last executing test programs:

1m1.298819828s ago: executing program 3 (id=424):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
socket(0x10, 0x803, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000100)={0x1d, r2, 0x0, {0x1, 0x0, 0x4}, 0x1}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{}], 0x1}, 0x48005)
readv(r1, &(0x7f0000001540)=[{&(0x7f0000004580)=""/4107, 0x100b}], 0x17f)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x54}, 0x8000)
socket(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r5, 0x0, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x40000121, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000040)=@generic={0x0}, 0x18)
r6 = socket$inet6(0xa, 0x3, 0x7)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nbd(&(0x7f0000006cc0), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r7, &(0x7f0000006dc0)={0x0, 0x0, &(0x7f0000006d80)={&(0x7f0000006d00)={0x30, r8, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x64, 0x0, 0x1, {0x8}}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x55}]}, 0x30}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
sendmmsg(r6, &(0x7f0000001180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="b0000000000000008800000006000000244c6e465d3bf86e786de6835601bee51554bfd576dc76551c628f47e4d1800a127249ffa7b15a7e7f48aad107ec52aed5e558fda46284b5d463595499cc4fc190"], 0x218}}], 0x2, 0x0)

49.134446923s ago: executing program 3 (id=424):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
socket(0x10, 0x803, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000100)={0x1d, r2, 0x0, {0x1, 0x0, 0x4}, 0x1}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{}], 0x1}, 0x48005)
readv(r1, &(0x7f0000001540)=[{&(0x7f0000004580)=""/4107, 0x100b}], 0x17f)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x54}, 0x8000)
socket(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r5, 0x0, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x40000121, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000040)=@generic={0x0}, 0x18)
r6 = socket$inet6(0xa, 0x3, 0x7)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nbd(&(0x7f0000006cc0), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r7, &(0x7f0000006dc0)={0x0, 0x0, &(0x7f0000006d80)={&(0x7f0000006d00)={0x30, r8, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x64, 0x0, 0x1, {0x8}}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x55}]}, 0x30}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
sendmmsg(r6, &(0x7f0000001180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="b0000000000000008800000006000000244c6e465d3bf86e786de6835601bee51554bfd576dc76551c628f47e4d1800a127249ffa7b15a7e7f48aad107ec52aed5e558fda46284b5d463595499cc4fc190"], 0x218}}], 0x2, 0x0)

39.027195378s ago: executing program 3 (id=424):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
socket(0x10, 0x803, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000100)={0x1d, r2, 0x0, {0x1, 0x0, 0x4}, 0x1}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{}], 0x1}, 0x48005)
readv(r1, &(0x7f0000001540)=[{&(0x7f0000004580)=""/4107, 0x100b}], 0x17f)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x54}, 0x8000)
socket(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r5, 0x0, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x40000121, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000040)=@generic={0x0}, 0x18)
r6 = socket$inet6(0xa, 0x3, 0x7)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nbd(&(0x7f0000006cc0), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r7, &(0x7f0000006dc0)={0x0, 0x0, &(0x7f0000006d80)={&(0x7f0000006d00)={0x30, r8, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x64, 0x0, 0x1, {0x8}}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x55}]}, 0x30}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
sendmmsg(r6, &(0x7f0000001180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="b0000000000000008800000006000000244c6e465d3bf86e786de6835601bee51554bfd576dc76551c628f47e4d1800a127249ffa7b15a7e7f48aad107ec52aed5e558fda46284b5d463595499cc4fc190"], 0x218}}], 0x2, 0x0)

28.604048834s ago: executing program 3 (id=424):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
socket(0x10, 0x803, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000100)={0x1d, r2, 0x0, {0x1, 0x0, 0x4}, 0x1}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{}], 0x1}, 0x48005)
readv(r1, &(0x7f0000001540)=[{&(0x7f0000004580)=""/4107, 0x100b}], 0x17f)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x54}, 0x8000)
socket(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r5, 0x0, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x40000121, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000040)=@generic={0x0}, 0x18)
r6 = socket$inet6(0xa, 0x3, 0x7)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nbd(&(0x7f0000006cc0), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r7, &(0x7f0000006dc0)={0x0, 0x0, &(0x7f0000006d80)={&(0x7f0000006d00)={0x30, r8, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x64, 0x0, 0x1, {0x8}}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x55}]}, 0x30}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
sendmmsg(r6, &(0x7f0000001180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="b0000000000000008800000006000000244c6e465d3bf86e786de6835601bee51554bfd576dc76551c628f47e4d1800a127249ffa7b15a7e7f48aad107ec52aed5e558fda46284b5d463595499cc4fc190"], 0x218}}], 0x2, 0x0)

19.132395197s ago: executing program 3 (id=424):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
socket(0x10, 0x803, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000100)={0x1d, r2, 0x0, {0x1, 0x0, 0x4}, 0x1}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{}], 0x1}, 0x48005)
readv(r1, &(0x7f0000001540)=[{&(0x7f0000004580)=""/4107, 0x100b}], 0x17f)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x54}, 0x8000)
socket(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r5, 0x0, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x40000121, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000040)=@generic={0x0}, 0x18)
r6 = socket$inet6(0xa, 0x3, 0x7)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nbd(&(0x7f0000006cc0), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r7, &(0x7f0000006dc0)={0x0, 0x0, &(0x7f0000006d80)={&(0x7f0000006d00)={0x30, r8, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x64, 0x0, 0x1, {0x8}}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x55}]}, 0x30}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
sendmmsg(r6, &(0x7f0000001180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="b0000000000000008800000006000000244c6e465d3bf86e786de6835601bee51554bfd576dc76551c628f47e4d1800a127249ffa7b15a7e7f48aad107ec52aed5e558fda46284b5d463595499cc4fc190"], 0x218}}], 0x2, 0x0)

8.960479891s ago: executing program 3 (id=424):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
socket(0x10, 0x803, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000100)={0x1d, r2, 0x0, {0x1, 0x0, 0x4}, 0x1}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{}], 0x1}, 0x48005)
readv(r1, &(0x7f0000001540)=[{&(0x7f0000004580)=""/4107, 0x100b}], 0x17f)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x54}, 0x8000)
socket(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r5, 0x0, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x40000121, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000040)=@generic={0x0}, 0x18)
r6 = socket$inet6(0xa, 0x3, 0x7)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nbd(&(0x7f0000006cc0), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r7, &(0x7f0000006dc0)={0x0, 0x0, &(0x7f0000006d80)={&(0x7f0000006d00)={0x30, r8, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x64, 0x0, 0x1, {0x8}}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x55}]}, 0x30}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
sendmmsg(r6, &(0x7f0000001180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="b0000000000000008800000006000000244c6e465d3bf86e786de6835601bee51554bfd576dc76551c628f47e4d1800a127249ffa7b15a7e7f48aad107ec52aed5e558fda46284b5d463595499cc4fc190"], 0x218}}], 0x2, 0x0)

