16kB (UME) 181*32kB (UME) 139*64kB (UME) 67*128kB (UME) 53*256kB (UME) 37*512kB (UME) 20*1024kB (UME) 13*2048kB (UME) 349*4096kB (UM) = 1543280kB
[  185.045401][ T9872] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  185.061042][ T9872] Node 1 Normal: 4*4kB (UM) 6*8kB (UM) 7*16kB (UM) 12*32kB (UM) 7*64kB (U) 2*128kB (U) 1*256kB (M) 2*512kB (UM) 0*1024kB 3*2048kB (UM) 962*4096kB (UM) = 3949040kB
[  185.108236][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88805c354400: abort rx timeout. Force session deactivation
[  185.110265][ T9872] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  185.189669][ T9872] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  185.199020][ T9872] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  185.219570][ T9872] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  185.240677][ T9872] 48481 total pagecache pages
[  185.245435][ T9872] 0 pages in swap cache
[  185.265149][ T9872] Free swap  = 124996kB
[  185.282447][ T9872] Total swap = 124996kB
[  185.286655][ T9872] 2097051 pages RAM
[  185.304932][ T9872] 0 pages HighMem/MovableOnly
[  185.333117][ T9872] 400873 pages reserved
[  185.337333][ T9872] 0 pages cma reserved
[  185.389864][    C1] syz_tun: tun_net_xmit 118
[  185.395136][ T9908] netlink: 'syz-executor.2': attribute type 12 has an invalid length.
[  185.775091][ T9929] Cannot find add_set index 0 as target
[  185.838629][ T9932] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  185.977355][ T9939] lo speed is unknown, defaulting to 1000
[  185.985469][ T9930] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  186.292348][ T9961] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[  186.344955][ T9963] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  186.429518][    C1] syz_tun: tun_net_xmit 118
[  186.461914][ T9971] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  186.857189][T10000] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  187.070604][T10013] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  187.203359][T10025] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  187.231642][T10025] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
[  187.445365][T10035] vlan2: entered promiscuous mode
[  187.454593][T10035] team0: entered promiscuous mode
[  187.460655][T10035] team_slave_0: entered promiscuous mode
[  187.466578][T10035] team_slave_1: entered promiscuous mode
[  187.472485][    C1] syz_tun: tun_net_xmit 118
[  187.479444][T10035] vlan2: entered allmulticast mode
[  187.484589][T10035] team0: entered allmulticast mode
[  187.491054][T10035] team_slave_0: entered allmulticast mode
[  187.496846][T10035] team_slave_1: entered allmulticast mode
[  187.508941][T10035] team0: left allmulticast mode
[  187.514306][T10035] team_slave_0: left allmulticast mode
[  187.520692][T10035] team_slave_1: left allmulticast mode
[  187.526530][T10035] team0: left promiscuous mode
[  187.532636][T10035] team_slave_0: left promiscuous mode
[  187.538481][T10035] team_slave_1: left promiscuous mode
[  187.568205][T10037] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  187.579696][T10037] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  187.593019][T10039] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  187.593698][T10037] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[  187.735717][T10042] syz_tun: entered promiscuous mode
[  187.752083][T10042] macvtap1: entered promiscuous mode
[  187.758035][T10042] macvtap1: entered allmulticast mode
[  187.766064][T10042] syz_tun: entered allmulticast mode
[  187.805807][T10042] syz_tun: left allmulticast mode
[  187.812599][T10042] syz_tun: left promiscuous mode
[  187.879297][T10043] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  187.894453][T10043] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  188.160125][T10067] hsr0: entered promiscuous mode
[  188.165800][T10067] hsr0: entered allmulticast mode
[  188.171242][T10067] hsr_slave_0: entered allmulticast mode
[  188.180659][T10067] hsr_slave_1: entered allmulticast mode
[  188.205263][T10069] __nla_validate_parse: 3 callbacks suppressed
[  188.205282][T10069] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[  188.346488][T10079] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  188.416394][T10079] : entered promiscuous mode
[  188.477906][T10079] sctp: [Deprecated]: syz-executor.4 (pid 10079) Use of struct sctp_assoc_value in delayed_ack socket option.
[  188.477906][T10079] Use struct sctp_sack_info instead
[  188.509386][    C1] syz_tun: tun_net_xmit 118
[  188.658940][T10092] x_tables: unsorted underflow at hook 4
[  188.721700][T10098] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.3'.
[  188.905825][   T29] audit: type=1804 audit(1719119189.903:18): pid=10107 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1834808130/syzkaller.wM1rae/359/cgroup.controllers" dev="sda1" ino=1962 res=1 errno=0
[  188.935956][T10107] xt_hashlimit: invalid rate
[  189.046500][T10112] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  189.069483][T10112] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  189.077960][T10112] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[  189.252664][T10116] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.4'.
[  189.274632][T10116] openvswitch: netlink: Geneve option length err (len 3060, max 255).
[  189.300841][T10116] EXT4-fs warning (device sda1): __ext4_ioctl:1258: Setting inode version is not supported with metadata_csum enabled.
[  189.556320][    C1] syz_tun: tun_net_xmit 118
[  189.617398][   T29] audit: type=1804 audit(1719119190.613:19): pid=10136 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1834808130/syzkaller.wM1rae/362/memory.events" dev="sda1" ino=1953 res=1 errno=0
[  189.990087][T10158] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  190.048401][T10158] 8021q: adding VLAN 0 to HW filter on device batadv1
[  190.087097][T10162] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  190.505822][T10175] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  190.569438][    C0] syz_tun: tun_net_xmit 58
[  190.599402][    C1] syz_tun: tun_net_xmit 118
[  190.639744][    C0] syz_tun: tun_net_xmit 58
[  191.213988][ T1084] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.383359][ T1084] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.563783][ T1084] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.630248][    C1] syz_tun: tun_net_xmit 118
[  191.670944][   T53] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  191.682183][   T53] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  191.692969][   T53] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  191.714022][   T53] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  191.722571][   T53] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  191.730826][   T53] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  191.773126][ T1084] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.182951][ T1084] macsec0: left allmulticast mode
[  192.188587][ T1084] veth1_macvtap: left allmulticast mode
[  192.196705][ T1084] macsec0: left promiscuous mode
[  192.202129][ T1084] bridge0: port 3(macsec0) entered disabled state
[  192.212955][ T1084] bridge_slave_1: left allmulticast mode
[  192.218647][ T1084] bridge_slave_1: left promiscuous mode
[  192.224952][ T1084] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.236775][ T1084] bridge_slave_0: left allmulticast mode
[  192.247487][ T1084] bridge_slave_0: left promiscuous mode
[  192.254470][ T1084] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.670419][    C1] syz_tun: tun_net_xmit 118
[  192.688058][ T1084] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  192.702259][ T1084] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  192.714328][ T1084] bond0 (unregistering): Released all slaves
[  192.726842][T10251] bond0: Unable to set peer notification delay as MII monitoring is disabled
[  193.027575][T10223] chnl_net:caif_netlink_parms(): no params data found
[  193.166001][T10277] macvlan0: entered promiscuous mode
[  193.183041][T10277] ipvlan0: entered promiscuous mode
[  193.190906][T10277] ipvlan0: left promiscuous mode
[  193.206779][T10277] macvlan0: left promiscuous mode
[  193.580607][T10300] tls_set_device_offload: netdev not found
[  193.676718][T10310] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  193.712254][T10223] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.719421][    C1] syz_tun: tun_net_xmit 118
[  193.738481][T10223] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.746283][T10223] bridge_slave_0: entered allmulticast mode
[  193.754168][T10223] bridge_slave_0: entered promiscuous mode
[  193.791556][T10315] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  193.802237][   T53] Bluetooth: hci5: command tx timeout
[  193.832510][T10317] Cannot find set identified by id 0 to match
[  193.849666][T10223] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.856841][T10223] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.877174][T10223] bridge_slave_1: entered allmulticast mode
[  193.888501][T10223] bridge_slave_1: entered promiscuous mode
[  193.923116][T10321] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  193.948529][T10321] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  193.967235][T10315] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  193.993886][T10313] mac80211_hwsim hwsim19 wlan0: entered promiscuous mode
[  194.010895][T10313] macvlan2: entered allmulticast mode
[  194.019094][T10324] FAULT_INJECTION: forcing a failure.