4.648402417s ago: executing program 4 (id=2148):
r0 = socket$caif_seqpacket(0x25, 0x5, 0x5)
write(r0, &(0x7f00000001c0)="ed0cd04a6773ee5f6e03034a690e83b4574d119e56a6ba475cb8833316c927d3a2008019da057b80c0acdb1e8019dce01779eb6997649a8c32e0fcb93d9edfe78116aa3469612e052b48a1bd85b905d8ddd79e195393f0fe727135fb41bbf6a1a96520c2ec56a0b16ff6336a178b4abf448a6f8391af3ef26d746207b13497d3fd00ec39309b0c1030263957e8c5", 0x8e)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
r1 = socket(0x15, 0x5, 0x0)
getsockopt(r1, 0x200000000114, 0x2711, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
r4 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040)={0x0, <r5=>0x0}, &(0x7f0000000080)=0xc)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f00000002c0)=[{&(0x7f0000000340)="580000001400add427323b472545b4560a117fffffff81000e220e227f000001925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff00007edcff48d744", 0x58}], 0x1)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r6}, 0x10)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$tipc(&(0x7f0000000700), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_LINKS(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, r12, 0x1, 0x70fd3a, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x1}}}, 0x24}}, 0x24000010)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r13=>0xffffffffffffffff})
getsockopt$sock_cred(r13, 0x1, 0x11, &(0x7f0000000280)={<r14=>0x0, <r15=>0x0, <r16=>0x0}, &(0x7f00000002c0)=0xc)
socket$inet6(0xa, 0xa, 0x2)
sendmmsg$unix(r13, &(0x7f0000003600)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000009c0)=[@cred={{0x1c, 0x1, 0x2, {r14, r15, r16}}}, @rights={{0x10}}], 0x30, 0x40044}}], 0x1, 0x5)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001080)={0x0, 0x0, <r17=>0x0}, &(0x7f00000010c0)=0xc)
sendmsg$netlink(r6, &(0x7f0000001180)={&(0x7f0000000240), 0xc, &(0x7f00000009c0)=[{&(0x7f0000000580)={0x24, 0x41, 0x10, 0x70bd25, 0x25dfdbfc, "", [@typed={0x8, 0x109, 0x0, 0x0, @ipv4=@loopback}, @nested={0x4, 0x55}, @typed={0x8, 0x13f, 0x0, 0x0, @pid}]}, 0x24}, {&(0x7f0000004780)={0x1324, 0x1b, 0x800, 0x70bd28, 0x25dfdbfc, "", [@generic="72de347785fe9870dfda30ac1ab3d7023c2a587fbc7ac50d9c66ab3840368ece322d2ab6ccbc2e0eacf38d43b793da26c2b189ce33b245234dc4ee2c2ac733b72b862bdab6512ec75173450db773ebe068fa6a31bdf5", @generic="f7bc334cf17ea9f5db999a56ac3931b343b6903f572230965a853b85f5c370e9f5dca7bbc9e705a2b290ab360e871fdc1ea88ad8e51994566aafd66e5b757227b90e30d8a2de7bb5085d7c5c040908ad3e69", @generic="56f873c3b122a5ec9745f236853121e4dc303356d39ac4805a25b322c70aa511b1444e25fa652cdce8318b32de21712592ed14f7d263d8c4dc4739a01ec2", @nested={0x18, 0xd3, 0x0, 0x1, [@typed={0x14, 0x96, 0x0, 0x0, @ipv6=@local}]}, @generic="baf9a1fa08009ff17068bbeedab22b54ff22d61ff0ce95f5046b8496fb19", @nested={0x18, 0x120, 0x0, 0x1, [@typed={0x14, 0xd6, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x1b}}]}, @nested={0x11e0, 0x10f, 0x0, 0x1, [@nested={0x19f, 0xd8, 0x0, 0x1, [@generic="8760ca6008a27275a9e0b30e487e0519d675ca4afddeb2c6452286e2cfbf380ec19942049def1a4b832a6c5e7e4a315608629c5f7d2d0a78453484e2241c46ce421b60ab6acf084c684ccaac25f6efe4bec6445fb1380db2026f9701999c240b0c070554bd8fea9ecf35cf907cf656a1b1b532c79f40d064f8a897ae4d7cbb8f243db4cfe3161b7ec52be92b8c8f507942985f9ea4e673c50d14bf86681e6431cf25adfbf2731654ba127919f53641ee74a5c55827b70f582a600e21617dc81ba6f94f1bc9bf60f49110907d1dceb9d3abf77466d59735597fc356ba57a3b8b4081fadd4b1b8ed05d1a28f54062c069699f88d", @typed={0x9c, 0x129, 0x0, 0x0, @binary="e5798b55ffb3c86ff73e81fc176a9636e68b81b432e6e78acaec0994e147b55605ce38cea9a9538f26c49efb9365949dc1f48be1c7d6a77bad85b47414f02ad1748a4ee3f7987f4b05b5b891ab7646435f519eb4e01bb5c2dd44dc8e1dd6be1d5492b58b552aa06f375dbe1f23cbe83108686217acbc0d4909a28fb118cca76bf1a2320fea0ec37864aaf67c6f8c3a68abf6fe13ec98155c"}, @typed={0xc, 0xb6, 0x0, 0x0, @u64}]}, @typed={0x14, 0x6c, 0x0, 0x0, @ipv6=@loopback}, @typed={0x26, 0xb4, 0x0, 0x0, @binary="aaab11e6fa65a0e7d9060b185cb7e6992478f623668dd0bdeb0554c470919f4f1b16"}, @generic="f01e84a844163535c3c85f247068f263cbd23b79a9977784a4a0878d23ee0eec67c10321a74ae536497f99c93fb1e60f5e7a23b601eb117955ca9535a03bf993a671a9408ca6b0a3745f9aa76c2f3734f362be91426547abac946253f085672c2cf1f8736b46f361401e3553750462a145af2fb0f5455dc50c4ad86c5482d5c8235743916b5c7a2a27abf8e4fa48abed1eed0fcf3fdfe2d5ff037809614bdf5a0340e6950001cbb582ed898158f161288553504a43e8f65079e7c753fc82a209725d2904b934819cab50e5f4f68f4719ae9c738163b22a363643ba5019ef5597458eea77fbf6dd5874b3f28b10b0dcc98e710369cecea2ecfdd046239d1425b97c3665484bd15b0057bd886c8578e719ba6f249e7fb9e08032a27a266992efd4338a0a4a3b43da7b2194bbd2104e5b6d6ab1f25a290ae644b37689120f7435c9347ac0f2f81d4bbde325d2e19ded06a5b89d618eff52ea0f55ac6c4ca9dbc739ce8f86ca9d496b9c683b7e01222654f7a9234899242179bb0180ee994c1d9b10efc16abfd533fa2ca9226556327f6c0054b2a8bdd403bb18cf0e1fbdf20f0732553c51419f658cdec87219cdc473c5f84f3a81d409a5c624dd39fce2abb8ff838a021b6bf13c38121a3948bbe50c1220264016fdafb1a8e87142863f73b9e5017152552789835fffe8ee31bf22bc7faa9d72948110f4835032b9aeb2566f9e04518a25eaa84cbabd5338177036d2ade473a558cf492d54f756f96591e41c43149b5ddbd24872aae806ac8e93065e36345d6cb38b5162668427337bb638b036347476ca4f1110a30abdaa99f09fe03121ce883e3183986c67d3da016a16a95ff6c43d45a5a43588aed7b5d0ddb49c3f920b0909306214cd103cefc8a2ef3112bbb9ad44efe40957c23b9b4a2e4b322df98b12776caae6ac4ff73f5806922b121271fdf3346384a7307769b58bed2943fa9414cd94a7e61038722ac50a522ba0f2e947aded1bfd070742128d72e60e5a4532b9b311b14e02445cf2a69c3dbad436786ad2825929dbd093692681871fa703ef812194076c585e0260f8920b011683ea84079582dcaa063dbc3a06a4b8982357a1d568d39f9c34a51b8c13f2d9db1f419daa1203cacaff483bed5b202b36f2b00edf3f8473a9e12cc0fca8835cf57cc248e3ae812fbada3819be8b66147ac4a677df981eb4fca1db03cd3704c599ae5834d08a02df98c4255c4686e2fdc21a65e8dbc45f85b5bb5052db3a70a370731d155344733c90efa5f7c2d8f04a9f7d6dab086ef9cb4e0b39c5ad59a280fb61744c04708af6a49074ca21f6f398d1cbb0d38cf2874e94fddce4b55f66b462128a1bde6bde13837874f12be830a7234a1531e1d20e95b8088731acd990811e49069d798844ab7bac67c249d91ca9bb28e92027a6851542aadeb32718908e51fd4041c2c1f9934a20d11b2ebd06d0f965bd6b59113a490087403a9ee5bfa43b2226730dc6a50bb1b76deed6712005f90160589a59c3acb33b42cf7b6115062ca744063668c2e37291cf5e801e64030693ee57caf4a2057fed93e6cc15fb0519cb4fcb6288e4d87150d9f3740309b1a90d54b1031ab856d7eebd8aee2aa326125d7841ba24370a6ebc67dee6e299a6d8cedfd0a1a5a6d9c1b72220adfa89277f13f338fa1a7e9dd60cb5d2b54d3ad4a2c9e9b37d8808f65d776a7634379f528f9509f67830270ffc6bb2acc16afba6476d1c934b4180ac23bf683d931b1a4362dcf85a21c5dc6657f3a3d15ff70bbd7baa5c7e0a236ff1fb72ebc0c8db052fbc2d26dc548b2b2d45ba13933e1442d489e6110ed56aa809ccbd4b972680e8a7c2e3ad6b58740e4251429acdad85f319e96edcd984be14a8500ea9148a142cf53b716b32daf4839f7c46a568500281bd091b29669a3dd41b4274f2c8f08b1f7b86f117f6ec4dd04d0bbda9ceed70cd9329706d24343528810c176b650767dce5d1ebabfec306e582561f2aaae60e55da18c26c57803f97e0eb9b7c6387693e8e229a16c37f22d461b4f9d1e1ac140f03eb258bd3d019ce7b3eb1108209ba12d382fafeba3d8067a0ba82d4b1fc1734626df57ee5bbd8b5ddca4cbe8de7310e6b1964836fd7be7d109cc8b72a168466b9c1d08700c81a902b7190b8512b0278071eeff660ef94191382703c0cb6bb74d6fa6d00b2cfdcd9bf2a229fc9f2a5c9a5e71401f079b47d2b8241ae778056270bf1d7158e3d6709c74bd87346a63d071263f00c5561c96a9054b8d1f2eda7bee81e259193d9600ac6495bfacc81e191d2ba4a5cec2794d11f3c13902085f65b19e1435d70072796d1d44bf747b3ac1408b64fe37aead941da387a0542d7276dd6e73143465787b398be98eea50cfc1482825dc9a3bf42230971bbf9fd82ec6c452111f2e0b72228534e47e09ef6a71a28cf3bf1ed5cb5f140cb17a48486136cbce1d6ab01d4f6d73e8f770dc2dba03d46c0e5363909f2e22499312ba46f80d8e639f93525157e983fc8bee865249fabe5ccb508821a47b7673726636e9e65d61bd108a274e9f88b778bede67143560e046b036379e3f7ebd52bdcce6134ee4b101303a74c31f960a1eaea7e41929a9a8ae7e93236541acd61bbefaad33eb2fb82bcbf6f1778d0bb6503407899cef2d67a154501e61e058d50815def38e1c4b61ab9cb583256cf9e9edc87abb6a16e9d1efd8eafb5e5166ae8136e19a5cda7c6fe7692296839ff8191e9e28e9056041da84752641d3bdb2630df63013fa88db91e9dabc363e1945e657d6383e989a267f3363907df2d886f3311f716cd0ec43b43983c6025228437fe57377dabec63f83da78dd46f08b9792d5eba22f4d1317a56092d3cb778a0d3cdbf1695b20eae0ffb8150bcb548eadf4c389aa0947934a2970b5889d99be9c2f51847a96d28b0395815cfc2e0f4509845fa5f9ee38978b87cf9eae81e5199d4b622e96ab692425a647597737f0baf09fd69a21594c6f9545b5b6fe9fb51e5453ef27440d5d6b7b91972b3205eab92e43dd5404c2f5543c8d0e716f7d1c2f8c4b8722027e2ddaa699d2ebabcd1e6d4fb20df8aff2b0dc97a8ff6121ded1defdeb5c087b4bfe2d4b929ee83e78b32a490d54abad57b3715ec3bced9e63d7e45a2708bd930832039607369fa97ebf7b3b49a790e8409e0e5bb483793aa0f06c459447f083fc97a23ccf1927cb74afe645f6f785d7954d35939df6eead32cf6bb5138c64c602ef0e6b3fdb3d2d0fcfa9baa4488b813179e7bf3310c733174d7703e2d941938973c935c72d3fc45e58e8d298e0dbdcc2f81946d1b2fc1d096d7cb8f28bd07227983c6bf79613023f21133bd6de84e8eda366b29945eaabc88fda3efd2bb52073a3372de201164f20442084c7d6556e2de3aacd28b221527095636096f2abcb19085644734d44b8fdbc8adceef9541815bd028ba7ca0d607eeca4775e50b5ecc92c5a754617828497107ea5199a46a5bf372de5676e95d9a605ced0a9315c253a46d0d8f0180cfbf05430c9523cd7a111147d653193fc12dedba9651902224c425777e03b8d7e6498f2570ac6db298ae0c7040214384bce5f14a80f6485207edd059f1028032d2080e081deb309bc78c08bbaa0451a87636b291580128a80ca19cb9066e2a6a14525efc47a44f24aae7475b78d7f5af3321686ac58b81c58a69b9927ad114a80331d95050f9ede3dffbf4aafe1dc9a69ee79b92e4007c837d019c884566aae41a5f0472ddef276c5ce7816ed609e9799a3d8eee05fe65c50fc40b8f7305e85ae4f51c5aef7c03cfc89f3a093ee0401ebd6ae0749c64f0d9fff7149e2a8d2f131355129ed444de8721f2928b1903afd162239a574d29430ee43f31aa2cf7c92909bc45f2402bdfd362f1a8e736de771878a182fd07c40743f45ceebbb17482d4fc9314c1b5b6311b214fd1eff10df9cbf5d3667e04266df4675891e02a6a0fc66b471895da564002288225e5452cd05a19108754aa8d7609cc4aad411c1e6d4c3f612e6545f37a362c158281754fa5bd14235923568b23586373616a276a6972677e1fccc93504de3edf3d13cc5940ff7c302794a188c03a430decda5efbd09c779ae2373d2989349795a0177c76731e158f3774b10a8341a5f32414cb49dce5be7fcc1b18930b22913e459ffc8f35aa2b7bcce8e918390bf1422301c8b8417141af7b14310a4c3f67d92e7fc7beecdad09c53b58da700318f5b26046a3a1414c36765a3a3ca8f9af1c37ade7cb719de5113127cfcb0559c85f3770c2e6ab3c3a7536930cbf75948c54f2d17762e1458dbea5e5c379bc28fe7b31579435386211566db51d09dcad74f5aca6f37a0546d60cca4069f6d6c0355ccf0337547ada0191e5393e9cd5bf11bdd928495355d2f792d1cc4b7d5159ffa528d00852e278b07a449cad0c33dbc0670e4a28c6bee265858c8a0c212880bcc0e382e154d8c12078a384580d22487c64bc996dfafa447d32a2b3b3865d195d6334fa685a6e18871748b7e18002f2d28ec4e9debc0f8100627ea92a79958968c4bd1bf71113738db04cb1de1d6fb1807e5ed221f925fdf59dd426014ae8dc940046274e672a30639d40f30a5b5145c1910cafc0e53b3ae5151556ba2088f9e5efc52eee46511fed36d6d02f9007f1e3bc0fcb6ed6f89702d88c80594bcd15940d9ed58a5a64227aeee8832a11623e3827a3f2f7df325e844b0bd287b14acae178105f76600ca5e29a6bfe5317f41cef5feb32612ec5f26419b1b5b58f1114f4e099943f8170a59c28defd27be9f037eecc417f0d7efa1c5f6d234ef03db7a51597500e0d9c315a6e70eea3f60314b08ef2f37d5ae6a7a5238edfe2d2f7dcf0d2738de5b44cfbe3a90190702eb39bfeab58b5c5f62a63f5acca98e2093c5893a18956760755335f8e26f3b4c8ac779775c95e9d19b110b36903996da6a2113e26f3c04b1df02ed77a3b147f899de2245fe01bdeeb5a90b9957149c03b29f6b9503e259545eb39722e1e6d6dfead2b21dda39c4f7d190f3d79a055561a320b71605ec2c56e2ee0cb1fa99cf910e0fb38326e59b516918012c402a416daa147b23fa87fa9699207e850aa5361f20bae9d71925f82ae80de1b713c23bb95871cc6c26c0be191c5b00679aacbe753b23ad79f7c210f720c70e64420e9266e3d78d8ea044684d394a00f833abff3ecba1507ffe00687af6109922612768e1162066a7c7f2569c50886c0c37722c8b02ee8f7ce65f7221b127c7511c6c647464352965038593bf31db66a9af69568a547f95e03852ce3e1f67c8bb857c7b6c651b844a5adf774eaa5c4173ea148193fcb2ad88af08a9ffbc2380101a6764de55a32b958af87a184cce2012d21ef61c06a571fa69edb11563efb409918b115075743b76caf630e60b552eb4145be372d154b12574d80e158cd0e39a86109b0a79daa3b3c95e23f27ba98bae6d3334acbeffe61c309a48dfd1d40593aa615f66981aa0c99c48144e7c07fb289de3e1cbc14a55786be22f8511b35dd8f41b05fa3240b7ab08dd4c6b6b4341fd5cc538a3c9221fa522a33c478f87ce5bf41623b0798692d8905d76d8879c03338e5f8a80e5231fb6830a63755242ec85cdfd27bb9c17d370167a9ef3a266c3e0300994131377a416391b867b9ee3916d8bd4486a55dec0ef65494397f1350eafca6fabdb9db014636992b525a914be8a61d831b101cbcfc4b17d63fecf7a6e2039116a5008059de120e747dcce8c28eccc503f89e18fef8a8fd14e2678a9d8967"]}]}, 0x1324}, {&(0x7f0000005dc0)=ANY=[@ANYBLOB="781600001900080027bd7000fddbdf251bbfe130c4f2789780bf3345ed582b37617e0137241ed4b13d1bff87a108e624f4481405732a0404292a3c25a8c4542575f4ac8c76c526d18b5265862e99dd05499e52253daacd37b382242a5f65f3240da333b0be8e279dd63336de5ed2164a302d938ed84284eb19b7489e0fe1a3bd1d4e4f52ade42350fd9c39896c706efdd5dc005990c4b3004fc7eac261edac5bc069c71e7c92b39d297eba307837866f1a755332e53bb88cc5dc0e164305326c47548a8d670c909cb88fc5dda7c73d281cb81a15e66677c0b1de1b6b0d9088f9bc7a8b8704e1bab53487a027ead10e645d0a38557617ece693928131859c2611f90db78b00bb8004001a803fe313f7e4c318328ea2e60b97bae8d9c20e1d801252bac06929c84606c6a349c114be15070e3001adc51b9b207129e9a62bc94f9762bccf4131fe143a7ebe13ede7b641749f3e77a0aa6bb8273bd56014048ec23cbf0d1eafc100707d5ac14fe272458cbef7c3f2070a3f5b432d943bc7442aec473ad08a2e507c3ffcafc61f06735b000400e60008009400", @ANYRES32=0x0, @ANYBLOB="7cd95315b476cf64654942a3513da208bd24586b3705b45fe7656c345bb40282f5ddb31221910396285eb8940ee1ee0fc2fa2b7af9515dba00a5b077bcb56965fd84fe27deeb9b35451b143323d105474b06e67084ed1c081ce11b441268ddfc3ccdda576ddaf134642e69ec1fab333902c201874b8bef56711812d7e6d69a131b527e94aa3f4f2a415fa88f6584916a962dc74df4d66dc9e8f0223dd8841316809ed835cf2a1db06a9f1d70dc2a5cfd2090000a2ae1309ee1db4b29a244179cd7377f11f3ab1bf86ba0dd7309cb40542b92c63977cecc3d62d310d9536bcc7917430b4fe8aee58ca43f1110b69afc282ae5f7789ecf5fa67b91685fed129e6025924ebab2a428128a85ecad6df3a4f0a3d7d04e0a1f97ff013dbc945f893cdf258ca3c1f4c9bf85b02071ba369f261f195d0ab51444882345d6e92c6f07dfdd2ed6f32647705d81f72897d8324e938dc117f04ecc3e60cc493d575a2b62754b0d5d92f01ad053a0c82b8cdb0c00d200ff0300000000000004001d800c00c900000001000000000016d8f03334b7da714bc70bdb87b3a359682a35be1eb2b8f9edad6e1aa3be2d16f0b412879da64f55de4ae57edbb5e7271b2b515696a0e35c160a5e5d84ed3d092ef3c03e324b7a71047a29757574e351289ec816197685fcea7b95532472459465388f090073328257389849f39dcb01a4a95de1c66d235935f341ef04623a8463f707a5ad824705fd146571f56623a5ff0d86f92b7d55454e61b3d66c19c01cdd322a84c58e6fa43295005f03b08f71bbec97c8ac534c7a7f2ae6d2f28b070cc611413b666214162e041b9c3d06d0f8cf4b573a020d610ad4e6b77455ea9251fa9baf74fd15351660cfc90dd8d29e650bbb8013a29d69308bd2b455e1033d0b2f0f1ab5303a3570e8f8ebc4acfc815e53132ec912501112ea0abb2875084e151f500a1d7370ff9b8512f7c68cfc2175f1e4ca631fad7325a998d1fe9d3ebf9897d1ff0fdf87cdcee27532ccc2b539561a0013006370757365742e6566666563746976655f63707573000000e510ea80b8109e80a41099800400568049008a008653e6deeb4a10ef8ed71d200a3b6dd0397ab06cf2aed2c6a8afbed90d44a5f75d8997c96d16a90252ab78ecc5853924af39f74a460033e2b4efeec5a5100aa245cd1d3ff50000004900b300aa168cfb5afdbc5098b03041bb65eceefcdb439b88a577fd73340c20bf457ec55c02f15ae1520f5fc9e63449f9138a62433af252686cb7a8c9d95de85317a9176b49689a8200000004003f80e12e4393cb79c39467773e38228488a65c37f3f2300316df6290b694600a88a62fec0ac6ed81441bb8a3f9f79a7cbaa14f1b9153d9cae14fed7af9f5287477298729bd1b6be74c0e37144474b3b0e23f3e1116626e9adadc53362adc5f366b8fb690dbe35eeadb99d3cb4a6aa5eff1adcb54c3ae1d2be5086a4760d0ba96d81b73a5090cd6f0c2cf9f412d6e466d191f0fad785da1d481a0b28a6c635332e3baea24886a4a396e49a987e82ecf30c9e27db2786499a1a56290786e8e85783fbdfdb3d3b7c8aae8eef1c66a63bd5bbbde5df51b435f51bbaeae6b94581689a9afef32449ff6c73014f20b337418bea76fb8410b0b9463947b3bcfd30356d4982b19c8e8d3062ca66d55130e5f0928ce12fcdcebfd6eccc0f92e93ca99ca6e6c2fc4e052040fec0062f638d0a28b06ec8c3846910b47465f56292d21c5df5c0a86675314306cd7c3894c025c6080c6fedeb654a37e9a5aa1ccd9849103e51c6bd019f176f0a1c30ce0f3edd5fc6303bfe14c97232a6d21f4f7f14799e322181d1ddc5fc23770c67a85f00932d9074a0650c387baada179787305b3408a6644666cfe4506c72527da37e9371c94943a876ae625e5c80aa6785754ec7340649529eb5b60e1a4e8de0248356315c40e6645cfd0a0081a6dfd85a8d7784b58ca538c2b3afe824a6d78452322c0a3915e41311dd7b65872938fe4e4366a26301e256f065ddf498ab5a4c9d925525cce5d5391e9c4c9f9298e6b18956a3157a9e8afa0cb8530e80bbcb34a85553184257a1c7dcbf8aa149cfd227763a6312a220af8be945511a37a5f5ff076c27395bb4832b98ee895fc54c8e4d9425e2cf83544951bdf0cfae86ef85eee084417bcb3886dc3c8070de4a6f4b8a26e71a9813606ecaaeecd575e10abb23cac9beb3e335fdcba6d386eb39c01511567ffeaff5b4e7e748d7981a22595ed88af874928f43a4883a47d15a77561ff032e6e13147bca00c93efac20844b2e5404c229e5618305642f53f1f0ffed0cee66c909534cf5be682b875daacdf0b2fcd25e904e792c5e3729cd9b25c241fee18f8ae8f23f7c442fc1c416021a2ac02d88d6c1f98f660e807edb9d543e32b5a07595293e0e1469d108e9d9881c1d4775a0a5bd5951405a38dfdc1a074475d7762f8f1e98a9aae24cc6cfd3d4a0a632e37696edaa543e0b16876d6611c38def3da2b469676eb90e15ed257d16803806f522e556d8b025e12a817bbf8f7563bb8571d9b0fb08622f49d87a85a12f393f41b99a7414b0d3cf278e2345f63a5570b0866dabdb01e906a6321c14c9e1f73c5db616a5c4a80214d5d2be21dff3d8036ba6133184d0d10a6199d96f40549396ee0f71b430f777f89e116d61dec7665a6dd3293bc8179314e731f5402577fc44b53d676c26f3c1a6137463f2f874d5884a2d2d9298f4dd62c5071e1e079814bfa260130ca24b8314bace24127282b4924592c7adf60fd8c8ad3634e9a7a2cc12ea23cbd6758ef478b6ce12ea5b2eebf59203182a72d606891cfc8fc43ebe1bfa39a85b9957be9dce041a42356afde9947126dd4950ac46950b8c55620ebd2dda7cd007da264d43e21ca229c50faf76f9904bd60ac1674b1fedd2d48a404b40a853ead4e20342ba3a0c09532bdf70f150a57c1cad2635605fb87cef4d8d9c2044881cbd96f78f85049f94cb6bea067044c073a8e62918e163c2d6925ca8cf79b6e3fff79efccd57bd46e21ab7a9bf901dbdd51a19d7915642977af6e342e9828a153791dd2f0e155ebbcab8e079e58d1d9b252c1761dbdbb8fefb1c7e1551d3be033291c011dca9659d1ce868955db814f2894144445eeb9fa8aa7a54a6bdb1189717ccbd0f79153ce7f13835d984afaa79a32d2f237b3d5ca44e1bcdb85be1e8c7f09366a39f343db2ea87a58680ad0d89c4815dc8c3f2bd8fc820444f85ce072d57e8d6c8b6bac713d719a9a03172ce40120945e83ab714fb067ba1e12ce6fc9a36092f5c11b173ffc9ecdbceb622c6c7e2f97d8bae34f6f0cbed37cc75a3d4c74c69c701644086e715d2f1110b8b6df73c761505a09d9af1c501d1fc121d6567b5da71a64f0a0be54e8621d21c7b0f38bda0e2a76eeca185c177bbd6d2eee1d758492edaab608dc0bac0ed1da86a331072e36cef0804cb90c7df82d27121eac3b1daf0bf63e0b18bad2cec71fd553f64267426a0f2e70b0f767c28cd38e49614744d824bbc5789a1160c591c1d082efbc04384c4929dfc7eed415dadc5c954e7e11f5412e52150d1083104329de42c15f5833c5b8101f944c1088f4dab404f6d9cc133994be8bd8bb3eaa2d6f42813a9f4f5dee6a17f580d48b0c14c6c445cf21bf88ec4dcb37dd31de0d6d0dd1288ffa2607bf552aade707f8e2b99eab05c7f237c512c196c390133014835a61a250ba495ca6347f94c033c87d1be3ee6084dff16ac624992aa4d1b9a1181730bada13db09be8e16ee7eeb9d8d66d12b4deea0dafa4255198e8aae8ed573cd833946df4057f643b0b18fab0084e894dfce24fde19dafc741ca4506c33b98942b5e25e6c97f409a0c7b3882e09d5bbfba4392f5bb570e408b02dfd1a2e25d85d56a26b2e8e2513a20eef04a7f95f429e972d668d9d6292e9f149c727ddbb433ad3648a0408813ffe9e104bed765656064bf76eb7b5a518f4e6af162d399ded05b032d8bee1059274eb915806088150981ccf2b66a20557fbde6759358e8a45fc16ce002f3b1bfa023967bbfedba932b2b5ea899319041b39905dc8f82514bc36e83a20f07145252ed6fc01318740cdf3bd478ce48b5e711e1f0d232ce6280330fd261a47350ee7196e9da0c8cd7b3e786f95e3ba5d1cbd9a655ea1db95a78c9fd98cc1e38b3b526a4889b48810a9dcd0bd0ad0c7bb06d3a4c1f23eddb1195a04abe42ec5e31f7b8a0f0e79623e2fcb96a81da828de4e4313bcbd021e4febe226fadcf6d03e6cdfd0aa45ef74d604f8c74f2e0ab45d68c0842fcfa9c59516f7acc1b7a049fa8c7aa7b5921196baa02c7525a7265504b7f510a019cd78d9f843ab45a01dd2de56a8000fe615824606d6d1abc4b716413cc1ea0e8ca7545f249e68c7088f7efb76a7e5f85d549a933c501f50febf2f735df12b531a6fecf31e3716eedbd01cdf64851d32d52ec17772bffc7655d6e2340a910ddc62bffbd46e44e607573c72c3620ff0761c55e3ee3284578dff4202c5f9eb9a9731bb91afae4850f16f484426527f6878d5de30072f823cfc48a03e44b744bea359ccb5c0465fe705b8af66921e4edcf0c53eb6af7f48300cf9e3456255591e345c2a0373cf92d744595b58c4b72fa1fbab66eae4bd0ea705d4eaa68463ce78b9552edccc02dd3c5bad120033b1a3db9d2a8fa2041e61000f1185ba24f6f0874c05fe455033e2e2677403be591e68ccd43837d74e85e3e7e4750bd353b25f683e0d0043b82e642d7416f3353b64dec0d9033490a391c335963d962ce18e60993fcf852245e6773383db02b7b0a35c8f4baef7e6435924831e4d8395b1e8697bcc4902686f6478703f4f14b7f7c68f7c9f2468c88d34f651a522bdee882b6dee67cf51e46e343e9b159e1e8d1ec00c24f24320873ad2610e3b8af26158418c0fb641ddf344b3566a771d49118369d62bbaa49b53f69e3a0d2e82ad3ac5133c5dda23e214deb2a0455627311844496eb7abe524e78eb237f27d2803b875825194f0ad770c82714ce823c7c865d1d6ce06f27ddd4f7698e38a373c74cd07076665cddbf840bb5e2310d8cdd768c990810f85c5683c652bda8af00face20c9c222579e64687c320bcdec4eb453a40339309ae2d71d648a0e5a34b8ecb50ae0be8fe9082c8c9b7ab4e84ed367790a95c26162b51563fc2725b9cdaaa30077fa5c40ca91917d1de86f47a333c2051fc69f87961d1db486f36362444e66555e4c9b08e094688b7ed2b9dcd6a34a1b9552001663bcc59e520ce538f99d4bd81eb1feb5f3f623023a571f94fea1b97c1c5dd6ecee4e5035575f4afdcc04e0f8d1c1477a28e6a906fb24b8441646b0570acd503a27a3007d057631a3e34a839f7122fe3f5f95786c485d7033951c56c3a0ae4eada6adedd7e2c04be3930d4060d1d26956160cf23ad85d68fe932e6a306eb55d4672afc82a7b0038e200abc0349ce22beb55bafc8ebfc07f31ee45b6871a93c3e1dc0e0c13b44c1c7b2b3af81d9ae0eac5c5eccfa4de915ed31506d8eff1241e786292034dcd81c9fdda672f0ac8799d3721c29a6a663b554b310ee689915e872a834d0e05667c27ee8ef3f0f84145bc2267662258366c353aa3b481ba0bac39a89813de73c49a05123fb00518337b5c94125b0eeafdb9801d76a9c8c7e35379f370e3758737cd9f5179d6da159ba3f592b07e75d72b9fe74df2bd5060743ab8116d6e7232da4b8ad397422499d9c1ab37b61cc147604860e2fcc432558c71e54e64929eec1a6e6e54eb45426b47b96f4a11c38c21231827f255689f58966f3424015fc132a4bcfe3ae7be011682a17a3be8b1d11616a5048e4573bd457932cea5aaa7097479e340a6036e803ddf40ac13ecb37ed53ac81a9fb8a7c1553b06c15aeca3c1c70e6cc90146dd52a860678a7a5521160f03b0b2d789b8debca3d0899593784561bc23e3054c2cdd06525380dfc9e8b68a38714a143d434795fb7a7557043f8486e344c76af38f698b9bc93c23b1c59f79ed788354e6a72910adf5ddbf4a28be0b1123734dc81aa940c23f94448401609270a71443843cdcfadb3a2a8cb0ce33fbca8e012b9b5912afac104298a5d5faf10493276076e15db9ebdad70ef37bbb135345815980489d50068b26d8458795d9433a036cf5a4c15fc91da55d9862f8e4816d15f4f73560711adeea5d0bab66bc575d00148198150be4d2dba2dfe82ed78c4748e7d9c8132e6778722e3b221452d1ea17d6c35a3220eb2eed52c0d98b619685acadadf8089327a45cd766dfde9924766b5d30b00dc15dbeaefd2a1e4b920f3b92b28249ec7a9ecfbcdf50900704213c55d24a02b3f79a16355cedd5fb6ad755ec754e3560e175e63f3b43d3e462184118dc70cb7f5ab0b9429eb5b4126dfbb6765ebb15b1f2894a2dff81e4932546676ea45cafa33b9e496a18929307c60f9796a23675341e3f985c92f2d2266a6800c9a4df1d131e5be6b8daab8448be8c09a666117cf99035476fea6a0265b8cdd363f702490f81a4807e96bbba0ecca6e38b7c42d0b95d02bfaf56dc0d39238369bb08b14795d5abd2ef58cc7edd4007e1319756a531eecc8f0a91bea12f8e1fed2945ac0b1d9f9f4dc6d7c1d90e2ec1403e031b05c579da5a78ff164dfbae79be7702154c519f025cc95e372712825622b1531b31c79062d8fa97aefc34613713cad8263f8e66ad6d7466865a0480e861e35841ca3f9338462a22106bab3533f1f5a51d0f8b9be736402cde049af2cfe2435eb9c374e0c23a3497bfccc3151dad8eff1699d155c213e0c077c64550492a6cbad03ab6f58e1e283300481e403859abd3e57e0a3098b5ef60d277580aaf2f6abc3449a9afe89709699f4bfd3637105e8d0d3b8ca6861206b913290e77db40212c11ac89d1c138c402981c4d7e74bb260fb91fca95972d4b6024100904b184955761c4f642e5ed6b952dc670e1d42e42a879b45f1dc9a49efe0d7ab583d4a046aa8d4a5c232ac6250c5e56b35268c4ac33a8dd648f9780b811610f327d1c8fb26e3775bd6b7dedbad5099de369df573732eb313dab623e7ad980ddd3c0a808001c00", @ANYRES32, @ANYBLOB="0800670008000000a60bbc9ebf693a3f740fc784d2140092002001000000000000000000000000000208002a00", @ANYRES32=r15, @ANYBLOB="0000000019556a2c9432d4760b353356abedaad7c24872cc6c3485bae48729e95cecc7cdf3493b7083a33bdeb045488d48a055c7677e357ce6e4200c47d0d3daf8a00300ad7869ab36f2276c6e28eba0b1ae9451ea90cb57694d78aaa82438dfa5e5fbe16b5817cdb3349fe146f83b2661f9da75396ba1ef3d55fe88fb8cf2c2cad10c8e5a8ff680d5f4d3d8954d2dfe302c44324fe0dfff3c4164261f215b1b80167ff8c89bbdde7482f8ae85c1d5276655cbf08c41b12070b8669b2388631bed7644e359d8261428ad1098e474faf0c56595bb9bb12acd0a24aad68e92fcc7fb77bd5da3d1d4508c549396a386f8545f756bf102b3ffc1a5d4013a7bc6f8d98c563300"], 0x1678}, {&(0x7f0000000340)={0x10, 0x26, 0x800, 0x70bd26, 0x25dfdbfc}, 0x10}, {&(0x7f0000000840)={0x4c, 0x30, 0x100, 0x70bd25, 0x25dfdbfe, "", [@nested={0x30, 0x111, 0x0, 0x1, [@typed={0x8, 0xd8, 0x0, 0x0, @fd=r10}, @typed={0x8, 0x147, 0x0, 0x0, @uid=r15}, @typed={0x5, 0x23, 0x0, 0x0, @str='\x00'}, @nested={0x4, 0x117}, @nested={0x4, 0xf2}, @nested={0x4, 0xe2}, @typed={0x8, 0xd6, 0x0, 0x0, @u32=0x4}]}, @typed={0xc, 0x76, 0x0, 0x0, @u64=0x7}]}, 0x4c}, {&(0x7f0000000940)={0x6c, 0x2e, 0x4, 0x70bd26, 0x25dfdbfb, "", [@nested={0x54, 0xd0, 0x0, 0x1, [@typed={0x8, 0xb2, 0x0, 0x0, @uid}, @generic="287f3f34e8aa1468eed83e2a515d0c539fe0e98694c0373f0cd5a28db6b9e3b3b77fb0a4358cdbd8635bc7e68e4d4e6fae9daaf996a7f712cf5b518bce4dde73", @typed={0x8, 0xb3, 0x0, 0x0, @uid}]}, @typed={0x8, 0x2400, 0x0, 0x0, @uid}]}, 0x6c}], 0x6, &(0x7f0000001100)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r6, r6, 0xffffffffffffffff, r6, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [r10, r8, 0xffffffffffffffff, 0xffffffffffffffff, r9, 0xffffffffffffffff, r9]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r15, r17}}}], 0x80, 0x88bf05585fabedea}, 0x10)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)=@ipv6_newrule={0x98, 0x20, 0x300, 0x70bd2a, 0x25dfdbfc, {0xa, 0x10, 0x80, 0x6b, 0x1, 0x0, 0x0, 0x1, 0x2}, [@FIB_RULE_POLICY=@FRA_SUPPRESS_PREFIXLEN={0x8, 0xe, 0x9}, @FIB_RULE_POLICY=@FRA_OIFNAME={0x14, 0x11, 'vlan0\x00'}, @FIB_RULE_POLICY=@FRA_DPORT_RANGE={0x8, 0x18, {0x4e22, 0x4e20}}, @FIB_RULE_POLICY=@FRA_TABLE={0x8, 0xf, 0x4}, @FRA_SRC={0x14, 0x2, @mcast2}, @FRA_SRC={0x14, 0x2, @empty}, @FIB_RULE_POLICY=@FRA_UID_RANGE={0xc, 0x14, {r5, r15}}, @FIB_RULE_POLICY=@FRA_PROTOCOL={0x5, 0x15, 0x2}, @FRA_SRC={0x14, 0x2, @ipv4={'\x00', '\xff\xff', @private=0xa010101}}]}, 0x98}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000300), 0xffffffffffffffff)
listen(r3, 0x0)
sendmsg$IPSET_CMD_LIST(r10, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x1c, 0x7, 0x6, 0x903, 0x0, 0x0, {0x7, 0x0, 0x7}, [@IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x643fbbb6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000890}, 0x4000000)

4.32147113s ago: executing program 4 (id=2152):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r0}, 0x10)
poll(&(0x7f0000000140)=[{0xffffffffffffffff, 0x68}], 0x1, 0x200)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
getsockopt$netrom_NETROM_T4(0xffffffffffffffff, 0x103, 0x6, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100010000000c000200540a00001800000008000500", @ANYRES32=r4], 0x50}, 0x1, 0xba01}, 0x0)

3.694844988s ago: executing program 4 (id=2159):
socket$rds(0x15, 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_netdev_private(0xffffffffffffffff, 0x8914, 0x0)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r1, 0x890b, &(0x7f0000000600)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x2, [@null, @bcast, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
ioctl$sock_rose_SIOCDELRT(r0, 0x890c, 0x0)

3.41724034s ago: executing program 4 (id=2160):
r0 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000640)="80", 0x26892}], 0x1}, 0xfc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xa, 0x7, 0x6, 0x8c}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000500000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r1}, &(0x7f0000000080), &(0x7f0000000200)=r2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="b40500000000000079109c000000000005000000000000009500000000000020"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x6b, 0x11, 0x32}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit={0x95, 0x0, 0x33}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xb8000000}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r3, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETFLOWTABLE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000c00)=ANY=[@ANYBLOB="2c000000170a01"], 0x2c}}, 0x0)
sendmsg$inet(r0, &(0x7f0000000680)={&(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000240)="f9", 0x1}], 0x1}, 0x4000080)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2, 0x48010, r0, 0xa7699000)
sendmsg$inet(r0, &(0x7f0000000500)={&(0x7f0000000080)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)="cd", 0x1}], 0x1}, 0x240448c4)

2.48014805s ago: executing program 4 (id=2168):
r0 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000001240)={&(0x7f0000000000)=@qipcrtr={0x2a, 0x3, 0x8000}, 0x80, &(0x7f00000010c0)=[{&(0x7f0000000080)="4b88c391b2a59fb62ea0a1553fb0b02658b4acb532abcef183f16806c1fd0ae87b8900c7437ba7504b45b3c29740fa61f59a5cbbeba61cf541b2d522035c03b0f85b8fc9399d6548959c4cb25c70ad9c997b2840c72cd2ac558c50b9caa18c1d949d4e35a68ed7a3532a97a65f9073b0c33939b8e14a7a78fcbbcc9b440ce3ae091098730c71410d757be410f87e5296a870f97848bab4e3c834f5bd339569dec01d911a811b8a0ed0dab768d173663acf168708b0776bd8b645eb2231cdbffc692cab557ae078eca0be25d177ad1560baec5f683e86114795ffd190673eb05064125970167aed284254f8c57ac31bed246d54e1022f0cf8356dca50fbc404b141997b6dc96efa2597c57d2f7932acc90c7103481524dc2bc8ab9db153bf01f1af8eff1c7d2637bb92d61391c810ba89c97682961b73ec660072e09daad33c5818b075b44fbbb814c97264de575ae485856301a229ccf2cdd6bae39276351f53e6b454aedf814fe35988a293a7104ee3539510d40be690e1bd30be800b32fc12bd8f6637a8e60d34ab707093325bade14e35561d9a8d1383489e5e7f4294d5e97aebf26466ea5c35acabd27781702c9c51a00c61351ff2da6df2e154055aa1d8f4630756f7394609574c4413880e2a2536b5482c60ec735418e4cd921f4d3e18b50b20acc284a222ee1da02f4d2d2bb3eddff8a63ae96c70648c6f2c4b381eee1d918d8c7297103d3da1383c1588fd61debb49f5ce161dcf6d5218f25189f4bd63c444fe7e17f88c31ec3fd4c8ecbe54ca357ca4993f9d8bbccb9a94a657e9538f929f855d66a534e7770fbe78bfe660dbe4e228e2017d4e22ff6248124e162f0e49f4b447c882216d77102342265c7708936a8759ad73d2d4c18f6391b2f9ca6c545c534fb237db2670f255c00594f1ac1a4a52dec5dc4fe6819274f0360ca63ddefe90ba00d5a9209450bbf0f0316e64a22cba903996b2c1fd659d190d8ec03aa0d5b2f00dc24605059841e4780a65122d1be9a171b142c424e7891f6cbd3336ce29549ea1fae8cffdf5c61072e3e689ae84696777676b56e4dad4c4b60bebd07ff979c1c5f73d4b1bf5409fb272ed04a5993d03de6fc78328c36909d584678d8911c4d54603bd8e922490a067e9aeaac32d83848f5f8d8b037ca713783d226623a6931f8767dfdfb5911458c2440dc0e373a1b4695edaa1b1c80a827d7027fa5652ab97dd2715139f2fdc7bbf1823a1129209d924f44bcc0b2963e244180b0508b0e8ae906906a9e85357744b3bc240efeb78c63b19374d060e9d29fd5eaca222ce9a0d97daa5c24b60eaced4bb92093e80285dadcdab640326c6f10f441823b9500b3cdf1cef3a63900dad67f0e1564a74e19980ee8076c485a474e18ac8f47965c4cfaea65db335b81ae5cd4d0c688decc4e2b12543862d7c375be55c5dd27b13eb53c4ac1416295c5b45f0535d8cdce02f98b49f652f2d70fa9b408a66510cfc91774ae7c713c83b4c7834fbbb1cd6b671b0489a1ba15b2543dede7f9fbaca70ef0727b24eab2c32cad53e2b2a025ec9e17c8bf7cc6c4ee1dc4c76b0629e4e6fe638c5a69b7bd9edde9280de4ee3444b21c2b4ad94672c9281656f7c7be7e5101021d1b125370ce0f150a098e24182ac4a274c1b26d1447cf9ae5d9fca55df7448de6b6f00af5cc5865c105e3991844ab19b8be5fca524947239e503c9dbfef3c8f0e0ce3b23742669ed4d864dab8e41a9b9afb2f1b0c9c721bfa7315d35b39dc394d15c14f0691a46aa08d337e23fcb438aabfd8cdf46a9a950f1738aea671da7c4b75b45d7d7e96c288c54c100fe36a325ea766e117cc67568d3b18dfd618fd03c5bfaa56ac86e5473a5a69d936df59d02288cacecfb525bb93667328a452b5412ab316918962135b6c1c5094d3f34d7676f9208328500f781e02afca9fbd88ba674c843e8618f808ebf63b507388c72c4a78c2ac43f43f7b317e76cd8f4082167c5723b278bbd32e84e1e263f146895a0805f3c28b4b3f36a8dc3fe05e815cbd18f2cfbdb6258d4bbf36a60adc88028b13d4611b277674804cd38598fe32fe28fc3a0f99cd5000f315108a4db6d08ccece52b9b474cd809ad05598c555c76f03922b55cd904213b6dfa69724c202b64ffad08a91bfe06434308b57559b1d9d8da6451bfd83f30787d0c837dc96a8f7a549263bf48fe9eda7b6da4777a500a728342d9b1d1a28974dc59b408d7724328512bdb7169ef6de336fd6d9b16f931c44ba98640e2a51637290642d0bf76090d0637eeb89795ce7d1b131f9884612a879c1484a9318ee046e8d43db6d88a2b713f46d9f870585b2ac11925b5c104c903bcac6fa0f2008cbb2bafd304428f65b96a02e114974dcf9b1168edd9f1af0470bc52ce0a695b7e893196b8c55ccfca9257c95b984abc3fa54a6c5509ae1daeb8ee58d9c1eba055fac8e21c1b9ddb05f1963c5808262e56657faecdef8aec7e299e9d0a63a7273e29aa45e79a0f02a69e3c554887a056fecf980cc4be51c1680acf6faeb806e1856354a24246f9a4627564c060f7e46cb1695d81d65f7cbc32805a23ce87336f688b2802ba5006bcfac42135338a7b98c4491b0eb7eabb7535d7f9ad40ccda833618eb093550dae13cbc70493665868b4e66299c912c37dd1dcec5617cc68f8102f70970d42096bb044f7212829625f80349199a623b17675b67cc3aec44c1dfacced067b7b922b7a1cc2c49595b9c445b45f193e15d496de478659c6cfaabb983865dd7713b1825866be04e5a01906a5200695b9262c1345a71061f0d43f9da3dce64ae225d423a9073607b829d012e970912b04ef410a6fd6cb709787f93e4613fb49ed40c04f3811eaafeda33175b1ba8b76d43ed8325ce782e695124eaf82bb9c3026c7287d1ea1a471580612f6e2989318cfbd22a2986f13905bafdcce57ce3bb6526b1cd84891f6586be15d30c791591818f0fac7dac33e6d7920d8f9cd331448580040ae6d9358502575bcbe1c77921a07f8e01b4ba1720c2090ea4b703cc73ac1a5a96c75772612820c5c52d5c7e64ade84e70a12d87914bc45338af6de0a2cda23aad5b90ac93a8ac55332ec2e3cc3d02ceb2547ced75b2893b00b27c854c3363a1d4537aeab05354038f7a369e997d6ff69c42ad237f65f88c8f71b03bd4a7126aececa69ab7e0187d9b5504fee88964e4610b3d4c1fcf1c759e8eeac2b9e5b491837660686f981d0fcc637f73a8a277c5bb08643e707908448e96e44c3e6f33a0bc4db7254289019be1299d7626180c1b8f368ad87221d76c018468f16c4da899ae2f1b1d2e910de02b224bfb918855b09e4bae27bd70e9663d1235235a791c9e11531be9892f5e32648d6b6c3e0944d2c573f0a9a433ba5d3d50451c1c63e67933642a1fd881b9ed7a5621614d490c9617c947b2952faf54352db984801ffdee0b6a654ebdc5d63fecfcf988ee5ab85dafe332895ad37586d96946adec018dddafef10ec36ac1810c74e19a521dd609b7ef1223f4c2d1ae38591713f0e6d9d06b1a1921f3502fb1d8592bac9d537e229d2475473d5a324d95d4824d5659f43869b03d86996792ab8baf9d3dc559a43fdfe67efc504db92c9c84fe9dd4a1ade8feb4274448dcb7a99afe1964da8d1d1f5d517bebd454fcdfb751ef8012449764e551faaea53f5bfd99a998e7aa2bb41b83fac9cd326a610a1c48d61ff9a669459a4206a582598a300c158baed919e679fc3dfcc4952da54492b8f472e6eab7bcca3af8d38bf2595eacb66da76a8183511a3ba566324937e85d2f63adcc773fbd91ba0e8ac3854458361ae424a05102eaa6bb89e4c264fd265dbc02e3d0e6f5ec2438918b78cb12f4068a1e3674e6c908f916a0730ae40babcc8cb1b8c523c38f663d66383686df3df11e10fd6edf6bc0ea7df28236bf95534cdf2735d977771908462f4e71b81f958081f2bf112676df6da18f04e1c20b42b6b377e2010b93c175179529f1958df2243ffee835ab9107bd29965f4a98558090a5f1c6bf5ba3bbee17bb1769e5dcd68517a1ce08b892dd859936cc9ba706a5d67845c4760564cc52fa0140b6b44b5dd04440009a2112b5061085fdbd22edc3297a5a5f95cc43e23ed7b050ed354763572c9056d477ac60b022e87ff5a9791966f345847c350b1e440bed884f43273aaa71df2cb651c249925cac7a61d21ba829696d29dc422ae40fd87a1287b858136f3462c6d46524123353432bdeb470e6c91aebd00cb35e5c4f3bc89e0b2672e3513e92c68d55fd34fc0aa88f9b318c2280dca6590f5eae5c7790d2ee6e842384231c67b61b74fd42073b7ec4ebb9108d3c14ecd18f2a0441de6ea0427fa34317b7a84dca0fe7055ba0873b99fcc343c64b3b53efdf0f8c0c21c64b89bf6a5a3dd9cc529f1a2d8e40d0536ee861ac2372bb1754f817fcf0fc9db32fc0342e42825573b61b1e2a3544b2d1e6518e7fd0e7e2dee224a2481a11792d64deca64cc78b142df34eca2eb9133bab394a5ea050ec536acb2ab7bec91c2aac19dbf419702c30fdaefa020509f190dd91fe2a05d33837091d8d31f975c9b98f22ed3ec0227bda5183633b2bc1721fc9d1f402d0ceadc63a759b18c11fe5d2c36cf2e28031dad26c2566180046887e491fae7330ed012c4dc6f3dcd138eeefa957c14df89c23d74f156ba02495507f18595435bba81402600389d1151218aa8c6e7800ead27074a5b61b848330d688ed1bb367b4f1f94695112fdd3667b8906cf7220cbf134d46c38c2cf4ac0668a2458724954cd971cf0f23c16913686970fa1e0a07141a3f4adc6662e9edc5e9e1cc801924f70f945cd65c716b1ebaa5c580bd7f71c620517d1c717c0434fc73b0f7caf772fe56d2eb3198e80906ec9b8eec22d7a82c09a2666f4b56b3e59622af9776d34b5f76d8b18c440e504fcb3891a4e8fd43e0e2d87d3713c09e5d4ad7d1186af51b1af3b921804ae0287a4faeee25d8a44979054176cba8bd16dfcc211359c2c7897417a00e2ab3e9b6cae5874756cd13e0e7da951f1e192b0f016a5eb8b74f74e2087b32baa9edd98d4f6492d72140d5d9b7f19b5a2fcd49dc1238484cdd4a5ac00e56631f32a681506a47239212cdcd1b95e905e373fde78eb08527621965aa3acee82118ac548217d9748075d02b7067ce8e0a384b71da113d34dc215c49d99b10e7dc8d17f559032d0aacd4e6f37a4e55728a1839765ae1c0d9c2197e1f8ab3ad2bd307bc196275c4f719d76993c09d16dcf29715233ac1ed14f2d27d733c99df57ba18b6f0ca26c3ae7254ac9ab9b77484cd14123e27b1a49bf957f7bdd0fb515e10c79f8237414074dcad1f051141e3a608e615ce150fe28e8a5a276f36449a6558ac41f65f7bdffbf7ce2c35b7e0faa0479dbd24b6eec0bb7564d955f819b41f129e3cac4b2585ca24eddba48d35058356833e0d29044fc2845ba81642a5a764b7d5d0cbe60bfbf80b0bb9cf2cdaf1e928cf4498be8297f2c66db1c041fe08961652a966dab8c79f75d0badab3a3d6f2bf712d17f4a6ac2af498cf24602b0fe2916a3bd542f02355de6990d549c36d805c8244337add33049299ef995a2f3f4eb91f2a69549048796a2f11a02c4ac7fa729793e80e0f7c2c9a5e5f8e280d7688ac01bbd68c4d295784edf0877b50b31fa2977f19dab8ecad903ed5c5beb0c708e0a37183a9456c4a607915762e961ba3dc2c381c866c3db325d47817781097b691397ffdd71bfc7d1d777dfe18634d3ccbc7f798aa441202ab", 0x1000}, {&(0x7f0000001080)}], 0x2, &(0x7f0000001100)=[{0x60, 0x3a, 0x200, "d699d8fc8d9d49b2fd4aa86f5d9c3d58d1c0a729bea5d6ce1e35a454feb0a9334d5fbcaae9da837d8de1c6d81d0b65ce8058a1f191f853832d4f88671e391d3ac5a128d99db5356cd576db2325"}, {0x80, 0x103, 0x8, "5e07a5440a3e0215d8a5fe181dab3dc13885b155296ca2bbb3ea955819d1a08f28c584e4245796a467bdb5ef1944322c1d11f8051670db8394bcdbfa32e8121eeb15ffe783fca26a89d0f5f69b81c0f77395e8c9810679e136ca228b388facb98cd81c07c298817631"}, {0x30, 0x10d, 0x401, "2e64df999f29dcc2efaa98469a914a64568b8e6739b48fec8a4ea65cb9bfc5"}], 0x110}, 0x4)
r1 = socket$caif_seqpacket(0x25, 0x5, 0x5)
setsockopt$CAIFSO_REQ_PARAM(r1, 0x116, 0x80, &(0x7f0000001280)="6411097d19a1b35044d71dd1eb370c543dcbea3e8b1d4c0bbb436912a44e31a5baa4e32e1732de59d8196a91f92103951b79dd09c0c1d0eb389a85605342392fb578391c0f44dc8213", 0x49)
r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001340)=@o_path={&(0x7f0000001300)='./file0\x00', 0x0, 0x4000, r0}, 0x18)
ioctl$FICLONERANGE(r2, 0x4020940d, &(0x7f0000001380)={{r1}, 0x7, 0x6, 0x7fffffff})
ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, &(0x7f00000013c0))
ioctl$SIOCRSGL2CALL(0xffffffffffffffff, 0x89e5, &(0x7f0000001400)=@rose)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000001440)={<r4=>0x0, @in6={{0xa, 0x4e24, 0x8, @loopback, 0x401}}, 0x1, 0x6125, 0xb, 0xd, 0x7}, &(0x7f0000001500)=0x98)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f0000001540)={0x80, 0x8208, 0x2bac, 0xda, r4}, &(0x7f0000001580)=0x10)
ioctl$F2FS_IOC_RESIZE_FS(r3, 0x4008f510, &(0x7f00000015c0)=0xf0e6)
r5 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000001640)=@generic={&(0x7f0000001600)='./file0\x00'}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000001680)={'wg1\x00', <r6=>0x0})
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001780)={&(0x7f00000016c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x7, [@const={0xb}]}, {0x0, [0x30, 0x2e, 0x5f, 0x2e, 0x5f]}}, &(0x7f0000001700)=""/119, 0x2b, 0x77, 0x1, 0xb39}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f00000017c0)=@base={0x12, 0x8000, 0x54e, 0xff, 0x20, r5, 0x8, '\x00', r6, r7, 0x2, 0x0, 0x1}, 0x50)
r8 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
accept$netrom(r8, &(0x7f0000001840)={{0x3, @default}, [@null, @default, @remote, @bcast, @bcast, @netrom]}, &(0x7f00000018c0)=0x48)
close(r0)
ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000001900)={'wg1\x00', {0x2, 0x4e21, @multicast2}})
getsockopt(r8, 0x101, 0xf15b, &(0x7f0000001940)=""/4096, &(0x7f0000002940)=0x1000)
r9 = accept$packet(0xffffffffffffffff, &(0x7f0000002980)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000029c0)=0x14)
getsockname$packet(r9, &(0x7f0000002a00)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000002a40)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f0000002ac0)={'vxcan1\x00', <r12=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000002bc0)={&(0x7f0000002a80)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000002b80)={&(0x7f0000002b00)=@newqdisc={0x70, 0x24, 0x400, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r12, {0x2, 0x3}, {0x10, 0xfff3}, {0x9, 0x7}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x24, 0x2, [@TCA_FQ_CODEL_LIMIT={0x8, 0x2, 0x42ce}, @TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0xe}, @TCA_FQ_CODEL_QUANTUM={0x8}, @TCA_FQ_CODEL_TARGET={0x8, 0x1, 0x5}]}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x4ae}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x2}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x9}]}, 0x70}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000002c00)={<r13=>r7, 0x7, 0x100, 0x7})
r14 = syz_genetlink_get_family_id$ethtool(&(0x7f0000002c80), 0xffffffffffffffff)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000002cc0)={<r15=>0x0, @rand_addr, @multicast1}, &(0x7f0000002d00)=0xc)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r13, &(0x7f0000002ec0)={&(0x7f0000002c40)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000002e80)={&(0x7f0000002d40)={0x140, r14, 0x100, 0x70bd2b, 0x25dfdbfd, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x4}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}]}, @HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r15}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}]}]}, 0x140}, 0x1, 0x0, 0x0, 0x40408c4}, 0x2000c004)
recvmmsg(r0, &(0x7f0000007280)=[{{&(0x7f0000002f00)=@phonet, 0x80, &(0x7f00000042c0)=[{&(0x7f0000002f80)=""/81, 0x51}, {&(0x7f0000003000)=""/71, 0x47}, {&(0x7f0000003080)=""/136, 0x88}, {&(0x7f0000003140)=""/4096, 0x1000}, {&(0x7f0000004140)=""/23, 0x17}, {&(0x7f0000004180)=""/160, 0xa0}, {&(0x7f0000004240)=""/81, 0x51}], 0x7, &(0x7f0000004340)=""/2, 0x2}, 0x7fffffff}, {{&(0x7f0000004380)=@ethernet={0x0, @random}, 0x80, &(0x7f0000004ac0)=[{&(0x7f0000004400)=""/206, 0xce}, {&(0x7f0000004500)=""/130, 0x82}, {&(0x7f00000045c0)=""/86, 0x56}, {&(0x7f0000004640)=""/135, 0x87}, {&(0x7f0000004700)=""/226, 0xe2}, {&(0x7f0000004800)=""/202, 0xca}, {&(0x7f0000004900)=""/117, 0x75}, {&(0x7f0000004980)=""/66, 0x42}, {&(0x7f0000004a00)=""/79, 0x4f}, {&(0x7f0000004a80)=""/26, 0x1a}], 0xa, &(0x7f0000004b80)=""/207, 0xcf}, 0x8}, {{0x0, 0x0, &(0x7f0000004cc0)=[{&(0x7f0000004c80)=""/51, 0x33}], 0x1, &(0x7f0000004d00)=""/211, 0xd3}, 0xc}, {{&(0x7f0000004e00)=@isdn, 0x80, &(0x7f0000006200)=[{&(0x7f0000004e80)=""/112, 0x70}, {&(0x7f0000004f00)=""/4096, 0x1000}, {&(0x7f0000005f00)=""/26, 0x1a}, {&(0x7f0000005f40)=""/203, 0xcb}, {&(0x7f0000006040)=""/130, 0x82}, {&(0x7f0000006100)=""/202, 0xca}], 0x6, &(0x7f0000006280)=""/4096, 0x1000}, 0x8}], 0x4, 0x3, &(0x7f0000007380))