[  194.019094][T10324] name failslab, interval 1, probability 0, space 0, times 0
[  194.035547][T10313] mac80211_hwsim hwsim19 wlan0: entered allmulticast mode
[  194.046710][T10324] CPU: 1 PID: 10324 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  194.057250][T10324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  194.067337][T10324] Call Trace:
[  194.070734][T10324]  <TASK>
[  194.073684][T10324]  dump_stack_lvl+0x241/0x360
[  194.078391][T10324]  ? __pfx_dump_stack_lvl+0x10/0x10
[  194.083610][T10324]  ? __pfx__printk+0x10/0x10
[  194.088224][T10324]  should_fail_ex+0x3b0/0x4e0
[  194.092897][T10324]  ? __alloc_skb+0x1c3/0x440
[  194.097473][T10324]  should_failslab+0x9/0x20
[  194.101968][T10324]  kmem_cache_alloc_node_noprof+0x71/0x320
[  194.107791][T10324]  __alloc_skb+0x1c3/0x440
[  194.112215][T10324]  ? __pfx___might_resched+0x10/0x10
[  194.117519][T10324]  ? __pfx___alloc_skb+0x10/0x10
[  194.122452][T10324]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[  194.128507][T10324]  ? security_socket_getpeersec_dgram+0x88/0xb0
[  194.134759][T10324]  netlink_sendmsg+0x638/0xcb0
[  194.139567][T10324]  ? __pfx_netlink_sendmsg+0x10/0x10
[  194.144875][T10324]  ? __import_iovec+0x536/0x820
[  194.149743][T10324]  ? aa_sock_msg_perm+0x91/0x160
[  194.154721][T10324]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  194.160016][T10324]  ? security_socket_sendmsg+0x87/0xb0
[  194.165518][T10324]  ? __pfx_netlink_sendmsg+0x10/0x10
[  194.170798][T10324]  __sock_sendmsg+0x221/0x270
[  194.175469][T10324]  ____sys_sendmsg+0x525/0x7d0
[  194.180248][T10324]  ? __pfx_____sys_sendmsg+0x10/0x10
[  194.185560][T10324]  __sys_sendmsg+0x2b0/0x3a0
[  194.190157][T10324]  ? __pfx___sys_sendmsg+0x10/0x10
[  194.195260][T10324]  ? vfs_write+0x7c4/0xc90
[  194.199727][T10324]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  194.206061][T10324]  ? do_syscall_64+0x100/0x230
[  194.210821][T10324]  ? do_syscall_64+0xb6/0x230
[  194.215489][T10324]  do_syscall_64+0xf3/0x230
[  194.219993][T10324]  ? clear_bhb_loop+0x35/0x90
[  194.224704][T10324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.230601][T10324] RIP: 0033:0x7f04bdc7d0a9
[  194.235054][T10324] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  194.254659][T10324] RSP: 002b:00007f04bd7ff0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  194.263072][T10324] RAX: ffffffffffffffda RBX: 00007f04bddb3f80 RCX: 00007f04bdc7d0a9
[  194.271041][T10324] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003
[  194.279001][T10324] RBP: 00007f04bd7ff120 R08: 0000000000000000 R09: 0000000000000000
[  194.286969][T10324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.294967][T10324] R13: 000000000000000b R14: 00007f04bddb3f80 R15: 00007ffcd28a7f88
[  194.302964][T10324]  </TASK>
[  194.308748][T10313] mac80211_hwsim hwsim19 wlan0: left promiscuous mode
[  194.397010][T10325] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  194.407123][T10325] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  194.416097][T10325] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  194.425007][T10325] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  194.438229][T10325] vxlan0: entered promiscuous mode
[  194.443514][T10325] vxlan0: entered allmulticast mode
[  194.454251][T10325] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  194.463794][T10325] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  194.472786][T10325] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  194.482686][T10325] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  194.547250][T10223] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  194.567102][ T1084] hsr_slave_0: left promiscuous mode
[  194.574885][ T1084] hsr_slave_1: left promiscuous mode
[  194.581963][ T1084] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  194.590837][ T1084] batman_adv: batadv0: Removing interface: batadv_slave_0
[  194.612305][ T1084] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  194.629340][ T1084] batman_adv: batadv0: Removing interface: batadv_slave_1
[  194.676969][ T1084] veth1_macvtap: left promiscuous mode
[  194.678460][ T1246] ieee802154 phy0 wpan0: encryption failed: -22
[  194.682961][ T1084] veth0_macvtap: left promiscuous mode
[  194.692701][ T1246] ieee802154 phy1 wpan1: encryption failed: -22
[  194.694717][ T1084] veth1_vlan: left promiscuous mode
[  194.706679][ T1084] veth0_vlan: left promiscuous mode
[  194.749317][    C1] syz_tun: tun_net_xmit 118
[  194.903973][T10345] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  195.329386][T10358] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  195.487326][ T1084] team0 (unregistering): Port device team_slave_1 removed
[  195.534116][ T1084] team0 (unregistering): Port device team_slave_0 removed
[  195.805358][    C1] syz_tun: tun_net_xmit 118
[  195.874544][   T53] Bluetooth: hci5: command tx timeout
[  196.054595][T10335] macvlan0: entered promiscuous mode
[  196.065114][T10335] ipvlan0: entered promiscuous mode
[  196.072175][T10335] ipvlan0: left promiscuous mode
[  196.078372][T10335] macvlan0: left promiscuous mode
[  196.094519][T10223] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  196.131643][T10370] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  196.460415][T10223] team0: Port device team_slave_0 added
[  196.493794][T10223] team0: Port device team_slave_1 added
[  196.606888][T10223] batman_adv: batadv0: Adding interface: batadv_slave_0
[  196.634432][T10223] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.673079][T10223] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  196.720782][T10223] batman_adv: batadv0: Adding interface: batadv_slave_1
[  196.727754][T10223] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.754644][T10223] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  196.839293][    C1] syz_tun: tun_net_xmit 118
[  196.864664][T10223] hsr_slave_0: entered promiscuous mode
[  196.875405][T10223] hsr_slave_1: entered promiscuous mode
[  196.883873][T10223] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  196.895271][T10223] Cannot create hsr debugfs directory
[  197.089913][T10399] netlink: 14568 bytes leftover after parsing attributes in process `syz-executor.2'.
[  197.273543][T10410] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  197.283993][T10410] syz_tun: tun_net_xmit 86
[  197.294588][T10410] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.4'.