2.385186349s ago: executing program 4 (id=2169):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r0=>0xffffffffffffffff})
pipe(&(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x5)
write(r0, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x8604}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="1c1500001a00010000000836b2342e5a5439d45bfbf36b61b73c0037"], 0x1c}}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r4, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
connect$netlink(r4, &(0x7f00000005c0)=@proc={0x10, 0x0, 0x1}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x21, &(0x7f0000b4bffc)=0x8, 0x4)
write(r4, &(0x7f0000000000)='\"', 0x1)
recvmmsg(r4, &(0x7f0000000780), 0x3ffffffffffff81, 0x2, 0x0)
sendmmsg$inet(r4, 0x0, 0x0, 0x840)
r5 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0), r2)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f00000002c0)={'ip6_vti0\x00', <r6=>0x0, 0x29, 0xd, 0x0, 0xfc, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x7800, 0x20, 0x4, 0x13e0329d}})
sendmsg$FOU_CMD_DEL(r4, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x34, r5, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e22}, @FOU_ATTR_IFINDEX={0x8, 0xb, r6}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e23}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e20}]}, 0x34}, 0x1, 0x0, 0x0, 0x40c5}, 0x4044011)

1.896306852s ago: executing program 0 (id=2177):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
close(r0)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r2=>0x0]}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000540)={r2, 0x6a5}, 0x0)

1.68180443s ago: executing program 0 (id=2179):
socket$alg(0x26, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x4)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
socket$kcm(0x10, 0x3, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="6400000010000304000000000ffe000000000000", @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002211c0000001f000000060001000000000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}}, 0x0)

1.388177966s ago: executing program 2 (id=2180):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="00001c000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af0800010000000000080001000000000060001a803f0003"], 0x270}, 0x1, 0x0, 0x0, 0x8015}, 0x4)

1.265975486s ago: executing program 1 (id=2181):
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_DEL_KEY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010003000000000000000a00000008000300", @ANYRES32=r2, @ANYBLOB="1400508004000500040008800500020035"], 0x30}, 0x1, 0x0, 0x0, 0x48881}, 0x40) (async)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)

1.129069472s ago: executing program 0 (id=2182):
r0 = socket$inet6(0xa, 0x2, 0x3a)
sendmmsg$inet6(r0, &(0x7f0000001940)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000"], 0x48)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000780), 0xffffffffffffffff)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, 0x0, 0x0)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
ioctl$sock_SIOCGIFBR(r3, 0x8940, &(0x7f0000000080)=@get={0x1, &(0x7f0000000200)=""/155, 0x1})
bind$alg(r4, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000640)=[{0x0, 0x300, &(0x7f0000000380)=[{&(0x7f0000000140)="b57523cb1a2c90d8acad2e2d98dfc9ea7a5843c3b63b683ced2b3266175599b779617e66e6b3e15c042be90635a2d36160bbf9a2edcacc0bbe015b84150a1928de94397894ff36aa430fc2a0814ba634308d6d0837250dfd1eca5383f9d151449743b1a0c4ffc51242a229c5d6d06f147a61d797ea7ffeda95b76f5623", 0x7d}, {&(0x7f00000001c0)="66f7", 0x3}, {&(0x7f0000000300)='l3', 0x7fffef80}], 0x3}], 0x1, 0x0)

958.442607ms ago: executing program 1 (id=2183):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000400000000000000000071123c000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)

957.85474ms ago: executing program 2 (id=2184):
socket$rds(0x15, 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_netdev_private(0xffffffffffffffff, 0x8914, 0x0)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r1, 0x890b, &(0x7f0000000600)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x2, [@null, @bcast, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
ioctl$sock_rose_SIOCDELRT(r0, 0x890c, 0x0)

820.332272ms ago: executing program 1 (id=2185):
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$alg(0x26, 0x5, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket(0x2a, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="e8000000000000000b210000ff3f7c081e0f315b91fcaec7bf495d5c618332756cbb1bb9ce6d12b9d976d1f33aca41e50a3342bcd67c311f7885a05c3fcf2ae21f1498ec481e7ca2c3ca4c7b3bf94448f62e111e5a79929b9182cc977ba6ae766ce37bdaac6da997fbc15f0c79f42155b99a280667b51fdc7902d7be5ef41f953fedb32aceeada13250626957e2013d5b12cc916541ccbeb0d4060a4dd89664eaba2f6b4ede0c9e3dc1c9446d9284ebe0e46eee7bc145ff0a2779c025553298812978ea53a8c60f254f23344a80a0aac7b141787bad6b0ba090000005f2f3158f0d200000000000070000000000000000701000040000000afbb30c2946e41ef3167d1f6ed47aa1f52bad114a89dbed741f74a23cd8d915e2dcc74a4932646b90f90a9d3956d5cadb642ac79fcb0aae3654482188263abd27e9d57cc28032453dc75f333e1f367ab38b7e7719805a454e79802d07ec60c00b0000000000000000100000001"], 0x208}, 0x0)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x208}, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2002, 0x0)
socket$netlink(0x10, 0x3, 0x4)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$kcm(0x21, 0x2, 0x2)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="64000000100003040ffe00"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}}, 0x0)

780.99844ms ago: executing program 2 (id=2186):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xf6e3afa812936d9d}, 0xc, &(0x7f00000000c0)={&(0x7f00000002c0)={0x34, r1, 0x10a, 0x70bd28, 0x25dfdbfd, {{}, {}, {0x18, 0x17, {0x11, 0xf0000000, @udp='udp:syz1\x00'}}}, [""]}, 0x34}, 0x1, 0x0, 0x0, 0xd379a04f951e5fdf}, 0x20040800) (async)
r2 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r2, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r3 = socket$unix(0x1, 0x2, 0x0)
r4 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r4, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84) (async)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r7=>0x0}, &(0x7f00000002c0)=0x8)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r5, 0x84, 0x71, &(0x7f0000000240)={r7, 0xffff}, &(0x7f0000000280)=0x8) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmmsg(r4, 0x0, 0x0, 0x3ec0)
connect$unix(r3, 0x0, 0x0) (async)
r8 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r8, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) (async)
setsockopt$packet_fanout_data(r8, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x4c}, {0x6}]}, 0x10)
r9 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r3, &(0x7f0000000040)={0x8}) (async)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000000020000000000000000008500000017000000850000000700000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r10, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f0800", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
ppoll(&(0x7f0000000140)=[{r3, 0x8100}], 0x1, 0x0, 0x0, 0x0)
readv(r2, &(0x7f0000000000)=[{&(0x7f00000003c0)=""/150, 0x96}], 0x1)
r11 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000340)={'dummy0\x00', <r12=>0x0}) (async)
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r13, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r12}}, 0x24}, 0x1, 0x0, 0x0, 0x4000091}, 0x0)

617.840859ms ago: executing program 1 (id=2187):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000002c0)={'batadv_slave_1\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000f00000000000a000000000000000000000008000400", @ANYRES32=r1, @ANYBLOB="06001500070000000c001680080001"], 0x38}}, 0x10)

548.244434ms ago: executing program 0 (id=2188):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r0, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x2, 0xe4ffffff}, 0x2, r2}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)

516.405075ms ago: executing program 2 (id=2189):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x22011, r0, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x8032, r0, 0x0)

419.360202ms ago: executing program 0 (id=2190):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0xbe, &(0x7f0000000080)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x24, 0x0, {0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @local, @dev, {[@cipso={0x86, 0x71, 0x0, [{0x0, 0xc, "e256b28c59881681fb52"}, {0x0, 0x9, "789607671442eb"}, {0x0, 0xe, "7434954373561de584b703c8"}, {0x0, 0x9, "e706d30bd224f8"}, {0x0, 0x7, "cfa11cab1a"}, {0x0, 0x10, "8475be675de6a70a05a0dc91e5c6"}, {0x0, 0xa, "6580a5e97612fe86"}, {0x0, 0x12, "73bc2300ad9d19a30000000000000000"}, {0x0, 0xc, "c8f46976e79e56c7a95e"}]}, @cipso={0x86, 0xc, 0x0, [{0x0, 0x6, "7f36c525"}]}]}}}}}}}, 0x0)

331.381854ms ago: executing program 1 (id=2191):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r0)
sendmsg$TIPC_NL_PUBL_GET(r0, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000001480)={&(0x7f0000000580)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="410328bd7000fddbdf2507379090540c557b8b657cde000000dc1daec8318bf754fbbd02a97746ad82c7f5e6790467a8adfcdd64ac332e84a79ac5a6b5513f162346739cb5005fe105d3dbe7ae8fad2ec5c929dfd73092c1754e4318bb56f68c1f10212d917f76aa6cd23892e72654f4098302d48e76f2b690fb9dc427e7cf99b08ca8d4175eda9fc0a9ebd300c29fefbb402331aade756047e345e55678d78d2e5abd2dee2ef17757279c7b25f149688129192a01edb59369875ea90cb2c99602fa66789cf801d895650d679dc229c37765626d25e4ed1db7f8f5ba6e679f1cc17cf7b4eeb5c3d711a5fb8c0f82418e91cc316be7c8c8924361fc8a4f74b70425ef9149555505218c1be43ca4d43aed24f59f4cb7aa7e9e6402635106220ee08eda64c94f369a1d3875a09d4537870786311b9302ae62342768c300e155d9d0956c1d"], 0x14}, 0x1, 0x0, 0x0, 0x8810}, 0x14)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r3 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000940)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001280)=ANY=[@ANYBLOB="3c0000001000370400"/20, @ANYRES32=r5, @ANYBLOB="83450500000000001c0012800b000100697036746e6c00000c00028008000100", @ANYBLOB='Fh'], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e21, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty}}}], 0x20}}], 0x1, 0x0)
r6 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(r6, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="74010000", @ANYRES16=r7, @ANYRESOCT=r2], 0x174}, 0x1, 0x0, 0x0, 0x20008081}, 0x1)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000fc0)={0x44, 0x18, 0x229, 0x0, 0x0, {0x2}, [@typed={0x8, 0x800, 0x0, 0x0, @u32}, @nested={0x28, 0x9, 0x0, 0x1, [@typed={0x14, 0x0, 0x0, 0x0, @ipv6=@private2}, @typed={0x8, 0x3ffd, 0x0, 0x0, @u32}, @typed={0x8, 0x73, 0x0, 0x0, @uid}]}]}, 0x44}}, 0x0)
ioctl$sock_bt_hidp_HIDPCONNADD(r3, 0x400448c8, &(0x7f00000000c0)={r2, r2, 0x206, 0x0, 0x0, 0x2, 0x72, 0x1, 0x3, 0x7, 0x0, 0x8, 'syz1\x00'})
shutdown(r2, 0x1)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000d00)={@fallback, 0xffffffffffffffff, 0x36, 0x4000}, 0x20)
ioctl$sock_bt_hidp_HIDPCONNDEL(r3, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1})
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000050000000000000000000024000a20000000000a1f000000000000000000010000000900010073797a300000000058000000030a0104000000000000000001000000090003803d2175fbe782c2002c00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c0004"], 0x122}}, 0x10)

329.317276ms ago: executing program 2 (id=2192):
r0 = socket$inet6(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {}, [{0x54, 0x1, [@m_tunnel_key={0x50, 0x1, 0x0, 0x0, {{0xf}, {0x20, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x1}, 0x2}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000000203030001"], 0x14}}, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendto$inet6(r0, &(0x7f0000000180)="900000001c001f4d154a817393278bff0a80a578020000000404840014000100ac1414bb0542d6401051a2d708f3fac8da1a297e0099c5ac0000c5b068d0bf46d3234565a0016466fcb78dcaaf6c3efed495a46215be0000766436c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x20000000, 0x0, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2, <r3=>0xffffffffffffffff}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1000000004000000020000000700000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000f00040000000099f35a04adfb09d94d96347c5319a749569f1b5b25a4abc896baf93e94d4c83b7f5be52c23d809047eec7686fac041ddca0a3357824794"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
ioctl$NS_GET_USERNS(r4, 0xb701, 0x0)
unshare(0x2c020400)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x90, 0x90, 0x6, [@ptr={0x5, 0x0, 0x0, 0x2, 0x2}, @type_tag={0x3, 0x0, 0x0, 0x12, 0x4}, @type_tag={0x10, 0x0, 0x0, 0x12, 0x4}, @var={0x10, 0x0, 0x0, 0xe, 0x3}, @decl_tag={0x7, 0x0, 0x0, 0x11, 0x2, 0x4}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x2, 0x1}}, @enum={0xd, 0x5, 0x0, 0x6, 0x4, [{0xa, 0x9}, {0x1, 0x8}, {0x7a1, 0x4}, {0xc, 0xffff}, {0xb}]}]}, {0x0, [0x2e, 0x30, 0x30, 0x0]}}, &(0x7f00000004c0)=""/147, 0xae, 0x93, 0x0, 0x7ff, 0x10000}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001700)={r5, 0x20, &(0x7f0000000600)={&(0x7f0000000580)=""/112, 0x70, <r6=>0x0, &(0x7f0000000700)=""/4096, 0x1000}}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000040)=ANY=[@ANYRESOCT=r3], &(0x7f0000000440)='GPL\x00', 0xe629, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x5, '\x00', 0x0, @flow_dissector=0x11, r5, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, r6}, 0x94)
ioctl$FIBMAP(r7, 0x1, &(0x7f0000000080))
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.io_wait_time\x00', 0x0, 0x0)
sendmsg$NFT_MSG_GETCHAIN(r8, &(0x7f00000001c0)={&(0x7f0000000100), 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x4, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xffffffffffffffff}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x44010}, 0x0)

263.598786ms ago: executing program 0 (id=2193):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x52, &(0x7f0000000040)=0x2, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000002240)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)=""/97, 0x61}, 0x6}], 0x1, 0x1020, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x44000, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100340200000c0002001f0000001e00000008000500", @ANYRES32=r3], 0x50}}, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000600)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha512\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
r6 = accept4(r5, 0x0, 0x0, 0x80000)
recvmmsg(r6, &(0x7f0000001440)=[{{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, &(0x7f0000000300)=[{0x0}, {&(0x7f0000000d80)=""/157, 0x9d}], 0x2}, 0x10}], 0x2, 0x10002, 0x0)
r7 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$inet_MCAST_MSFILTER(r7, 0x0, 0x30, &(0x7f00000006c0)={0x7, {{0x2, 0x4e21, @multicast1}}, 0x1, 0x2, [{{0x2, 0x4e24, @multicast2}}, {{0x2, 0x4e22, @loopback}}]}, 0x190)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r9, &(0x7f00000000c0)='freezer.parent_freezing\x00', 0x0, 0x0)
r10 = socket(0x1, 0x803, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newlink={0x50, 0x10, 0x421, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad, 0x60e1}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0xe, 0xa}}, @IFLA_VLAN_ID={0x6, 0x1, 0x400}]}}}, @IFLA_LINK={0x8, 0x5, r11}]}, 0x50}}, 0x2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r12=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r12}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
r13 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x50483}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x8, 0x6, @remote}, @IFLA_GRE_REMOTE={0x8, 0x7, @multicast1}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

145.723905ms ago: executing program 2 (id=2194):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000200), 0x0)
ioctl$sock_rose_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)={0x74, 0x0, 0x8, 0x401, 0x0, 0x0, {0x2, 0x0, 0x5}, [@CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @udp=[@CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0xc212}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x2f}, @CTA_TIMEOUT_DATA={0x24, 0x4, 0x0, 0x1, @gre=[@CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0xece482b2}, @CTA_TIMEOUT_GRE_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x7f}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x80000001}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x5}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xa100}]}, 0x74}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r3, 0x29, 0x44, &(0x7f0000000000)={'icmp6\x00'}, &(0x7f00000000c0)=0x1e)
ioctl$sock_netrom_SIOCADDRT(r1, 0x890b, &(0x7f0000000240)={0x1, @default, @bpq0, 0x40, 'syz1\x00', @bcast, 0x5, 0x4, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast]})
r4 = socket$kcm(0x2d, 0x2, 0x0)
sendmsg$IPSET_CMD_LIST(r4, &(0x7f00000000c0)={&(0x7f0000000000)={0x2d, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x40}, 0x40041)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e22, @private=0xa010101}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000200000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r6 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(r5, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="000328bd7000fedbdf251f0000000500920008000000060021006100000008009a00010000000400cc00080001000c000000050092000300000008009a00b2ef13e00800010060000008b71805399c4e4ddf000700210061610000"], 0x58}, 0x1, 0x0, 0x0, 0x80}, 0x4008000)

0s ago: executing program 1 (id=2195):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
r1 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 64)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@ipv4_delroute={0x44, 0x19, 0x901, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, 0x0, 0x2, 0xfd, 0x1}, [@RTA_DST={0x8, 0x1, @dev}, @RTA_GATEWAY={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @RTA_ENCAP={0x10, 0x16, 0x0, 0x1, @SEG6_LOCAL_BPF={0xc, 0x8, 0x0, 0x1, @SEG6_LOCAL_BPF_PROG_NAME={0x7, 0x2, '-\xae\x00'}}}, @RTA_FLOW={0x8, 0xb, 0x4}]}, 0x44}}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="240000001a00010025bd7000000000001c000000", @ANYRES32=0x0, @ANYBLOB="0000840008000fe300080000d77ea07df1ffbaacffd0338d87fee4ef01fa0acb9cfef874c027963d13e2e94c429546e32a05c7340a584ba0d2292bd82563b215fc309639d18cf774ad88dd2db54184c4a9fc4bcd8d5009543d2b9f2c21a369ed92df30116e4dcc021173398e93b2bce5303574863b6e98bcb3fa"], 0x24}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0xa, 0x2, 0x0, &(0x7f0000000200)='GPL\x00'}, 0x94) (async)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0x10)
r3 = syz_genetlink_get_family_id$fou(&(0x7f00000001c0), r2)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0x58, &(0x7f00000002c0)}, 0x10) (async)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000380), &(0x7f00000003c0)=0x4) (async, rerun: 32)
sendmsg$FOU_CMD_GET(r2, &(0x7f00000005c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000600)={&(0x7f0000000500)={0x33, r3, 0x200, 0x70bd2a, 0x25dfdbff, {}, [@FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e22}, @FOU_ATTR_AF={0x5, 0x2, 0x2}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @private=0xa010100}, @FOU_ATTR_AF={0x5, 0x2, 0xa}, @FOU_ATTR_TYPE={0x5, 0x4, 0x2}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e22}, @FOU_ATTR_TYPE={0x5, 0x4, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x80}, 0x4000800) (async, rerun: 32)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_netdev_private(r4, 0x89f1, &(0x7f0000000000))
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x18)
ioctl$FIDEDUPERANGE(r6, 0xc0189436, &(0x7f0000001180)=ANY=[]) (async)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x9, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="c40a000000010000611148000000000006000000feffffff9500000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0x16, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76}, 0x21) (async)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r10=>0x0}) (rerun: 64)
sendmsg$NL80211_CMD_SET_INTERFACE(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="ac000000", @ANYRES16=r9, @ANYBLOB="050000000000fdffffff0600000008000300", @ANYRES32=r10, @ANYBLOB="08000500060000000a00e8"], 0xac}, 0x1, 0x0, 0x0, 0x4800}, 0xc810) (async)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r2, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='D\x00\x00\b', @ANYRES16=r7, @ANYBLOB="020027bd7000ffdbdf25310000000800010037000000000001000300000008000300", @ANYRES32=r10, @ANYBLOB="0800010029000000080001006e0000005100010080000000"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x4040000) (async, rerun: 32)
socket$inet6_udplite(0xa, 0x2, 0x88) (rerun: 32)

kernel console output (not intermixed with test programs):