[  197.348577][T10410] Κό: entered promiscuous mode
[  197.374580][T10413] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  197.386037][T10410] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  197.460313][T10416] vlan2: entered promiscuous mode
[  197.468693][T10416] bridge0: entered promiscuous mode
[  197.486120][T10416] vlan2: entered allmulticast mode
[  197.499546][T10416] bridge0: entered allmulticast mode
[  197.519033][T10416] bridge0: left allmulticast mode
[  197.531115][T10416] bridge0: left promiscuous mode
[  197.586420][T10418] netlink: 'syz-executor.3': attribute type 11 has an invalid length.
[  197.595888][T10418] netlink: 'syz-executor.3': attribute type 5 has an invalid length.
[  197.606156][T10422] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  197.807391][T10435] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  197.816228][T10435] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  197.830035][T10437] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.3'.
[  197.840060][T10437] openvswitch: netlink: IP tunnel attribute has 3060 unknown bytes.
[  197.869397][    C1] syz_tun: tun_net_xmit 118
[  197.949686][   T53] Bluetooth: hci5: command tx timeout
[  198.019388][   T29] audit: type=1804 audit(1719119199.013:20): pid=10442 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir359298346/syzkaller.CEvMzp/187/cgroup.controllers" dev="sda1" ino=1960 res=1 errno=0
[  198.106864][T10448] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  198.165021][T10450] xt_NFQUEUE: number of queues (65530) out of range (got 66566)
[  198.235292][T10448] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  198.351027][    C1] syz_tun: tun_net_xmit 86
[  198.375019][T10459] x_tables: duplicate underflow at hook 2
[  198.456436][T10452] team0 (unregistering): Port device team_slave_1 removed
[  198.496535][T10452] team0 (unregistering): Port device bond0 removed
[  198.919408][    C1] syz_tun: tun_net_xmit 118
[  199.060333][T10485] __nla_validate_parse: 1 callbacks suppressed
[  199.060355][T10485] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  199.399518][    C1] syz_tun: tun_net_xmit 86
[  199.950541][    C1] syz_tun: tun_net_xmit 118
[  200.029292][   T53] Bluetooth: hci5: command tx timeout
[  200.593911][T10223] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  200.603635][T10223] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  200.616103][T10474] ip6tnl2: entered promiscuous mode
[  200.626810][T10474] ip6tnl2: entered allmulticast mode
[  200.721800][T10223] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  200.764479][T10223] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  200.945688][   T29] audit: type=1804 audit(1719119201.933:21): pid=10497 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1834808130/syzkaller.wM1rae/388/cgroup.controllers" dev="sda1" ino=1957 res=1 errno=0
[  200.989462][    C1] syz_tun: tun_net_xmit 118
[  201.088224][T10223] 8021q: adding VLAN 0 to HW filter on device bond0
[  201.160256][T10223] 8021q: adding VLAN 0 to HW filter on device team0
[  201.215494][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  201.222693][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  201.262202][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.269430][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  201.326868][T10521] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  201.697765][T10223] 8021q: adding VLAN 0 to HW filter on device batadv0
[  201.706697][T10540] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  201.752177][T10540] netlink: 188 bytes leftover after parsing attributes in process `syz-executor.4'.
[  201.784244][T10223] veth0_vlan: entered promiscuous mode
[  201.799342][T10542] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'.
[  201.819858][T10223] veth1_vlan: entered promiscuous mode
[  201.926454][T10223] veth0_macvtap: entered promiscuous mode
[  201.949747][T10223] veth1_macvtap: entered promiscuous mode
[  201.976725][   T29] audit: type=1804 audit(1719119202.973:22): pid=10547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2114541528/syzkaller.clajzG/125/cgroup.controllers" dev="sda1" ino=1953 res=1 errno=0
[  202.018320][T10223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.029550][    C1] syz_tun: tun_net_xmit 118
[  202.044327][T10223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.061226][T10223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.072378][T10223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.084186][T10223] batman_adv: batadv0: Interface activated: batadv_slave_0
[  202.106143][T10223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.130337][T10550] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.4'.
[  202.147590][T10223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.169222][T10223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.180291][T10223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.190849][T10223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.207404][T10223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.238721][T10223] batman_adv: batadv0: Interface activated: batadv_slave_1
[  202.289506][T10223] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  202.298253][T10223] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  202.327170][T10223] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  202.337699][T10223] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  202.360553][T10560] netlink: 766 bytes leftover after parsing attributes in process `syz-executor.0'.
[  202.378188][T10563] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  202.403130][T10563] gtp0: entered promiscuous mode
[  202.408561][T10563] gtp0: entered allmulticast mode
[  202.442751][T10567] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  202.494541][T10570] FAULT_INJECTION: forcing a failure.
[  202.494541][T10570] name failslab, interval 1, probability 0, space 0, times 0
[  202.495505][T10566] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  202.507551][T10570] CPU: 1 PID: 10570 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  202.527343][T10570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  202.537516][T10570] Call Trace:
[  202.540812][T10570]  <TASK>
[  202.543848][T10570]  dump_stack_lvl+0x241/0x360
[  202.548546][T10570]  ? __pfx_dump_stack_lvl+0x10/0x10
[  202.553779][T10570]  ? __pfx__printk+0x10/0x10
[  202.558398][T10570]  should_fail_ex+0x3b0/0x4e0
[  202.563080][T10570]  ? sctp_add_bind_addr+0x89/0x3a0
[  202.568187][T10570]  should_failslab+0x9/0x20
[  202.572688][T10570]  kmalloc_trace_noprof+0x6c/0x2c0
[  202.577797][T10570]  sctp_add_bind_addr+0x89/0x3a0
[  202.582734][T10570]  sctp_copy_local_addr_list+0x311/0x500
[  202.588362][T10570]  ? sctp_copy_local_addr_list+0xab/0x500
[  202.594084][T10570]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  202.600238][T10570]  ? sctp_v6_is_any+0x60/0x70
[  202.604918][T10570]  sctp_bind_addr_copy+0xad/0x3b0
[  202.609937][T10570]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  202.616268][T10570]  sctp_connect_new_asoc+0x2f3/0x6c0
[  202.621552][T10570]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  202.627356][T10570]  ? sctp_sendmsg+0xbb9/0x3520
[  202.632216][T10570]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  202.637760][T10570]  ? security_sctp_bind_connect+0x90/0xb0
[  202.643484][T10570]  sctp_sendmsg+0x219a/0x3520
[  202.648178][T10570]  ? __pfx_sctp_sendmsg+0x10/0x10
[  202.653208][T10570]  ? __pfx_aa_sk_perm+0x10/0x10
[  202.658070][T10570]  ? inet_sendmsg+0x330/0x390
[  202.662755][T10570]  __sock_sendmsg+0x1a6/0x270
[  202.667432][T10570]  ____sys_sendmsg+0x525/0x7d0
[  202.672201][T10570]  ? __pfx_____sys_sendmsg+0x10/0x10
[  202.677497][T10570]  __sys_sendmmsg+0x3b2/0x740
[  202.682178][T10570]  ? __pfx___sys_sendmmsg+0x10/0x10
[  202.687405][T10570]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  202.693299][T10570]  ? ksys_write+0x23e/0x2c0
[  202.697798][T10570]  ? __pfx_lock_release+0x10/0x10
[  202.702826][T10570]  ? vfs_write+0x7c4/0xc90
[  202.707242][T10570]  ? __mutex_unlock_slowpath+0x21d/0x750
[  202.712873][T10570]  ? __pfx_vfs_write+0x10/0x10
[  202.717742][T10570]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  202.723722][T10570]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  202.730046][T10570]  ? do_syscall_64+0x100/0x230
[  202.734901][T10570]  __x64_sys_sendmmsg+0xa0/0xb0
[  202.739755][T10570]  do_syscall_64+0xf3/0x230
[  202.744256][T10570]  ? clear_bhb_loop+0x35/0x90
[  202.748942][T10570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.754924][T10570] RIP: 0033:0x7f04bdc7d0a9
[  202.759337][T10570] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  202.778946][T10570] RSP: 002b:00007f04bd7ff0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  202.787361][T10570] RAX: ffffffffffffffda RBX: 00007f04bddb3f80 RCX: 00007f04bdc7d0a9
[  202.795422][T10570] RDX: 0000000000000002 RSI: 0000000020003e00 RDI: 0000000000000003
[  202.803398][T10570] RBP: 00007f04bd7ff120 R08: 0000000000000000 R09: 0000000000000000
[  202.811394][T10570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  202.819447][T10570] R13: 000000000000000b R14: 00007f04bddb3f80 R15: 00007ffcd28a7f88
[  202.827502][T10570]  </TASK>
[  203.020105][ T7009] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  203.034686][ T7009] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  203.069502][    C1] syz_tun: tun_net_xmit 118
[  203.077793][ T7009] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  203.101536][ T7009] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.049023][T10608] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_to_team, syncid = 0, id = 0
[  204.119288][    C1] syz_tun: tun_net_xmit 118
[  204.122349][T10610] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.787065][T10622] x_tables: duplicate underflow at hook 2
[  204.863923][T10626] FAULT_INJECTION: forcing a failure.