84][T10699]  </TASK>
[  284.386850][T10705] netlink: 'syz.1.1457': attribute type 1 has an invalid length.
[  284.620485][ T1083] team0 (unregistering): Port device team_slave_1 removed
[  284.657898][ T1083] team0 (unregistering): Port device team_slave_0 removed
[  285.129510][T10706] bond5 (unregistering): Released all slaves
[  285.179888][T10715] netlink: 'syz.4.1459': attribute type 1 has an invalid length.
[  285.188308][T10715] netlink: 192 bytes leftover after parsing attributes in process `syz.4.1459'.
[  285.189397][T10708] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1457'.
[  285.353022][ T5845] Bluetooth: hci4: command tx timeout
[  285.407929][T10719] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1460'.
[  285.610909][T10728] netlink: 'syz.4.1462': attribute type 32 has an invalid length.
[  285.636746][T10680] chnl_net:caif_netlink_parms(): no params data found
[  285.643774][T10728] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1462'.
[  285.643984][T10733] netlink: 'syz.2.1463': attribute type 1 has an invalid length.
[  285.730401][T10733] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1463'.
[  285.740833][T10728] (unnamed net_device) (uninitialized): Setting coupled_control to off (0)
[  286.011700][T10737] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1465'.
[  286.303443][T10680] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.306057][T10747] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  286.317840][T10747] IPv6: NLM_F_CREATE should be set when creating new route
[  286.325234][T10747] IPv6: NLM_F_CREATE should be set when creating new route
[  286.340420][T10680] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.367760][T10680] bridge_slave_0: entered allmulticast mode
[  286.396059][T10680] bridge_slave_0: entered promiscuous mode
[  286.494633][T10680] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.504893][T10680] bridge0: port 2(bridge_slave_1) entered disabled state
[  286.512715][T10680] bridge_slave_1: entered allmulticast mode
[  286.537681][T10680] bridge_slave_1: entered promiscuous mode
[  286.552651][T10752] vlan0: entered promiscuous mode
[  286.557832][T10752] dummy0: entered promiscuous mode
[  286.609116][T10753] netlink: 'syz.4.1468': attribute type 4 has an invalid length.
[  286.771416][T10680] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  286.789660][T10760] openvswitch: netlink: IPv4 tun info is not correct
[  286.808896][T10680] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  286.812022][T10760] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1469'.
[  287.029947][T10680] team0: Port device team_slave_0 added
[  287.036763][T10769] xt_socket: unknown flags 0x8
[  287.042606][T10680] team0: Port device team_slave_1 added
[  287.155396][T10680] batman_adv: batadv0: Adding interface: batadv_slave_0
[  287.173293][T10680] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  287.208875][T10680] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  287.246410][T10680] batman_adv: batadv0: Adding interface: batadv_slave_1
[  287.259899][T10680] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  287.290654][T10680] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  287.432276][ T5845] Bluetooth: hci4: command tx timeout
[  287.551412][T10680] hsr_slave_0: entered promiscuous mode
[  287.572366][T10680] hsr_slave_1: entered promiscuous mode
[  287.614546][T10680] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  287.639285][T10680] Cannot create hsr debugfs directory
[  287.736264][T10791] vlan0: entered promiscuous mode
[  287.741861][T10791] macvlan0: entered promiscuous mode
[  287.896971][T10797] vlan0: entered promiscuous mode
[  287.906577][T10797] bridge0: entered promiscuous mode
[  287.914207][T10797] vlan0: entered allmulticast mode
[  287.919532][T10797] bridge0: entered allmulticast mode
[  288.384731][T10809] FAULT_INJECTION: forcing a failure.
[  288.384731][T10809] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  288.401948][T10809] CPU: 0 UID: 0 PID: 10809 Comm: syz.2.1487 Not tainted 6.16.0-rc3-syzkaller-00901-gf22e6fdf7b33 #0 PREEMPT(full) 
[  288.401983][T10809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  288.401997][T10809] Call Trace:
[  288.402005][T10809]  <TASK>
[  288.402025][T10809]  dump_stack_lvl+0x189/0x250
[  288.402060][T10809]  ? __pfx____ratelimit+0x10/0x10
[  288.402083][T10809]  ? __pfx_dump_stack_lvl+0x10/0x10
[  288.402114][T10809]  ? __pfx__printk+0x10/0x10
[  288.402149][T10809]  should_fail_ex+0x414/0x560
[  288.402174][T10809]  _copy_to_user+0x31/0xb0
[  288.402191][T10809]  simple_read_from_buffer+0xe1/0x170
[  288.402210][T10809]  proc_fail_nth_read+0x1df/0x250
[  288.402231][T10809]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  288.402252][T10809]  ? rw_verify_area+0x258/0x650
[  288.402275][T10809]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  288.402295][T10809]  vfs_read+0x1fd/0x980
[  288.402323][T10809]  ? __pfx___mutex_lock+0x10/0x10
[  288.402341][T10809]  ? __pfx_vfs_read+0x10/0x10
[  288.402366][T10809]  ? __fget_files+0x2a/0x420
[  288.402388][T10809]  ? __fget_files+0x3a0/0x420
[  288.402403][T10809]  ? __fget_files+0x2a/0x420
[  288.402427][T10809]  ksys_read+0x145/0x250
[  288.402451][T10809]  ? __fget_files+0x3a0/0x420
[  288.402469][T10809]  ? __pfx_ksys_read+0x10/0x10
[  288.402497][T10809]  ? do_syscall_64+0xbe/0x3b0
[  288.402521][T10809]  do_syscall_64+0xfa/0x3b0
[  288.402538][T10809]  ? lockdep_hardirqs_on+0x9c/0x150
[  288.402556][T10809]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.402573][T10809]  ? clear_bhb_loop+0x60/0xb0
[  288.402592][T10809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.402607][T10809] RIP: 0033:0x7f806cf8d33c
[  288.402624][T10809] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  288.402638][T10809] RSP: 002b:00007f806deb8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  288.402656][T10809] RAX: ffffffffffffffda RBX: 00007f806d1b5fa0 RCX: 00007f806cf8d33c
[  288.402668][T10809] RDX: 000000000000000f RSI: 00007f806deb80a0 RDI: 0000000000000003
[  288.402678][T10809] RBP: 00007f806deb8090 R08: 0000000000000000 R09: 0000000000000000
[  288.402687][T10809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  288.402706][T10809] R13: 0000000000000000 R14: 00007f806d1b5fa0 R15: 00007ffd1f001b88
[  288.402734][T10809]  </TASK>
[  288.747112][T10811] netlink: 'syz.2.1488': attribute type 21 has an invalid length.
[  288.757412][T10811] __nla_validate_parse: 2 callbacks suppressed
[  288.757431][T10811] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1488'.
[  288.897257][T10815] lo: entered promiscuous mode
[  288.902349][T10815] lo: entered allmulticast mode
[  288.909285][T10815] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  289.154757][T10680] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  289.201265][T10680] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  289.223078][T10829] netlink: 'syz.0.1495': attribute type 1 has an invalid length.
[  289.228374][T10680] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  289.258392][T10680] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  289.493202][T10848] team_slave_0: entered promiscuous mode
[  289.499219][T10848] team_slave_1: entered promiscuous mode
[  289.504976][T10848] bridge1: entered promiscuous mode
[  289.514731][ T5845] Bluetooth: hci4: command tx timeout
[  289.521825][T10851] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1496'.
[  289.561508][T10848] macsec0: entered promiscuous mode
[  289.570718][T10848] team0: entered promiscuous mode
[  289.619673][T10848] team0: left promiscuous mode
[  289.639166][T10848] team_slave_0: left promiscuous mode
[  289.644733][T10848] team_slave_1: left promiscuous mode
[  289.650321][T10848] bridge1: left promiscuous mode
[  289.798685][T10859] vlan0: entered promiscuous mode
[  289.997599][T10680] 8021q: adding VLAN 0 to HW filter on device bond0
[  290.055538][T10680] 8021q: adding VLAN 0 to HW filter on device team0
[  290.085249][ T7911] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.092473][ T7911] bridge0: port 1(bridge_slave_0) entered forwarding state
[  290.132540][ T7913] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.139762][ T7913] bridge0: port 2(bridge_slave_1) entered forwarding state
[  290.389044][T10877] FAULT_INJECTION: forcing a failure.
[  290.389044][T10877] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  290.422684][T10877] CPU: 0 UID: 0 PID: 10877 Comm: syz.0.1508 Not tainted 6.16.0-rc3-syzkaller-00901-gf22e6fdf7b33 #0 PREEMPT(full) 
[  290.422715][T10877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  290.422728][T10877] Call Trace:
[  290.422735][T10877]  <TASK>
[  290.422744][T10877]  dump_stack_lvl+0x189/0x250
[  290.422781][T10877]  ? __pfx____ratelimit+0x10/0x10
[  290.422803][T10877]  ? __pfx_dump_stack_lvl+0x10/0x10
[  290.422833][T10877]  ? __pfx__printk+0x10/0x10
[  290.422866][T10877]  should_fail_ex+0x414/0x560
[  290.422895][T10877]  _copy_to_user+0x31/0xb0
[  290.422916][T10877]  simple_read_from_buffer+0xe1/0x170
[  290.422940][T10877]  proc_fail_nth_read+0x1df/0x250
[  290.422965][T10877]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  290.422990][T10877]  ? rw_verify_area+0x258/0x650
[  290.423017][T10877]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  290.423040][T10877]  vfs_read+0x1fd/0x980
[  290.423073][T10877]  ? __pfx___mutex_lock+0x10/0x10
[  290.423096][T10877]  ? __pfx_vfs_read+0x10/0x10
[  290.423126][T10877]  ? __fget_files+0x2a/0x420
[  290.423151][T10877]  ? __fget_files+0x3a0/0x420
[  290.423169][T10877]  ? __fget_files+0x2a/0x420
[  290.423199][T10877]  ksys_read+0x145/0x250
[  290.423229][T10877]  ? __pfx_ksys_read+0x10/0x10
[  290.423254][T10877]  ? rcu_is_watching+0x15/0xb0
[  290.423289][T10877]  ? do_syscall_64+0xbe/0x3b0
[  290.423314][T10877]  do_syscall_64+0xfa/0x3b0
[  290.423335][T10877]  ? lockdep_hardirqs_on+0x9c/0x150
[  290.423355][T10877]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.423373][T10877]  ? clear_bhb_loop+0x60/0xb0
[  290.423396][T10877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.423413][T10877] RIP: 0033:0x7f98b2f8d33c
[  290.423430][T10877] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  290.423446][T10877] RSP: 002b:00007f98b3d22030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  290.423466][T10877] RAX: ffffffffffffffda RBX: 00007f98b31b5fa0 RCX: 00007f98b2f8d33c
[  290.423480][T10877] RDX: 000000000000000f RSI: 00007f98b3d220a0 RDI: 0000000000000004
[  290.423492][T10877] RBP: 00007f98b3d22090 R08: 0000000000000000 R09: 0000000000000000
[  290.423503][T10877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  290.423523][T10877] R13: 0000000000000000 R14: 00007f98b31b5fa0 R15: 00007ffd08047ef8
[  290.423554][T10877]  </TASK>
[  290.825100][T10883] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1509'.
[  290.856978][T10884] bpq0: entered promiscuous mode
[  290.867027][T10884] bpq0: entered allmulticast mode
[  290.938850][T10884] netlink: 'syz.0.1510': attribute type 1 has an invalid length.
[  291.003189][T10884] bond9: entered promiscuous mode
[  291.008845][T10884] 8021q: adding VLAN 0 to HW filter on device bond9
[  291.054666][T10891] bond9: (slave bridge7): making interface the new active one
[  291.066443][T10891] bridge7: entered promiscuous mode
[  291.087928][T10866] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  291.091241][T10891] bond9: (slave bridge7): Enslaving as an active interface with an up link
[  291.125607][T10890] batadv0: entered promiscuous mode
[  291.139949][T10890] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network
[  291.156559][T10890] 8021q: adding VLAN 0 to HW filter on device hsr1
[  291.171511][T10890] batadv0: left promiscuous mode
[  291.231571][T10897] netlink: 'syz.0.1514': attribute type 1 has an invalid length.
[  291.249711][T10897] netlink: 192 bytes leftover after parsing attributes in process `syz.0.1514'.
[  291.269226][T10680] 8021q: adding VLAN 0 to HW filter on device batadv0
[  291.375546][T10902] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1515'.
[  291.423406][T10680] veth0_vlan: entered promiscuous mode
[  291.451276][T10680] veth1_vlan: entered promiscuous mode
[  291.526146][T10680] veth0_macvtap: entered promiscuous mode
[  291.553895][T10680] veth1_macvtap: entered promiscuous mode
[  291.590634][ T5845] Bluetooth: hci4: command tx timeout
[  291.599084][T10680] batman_adv: batadv0: Interface activated: batadv_slave_0
[  291.672137][T10680] batman_adv: batadv0: Interface activated: batadv_slave_1
[  291.725698][ T7911] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  291.761504][ T7911] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  291.778900][ T7911] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  291.789335][ T7911] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  292.151605][ T1167] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  292.159525][ T1167] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  292.431305][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  292.439842][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  292.819471][T10961] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  292.883905][T10961] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  292.982508][T10968] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1526'.
[  293.391323][   T36] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.895124][   T36] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.944009][T10946] xt_CT: No such helper "snmp"
[  294.076962][   T36] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.173048][   T36] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.286935][   T36] bridge_slave_1: left allmulticast mode
[  294.292695][   T36] bridge_slave_1: left promiscuous mode
[  294.298445][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  294.308487][   T36] bridge_slave_0: left allmulticast mode
[  294.315880][   T36] bridge_slave_0: left promiscuous mode
[  294.321933][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  294.613183][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  294.624008][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  294.635660][   T36] bond0 (unregistering): Released all slaves
[  294.915237][T10984] bpq0: left promiscuous mode
[  294.930080][T10984] bpq0: left allmulticast mode
[  295.006459][   T36] hsr_slave_0: left promiscuous mode
[  295.032303][   T36] hsr_slave_1: left promiscuous mode
[  295.050943][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  295.063004][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  295.079415][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  295.092267][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  295.138000][   T36] veth1_macvtap: left promiscuous mode
[  295.150285][   T36] veth0_macvtap: left promiscuous mode
[  295.165113][   T36] veth1_vlan: left promiscuous mode
[  295.176134][   T36] veth0_vlan: left promiscuous mode
[  295.419143][ T5849] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  295.429850][ T5849] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  295.450869][ T5849] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  295.468770][ T5849] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  295.478128][ T5849] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  295.504353][T11007] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1534'.
[  296.144249][   T36] team0 (unregistering): Port device team_slave_1 removed
[  296.184760][   T36] team0 (unregistering): Port device team_slave_0 removed
[  296.929840][T11027] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1543'.
[  297.078904][T11003] chnl_net:caif_netlink_parms(): no params data found
[  297.091236][T11035] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1540'.
[  297.257571][T11003] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.265238][T11003] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.272786][T11003] bridge_slave_0: entered allmulticast mode
[  297.282371][T11003] bridge_slave_0: entered promiscuous mode
[  297.292419][T11003] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.299742][T11003] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.308172][T11003] bridge_slave_1: entered allmulticast mode
[  297.316653][T11003] bridge_slave_1: entered promiscuous mode
[  297.331337][T11041] openvswitch: netlink: Message has 4 unknown bytes.
[  297.415368][T11043] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1545'.
[  297.471527][T11045] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1546'.
[  297.505564][T11003] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  297.520556][ T5845] Bluetooth: hci4: command tx timeout
[  297.539792][T11003] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  297.615702][T11048] FAULT_INJECTION: forcing a failure.
[  297.615702][T11048] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  297.629574][T11048] CPU: 0 UID: 0 PID: 11048 Comm: syz.4.1547 Not tainted 6.16.0-rc3-syzkaller-00901-gf22e6fdf7b33 #0 PREEMPT(full) 
[  297.629603][T11048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  297.629615][T11048] Call Trace:
[  297.629624][T11048]  <TASK>
[  297.629632][T11048]  dump_stack_lvl+0x189/0x250
[  297.629669][T11048]  ? __pfx____ratelimit+0x10/0x10
[  297.629692][T11048]  ? __pfx_dump_stack_lvl+0x10/0x10
[  297.629724][T11048]  ? __pfx__printk+0x10/0x10
[  297.629746][T11048]  ? __might_fault+0xb0/0x130
[  297.629790][T11048]  should_fail_ex+0x414/0x560
[  297.629821][T11048]  _copy_from_iter+0x1db/0x16f0
[  297.629867][T11048]  ? rcu_is_watching+0x15/0xb0
[  297.629900][T11048]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  297.629934][T11048]  ? __pfx__copy_from_iter+0x10/0x10
[  297.629969][T11048]  ? __build_skb_around+0x257/0x3e0
[  297.629999][T11048]  ? netlink_sendmsg+0x642/0xb30
[  297.630023][T11048]  ? skb_put+0x11b/0x210
[  297.630053][T11048]  netlink_sendmsg+0x6b2/0xb30
[  297.630089][T11048]  ? __pfx_netlink_sendmsg+0x10/0x10
[  297.630118][T11048]  ? aa_sock_msg_perm+0x94/0x160
[  297.630146][T11048]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  297.630171][T11048]  ? __pfx_netlink_sendmsg+0x10/0x10
[  297.630197][T11048]  __sock_sendmsg+0x219/0x270
[  297.630223][T11048]  ____sys_sendmsg+0x505/0x830
[  297.630258][T11048]  ? __pfx_____sys_sendmsg+0x10/0x10
[  297.630298][T11048]  ? import_iovec+0x74/0xa0
[  297.630321][T11048]  ___sys_sendmsg+0x21f/0x2a0
[  297.630353][T11048]  ? __pfx____sys_sendmsg+0x10/0x10
[  297.630424][T11048]  ? __fget_files+0x2a/0x420
[  297.630445][T11048]  ? __fget_files+0x3a0/0x420
[  297.630479][T11048]  __x64_sys_sendmsg+0x19b/0x260
[  297.630511][T11048]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  297.630552][T11048]  ? __pfx_ksys_write+0x10/0x10
[  297.630580][T11048]  ? rcu_is_watching+0x15/0xb0
[  297.630618][T11048]  ? do_syscall_64+0xbe/0x3b0
[  297.630646][T11048]  do_syscall_64+0xfa/0x3b0
[  297.630669][T11048]  ? lockdep_hardirqs_on+0x9c/0x150
[  297.630691][T11048]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.630712][T11048]  ? clear_bhb_loop+0x60/0xb0
[  297.630737][T11048]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.630756][T11048] RIP: 0033:0x7f3c3038e929
[  297.630774][T11048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.630792][T11048] RSP: 002b:00007f3c31159038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  297.630814][T11048] RAX: ffffffffffffffda RBX: 00007f3c305b5fa0 RCX: 00007f3c3038e929
[  297.630841][T11048] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  297.630854][T11048] RBP: 00007f3c31159090 R08: 0000000000000000 R09: 0000000000000000
[  297.630867][T11048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.630879][T11048] R13: 0000000000000000 R14: 00007f3c305b5fa0 R15: 00007ffef51aa328
[  297.630913][T11048]  </TASK>
[  297.960836][T11003] team0: Port device team_slave_0 added
[  297.968848][T11003] team0: Port device team_slave_1 added
[  297.987518][T11051] xt_connbytes: Forcing CT accounting to be enabled
[  297.998385][T11051] Cannot find set identified by id 0 to match
[  298.113519][T11052] netlink: 'syz.2.1548': attribute type 4 has an invalid length.
[  298.166943][T11003] batman_adv: batadv0: Adding interface: batadv_slave_0
[  298.174794][T11003] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  298.201302][T11003] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  298.242765][T11003] batman_adv: batadv0: Adding interface: batadv_slave_1
[  298.280318][T11003] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  298.308284][T11003] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  298.455402][T11067] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1554'.
[  298.471401][T11068] vlan0: entered promiscuous mode
[  298.517296][T11057] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1551'.
[  298.734663][T11003] hsr_slave_0: entered promiscuous mode
[  298.745742][T11003] hsr_slave_1: entered promiscuous mode
[  298.756996][T11003] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  298.769530][T11003] Cannot create hsr debugfs directory
[  299.074880][T11076] vlan0: entered promiscuous mode
[  299.426281][T11087] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1560'.
[  299.590086][ T5845] Bluetooth: hci4: command tx timeout
[  299.775665][T11101] netlink: 'syz.4.1565': attribute type 4 has an invalid length.
[  299.795107][T11103] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1566'.
[  300.050568][T11003] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  300.074504][T11003] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  300.091559][T11003] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  300.109871][T11003] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  300.281926][T11003] 8021q: adding VLAN 0 to HW filter on device bond0
[  300.335224][T11003] 8021q: adding VLAN 0 to HW filter on device team0
[  300.364998][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.372218][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  300.422975][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.430214][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  300.625475][T11129] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1573'.
[  300.985143][T11137] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1574'.
[  301.312990][T11003] 8021q: adding VLAN 0 to HW filter on device batadv0
[  301.328242][T11143] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1576'.
[  301.433551][T11146] netlink: 'syz.2.1577': attribute type 4 has an invalid length.
[  301.484546][T11003] veth0_vlan: entered promiscuous mode
[  301.519597][T11003] veth1_vlan: entered promiscuous mode
[  301.669188][T11003] veth0_macvtap: entered promiscuous mode
[  301.678254][ T5845] Bluetooth: hci4: command tx timeout
[  301.715631][T11003] veth1_macvtap: entered promiscuous mode
[  301.741511][T11003] batman_adv: batadv0: Interface activated: batadv_slave_0
[  301.796364][T11003] batman_adv: batadv0: Interface activated: batadv_slave_1
[  301.870703][ T7908] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  301.929806][ T7907] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  301.951949][ T7907] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  301.988456][ T7907] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  302.008031][T11165] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1584'.