[  204.863923][T10626] name failslab, interval 1, probability 0, space 0, times 0
[  204.883800][T10626] CPU: 1 PID: 10626 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  204.894359][T10626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  204.904442][T10626] Call Trace:
[  204.907743][T10626]  <TASK>
[  204.910712][T10626]  dump_stack_lvl+0x241/0x360
[  204.915429][T10626]  ? __pfx_dump_stack_lvl+0x10/0x10
[  204.920751][T10626]  ? __pfx__printk+0x10/0x10
[  204.925371][T10626]  should_fail_ex+0x3b0/0x4e0
[  204.930062][T10626]  ? __alloc_skb+0x1c3/0x440
[  204.934860][T10626]  should_failslab+0x9/0x20
[  204.939407][T10626]  kmem_cache_alloc_node_noprof+0x71/0x320
[  204.945256][T10626]  __alloc_skb+0x1c3/0x440
[  204.949710][T10626]  ? __pfx___alloc_skb+0x10/0x10
[  204.954688][T10626]  ? netlink_ack_tlv_len+0x6e/0x200
[  204.959923][T10626]  netlink_ack+0x13f/0xa30
[  204.964370][T10626]  ? __pfx_lock_acquire+0x10/0x10
[  204.969434][T10626]  ? __pfx_netlbl_cipsov4_list+0x10/0x10
[  204.975110][T10626]  netlink_rcv_skb+0x262/0x430
[  204.979909][T10626]  ? __pfx_genl_rcv_msg+0x10/0x10
[  204.985054][T10626]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  204.990406][T10626]  genl_rcv+0x28/0x40
[  204.994418][T10626]  netlink_unicast+0x7f0/0x990
[  204.999231][T10626]  ? __pfx_netlink_unicast+0x10/0x10
[  205.004548][T10626]  ? __virt_addr_valid+0x183/0x520
[  205.009701][T10626]  ? __check_object_size+0x49c/0x900
[  205.015107][T10626]  ? bpf_lsm_netlink_send+0x9/0x10
[  205.020266][T10626]  netlink_sendmsg+0x8e4/0xcb0
[  205.025073][T10626]  ? __pfx_netlink_sendmsg+0x10/0x10
[  205.030392][T10626]  ? __import_iovec+0x536/0x820
[  205.035272][T10626]  ? aa_sock_msg_perm+0x91/0x160
[  205.040247][T10626]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  205.045557][T10626]  ? security_socket_sendmsg+0x87/0xb0
[  205.051049][T10626]  ? __pfx_netlink_sendmsg+0x10/0x10
[  205.056359][T10626]  __sock_sendmsg+0x221/0x270
[  205.061069][T10626]  ____sys_sendmsg+0x525/0x7d0
[  205.065879][T10626]  ? __pfx_____sys_sendmsg+0x10/0x10
[  205.071212][T10626]  __sys_sendmsg+0x2b0/0x3a0
[  205.075835][T10626]  ? __pfx___sys_sendmsg+0x10/0x10
[  205.080978][T10626]  ? vfs_write+0x7c4/0xc90
[  205.085464][T10626]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  205.091820][T10626]  ? do_syscall_64+0x100/0x230
[  205.096613][T10626]  ? do_syscall_64+0xb6/0x230
[  205.101319][T10626]  do_syscall_64+0xf3/0x230
[  205.105931][T10626]  ? clear_bhb_loop+0x35/0x90
[  205.110635][T10636] __nla_validate_parse: 2 callbacks suppressed
[  205.110651][T10636] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  205.110641][T10626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.110673][T10626] RIP: 0033:0x7f04bdc7d0a9
[  205.136250][T10626] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  205.155865][T10626] RSP: 002b:00007f04bd7ff0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  205.164277][T10626] RAX: ffffffffffffffda RBX: 00007f04bddb3f80 RCX: 00007f04bdc7d0a9
[  205.172238][T10626] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[  205.180199][T10626] RBP: 00007f04bd7ff120 R08: 0000000000000000 R09: 0000000000000000
[  205.188172][T10626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.196138][T10626] R13: 000000000000000b R14: 00007f04bddb3f80 R15: 00007ffcd28a7f88
[  205.204129][T10626]  </TASK>
[  205.213384][    C1] syz_tun: tun_net_xmit 118
[  205.292568][T10638] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  205.593133][T10652] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.0'.
[  206.027299][T10652] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.0'.
[  206.126563][T10661] FAULT_INJECTION: forcing a failure.
[  206.126563][T10661] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  206.147135][T10661] CPU: 1 PID: 10661 Comm: syz-executor.3 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  206.157689][T10661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  206.167767][T10661] Call Trace:
[  206.171061][T10661]  <TASK>
[  206.174004][T10661]  dump_stack_lvl+0x241/0x360
[  206.178720][T10661]  ? __pfx_dump_stack_lvl+0x10/0x10
[  206.183951][T10661]  ? __pfx__printk+0x10/0x10
[  206.188559][T10661]  ? __pfx_lock_release+0x10/0x10
[  206.193602][T10661]  ? vfs_write+0x7c4/0xc90
[  206.198050][T10661]  should_fail_ex+0x3b0/0x4e0
[  206.202757][T10661]  _copy_from_user+0x2f/0xe0
[  206.207366][T10661]  get_timespec64+0x97/0x280
[  206.211979][T10661]  ? __pfx_get_timespec64+0x10/0x10
[  206.217206][T10661]  __x64_sys_recvmmsg+0x140/0x250
[  206.222263][T10661]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  206.227842][T10661]  ? do_syscall_64+0x100/0x230
[  206.232660][T10661]  ? do_syscall_64+0xb6/0x230
[  206.237370][T10661]  do_syscall_64+0xf3/0x230
[  206.241895][T10661]  ? clear_bhb_loop+0x35/0x90
[  206.246606][T10661]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.250948][T10663] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  206.252510][T10661] RIP: 0033:0x7fb0f6e7d0a9
[  206.262401][T10663] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  206.266079][T10661] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  206.282592][T10663] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  206.294944][T10661] RSP: 002b:00007fb0f7cde0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  206.294972][T10661] RAX: ffffffffffffffda RBX: 00007fb0f6fb3f80 RCX: 00007fb0f6e7d0a9
[  206.294986][T10661] RDX: 04000000000003b4 RSI: 00000000200037c0 RDI: 0000000000000003
[  206.294998][T10661] RBP: 00007fb0f7cde120 R08: 0000000020003700 R09: 0000000000000000
[  206.295009][T10661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.295027][T10661] R13: 000000000000000b R14: 00007fb0f6fb3f80 R15: 00007fffc85c1ad8
[  206.295054][T10661]  </TASK>
[  206.296751][    C1] syz_tun: tun_net_xmit 118
[  206.365906][T10663] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'.