[  302.163215][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  302.176507][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  302.288645][ T7908] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  302.311999][T11177] netlink: 'syz.2.1588': attribute type 10 has an invalid length.
[  302.323301][ T7908] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  302.973609][T11202] netlink: 124 bytes leftover after parsing attributes in process `syz.1.1597'.
[  303.328744][ T7907] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.341376][T11215] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1602'.
[  303.507677][ T7907] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.824697][ T7907] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.900911][ T7907] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.030455][ T7907] bridge_slave_1: left allmulticast mode
[  304.036326][ T7907] bridge_slave_1: left promiscuous mode
[  304.042364][ T7907] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.053721][ T7907] bridge_slave_0: left allmulticast mode
[  304.059398][ T7907] bridge_slave_0: left promiscuous mode
[  304.065371][ T7907] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.362544][ T7907] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  304.373583][ T7907] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  304.384405][ T7907] bond0 (unregistering): Released all slaves
[  304.632681][ T7907] hsr_slave_0: left promiscuous mode
[  304.638657][ T7907] hsr_slave_1: left promiscuous mode
[  304.645024][ T7907] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  304.655609][ T7907] batman_adv: batadv0: Removing interface: batadv_slave_0
[  304.664424][ T7907] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  304.672208][ T7907] batman_adv: batadv0: Removing interface: batadv_slave_1
[  304.705152][ T7907] veth1_macvtap: left promiscuous mode
[  304.730192][ T7907] veth0_macvtap: left promiscuous mode
[  304.735921][ T7907] veth1_vlan: left promiscuous mode
[  304.772187][ T7907] veth0_vlan: left promiscuous mode
[  305.206059][T11239] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  305.361508][ T5849] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  305.380942][ T5849] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  305.389897][ T5849] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  305.402635][ T5849] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  305.411982][ T5849] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  305.428594][T11245] IPv6: addrconf: prefix option has invalid lifetime
[  305.436171][T11241] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  305.877290][ T7907] team0 (unregistering): Port device team_slave_1 removed
[  305.914412][ T7907] team0 (unregistering): Port device team_slave_0 removed
[  306.280744][T11233] netlink: 'syz.2.1609': attribute type 4 has an invalid length.
[  307.301805][T11265] FAULT_INJECTION: forcing a failure.
[  307.301805][T11265] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  307.321660][T11265] CPU: 0 UID: 0 PID: 11265 Comm: syz.1.1617 Not tainted 6.16.0-rc3-syzkaller-00901-gf22e6fdf7b33 #0 PREEMPT(full) 
[  307.321692][T11265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  307.321704][T11265] Call Trace:
[  307.321712][T11265]  <TASK>
[  307.321721][T11265]  dump_stack_lvl+0x189/0x250
[  307.321760][T11265]  ? __pfx____ratelimit+0x10/0x10
[  307.321784][T11265]  ? __pfx_dump_stack_lvl+0x10/0x10
[  307.321816][T11265]  ? __pfx__printk+0x10/0x10
[  307.321839][T11265]  ? __might_fault+0xb0/0x130
[  307.321883][T11265]  should_fail_ex+0x414/0x560
[  307.321915][T11265]  _copy_from_user+0x2d/0xb0
[  307.321936][T11265]  ___sys_sendmsg+0x158/0x2a0
[  307.321970][T11265]  ? __pfx____sys_sendmsg+0x10/0x10
[  307.322040][T11265]  ? __fget_files+0x2a/0x420
[  307.322061][T11265]  ? __fget_files+0x3a0/0x420
[  307.322095][T11265]  __x64_sys_sendmsg+0x19b/0x260
[  307.322129][T11265]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  307.322169][T11265]  ? __pfx_ksys_write+0x10/0x10
[  307.322208][T11265]  ? rcu_is_watching+0x15/0xb0
[  307.322246][T11265]  ? do_syscall_64+0xbe/0x3b0
[  307.322274][T11265]  do_syscall_64+0xfa/0x3b0
[  307.322297][T11265]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.322319][T11265]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.322340][T11265]  ? clear_bhb_loop+0x60/0xb0
[  307.322365][T11265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.322386][T11265] RIP: 0033:0x7f121e18e929
[  307.322404][T11265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.322423][T11265] RSP: 002b:00007f121bff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  307.322445][T11265] RAX: ffffffffffffffda RBX: 00007f121e3b5fa0 RCX: 00007f121e18e929
[  307.322461][T11265] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000006
[  307.322474][T11265] RBP: 00007f121bff6090 R08: 0000000000000000 R09: 0000000000000000
[  307.322487][T11265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.322499][T11265] R13: 0000000000000000 R14: 00007f121e3b5fa0 R15: 00007ffdc4d9ead8
[  307.322531][T11265]  </TASK>
[  307.628897][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  307.638879][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  307.647313][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  307.696998][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  307.705491][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  307.787253][T11279] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  307.806146][T11279] netdevsim netdevsim2 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  307.891774][T11283] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1620'.
[  307.928996][T11279] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  307.957659][T11279] netdevsim netdevsim2 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  308.049522][T11279] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  308.088407][T11279] netdevsim netdevsim2 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  308.139037][T11287] netlink: 'syz.1.1622': attribute type 1 has an invalid length.
[  308.147409][T11287] netlink: 192 bytes leftover after parsing attributes in process `syz.1.1622'.
[  308.172150][T11279] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  308.183951][T11279] netdevsim netdevsim2 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  308.344039][T11271] chnl_net:caif_netlink_parms(): no params data found
[  308.364645][ T7908] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  308.373556][ T7908] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  308.425577][   T12] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  308.434801][   T12] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  308.475109][   T36] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  308.485636][   T36] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  308.673355][   T12] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  308.682427][   T12] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  308.764054][T11302] netlink: 'syz.0.1625': attribute type 4 has an invalid length.
[  308.772669][T11271] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.783860][T11271] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.802199][T11271] bridge_slave_0: entered allmulticast mode
[  308.810389][T11271] bridge_slave_0: entered promiscuous mode
[  308.841836][T11306] vlan0: entered promiscuous mode
[  308.850674][T11306] bridge0: entered promiscuous mode
[  308.860457][T11306] vlan0: entered allmulticast mode
[  308.874718][T11306] bridge0: entered allmulticast mode
[  308.904154][T11271] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.917634][T11271] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.934244][T11271] bridge_slave_1: entered allmulticast mode
[  308.946353][T11271] bridge_slave_1: entered promiscuous mode
[  309.036977][T11317] FAULT_INJECTION: forcing a failure.
[  309.036977][T11317] name failslab, interval 1, probability 0, space 0, times 0
[  309.075743][T11317] CPU: 1 UID: 0 PID: 11317 Comm: syz.0.1629 Not tainted 6.16.0-rc3-syzkaller-00901-gf22e6fdf7b33 #0 PREEMPT(full) 
[  309.075795][T11317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  309.075809][T11317] Call Trace:
[  309.075818][T11317]  <TASK>
[  309.075827][T11317]  dump_stack_lvl+0x189/0x250
[  309.075866][T11317]  ? __pfx____ratelimit+0x10/0x10
[  309.075891][T11317]  ? __pfx_dump_stack_lvl+0x10/0x10
[  309.075925][T11317]  ? __pfx__printk+0x10/0x10
[  309.075953][T11317]  ? __pfx___might_resched+0x10/0x10
[  309.075992][T11317]  should_fail_ex+0x414/0x560
[  309.076031][T11317]  should_failslab+0xa8/0x100
[  309.076048][T11320] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1630'.
[  309.076056][T11317]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  309.076091][T11317]  ? __alloc_skb+0x112/0x2d0
[  309.076120][T11317]  __alloc_skb+0x112/0x2d0
[  309.076152][T11317]  netlink_sendmsg+0x5c6/0xb30
[  309.076199][T11317]  ? __pfx_netlink_sendmsg+0x10/0x10
[  309.076234][T11317]  ? aa_sock_msg_perm+0x94/0x160
[  309.076267][T11317]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  309.076299][T11317]  ? __pfx_netlink_sendmsg+0x10/0x10
[  309.076332][T11317]  __sock_sendmsg+0x219/0x270
[  309.076361][T11317]  ____sys_sendmsg+0x505/0x830
[  309.076403][T11317]  ? __pfx_____sys_sendmsg+0x10/0x10
[  309.076450][T11317]  ? import_iovec+0x74/0xa0
[  309.076477][T11317]  ___sys_sendmsg+0x21f/0x2a0
[  309.076516][T11317]  ? __pfx____sys_sendmsg+0x10/0x10
[  309.076597][T11317]  ? __fget_files+0x2a/0x420
[  309.076621][T11317]  ? __fget_files+0x3a0/0x420
[  309.076661][T11317]  __x64_sys_sendmsg+0x19b/0x260
[  309.076700][T11317]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  309.076753][T11317]  ? __pfx_ksys_write+0x10/0x10
[  309.076784][T11317]  ? rcu_is_watching+0x15/0xb0
[  309.076828][T11317]  ? do_syscall_64+0xbe/0x3b0
[  309.076862][T11317]  do_syscall_64+0xfa/0x3b0
[  309.076891][T11317]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.076914][T11317]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  309.076938][T11317]  ? clear_bhb_loop+0x60/0xb0
[  309.076979][T11317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.077002][T11317] RIP: 0033:0x7f98b2f8e929
[  309.077030][T11317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  309.077050][T11317] RSP: 002b:00007f98b3d22038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  309.077075][T11317] RAX: ffffffffffffffda RBX: 00007f98b31b5fa0 RCX: 00007f98b2f8e929
[  309.077092][T11317] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[  309.077105][T11317] RBP: 00007f98b3d22090 R08: 0000000000000000 R09: 0000000000000000
[  309.077120][T11317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  309.077133][T11317] R13: 0000000000000000 R14: 00007f98b31b5fa0 R15: 00007ffd08047ef8
[  309.077187][T11317]  </TASK>
[  309.320074][ T5845] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  309.392400][T11271] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  309.437035][T11324] netlink: 'syz.1.1632': attribute type 1 has an invalid length.
[  309.456199][T11318] vlan0: entered promiscuous mode
[  309.524938][T11271] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  309.649192][T11331] IPv6: NLM_F_REPLACE set, but no existing node found!
[  309.674217][T11271] team0: Port device team_slave_0 added
[  309.701053][T11327] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1633'.
[  309.706296][T11271] team0: Port device team_slave_1 added
[  309.751261][ T5845] Bluetooth: hci4: command tx timeout
[  309.840832][T11271] batman_adv: batadv0: Adding interface: batadv_slave_0
[  309.878597][T11271] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  309.924692][T11271] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  309.951660][T11271] batman_adv: batadv0: Adding interface: batadv_slave_1
[  309.958690][T11271] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  309.984730][T11271] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  310.063491][T11348] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1640'.
[  310.119337][T11271] hsr_slave_0: entered promiscuous mode
[  310.141612][T11271] hsr_slave_1: entered promiscuous mode
[  310.148371][T11271] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  310.170033][T11271] Cannot create hsr debugfs directory
[  310.481980][T11357] bond10: entered promiscuous mode
[  310.487734][T11357] 8021q: adding VLAN 0 to HW filter on device bond10
[  310.538825][T11357] bridge8: entered promiscuous mode
[  310.545183][T11357] bond10: (slave bridge8): Enslaving as an active interface with an up link
[  310.686391][T11360] bond12: entered promiscuous mode
[  310.693318][T11360] 8021q: adding VLAN 0 to HW filter on device bond12
[  310.744202][T11362] bridge11: entered promiscuous mode
[  310.760974][T11362] bond12: (slave bridge11): Enslaving as an active interface with an up link
[  310.923405][T11373] syzkaller1: entered promiscuous mode
[  310.929004][T11373] syzkaller1: entered allmulticast mode
[  311.036937][T11376] netlink: 'syz.2.1650': attribute type 4 has an invalid length.
[  311.447926][T11271] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  311.484574][T11271] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  311.532235][T11271] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  311.561793][T11403] vlan0: entered promiscuous mode
[  311.592086][T11271] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  311.805387][T11271] 8021q: adding VLAN 0 to HW filter on device bond0
[  311.832963][ T5845] Bluetooth: hci4: command tx timeout
[  311.871285][T11271] 8021q: adding VLAN 0 to HW filter on device team0
[  311.884945][ T7908] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.892162][ T7908] bridge0: port 1(bridge_slave_0) entered forwarding state
[  311.931640][ T7908] bridge0: port 2(bridge_slave_1) entered blocking state
[  311.938859][ T7908] bridge0: port 2(bridge_slave_1) entered forwarding state
[  312.276003][T11438] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1670'.
[  312.316380][T11438] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1670'.
[  312.336411][T11438] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1670'.
[  312.448882][T11447] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.1673'.
[  312.518145][T11271] 8021q: adding VLAN 0 to HW filter on device batadv0
[  312.640216][T11271] veth0_vlan: entered promiscuous mode
[  312.654796][T11271] veth1_vlan: entered promiscuous mode
[  312.697027][T11271] veth0_macvtap: entered promiscuous mode
[  312.728112][T11271] veth1_macvtap: entered promiscuous mode
[  312.744527][T11455] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1677'.
[  312.765633][T11271] batman_adv: batadv0: Interface activated: batadv_slave_0
[  312.804137][T11271] batman_adv: batadv0: Interface activated: batadv_slave_1
[  312.827840][ T7907] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  312.863354][ T1083] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  312.876060][ T7907] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  312.898012][ T7907] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  313.004272][ T7907] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  313.017046][ T7907] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  313.046271][T11461] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1679'.
[  313.123164][ T7907] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  313.147408][ T7907] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  313.669249][T11489] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  313.795874][T11494] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.1691'.
[  313.819445][T11483] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1687'.
[  314.188610][ T7911] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  314.207672][T11513] openvswitch: netlink: Message has 4 unknown bytes.
[  315.017876][ T7911] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.436957][ T7911] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.524453][ T7911] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.647457][ T7911] bridge_slave_1: left allmulticast mode
[  315.653436][ T7911] bridge_slave_1: left promiscuous mode
[  315.659138][ T7911] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.669612][ T7911] bridge_slave_0: left allmulticast mode
[  315.676549][ T7911] bridge_slave_0: left promiscuous mode
[  315.683047][ T7911] bridge0: port 1(bridge_slave_0) entered disabled state
[  316.313485][T11541] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  316.341285][   T30] audit: type=1800 audit(1751096392.451:4): pid=11540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1709" name="blkio.bfq.time_recursive" dev="tmpfs" ino=2011 res=0 errno=0
[  316.463693][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  316.475781][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  316.484989][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  316.494260][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  316.502145][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  316.641804][T11540] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1709'.
[  316.708894][ T7911] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  316.721233][ T7911] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  316.731963][ T7911] bond0 (unregistering): Released all slaves
[  317.215313][T11567] netlink: 124 bytes leftover after parsing attributes in process `syz.2.1719'.
[  317.398594][ T7911] hsr_slave_0: left promiscuous mode
[  317.453135][ T7911] hsr_slave_1: left promiscuous mode
[  317.469770][ T7911] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  317.486148][ T7911] batman_adv: batadv0: Removing interface: batadv_slave_0
[  317.499501][ T7911] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  317.510809][ T7911] batman_adv: batadv0: Removing interface: batadv_slave_1
[  317.547679][ T7911] veth1_macvtap: left promiscuous mode
[  317.554455][ T7911] veth0_macvtap: left promiscuous mode
[  317.561035][ T7911] veth1_vlan: left promiscuous mode
[  317.568843][ T7911] veth0_vlan: left promiscuous mode
[  318.145394][ T7911] team0 (unregistering): Port device team_slave_1 removed
[  318.194931][ T7911] team0 (unregistering): Port device team_slave_0 removed
[  318.553817][ T5845] Bluetooth: hci4: command tx timeout
[  318.668984][T11588] bridge9: entered promiscuous mode
[  318.691368][T11588] bridge9: entered allmulticast mode
[  318.988384][T11601] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1731'.
[  319.230949][T11612] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1734'.
[  319.253853][T11544] chnl_net:caif_netlink_parms(): no params data found
[  319.401535][T11602] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  319.679253][T11544] bridge0: port 1(bridge_slave_0) entered blocking state
[  319.686953][T11544] bridge0: port 1(bridge_slave_0) entered disabled state
[  319.694271][T11544] bridge_slave_0: entered allmulticast mode
[  319.703565][T11544] bridge_slave_0: entered promiscuous mode
[  319.712597][T11544] bridge0: port 2(bridge_slave_1) entered blocking state
[  319.720374][T11544] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.727716][T11544] bridge_slave_1: entered allmulticast mode
[  319.736123][T11544] bridge_slave_1: entered promiscuous mode
[  319.788219][T11544] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  319.803867][T11544] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  319.861379][T11544] team0: Port device team_slave_0 added
[  319.868029][T11622] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1736'.
[  319.881651][T11544] team0: Port device team_slave_1 added
[  320.018597][T11544] batman_adv: batadv0: Adding interface: batadv_slave_0
[  320.033231][T11544] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  320.035257][T11628] netlink: 'syz.4.1738': attribute type 1 has an invalid length.
[  320.114463][T11628] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1738'.
[  320.153553][T11544] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  320.183422][T11544] batman_adv: batadv0: Adding interface: batadv_slave_1
[  320.191341][T11544] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  320.217786][T11544] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  320.424383][T11649] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1745'.
[  320.426179][T11544] hsr_slave_0: entered promiscuous mode
[  320.451472][T11544] hsr_slave_1: entered promiscuous mode
[  320.461154][T11544] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  320.468767][T11544] Cannot create hsr debugfs directory
[  320.478149][T11646] netlink: 'syz.4.1744': attribute type 4 has an invalid length.
[  320.580882][T11656] netlink: 'syz.1.1747': attribute type 1 has an invalid length.
[  320.588786][T11656] netlink: 192 bytes leftover after parsing attributes in process `syz.1.1747'.
[  320.631380][ T5845] Bluetooth: hci4: command tx timeout
[  320.647247][T11649] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  320.656741][T11649] bond_slave_0: left promiscuous mode
[  320.674072][T11649] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  320.685043][T11649] bond_slave_1: left promiscuous mode
[  320.698830][T11649] bond0 (unregistering): Released all slaves
[  320.887746][T11661] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1749'.
[  321.013992][T11670] netlink: 'syz.1.1752': attribute type 1 has an invalid length.
[  321.025579][T11670] netlink: 192 bytes leftover after parsing attributes in process `syz.1.1752'.
[  321.158059][T11672] netlink: 'syz.0.1751': attribute type 16 has an invalid length.
[  321.173880][T11672] netlink: 'syz.0.1751': attribute type 17 has an invalid length.
[  321.189580][T11675] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1754'.
[  321.272882][T11672] 8021q: adding VLAN 0 to HW filter on device bond0
[  321.303679][T11672] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  321.407752][T11680] vlan0: entered promiscuous mode
[  321.424600][T11680] bridge0: entered promiscuous mode
[  321.437887][T11680] vlan0: entered allmulticast mode
[  321.453950][T11680] bridge0: entered allmulticast mode
[  321.865673][T11703] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1766'.
[  321.934797][T11544] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  321.975698][T11544] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  322.007966][T11544] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  322.033607][T11544] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  322.050939][T11708] sch_tbf: burst 5 is lower than device bridge9 mtu (1514) !
[  322.271072][T11722] dummy0: entered promiscuous mode
[  322.278477][T11722] vlan2: entered promiscuous mode
[  322.614000][T11544] 8021q: adding VLAN 0 to HW filter on device bond0
[  322.673567][T11544] 8021q: adding VLAN 0 to HW filter on device team0
[  322.711614][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.718846][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  322.748147][ T5845] Bluetooth: hci4: command tx timeout
[  322.775390][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.782680][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  323.687699][T11544] 8021q: adding VLAN 0 to HW filter on device batadv0
[  324.142574][T11544] veth0_vlan: entered promiscuous mode
[  324.168395][T11765] FAULT_INJECTION: forcing a failure.
[  324.168395][T11765] name failslab, interval 1, probability 0, space 0, times 0
[  324.203580][T11765] CPU: 1 UID: 0 PID: 11765 Comm: syz.0.1782 Not tainted 6.16.0-rc3-syzkaller-00901-gf22e6fdf7b33 #0 PREEMPT(full) 
[  324.203611][T11765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  324.203624][T11765] Call Trace:
[  324.203631][T11765]  <TASK>
[  324.203641][T11765]  dump_stack_lvl+0x189/0x250
[  324.203677][T11765]  ? __pfx____ratelimit+0x10/0x10
[  324.203699][T11765]  ? __pfx_dump_stack_lvl+0x10/0x10
[  324.203729][T11765]  ? __pfx__printk+0x10/0x10
[  324.203754][T11765]  ? __pfx___might_resched+0x10/0x10
[  324.203784][T11765]  ? fs_reclaim_acquire+0x7d/0x100
[  324.203812][T11765]  should_fail_ex+0x414/0x560
[  324.203842][T11765]  should_failslab+0xa8/0x100
[  324.203882][T11765]  __kmalloc_noprof+0xcb/0x4f0
[  324.203900][T11765]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  324.203930][T11765]  ? sock_kmalloc+0xd6/0x160
[  324.203979][T11765]  sock_kmalloc+0xd6/0x160
[  324.204011][T11765]  hash_recvmsg+0x1d4/0x840
[  324.204042][T11765]  ? __pfx_hash_recvmsg+0x10/0x10
[  324.204067][T11765]  sock_recvmsg_nosec+0x186/0x1c0
[  324.204092][T11765]  ____sys_recvmsg+0x3aa/0x460
[  324.204131][T11765]  ? __pfx_____sys_recvmsg+0x10/0x10
[  324.204176][T11765]  ? import_iovec+0x74/0xa0
[  324.204199][T11765]  ___sys_recvmsg+0x1b5/0x510
[  324.204234][T11765]  ? __pfx____sys_recvmsg+0x10/0x10
[  324.204298][T11765]  ? __might_fault+0xb0/0x130
[  324.204333][T11765]  do_recvmmsg+0x307/0x770
[  324.204378][T11765]  ? __pfx_do_recvmmsg+0x10/0x10
[  324.204444][T11765]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  324.204491][T11765]  __x64_sys_recvmmsg+0x190/0x240
[  324.204526][T11765]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  324.204556][T11765]  ? rcu_is_watching+0x15/0xb0
[  324.204598][T11765]  ? do_syscall_64+0xbe/0x3b0
[  324.204634][T11765]  do_syscall_64+0xfa/0x3b0
[  324.204657][T11765]  ? lockdep_hardirqs_on+0x9c/0x150
[  324.204680][T11765]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.204700][T11765]  ? clear_bhb_loop+0x60/0xb0
[  324.204726][T11765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.204746][T11765] RIP: 0033:0x7f98b2f8e929
[  324.204765][T11765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  324.204783][T11765] RSP: 002b:00007f98b3d22038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  324.204805][T11765] RAX: ffffffffffffffda RBX: 00007f98b31b5fa0 RCX: 00007f98b2f8e929
[  324.204820][T11765] RDX: 0000000000000600 RSI: 0000200000003700 RDI: 0000000000000004
[  324.204834][T11765] RBP: 00007f98b3d22090 R08: 0000000000000000 R09: 0000000000000000
[  324.204846][T11765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  324.204858][T11765] R13: 0000000000000000 R14: 00007f98b31b5fa0 R15: 00007ffd08047ef8
[  324.204891][T11765]  </TASK>
[  324.598205][T11544] veth1_vlan: entered promiscuous mode
[  324.656018][T11544] veth0_macvtap: entered promiscuous mode
[  324.667970][T11544] veth1_macvtap: entered promiscuous mode
[  324.784019][T11544] batman_adv: batadv0: Interface activated: batadv_slave_0
[  324.790947][ T5845] Bluetooth: hci4: command tx timeout
[  324.813517][T11544] batman_adv: batadv0: Interface activated: batadv_slave_1
[  324.853896][   T36] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  324.879455][ T1083] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  324.901248][ T1083] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  324.925095][   T36] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  325.137360][T11772] __nla_validate_parse: 4 callbacks suppressed
[  325.137380][T11772] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1784'.
[  325.198434][ T7904] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  325.226783][ T7904] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  325.325564][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  325.345695][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  325.924079][T11786] sctp: [Deprecated]: syz.4.1789 (pid 11786) Use of int in max_burst socket option.
[  325.924079][T11786] Use struct sctp_assoc_value instead
[  325.961613][T11786] IPVS: set_ctl: invalid protocol: 135 172.20.20.187:20002
[  326.090875][T11790] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.1790'.
[  326.254710][T11783] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  326.319469][ T7907] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.413625][ T7907] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.550962][ T7907] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.656382][ T7907] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.832308][ T7907] bridge_slave_1: left allmulticast mode
[  326.837987][ T7907] bridge_slave_1: left promiscuous mode
[  326.844335][ T7907] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.857944][ T7907] bridge_slave_0: left allmulticast mode
[  326.864187][ T7907] bridge_slave_0: left promiscuous mode
[  326.870246][ T7907] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.200866][ T7907] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  327.213321][ T7907] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  327.223969][ T7907] bond0 (unregistering): Released all slaves
[  327.446856][ T7907] hsr_slave_0: left promiscuous mode
[  327.454097][ T7907] hsr_slave_1: left promiscuous mode
[  327.460085][ T7907] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  327.467549][ T7907] batman_adv: batadv0: Removing interface: batadv_slave_0
[  327.477456][ T7907] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  327.485510][ T7907] batman_adv: batadv0: Removing interface: batadv_slave_1
[  327.507737][ T7907] veth1_macvtap: left promiscuous mode
[  327.513633][ T7907] veth0_macvtap: left promiscuous mode
[  327.519243][ T7907] veth1_vlan: left promiscuous mode
[  327.524555][ T7907] veth0_vlan: left promiscuous mode
[  327.927854][ T7907] team0 (unregistering): Port device team_slave_1 removed
[  327.967097][ T7907] team0 (unregistering): Port device team_slave_0 removed
[  328.135098][T11800] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1792'.
[  328.652396][ T5845] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  328.668458][ T5845] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  328.686165][ T5845] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  328.695688][ T5845] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  328.711803][ T5845] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  328.741441][T11800] 8021q: VLANs not supported on nlmon0
[  329.198911][T11835] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  329.359914][T11816] chnl_net:caif_netlink_parms(): no params data found
[  329.616161][T11816] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.629211][T11816] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.649248][T11816] bridge_slave_0: entered allmulticast mode
[  329.676346][T11816] bridge_slave_0: entered promiscuous mode
[  329.685507][T11816] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.695111][T11816] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.710579][T11816] bridge_slave_1: entered allmulticast mode
[  329.724125][T11816] bridge_slave_1: entered promiscuous mode
[  329.846108][T11816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  329.879535][T11816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  329.889334][T11863] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  329.911686][T11863] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  329.928486][T11863] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  329.950370][T11863] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  329.956962][T11863] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  329.966852][T11863] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  329.979002][T11863] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  329.986078][T11863] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  330.000340][T11863] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  330.009890][T11816] team0: Port device team_slave_0 added
[  330.015959][T11863] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  330.035208][T11816] team0: Port device team_slave_1 added
[  330.199372][T11816] batman_adv: batadv0: Adding interface: batadv_slave_0
[  330.240444][T11816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  330.283180][T11816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  330.408715][T11816] batman_adv: batadv0: Adding interface: batadv_slave_1
[  330.427654][T11816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  330.467731][T11816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  330.621824][T11886] netlink: 'syz.1.1818': attribute type 64 has an invalid length.
[  330.674533][T11889] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1818'.
[  330.790512][ T5845] Bluetooth: hci4: command tx timeout
[  330.823945][T11816] hsr_slave_0: entered promiscuous mode
[  330.832374][T11816] hsr_slave_1: entered promiscuous mode
[  330.838724][T11816] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  330.853745][T11816] Cannot create hsr debugfs directory
[  331.058529][T11899] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1823'.
[  331.388452][T11917] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1829'.
[  331.420534][T11917] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1829'.
[  331.429692][T11917] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1829'.
[  331.454231][T11917] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1829'.
[  331.459137][T11919] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input7
[  331.463680][T11917] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1829'.
[  331.495967][T11917] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1829'.
[  331.506511][T11917] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1829'.
[  331.537699][T11917] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1829'.
[  331.750785][T11816] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  331.772779][T11816] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  331.797874][T11816] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  331.827462][T11816] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  332.148059][T11816] 8021q: adding VLAN 0 to HW filter on device bond0
[  332.213436][T11816] 8021q: adding VLAN 0 to HW filter on device team0
[  332.233966][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  332.241305][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  332.266330][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  332.273632][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  332.344403][T11957] FAULT_INJECTION: forcing a failure.
[  332.344403][T11957] name failslab, interval 1, probability 0, space 0, times 0
[  332.366797][T11957] CPU: 1 UID: 0 PID: 11957 Comm: syz.1.1843 Not tainted 6.16.0-rc3-syzkaller-00901-gf22e6fdf7b33 #0 PREEMPT(full) 
[  332.366830][T11957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  332.366844][T11957] Call Trace:
[  332.366860][T11957]  <TASK>
[  332.366869][T11957]  dump_stack_lvl+0x189/0x250
[  332.366908][T11957]  ? __pfx____ratelimit+0x10/0x10
[  332.366932][T11957]  ? __pfx_dump_stack_lvl+0x10/0x10
[  332.366974][T11957]  ? __pfx__printk+0x10/0x10
[  332.367000][T11957]  ? __pfx___might_resched+0x10/0x10
[  332.367029][T11957]  ? fs_reclaim_acquire+0x7d/0x100
[  332.367057][T11957]  should_fail_ex+0x414/0x560
[  332.367086][T11957]  should_failslab+0xa8/0x100
[  332.367108][T11957]  __kmalloc_cache_noprof+0x70/0x3d0
[  332.367126][T11957]  ? rtnl_newlink+0xed/0x1c70
[  332.367148][T11957]  ? kasan_save_free_info+0x46/0x50
[  332.367175][T11957]  rtnl_newlink+0xed/0x1c70
[  332.367196][T11957]  ? netlink_sendmsg+0x805/0xb30
[  332.367218][T11957]  ? __sock_sendmsg+0x219/0x270
[  332.367235][T11957]  ? ____sys_sendmsg+0x505/0x830
[  332.367259][T11957]  ? ___sys_sendmsg+0x21f/0x2a0
[  332.367283][T11957]  ? __x64_sys_sendmsg+0x19b/0x260
[  332.367308][T11957]  ? do_syscall_64+0xfa/0x3b0
[  332.367329][T11957]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.367373][T11957]  ? __pfx_rtnl_newlink+0x10/0x10
[  332.367424][T11957]  ? kasan_quarantine_put+0xdd/0x220
[  332.367454][T11957]  ? lockdep_hardirqs_on+0x9c/0x150
[  332.367483][T11957]  ? nlmon_xmit+0xb0/0x100
[  332.367500][T11957]  ? kmem_cache_free+0x18f/0x400
[  332.367528][T11957]  ? __local_bh_enable_ip+0x12d/0x1c0
[  332.367559][T11957]  ? lockdep_hardirqs_on+0x9c/0x150
[  332.367582][T11957]  ? __local_bh_enable_ip+0x12d/0x1c0
[  332.367613][T11957]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  332.367649][T11957]  ? __dev_queue_xmit+0x27e/0x3a70
[  332.367694][T11957]  ? __lock_acquire+0xab9/0xd20
[  332.367750][T11957]  ? __pfx_rtnl_newlink+0x10/0x10
[  332.367773][T11957]  rtnetlink_rcv_msg+0x7cc/0xb70
[  332.367802][T11957]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  332.367826][T11957]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  332.367848][T11957]  ? ref_tracker_free+0x63a/0x7d0
[  332.367880][T11957]  ? __copy_skb_header+0xa7/0x550
[  332.367913][T11957]  ? __pfx_ref_tracker_free+0x10/0x10
[  332.367938][T11957]  ? __skb_clone+0x63/0x7a0
[  332.367976][T11957]  netlink_rcv_skb+0x208/0x470
[  332.368001][T11957]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  332.368028][T11957]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  332.368068][T11957]  ? netlink_deliver_tap+0x2e/0x1b0
[  332.368092][T11957]  ? netlink_deliver_tap+0x2e/0x1b0
[  332.368122][T11957]  netlink_unicast+0x75b/0x8d0
[  332.368157][T11957]  netlink_sendmsg+0x805/0xb30
[  332.368192][T11957]  ? __pfx_netlink_sendmsg+0x10/0x10
[  332.368222][T11957]  ? aa_sock_msg_perm+0x94/0x160
[  332.368249][T11957]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  332.368275][T11957]  ? __pfx_netlink_sendmsg+0x10/0x10
[  332.368302][T11957]  __sock_sendmsg+0x219/0x270
[  332.368327][T11957]  ____sys_sendmsg+0x505/0x830
[  332.368363][T11957]  ? __pfx_____sys_sendmsg+0x10/0x10
[  332.368403][T11957]  ? import_iovec+0x74/0xa0
[  332.368426][T11957]  ___sys_sendmsg+0x21f/0x2a0
[  332.368459][T11957]  ? __pfx____sys_sendmsg+0x10/0x10
[  332.368530][T11957]  ? __fget_files+0x2a/0x420
[  332.368551][T11957]  ? __fget_files+0x3a0/0x420
[  332.368595][T11957]  __x64_sys_sendmsg+0x19b/0x260
[  332.368626][T11957]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  332.368663][T11957]  ? __pfx_ksys_write+0x10/0x10
[  332.368689][T11957]  ? rcu_is_watching+0x15/0xb0
[  332.368725][T11957]  ? do_syscall_64+0xbe/0x3b0
[  332.368751][T11957]  do_syscall_64+0xfa/0x3b0
[  332.368774][T11957]  ? lockdep_hardirqs_on+0x9c/0x150
[  332.368795][T11957]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.368814][T11957]  ? clear_bhb_loop+0x60/0xb0
[  332.368837][T11957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.368861][T11957] RIP: 0033:0x7f121e18e929
[  332.368879][T11957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.368896][T11957] RSP: 002b:00007f121bff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  332.368918][T11957] RAX: ffffffffffffffda RBX: 00007f121e3b5fa0 RCX: 00007f121e18e929
[  332.368930][T11957] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  332.368938][T11957] RBP: 00007f121bff6090 R08: 0000000000000000 R09: 0000000000000000
[  332.368947][T11957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  332.368955][T11957] R13: 0000000000000000 R14: 00007f121e3b5fa0 R15: 00007ffdc4d9ead8
[  332.368976][T11957]  </TASK>
[  332.870506][ T5845] Bluetooth: hci4: command tx timeout
[  333.559103][T11816] 8021q: adding VLAN 0 to HW filter on device batadv0
[  333.667386][T11816] veth0_vlan: entered promiscuous mode
[  333.713982][T11816] veth1_vlan: entered promiscuous mode
[  333.759825][T11987] netlink: 'syz.0.1855': attribute type 4 has an invalid length.
[  333.799825][T11816] veth0_macvtap: entered promiscuous mode
[  333.843716][T11816] veth1_macvtap: entered promiscuous mode
[  333.952830][T11816] batman_adv: batadv0: Interface activated: batadv_slave_0
[  333.996819][T11993] xt_TCPMSS: Only works on TCP SYN packets
[  334.108111][T11816] batman_adv: batadv0: Interface activated: batadv_slave_1
[  334.177838][ T7907] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  334.205432][ T7907] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  334.233511][ T7907] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  334.258041][ T1083] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  334.439559][ T7907] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  334.462898][ T7907] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  334.509786][ T7904] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  334.544352][ T7904] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  334.876598][T12016] netlink: 'syz.0.1866': attribute type 1 has an invalid length.
[  334.918709][T12016] bond11: entered promiscuous mode
[  334.927041][T12016] 8021q: adding VLAN 0 to HW filter on device bond11
[  335.115084][T12021] bridge10: entered promiscuous mode
[  335.133537][T12021] bond11: (slave bridge10): Enslaving as an active interface with an up link
[  335.145132][T12020] netlink: 'syz.1.1867': attribute type 4 has an invalid length.
[  335.578398][T12017] Cannot find add_set index 3 as target
[  335.595105][T12044] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  335.850642][T12045] __nla_validate_parse: 57 callbacks suppressed
[  335.850664][T12045] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1874'.
[  336.073335][T12055] netlink: 124 bytes leftover after parsing attributes in process `syz.4.1878'.
[  336.183901][T12059] netlink: 'syz.4.1880': attribute type 4 has an invalid length.
[  336.214070][T12061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1881'.
[  336.267727][T12063] net_ratelimit: 30 callbacks suppressed
[  336.267746][T12063] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  336.455781][   T36] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.947034][   T36] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.038455][   T36] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.104600][   T36] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.198190][   T36] bridge_slave_1: left allmulticast mode
[  337.208398][   T36] bridge_slave_1: left promiscuous mode
[  337.214309][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.225952][   T36] bridge_slave_0: left allmulticast mode
[  337.231775][   T36] bridge_slave_0: left promiscuous mode
[  337.237487][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.543018][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  337.557945][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  337.568109][   T36] bond0 (unregistering): Released all slaves
[  337.779659][   T36] hsr_slave_0: left promiscuous mode
[  337.785865][   T36] hsr_slave_1: left promiscuous mode
[  337.792189][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  337.799598][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  337.809464][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  337.817407][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  337.838846][   T36] veth1_macvtap: left promiscuous mode
[  337.844741][   T36] veth0_macvtap: left promiscuous mode
[  337.850538][   T36] veth1_vlan: left promiscuous mode
[  337.855853][   T36] veth0_vlan: left promiscuous mode
[  338.254094][   T36] team0 (unregistering): Port device team_slave_1 removed
[  338.427716][   T36] team0 (unregistering): Port device team_slave_0 removed
[  338.599217][T12087] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1890'.
[  338.680777][T12091] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1891'.
[  338.773747][T12096] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1889'.
[  338.926626][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  338.944251][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  338.953687][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  338.973909][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  338.987643][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  339.417588][T12105] netlink: 'syz.0.1893': attribute type 4 has an invalid length.
[  339.588323][T12109] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1896'.
[  340.054984][T12126] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  340.057618][T12098] chnl_net:caif_netlink_parms(): no params data found
[  340.143305][T12139] netlink: 'syz.0.1905': attribute type 1 has an invalid length.
[  340.163264][T12139] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1905'.
[  340.255114][T12148] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1907'.
[  340.317882][T12098] bridge0: port 1(bridge_slave_0) entered blocking state
[  340.333393][T12098] bridge0: port 1(bridge_slave_0) entered disabled state
[  340.341258][T12098] bridge_slave_0: entered allmulticast mode
[  340.349338][T12098] bridge_slave_0: entered promiscuous mode
[  340.361962][T12098] bridge0: port 2(bridge_slave_1) entered blocking state
[  340.369321][T12098] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.378917][T12098] bridge_slave_1: entered allmulticast mode
[  340.387128][T12098] bridge_slave_1: entered promiscuous mode
[  340.436567][T12098] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  340.451837][T12098] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  340.500775][T12154] netlink: 'syz.1.1909': attribute type 4 has an invalid length.
[  340.546847][T12098] team0: Port device team_slave_0 added
[  340.562057][T12098] team0: Port device team_slave_1 added
[  340.689565][T12098] batman_adv: batadv0: Adding interface: batadv_slave_0
[  340.714450][T12098] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  340.783956][T12098] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  340.828264][T12098] batman_adv: batadv0: Adding interface: batadv_slave_1
[  340.845566][T12098] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  340.924376][T12173] xt_socket: unknown flags 0x8
[  340.950706][T12098] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  340.966666][T12171] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1914'.
[  341.031025][ T5845] Bluetooth: hci4: command tx timeout
[  341.138626][T12098] hsr_slave_0: entered promiscuous mode
[  341.164678][T12098] hsr_slave_1: entered promiscuous mode
[  341.198172][T12098] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  341.217375][T12098] Cannot create hsr debugfs directory
[  341.235353][T12184] vlan2: entered promiscuous mode
[  341.476694][T12194] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1923'.
[  341.724651][T12200] netlink: 'syz.4.1926': attribute type 1 has an invalid length.
[  341.732760][T12200] netlink: 192 bytes leftover after parsing attributes in process `syz.4.1926'.
[  341.883171][T12207] xt_socket: unknown flags 0x8
[  341.897768][T12207] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1929'.