[  206.503227][T10668] hsr0: entered promiscuous mode
[  206.522879][T10668] netlink: 'syz-executor.3': attribute type 9 has an invalid length.
[  206.543137][T10668] netlink: 209836 bytes leftover after parsing attributes in process `syz-executor.3'.
[  206.576832][T10671] netlink: 207496 bytes leftover after parsing attributes in process `syz-executor.3'.
[  206.592273][T10667] hsr0: left promiscuous mode
[  206.638270][T10673] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  206.888142][T10610] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.002972][T10610] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.128190][T10610] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.309404][    C1] syz_tun: tun_net_xmit 118
[  207.337152][T10610] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  207.366403][T10610] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  207.388166][T10610] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  207.424689][T10610] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  207.606935][T10709] syz-executor.0 uses old SIOCAX25GETINFO
[  207.641603][T10709] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  207.675736][T10709] netlink: 'syz-executor.0': attribute type 19 has an invalid length.
[  207.692486][T10709] netlink: 'syz-executor.0': attribute type 19 has an invalid length.
[  208.052042][T10734] syz_tun: tun_net_xmit 42
[  208.257393][T10747] dccp_invalid_packet: P.CsCov 4 exceeds packet length 28
[  208.350306][    C1] syz_tun: tun_net_xmit 118
[  208.447589][T10763] Bluetooth: MGMT ver 1.22
[  208.453265][T10763] Bluetooth: hci3: invalid length 0, exp 2 for type 17
[  209.069331][    C0] syz_tun: tun_net_xmit 42
[  209.097862][T10796] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  209.196250][T10799] netlink: 'syz-executor.4': attribute type 18 has an invalid length.
[  209.250657][T10801] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  209.389582][    C1] syz_tun: tun_net_xmit 118
[  209.689946][T10821] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  209.795571][ T5163] IPVS: starting estimator thread 0...
[  209.869664][T10830] netlink: 'syz-executor.0': attribute type 11 has an invalid length.
[  209.910273][T10826] IPVS: using max 32 ests per chain, 76800 per kthread
[  210.109324][    C0] syz_tun: tun_net_xmit 42
[  210.430173][    C1] syz_tun: tun_net_xmit 118
[  210.491770][T10860] __nla_validate_parse: 11 callbacks suppressed
[  210.491792][T10860] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.1'.
[  210.711437][T10873] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  210.728658][T10873] sctp: [Deprecated]: syz-executor.4 (pid 10873) Use of struct sctp_assoc_value in delayed_ack socket option.
[  210.728658][T10873] Use struct sctp_sack_info instead
[  210.753200][T10873] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  210.764163][T10877] sctp: [Deprecated]: syz-executor.4 (pid 10877) Use of struct sctp_assoc_value in delayed_ack socket option.
[  210.764163][T10877] Use struct sctp_sack_info instead
[  211.469638][    C1] syz_tun: tun_net_xmit 118
[  211.475585][T10920] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  211.854344][T10945] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  212.388629][T10956] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  212.509510][    C1] syz_tun: tun_net_xmit 118
[  212.803896][T10988] netlink: 112 bytes leftover after parsing attributes in process `syz-executor.1'.
[  212.835585][T10987] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  213.097412][T11008] netlink: zone id is out of range
[  213.122857][T11008] netlink: zone id is out of range
[  213.126283][T11012] bond0: option min_links: invalid value (18446744071578845184)
[  213.127996][T11008] netlink: zone id is out of range
[  213.131186][T11013] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  213.138807][T11012] bond0: option min_links: allowed values 0 - 2147483647
[  213.147348][T11008] netlink: zone id is out of range
[  213.166120][T11013] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  213.199520][T11008] netlink: zone id is out of range
[  213.205754][T11008] netlink: zone id is out of range
[  213.265669][T11020] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  213.275999][T11008] netlink: set zone limit has 4 unknown bytes
[  213.291220][T11020] ip6tnl0: Master is either lo or non-ether device
[  213.336914][T11008] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  213.337537][T11025] TCP: request_sock_TCP: Possible SYN flooding on port 0.0.0.0:20002. Sending cookies.
[  213.507200][T11035] tipc: Started in network mode
[  213.530736][T11035] tipc: Node identity ac141427, cluster identity 4711
[  213.549546][    C1] syz_tun: tun_net_xmit 118
[  213.555524][T11035] tipc: New replicast peer: 172.20.20.26
[  213.564255][T11035] tipc: Enabled bearer <udp:syz1>, priority 10
[  213.633773][T11041] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.4'.
[  213.815703][T11047] pim6reg1: entered promiscuous mode
[  213.823484][T11047] pim6reg1: entered allmulticast mode
[  213.964770][T11057] --map-set only usable from mangle table
[  214.004079][T11061] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.1'.
[  214.023322][T11061] Κό: entered promiscuous mode
[  214.559708][  T784] tipc: Node number set to 2886997031
[  214.589520][    C1] syz_tun: tun_net_xmit 118
[  214.763909][T11082] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  215.032549][T11093] x_tables: eb_tables: quota.0 match: invalid size 24 (kernel) != (user) 0
[  215.629321][    C1] syz_tun: tun_net_xmit 118
[  215.664959][T11138] __nla_validate_parse: 10 callbacks suppressed
[  215.664975][T11138] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  215.718924][T11139] netlink: 'syz-executor.3': attribute type 9 has an invalid length.
[  215.742178][T11138] sctp: [Deprecated]: syz-executor.3 (pid 11138) Use of struct sctp_assoc_value in delayed_ack socket option.
[  215.742178][T11138] Use struct sctp_sack_info instead
[  215.870464][T11146] IPVS: length: 67 != 8
[  215.884792][T11146] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  216.669302][    C1] syz_tun: tun_net_xmit 118
[  216.771173][T11157] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  217.433798][T11182] ip6_tunnel: non-ECT from 81e9:49b9:3897:bc3b:0000:0000:0000:7d01 with DS=0x1
[  217.710292][    C1] syz_tun: tun_net_xmit 118
[  217.922178][T11201] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  217.967587][T11196] tap0: tun_chr_ioctl cmd 1074025675
[  217.984150][T11196] tap0: persist enabled
[  218.001727][T11196] netlink: 'syz-executor.4': attribute type 21 has an invalid length.
[  218.015800][T11196] netlink: 'syz-executor.4': attribute type 20 has an invalid length.
[  218.026897][T11203] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  218.137589][T11208] x_tables: unsorted underflow at hook 4
[  218.225984][T11212] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  218.247437][T11214] netlink: 13042 bytes leftover after parsing attributes in process `syz-executor.4'.
[  218.327744][T11221] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  218.377193][T11220] syzkaller0: entered promiscuous mode
[  218.382972][T11220] syzkaller0: entered allmulticast mode
[  218.749444][    C1] syz_tun: tun_net_xmit 118
[  219.793717][    C1] syz_tun: tun_net_xmit 118
[  220.213304][T11246] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  220.658009][T11270] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  220.833997][    C1] syz_tun: tun_net_xmit 118
[  221.088616][T11296] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  221.107821][T11296] openvswitch: netlink: Flow actions attr not present in new flow.
[  221.157849][T11304] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.3'.
[  221.251702][T11308] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  221.264955][T11310] FAULT_INJECTION: forcing a failure.
[  221.264955][T11310] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.280080][T11310] CPU: 0 PID: 11310 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  221.290624][T11310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  221.300710][T11310] Call Trace:
[  221.304013][T11310]  <TASK>
[  221.306956][T11310]  dump_stack_lvl+0x241/0x360
[  221.311645][T11310]  ? __pfx_dump_stack_lvl+0x10/0x10
[  221.316847][T11310]  ? __pfx__printk+0x10/0x10
[  221.321454][T11310]  ? snprintf+0xda/0x120
[  221.325720][T11310]  should_fail_ex+0x3b0/0x4e0
[  221.330502][T11310]  _copy_to_user+0x2f/0xb0
[  221.334946][T11310]  simple_read_from_buffer+0xca/0x150
[  221.340434][T11310]  proc_fail_nth_read+0x1e9/0x250
[  221.345488][T11310]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  221.351066][T11310]  ? rw_verify_area+0x514/0x6b0
[  221.355918][T11310]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  221.361459][T11310]  vfs_read+0x204/0xbd0
[  221.365611][T11310]  ? __pfx_lock_release+0x10/0x10
[  221.370633][T11310]  ? do_sock_setsockopt+0x3e2/0x720
[  221.375839][T11310]  ? __pfx_vfs_read+0x10/0x10
[  221.380515][T11310]  ? __fget_files+0x29/0x470
[  221.385103][T11310]  ? __fget_files+0x3f6/0x470
[  221.389793][T11310]  ksys_read+0x1a0/0x2c0
[  221.394041][T11310]  ? __pfx_ksys_read+0x10/0x10
[  221.398798][T11310]  ? do_syscall_64+0x100/0x230
[  221.403559][T11310]  ? do_syscall_64+0xb6/0x230
[  221.408405][T11310]  do_syscall_64+0xf3/0x230
[  221.412990][T11310]  ? clear_bhb_loop+0x35/0x90
[  221.417663][T11310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.423554][T11310] RIP: 0033:0x7f04bdc7bd4c
[  221.427963][T11310] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 59 81 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 af 81 02 00 48
[  221.447656][T11310] RSP: 002b:00007f04bd7ff0c0 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  221.456073][T11310] RAX: ffffffffffffffda RBX: 00007f04bddb3f80 RCX: 00007f04bdc7bd4c
[  221.464047][T11310] RDX: 000000000000000f RSI: 00007f04bd7ff130 RDI: 0000000000000006
[  221.472013][T11310] RBP: 00007f04bd7ff120 R08: 0000000000000000 R09: 0000000000000000
[  221.479985][T11310] R10: 00000000200003c0 R11: 0000000000000246 R12: 0000000000000001
[  221.487956][T11310] R13: 000000000000000b R14: 00007f04bddb3f80 R15: 00007ffcd28a7f88
[  221.495954][T11310]  </TASK>
[  221.728238][T11319] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.4'.
[  221.794798][T11321] bridge0: port 2(bridge_slave_1) entered forwarding state
[  221.869306][    C1] syz_tun: tun_net_xmit 118
[  222.909423][    C1] syz_tun: tun_net_xmit 118
[  223.949279][    C1] syz_tun: tun_net_xmit 118
[  224.187742][T11360] netlink: 88 bytes leftover after parsing attributes in process `syz-executor.0'.
[  224.225626][T11354] ip6erspan0: entered promiscuous mode
[  224.718725][T11374] syz_tun: tun_net_xmit 42
[  224.737931][T11374] syz_tun: tun_net_xmit 42
[  224.748465][T11374] syz_tun: tun_net_xmit 42
[  224.774747][T11374] syz_tun: tun_net_xmit 42
[  224.787325][T11374] syz_tun: tun_net_xmit 42
[  224.796623][T11374] syz_tun: tun_net_xmit 42
[  224.809845][T11374] syz_tun: tun_net_xmit 42
[  224.814714][T11374] syz_tun: tun_net_xmit 42
[  224.826555][T11374] syz_tun: tun_net_xmit 42
[  224.836250][T11374] syz_tun: tun_net_xmit 42
[  224.841868][T11374] syz_tun: tun_net_xmit 42
[  224.846698][T11374] syz_tun: tun_net_xmit 42
[  224.861468][T11374] syz_tun: tun_net_xmit 42
[  224.866338][T11374] syz_tun: tun_net_xmit 42
[  224.877695][T11374] syz_tun: tun_net_xmit 42
[  224.884462][T11374] syz_tun: tun_net_xmit 42
[  224.895900][T11374] syz_tun: tun_net_xmit 42
[  224.903365][T11374] syz_tun: tun_net_xmit 42
[  224.908223][T11374] syz_tun: tun_net_xmit 42
[  224.928106][T11374] syz_tun: tun_net_xmit 42
[  224.933416][T11374] syz_tun: tun_net_xmit 42
[  224.947107][T11374] syz_tun: tun_net_xmit 42
[  224.959867][T11374] syz_tun: tun_net_xmit 42
[  224.964710][T11374] syz_tun: tun_net_xmit 42
[  224.989463][    C1] syz_tun: tun_net_xmit 118
[  224.994189][    C1] syz_tun: tun_net_xmit 42
[  224.998706][    C1] syz_tun: tun_net_xmit 42
[  225.003284][    C1] syz_tun: tun_net_xmit 42
[  225.007805][    C1] syz_tun: tun_net_xmit 42
[  225.012370][    C1] syz_tun: tun_net_xmit 42
[  225.016890][    C1] syz_tun: tun_net_xmit 42
[  225.021452][    C1] syz_tun: tun_net_xmit 42
[  225.026037][    C1] syz_tun: tun_net_xmit 42
[  225.030625][    C1] syz_tun: tun_net_xmit 42
[  225.035152][    C1] syz_tun: tun_net_xmit 42
[  225.039720][    C1] syz_tun: tun_net_xmit 42
[  225.044245][    C1] syz_tun: tun_net_xmit 42
[  225.048808][    C1] syz_tun: tun_net_xmit 42
[  225.053363][    C1] syz_tun: tun_net_xmit 42
[  225.057886][    C1] syz_tun: tun_net_xmit 42
[  225.062485][    C1] syz_tun: tun_net_xmit 42
[  225.067008][    C1] syz_tun: tun_net_xmit 42
[  225.071588][    C1] syz_tun: tun_net_xmit 42
[  225.076117][    C1] syz_tun: tun_net_xmit 42
[  225.080682][    C1] syz_tun: tun_net_xmit 42
[  225.085200][    C1] syz_tun: tun_net_xmit 42
[  225.089720][    C1] syz_tun: tun_net_xmit 42
[  225.094244][    C1] syz_tun: tun_net_xmit 42
[  225.098753][    C1] syz_tun: tun_net_xmit 42
[  225.103313][    C1] syz_tun: tun_net_xmit 42
[  225.107834][    C1] syz_tun: tun_net_xmit 42
[  225.112402][    C1] syz_tun: tun_net_xmit 42
[  225.116914][    C1] syz_tun: tun_net_xmit 42
[  225.121493][    C1] syz_tun: tun_net_xmit 42
[  225.125972][    C1] syz_tun: tun_net_xmit 42
[  225.130520][    C1] syz_tun: tun_net_xmit 42
[  225.134992][    C1] syz_tun: tun_net_xmit 42
[  225.139541][    C1] syz_tun: tun_net_xmit 42
[  225.144060][    C1] syz_tun: tun_net_xmit 42
[  225.148536][    C1] syz_tun: tun_net_xmit 42
[  225.153024][    C1] syz_tun: tun_net_xmit 42
[  225.157520][    C1] syz_tun: tun_net_xmit 42
[  225.162088][    C1] syz_tun: tun_net_xmit 42
[  225.166570][    C1] syz_tun: tun_net_xmit 42
[  225.171138][    C1] syz_tun: tun_net_xmit 42
[  225.175688][    C1] syz_tun: tun_net_xmit 42
[  225.180258][    C1] syz_tun: tun_net_xmit 42
[  225.184758][    C1] syz_tun: tun_net_xmit 42
[  225.189307][    C1] syz_tun: tun_net_xmit 42
[  225.193824][    C1] syz_tun: tun_net_xmit 42
[  225.198310][    C1] syz_tun: tun_net_xmit 42
[  225.202794][    C1] syz_tun: tun_net_xmit 42
[  225.207243][    C1] syz_tun: tun_net_xmit 42
[  225.211797][    C1] syz_tun: tun_net_xmit 42
[  225.216316][    C1] syz_tun: tun_net_xmit 42
[  225.220878][    C1] syz_tun: tun_net_xmit 42
[  225.225383][    C1] syz_tun: tun_net_xmit 42
[  225.229900][    C1] syz_tun: tun_net_xmit 42
[  225.234357][    C1] syz_tun: tun_net_xmit 42
[  225.238832][    C1] syz_tun: tun_net_xmit 42
[  225.243380][    C1] syz_tun: tun_net_xmit 42
[  225.247856][    C1] syz_tun: tun_net_xmit 42
[  225.252401][    C1] syz_tun: tun_net_xmit 42
[  225.256874][    C1] syz_tun: tun_net_xmit 42
[  225.261419][    C1] syz_tun: tun_net_xmit 42
[  225.265905][    C1] syz_tun: tun_net_xmit 42
[  225.270438][    C1] syz_tun: tun_net_xmit 42
[  225.274903][    C1] syz_tun: tun_net_xmit 42
[  225.279439][    C1] syz_tun: tun_net_xmit 42
[  225.287670][    C1] syz_tun: tun_net_xmit 42
[  225.292492][    C1] syz_tun: tun_net_xmit 42
[  225.297194][    C1] syz_tun: tun_net_xmit 42
[  225.301961][    C1] syz_tun: tun_net_xmit 42
[  225.306480][    C1] syz_tun: tun_net_xmit 42
[  225.311010][    C1] syz_tun: tun_net_xmit 42
[  225.315486][    C1] syz_tun: tun_net_xmit 42
[  225.320018][    C1] syz_tun: tun_net_xmit 42
[  225.324496][    C1] syz_tun: tun_net_xmit 42
[  225.328985][    C1] syz_tun: tun_net_xmit 42
[  225.333532][    C1] syz_tun: tun_net_xmit 42
[  225.338011][    C1] syz_tun: tun_net_xmit 42
[  225.342554][    C1] syz_tun: tun_net_xmit 42
[  225.347033][    C1] syz_tun: tun_net_xmit 42
[  225.351526][    C1] syz_tun: tun_net_xmit 42
[  225.355967][    C1] syz_tun: tun_net_xmit 42
[  225.360479][    C1] syz_tun: tun_net_xmit 42
[  225.364966][    C1] syz_tun: tun_net_xmit 42
[  225.369509][    C1] syz_tun: tun_net_xmit 42
[  225.374115][    C1] syz_tun: tun_net_xmit 42
[  225.378581][    C1] syz_tun: tun_net_xmit 42
[  225.383160][    C1] syz_tun: tun_net_xmit 42
[  225.387643][    C1] syz_tun: tun_net_xmit 42
[  225.392183][    C1] syz_tun: tun_net_xmit 42
[  225.396669][    C1] syz_tun: tun_net_xmit 42
[  225.402236][    C1] syz_tun: tun_net_xmit 42
[  225.406741][    C1] syz_tun: tun_net_xmit 42
[  225.411277][    C1] syz_tun: tun_net_xmit 42
[  225.415766][    C1] syz_tun: tun_net_xmit 42
[  225.420277][    C1] syz_tun: tun_net_xmit 42
[  225.424726][    C1] syz_tun: tun_net_xmit 42
[  225.551873][T11402] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  225.690571][T11402] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.3'.
[  226.029998][    C1] syz_tun: tun_net_xmit 118
[  226.077509][T11437] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  226.356178][T11451] netlink: 248 bytes leftover after parsing attributes in process `syz-executor.3'.
[  226.414198][T11453] bond_slave_0: entered promiscuous mode
[  226.420379][T11453] bond_slave_1: entered promiscuous mode
[  226.436997][T11452] bond_slave_0: left promiscuous mode
[  226.442927][T11452] bond_slave_1: left promiscuous mode
[  226.469361][T11456] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  226.934685][T11482] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'.
[  227.069278][    C1] syz_tun: tun_net_xmit 118
[  227.105176][T11491] netlink: 'syz-executor.3': attribute type 58 has an invalid length.
[  227.138677][T11491] tipc: Enabled bearer <ib:gre0>, priority 0
[  227.731189][T11520] infiniband Syz1: RDMA CMA: cma_listen_on_dev, error -98
[  227.764252][T11519] netlink: 14 bytes leftover after parsing attributes in process `syz-executor.4'.
[  228.109400][    C1] syz_tun: tun_net_xmit 118
[  228.130973][T11535] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  228.145239][T11534] openvswitch: netlink: Unknown key attributes 1
[  228.322222][T11540] ------------[ cut here ]------------
[  228.328125][T11540] refcount_t: decrement hit 0; leaking memory.
[  228.365324][T11540] WARNING: CPU: 1 PID: 11540 at lib/refcount.c:31 refcount_warn_saturate+0xfa/0x1d0
[  228.373191][T11547] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  228.375338][T11540] Modules linked in:
[  228.388127][T11540] CPU: 1 PID: 11540 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  228.398761][T11540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  228.409465][T11540] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0
[  228.415576][T11540] Code: b2 00 00 00 e8 37 51 e7 fc 5b 5d c3 cc cc cc cc e8 2b 51 e7 fc c6 05 d6 3f e9 0a 01 90 48 c7 c7 a0 97 1f 8c e8 67 81 a9 fc 90 <0f> 0b 90 90 eb d9 e8 0b 51 e7 fc c6 05 b3 3f e9 0a 01 90 48 c7 c7
[  228.436731][T11540] RSP: 0018:ffffc9000ff5fb68 EFLAGS: 00010246
[  228.444559][T11540] RAX: 46654deb38c42800 RBX: ffff888011f2e664 RCX: ffff88807c469e00
[  228.452703][T11540] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  228.460787][T11540] RBP: 0000000000000004 R08: ffffffff81585822 R09: fffffbfff1c39994
[  228.468787][T11540] R10: dffffc0000000000 R11: fffffbfff1c39994 R12: ffff888011f2e620
[  228.477479][T11540] R13: 0000000000000000 R14: ffff888011f2e664 R15: dffffc0000000000
[  228.485578][T11540] FS:  00005555806fe480(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  228.494634][T11540] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  228.501941][T11540] CR2: 00007f4be71f65c0 CR3: 0000000060fc8000 CR4: 00000000003506f0
[  228.510853][T11540] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  228.518847][T11540] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  228.527109][T11540] Call Trace:
[  228.531093][T11540]  <TASK>
[  228.534225][T11540]  ? __warn+0x163/0x4e0
[  228.539043][T11540]  ? refcount_warn_saturate+0xfa/0x1d0
[  228.545117][T11540]  ? report_bug+0x2b3/0x500
[  228.549732][T11540]  ? refcount_warn_saturate+0xfa/0x1d0
[  228.555216][T11540]  ? handle_bug+0x3e/0x70
[  228.560173][T11540]  ? exc_invalid_op+0x1a/0x50
[  228.565082][T11540]  ? asm_exc_invalid_op+0x1a/0x20
[  228.570878][T11540]  ? __warn_printk+0x292/0x360
[  228.575680][T11540]  ? refcount_warn_saturate+0xfa/0x1d0
[  228.581248][T11540]  ? refcount_warn_saturate+0xf9/0x1d0
[  228.586725][T11540]  ref_tracker_free+0x6af/0x7e0
[  228.592986][T11540]  ? __pfx_ref_tracker_free+0x10/0x10
[  228.598420][T11540]  ax25_release+0x368/0x950
[  228.603244][T11540]  sock_close+0xbc/0x240
[  228.607513][T11540]  ? __pfx_sock_close+0x10/0x10
[  228.612503][T11540]  __fput+0x406/0x8b0
2024/06/23 05:07:09 SYZFATAL: failed to send *flatrpc.ExecutorMessageRawT: write tcp 10.128.1.89:52066->10.128.0.169:30018: write: broken pipe
[  228.616519][T11540]  task_work_run+0x24f/0x310
[  228.621717][T11540]  ? __pfx_task_work_run+0x10/0x10
[  228.626860][T11540]  ? syscall_exit_to_user_mode+0xa3/0x370
[  228.632683][T11540]  syscall_exit_to_user_mode+0x168/0x370
[  228.638335][T11540]  do_syscall_64+0x100/0x230
[  228.643644][T11540]  ? clear_bhb_loop+0x35/0x90
[  228.648351][T11540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.654854][T11540] RIP: 0033:0x7f04bdc7d0a9
[  228.659940][T11540] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  228.679671][T11540] RSP: 002b:00007ffcd28a8068 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  228.688113][T11540] RAX: 0000000000000000 RBX: 0000000000037b8a RCX: 00007f04bdc7d0a9
[  228.696711][T11540] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  228.704782][T11540] RBP: ffffffffffffffff R08: 0000000000000001 R09: 0000001e00000000
[  228.712852][T11540] R10: 00007f04bdc00000 R11: 0000000000000246 R12: 00007f04bddb3f80
[  228.721504][T11540] R13: 00007f04bddb3f8c R14: 0000000000000032 R15: 00007f04bddb5980
[  228.729561][T11540]  </TASK>
[  228.732593][T11540] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  228.739874][T11540] CPU: 1 PID: 11540 Comm: syz-executor.0 Not tainted 6.10.0-rc4-syzkaller-00869-g185d72112b95 #0
[  228.750384][T11540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  228.760452][T11540] Call Trace:
[  228.763742][T11540]  <TASK>
[  228.766677][T11540]  dump_stack_lvl+0x241/0x360
[  228.771373][T11540]  ? __pfx_dump_stack_lvl+0x10/0x10
[  228.776586][T11540]  ? __pfx__printk+0x10/0x10
[  228.781192][T11540]  ? vscnprintf+0x5d/0x90
[  228.785536][T11540]  panic+0x349/0x860
[  228.789445][T11540]  ? __warn+0x172/0x4e0
[  228.793620][T11540]  ? __pfx_panic+0x10/0x10
[  228.798045][T11540]  __warn+0x346/0x4e0
[  228.802025][T11540]  ? refcount_warn_saturate+0xfa/0x1d0
[  228.807566][T11540]  report_bug+0x2b3/0x500
[  228.811890][T11540]  ? refcount_warn_saturate+0xfa/0x1d0
[  228.817343][T11540]  handle_bug+0x3e/0x70
[  228.821500][T11540]  exc_invalid_op+0x1a/0x50
[  228.825995][T11540]  asm_exc_invalid_op+0x1a/0x20
[  228.830838][T11540] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0
[  228.836897][T11540] Code: b2 00 00 00 e8 37 51 e7 fc 5b 5d c3 cc cc cc cc e8 2b 51 e7 fc c6 05 d6 3f e9 0a 01 90 48 c7 c7 a0 97 1f 8c e8 67 81 a9 fc 90 <0f> 0b 90 90 eb d9 e8 0b 51 e7 fc c6 05 b3 3f e9 0a 01 90 48 c7 c7
[  228.856503][T11540] RSP: 0018:ffffc9000ff5fb68 EFLAGS: 00010246
[  228.862572][T11540] RAX: 46654deb38c42800 RBX: ffff888011f2e664 RCX: ffff88807c469e00
[  228.870536][T11540] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  228.878932][T11540] RBP: 0000000000000004 R08: ffffffff81585822 R09: fffffbfff1c39994
[  228.886893][T11540] R10: dffffc0000000000 R11: fffffbfff1c39994 R12: ffff888011f2e620
[  228.894858][T11540] R13: 0000000000000000 R14: ffff888011f2e664 R15: dffffc0000000000
[  228.902827][T11540]  ? __warn_printk+0x292/0x360
[  228.907606][T11540]  ? refcount_warn_saturate+0xf9/0x1d0
[  228.913064][T11540]  ref_tracker_free+0x6af/0x7e0
[  228.918001][T11540]  ? __pfx_ref_tracker_free+0x10/0x10
[  228.923383][T11540]  ax25_release+0x368/0x950
[  228.927895][T11540]  sock_close+0xbc/0x240
[  228.932143][T11540]  ? __pfx_sock_close+0x10/0x10
[  228.936988][T11540]  __fput+0x406/0x8b0
[  228.940976][T11540]  task_work_run+0x24f/0x310
[  228.945567][T11540]  ? __pfx_task_work_run+0x10/0x10
[  228.950775][T11540]  ? syscall_exit_to_user_mode+0xa3/0x370
[  228.956498][T11540]  syscall_exit_to_user_mode+0x168/0x370
[  228.962127][T11540]  do_syscall_64+0x100/0x230
[  228.966727][T11540]  ? clear_bhb_loop+0x35/0x90
[  228.971401][T11540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.977290][T11540] RIP: 0033:0x7f04bdc7d0a9
[  228.981694][T11540] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  229.001302][T11540] RSP: 002b:00007ffcd28a8068 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  229.009709][T11540] RAX: 0000000000000000 RBX: 0000000000037b8a RCX: 00007f04bdc7d0a9
[  229.017672][T11540] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  229.025636][T11540] RBP: ffffffffffffffff R08: 0000000000000001 R09: 0000001e00000000
[  229.033601][T11540] R10: 00007f04bdc00000 R11: 0000000000000246 R12: 00007f04bddb3f80
[  229.041567][T11540] R13: 00007f04bddb3f8c R14: 0000000000000032 R15: 00007f04bddb5980
[  229.049547][T11540]  </TASK>
[  229.052788][T11540] Kernel Offset: disabled
[  229.057196][T11540] Rebooting in 86400 seconds..