[  341.924271][T12207] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1929'.
[  342.036146][T12213] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1932'.
[  342.111680][T12217] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1933'.
[  342.118767][T12098] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  342.162638][T12098] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  342.175466][T12098] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  342.193871][T12098] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  342.358077][T12098] 8021q: adding VLAN 0 to HW filter on device bond0
[  342.419924][T12098] 8021q: adding VLAN 0 to HW filter on device team0
[  342.475525][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  342.482732][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  342.508655][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  342.515944][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  342.953274][T12259] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1944'.
[  343.105536][T12098] 8021q: adding VLAN 0 to HW filter on device batadv0
[  343.110754][ T5845] Bluetooth: hci4: command tx timeout
[  343.367167][T12272] x_tables: duplicate underflow at hook 1
[  343.724638][T12098] veth0_vlan: entered promiscuous mode
[  343.777244][T12098] veth1_vlan: entered promiscuous mode
[  343.981678][T12098] veth0_macvtap: entered promiscuous mode
[  344.020823][T12287] xt_socket: unknown flags 0xd0
[  344.064913][T12289] FAULT_INJECTION: forcing a failure.
[  344.064913][T12289] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  344.083612][T12291] xt_socket: unknown flags 0xd0
[  344.120316][T12289] CPU: 0 UID: 0 PID: 12289 Comm: syz.0.1953 Not tainted 6.16.0-rc3-syzkaller-00901-gf22e6fdf7b33 #0 PREEMPT(full) 
[  344.120348][T12289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  344.120361][T12289] Call Trace:
[  344.120370][T12289]  <TASK>
[  344.120379][T12289]  dump_stack_lvl+0x189/0x250
[  344.120416][T12289]  ? __pfx____ratelimit+0x10/0x10
[  344.120439][T12289]  ? __pfx_dump_stack_lvl+0x10/0x10
[  344.120472][T12289]  ? __pfx__printk+0x10/0x10
[  344.120495][T12289]  ? __might_fault+0xb0/0x130
[  344.120549][T12289]  should_fail_ex+0x414/0x560
[  344.120580][T12289]  _copy_from_iter+0x1db/0x16f0
[  344.120614][T12289]  ? rcu_is_watching+0x15/0xb0
[  344.120648][T12289]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  344.120683][T12289]  ? __pfx__copy_from_iter+0x10/0x10
[  344.120715][T12289]  ? __build_skb_around+0x257/0x3e0
[  344.120746][T12289]  ? netlink_sendmsg+0x642/0xb30
[  344.120770][T12289]  ? skb_put+0x11b/0x210
[  344.120812][T12289]  netlink_sendmsg+0x6b2/0xb30
[  344.120845][T12289]  ? __pfx_netlink_sendmsg+0x10/0x10
[  344.120873][T12289]  ? aa_sock_msg_perm+0x94/0x160
[  344.120899][T12289]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  344.120923][T12289]  ? __pfx_netlink_sendmsg+0x10/0x10
[  344.120948][T12289]  __sock_sendmsg+0x219/0x270
[  344.120972][T12289]  ____sys_sendmsg+0x505/0x830
[  344.121006][T12289]  ? __pfx_____sys_sendmsg+0x10/0x10
[  344.121043][T12289]  ? import_iovec+0x74/0xa0
[  344.121065][T12289]  ___sys_sendmsg+0x21f/0x2a0
[  344.121095][T12289]  ? __pfx____sys_sendmsg+0x10/0x10
[  344.121160][T12289]  ? __fget_files+0x2a/0x420
[  344.121180][T12289]  ? __fget_files+0x3a0/0x420
[  344.121212][T12289]  __x64_sys_sendmsg+0x19b/0x260
[  344.121243][T12289]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  344.121281][T12289]  ? rcu_is_watching+0x15/0xb0
[  344.121316][T12289]  ? do_syscall_64+0xbe/0x3b0
[  344.121343][T12289]  do_syscall_64+0xfa/0x3b0
[  344.121411][T12289]  ? lockdep_hardirqs_on+0x9c/0x150
[  344.121433][T12289]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.121451][T12289]  ? clear_bhb_loop+0x60/0xb0
[  344.121475][T12289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.121494][T12289] RIP: 0033:0x7f98b2f8e929
[  344.121512][T12289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.121534][T12289] RSP: 002b:00007f98b3d22038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  344.121573][T12289] RAX: ffffffffffffffda RBX: 00007f98b31b5fa0 RCX: 00007f98b2f8e929
[  344.121590][T12289] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[  344.121603][T12289] RBP: 00007f98b3d22090 R08: 0000000000000000 R09: 0000000000000000
[  344.121616][T12289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  344.121629][T12289] R13: 0000000000000000 R14: 00007f98b31b5fa0 R15: 00007ffd08047ef8
[  344.121661][T12289]  </TASK>
[  344.439337][T12294] IPv6: NLM_F_REPLACE set, but no existing node found!
[  344.548030][T12098] veth1_macvtap: entered promiscuous mode
[  344.587619][T12297] FAULT_INJECTION: forcing a failure.
[  344.587619][T12297] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  344.601441][T12297] CPU: 0 UID: 0 PID: 12297 Comm: syz.0.1957 Not tainted 6.16.0-rc3-syzkaller-00901-gf22e6fdf7b33 #0 PREEMPT(full) 
[  344.601479][T12297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  344.601492][T12297] Call Trace:
[  344.601500][T12297]  <TASK>
[  344.601509][T12297]  dump_stack_lvl+0x189/0x250
[  344.601547][T12297]  ? __pfx____ratelimit+0x10/0x10
[  344.601571][T12297]  ? __pfx_dump_stack_lvl+0x10/0x10
[  344.601603][T12297]  ? __pfx__printk+0x10/0x10
[  344.601625][T12297]  ? __might_fault+0xb0/0x130
[  344.601670][T12297]  should_fail_ex+0x414/0x560
[  344.601700][T12297]  _copy_from_user+0x2d/0xb0
[  344.601720][T12297]  ___sys_sendmsg+0x158/0x2a0
[  344.601754][T12297]  ? __pfx____sys_sendmsg+0x10/0x10
[  344.601823][T12297]  ? __fget_files+0x2a/0x420
[  344.601844][T12297]  ? __fget_files+0x3a0/0x420
[  344.601877][T12297]  __x64_sys_sendmsg+0x19b/0x260
[  344.601910][T12297]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  344.601950][T12297]  ? __pfx_ksys_write+0x10/0x10
[  344.601978][T12297]  ? rcu_is_watching+0x15/0xb0
[  344.602015][T12297]  ? do_syscall_64+0xbe/0x3b0
[  344.602043][T12297]  do_syscall_64+0xfa/0x3b0
[  344.602065][T12297]  ? lockdep_hardirqs_on+0x9c/0x150
[  344.602087][T12297]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.602106][T12297]  ? clear_bhb_loop+0x60/0xb0
[  344.602131][T12297]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.602151][T12297] RIP: 0033:0x7f98b2f8e929
[  344.602168][T12297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.602186][T12297] RSP: 002b:00007f98b3d22038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  344.602208][T12297] RAX: ffffffffffffffda RBX: 00007f98b31b5fa0 RCX: 00007f98b2f8e929
[  344.602223][T12297] RDX: 0000000000000000 RSI: 00002000000006c0 RDI: 0000000000000004
[  344.602236][T12297] RBP: 00007f98b3d22090 R08: 0000000000000000 R09: 0000000000000000
[  344.602248][T12297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  344.602260][T12297] R13: 0000000000000000 R14: 00007f98b31b5fa0 R15: 00007ffd08047ef8
[  344.602293][T12297]  </TASK>
[  344.944365][T12098] batman_adv: batadv0: Interface activated: batadv_slave_0
[  345.023798][T12098] batman_adv: batadv0: Interface activated: batadv_slave_1
[  345.107622][   T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  345.118399][   T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  345.158495][   T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  345.175251][   T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  345.190428][ T5845] Bluetooth: hci4: command tx timeout
[  345.284552][T12311] netlink: 'syz.1.1962': attribute type 4 has an invalid length.
[  345.628843][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  345.660073][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  345.714704][T12325] No such timeout policy "syz0"
[  345.732101][T12325] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1968'.
[  345.758081][T12323] netlink: 'syz.1.1967': attribute type 1 has an invalid length.
[  345.813509][ T7907] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  345.823076][ T7907] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  345.997431][T12333] FAULT_INJECTION: forcing a failure.
[  345.997431][T12333] name failslab, interval 1, probability 0, space 0, times 0
[  346.014037][T12333] CPU: 1 UID: 0 PID: 12333 Comm: syz.1.1970 Not tainted 6.16.0-rc3-syzkaller-00901-gf22e6fdf7b33 #0 PREEMPT(full) 
[  346.014071][T12333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  346.014085][T12333] Call Trace:
[  346.014094][T12333]  <TASK>
[  346.014104][T12333]  dump_stack_lvl+0x189/0x250
[  346.014146][T12333]  ? __pfx____ratelimit+0x10/0x10
[  346.014171][T12333]  ? __pfx_dump_stack_lvl+0x10/0x10
[  346.014206][T12333]  ? __pfx__printk+0x10/0x10
[  346.014238][T12333]  ? ref_tracker_alloc+0x318/0x460
[  346.014281][T12333]  should_fail_ex+0x414/0x560
[  346.014311][T12333]  should_failslab+0xa8/0x100
[  346.014335][T12333]  kmem_cache_alloc_noprof+0x73/0x3c0
[  346.014367][T12333]  ? skb_clone+0x212/0x3a0
[  346.014408][T12333]  skb_clone+0x212/0x3a0
[  346.014439][T12333]  __netlink_deliver_tap+0x404/0x850
[  346.014474][T12333]  ? netlink_deliver_tap+0x2e/0x1b0
[  346.014498][T12333]  netlink_deliver_tap+0x19c/0x1b0
[  346.014521][T12333]  netlink_unicast+0x72f/0x8d0
[  346.014552][T12333]  netlink_sendmsg+0x805/0xb30
[  346.014584][T12333]  ? __pfx_netlink_sendmsg+0x10/0x10
[  346.014610][T12333]  ? aa_sock_msg_perm+0x94/0x160
[  346.014635][T12333]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  346.014661][T12333]  ? __pfx_netlink_sendmsg+0x10/0x10
[  346.014688][T12333]  __sock_sendmsg+0x219/0x270
[  346.014713][T12333]  ____sys_sendmsg+0x505/0x830
[  346.014749][T12333]  ? __pfx_____sys_sendmsg+0x10/0x10
[  346.014789][T12333]  ? import_iovec+0x74/0xa0
[  346.014812][T12333]  ___sys_sendmsg+0x21f/0x2a0
[  346.014843][T12333]  ? __pfx____sys_sendmsg+0x10/0x10
[  346.014914][T12333]  ? __fget_files+0x2a/0x420
[  346.014935][T12333]  ? __fget_files+0x3a0/0x420
[  346.014967][T12333]  __x64_sys_sendmsg+0x19b/0x260
[  346.014995][T12333]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  346.015030][T12333]  ? __pfx_ksys_write+0x10/0x10
[  346.015055][T12333]  ? rcu_is_watching+0x15/0xb0
[  346.015087][T12333]  ? do_syscall_64+0xbe/0x3b0
[  346.015112][T12333]  do_syscall_64+0xfa/0x3b0
[  346.015131][T12333]  ? lockdep_hardirqs_on+0x9c/0x150
[  346.015150][T12333]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.015168][T12333]  ? clear_bhb_loop+0x60/0xb0
[  346.015189][T12333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.015207][T12333] RIP: 0033:0x7f121e18e929
[  346.015225][T12333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.015243][T12333] RSP: 002b:00007f121bff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  346.015265][T12333] RAX: ffffffffffffffda RBX: 00007f121e3b5fa0 RCX: 00007f121e18e929
[  346.015281][T12333] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000006
[  346.015294][T12333] RBP: 00007f121bff6090 R08: 0000000000000000 R09: 0000000000000000
[  346.015307][T12333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  346.015319][T12333] R13: 0000000000000000 R14: 00007f121e3b5fa0 R15: 00007ffdc4d9ead8
[  346.015353][T12333]  </TASK>
[  346.503627][T12344] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1975'.
[  346.946114][T12361] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1979'.
[  347.123199][ T7904] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.225491][ T7904] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.328758][ T7904] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.407379][ T7904] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.516110][ T7904] bridge_slave_1: left allmulticast mode
[  347.521931][ T7904] bridge_slave_1: left promiscuous mode
[  347.527621][ T7904] bridge0: port 2(bridge_slave_1) entered disabled state
[  347.537050][ T7904] bridge_slave_0: left allmulticast mode
[  347.543131][ T7904] bridge_slave_0: left promiscuous mode
[  347.548844][ T7904] bridge0: port 1(bridge_slave_0) entered disabled state
[  347.907741][ T7904] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  347.923364][ T7904] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  347.933617][ T7904] bond0 (unregistering): Released all slaves
[  348.167460][ T7904] hsr_slave_0: left promiscuous mode
[  348.173489][ T7904] hsr_slave_1: left promiscuous mode
[  348.179306][ T7904] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  348.187018][ T7904] batman_adv: batadv0: Removing interface: batadv_slave_0
[  348.196686][ T7904] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  348.204696][ T7904] batman_adv: batadv0: Removing interface: batadv_slave_1
[  348.227088][ T7904] veth1_macvtap: left promiscuous mode
[  348.234348][ T7904] veth0_macvtap: left promiscuous mode
[  348.239987][ T7904] veth1_vlan: left promiscuous mode
[  348.245310][ T7904] veth0_vlan: left promiscuous mode
[  348.655989][ T7904] team0 (unregistering): Port device team_slave_1 removed
[  348.695721][ T7904] team0 (unregistering): Port device team_slave_0 removed
[  349.276639][T12382] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1987'.
[  349.488896][T12371] vlan0: entered promiscuous mode
[  349.517498][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  349.528504][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  349.537528][T12370] netlink: 'syz.2.1983': attribute type 12 has an invalid length.
[  349.540209][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  349.546480][T12370] netlink: 'syz.2.1983': attribute type 29 has an invalid length.
[  349.564119][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  349.565053][T12370] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1983'.
[  349.573391][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  349.587647][T12370] netlink: 59 bytes leftover after parsing attributes in process `syz.2.1983'.
[  350.127447][T12384] chnl_net:caif_netlink_parms(): no params data found
[  350.143241][T12405] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1994'.
[  350.505772][T12418] vlan0: entered promiscuous mode
[  350.801905][T12384] bridge0: port 1(bridge_slave_0) entered blocking state
[  350.816385][T12384] bridge0: port 1(bridge_slave_0) entered disabled state
[  350.831559][T12384] bridge_slave_0: entered allmulticast mode
[  350.849679][T12384] bridge_slave_0: entered promiscuous mode
[  350.871728][T12425] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2000'.
[  350.871762][T12384] bridge0: port 2(bridge_slave_1) entered blocking state
[  350.898291][T12384] bridge0: port 2(bridge_slave_1) entered disabled state
[  350.905751][T12384] bridge_slave_1: entered allmulticast mode
[  350.916869][T12384] bridge_slave_1: entered promiscuous mode
[  351.083997][T12384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  351.104347][T12384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  351.177199][T12429] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2001'.
[  351.192140][T12384] team0: Port device team_slave_0 added
[  351.235897][T12384] team0: Port device team_slave_1 added
[  351.275182][T12431] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2002'.
[  351.357535][T12384] batman_adv: batadv0: Adding interface: batadv_slave_0
[  351.375967][T12384] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  351.409241][T12384] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  351.432304][T12384] batman_adv: batadv0: Adding interface: batadv_slave_1
[  351.465289][T12384] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  351.505117][T12384] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  351.667856][T12384] hsr_slave_0: entered promiscuous mode
[  351.673608][ T5845] Bluetooth: hci4: command tx timeout
[  351.716158][T12384] hsr_slave_1: entered promiscuous mode
[  351.722552][T12384] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  351.730173][T12384] Cannot create hsr debugfs directory
[  351.789304][T12449] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2007'.
[  352.675846][T12384] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  352.712216][T12384] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  352.778538][T12384] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  352.853392][T12384] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  353.027265][T12384] 8021q: adding VLAN 0 to HW filter on device bond0
[  353.051866][T12384] 8021q: adding VLAN 0 to HW filter on device team0
[  353.093059][ T7904] bridge0: port 1(bridge_slave_0) entered blocking state
[  353.100344][ T7904] bridge0: port 1(bridge_slave_0) entered forwarding state
[  353.125707][ T7904] bridge0: port 2(bridge_slave_1) entered blocking state
[  353.132985][ T7904] bridge0: port 2(bridge_slave_1) entered forwarding state
[  353.537800][T12502] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.2024'.
[  353.754571][ T5845] Bluetooth: hci4: command tx timeout
[  353.854800][T12384] 8021q: adding VLAN 0 to HW filter on device batadv0
[  354.077502][T12505] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  354.113502][T12384] veth0_vlan: entered promiscuous mode
[  354.131772][T12384] veth1_vlan: entered promiscuous mode
[  354.383821][T12384] veth0_macvtap: entered promiscuous mode
[  354.405371][T12384] veth1_macvtap: entered promiscuous mode
[  354.477832][T12384] batman_adv: batadv0: Interface activated: batadv_slave_0
[  354.522795][T12384] batman_adv: batadv0: Interface activated: batadv_slave_1
[  354.572207][ T7904] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  354.596507][ T7904] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  354.643597][ T7904] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  354.678670][ T7904] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  354.883859][T12535] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2035'.
[  354.906121][ T7911] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  354.968153][ T7911] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  355.050636][T12539] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2036'.
[  355.091607][T12537] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2037'.
[  355.101817][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  355.120099][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  355.142909][T12543] xt_SECMARK: invalid mode: 0
[  355.378654][T12551] netlink: 'syz.4.2044': attribute type 21 has an invalid length.
[  355.405586][T12551] netlink: 128 bytes leftover after parsing attributes in process `syz.4.2044'.
[  355.483885][T12551] netlink: 'syz.4.2044': attribute type 5 has an invalid length.
[  355.495535][T12559] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2046'.
[  355.505680][T12560] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2046'.
[  355.540166][T12551] netlink: 'syz.4.2044': attribute type 6 has an invalid length.
[  355.547939][T12551] netlink: 3 bytes leftover after parsing attributes in process `syz.4.2044'.
[  355.721429][T12573] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2051'.
[  356.059652][T12589] vlan0: entered promiscuous mode
[  356.081866][T12589] macvlan0: entered promiscuous mode
[  356.364414][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.746595][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.829407][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.919253][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.009400][   T12] bridge_slave_1: left allmulticast mode
[  357.015460][   T12] bridge_slave_1: left promiscuous mode
[  357.021308][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.034097][   T12] bridge_slave_0: left allmulticast mode
[  357.039744][   T12] bridge_slave_0: left promiscuous mode
[  357.045579][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.337514][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  357.349098][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  357.360518][   T12] bond0 (unregistering): Released all slaves
[  357.577143][   T12] hsr_slave_0: left promiscuous mode
[  357.583569][   T12] hsr_slave_1: left promiscuous mode
[  357.589463][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  357.597093][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  357.605091][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  357.612710][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  357.635176][   T12] veth1_macvtap: left promiscuous mode
[  357.642012][   T12] veth0_macvtap: left promiscuous mode
[  357.647610][   T12] veth1_vlan: left promiscuous mode
[  357.653090][   T12] veth0_vlan: left promiscuous mode
[  358.053581][   T12] team0 (unregistering): Port device team_slave_1 removed
[  358.095054][   T12] team0 (unregistering): Port device team_slave_0 removed
[  358.695765][T12612] FAULT_INJECTION: forcing a failure.
[  358.695765][T12612] name failslab, interval 1, probability 0, space 0, times 0
[  358.741111][T12612] CPU: 1 UID: 0 PID: 12612 Comm: syz.2.2063 Not tainted 6.16.0-rc3-syzkaller-00901-gf22e6fdf7b33 #0 PREEMPT(full) 
[  358.741146][T12612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  358.741159][T12612] Call Trace:
[  358.741168][T12612]  <TASK>
[  358.741177][T12612]  dump_stack_lvl+0x189/0x250
[  358.741216][T12612]  ? __pfx____ratelimit+0x10/0x10
[  358.741242][T12612]  ? __pfx_dump_stack_lvl+0x10/0x10
[  358.741277][T12612]  ? __pfx__printk+0x10/0x10
[  358.741304][T12612]  ? __pfx___might_resched+0x10/0x10
[  358.741338][T12612]  ? fs_reclaim_acquire+0x7d/0x100
[  358.741370][T12612]  should_fail_ex+0x414/0x560
[  358.741402][T12612]  should_failslab+0xa8/0x100
[  358.741444][T12612]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  358.741483][T12612]  ? rtnl_prop_list_size+0x1ba/0x1e0
[  358.741505][T12612]  ? __alloc_skb+0x112/0x2d0
[  358.741538][T12612]  __alloc_skb+0x112/0x2d0
[  358.741572][T12612]  rtmsg_ifinfo_build_skb+0x84/0x260
[  358.741604][T12612]  rtmsg_ifinfo+0x8c/0x1a0
[  358.741634][T12612]  netif_state_change+0x29e/0x3a0
[  358.741664][T12612]  ? __pfx_netif_state_change+0x10/0x10
[  358.741697][T12612]  ? netif_change_flags+0xe8/0x1a0
[  358.741733][T12612]  do_setlink+0x35de/0x41c0
[  358.741779][T12612]  ? schedule+0x91/0x360
[  358.741800][T12612]  ? __pfx_do_setlink+0x10/0x10
[  358.741831][T12612]  ? schedule+0x16f/0x360
[  358.741854][T12612]  ? synchronize_rcu_expedited+0x630/0x730
[  358.741881][T12612]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  358.741924][T12612]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  358.741961][T12612]  ? __pfx_autoremove_wake_function+0x10/0x10
[  358.742003][T12612]  ? geneve_changelink+0x648/0x710
[  358.742033][T12612]  ? __pfx_geneve_changelink+0x10/0x10
[  358.742071][T12612]  ? ns_capable+0x8a/0xf0
[  358.742104][T12612]  ? rtnl_link_get_net_capable+0x16a/0x350
[  358.742141][T12612]  rtnl_newlink+0x160b/0x1c70
[  358.742165][T12612]  ? netlink_sendmsg+0x805/0xb30
[  358.742205][T12612]  ? __pfx_rtnl_newlink+0x10/0x10
[  358.742259][T12612]  ? kasan_quarantine_put+0xdd/0x220
[  358.742289][T12612]  ? lockdep_hardirqs_on+0x9c/0x150
[  358.742320][T12612]  ? nlmon_xmit+0xb0/0x100
[  358.742336][T12612]  ? kmem_cache_free+0x18f/0x400
[  358.742366][T12612]  ? __local_bh_enable_ip+0x12d/0x1c0
[  358.742397][T12612]  ? lockdep_hardirqs_on+0x9c/0x150
[  358.742428][T12612]  ? __local_bh_enable_ip+0x12d/0x1c0
[  358.742459][T12612]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  358.742497][T12612]  ? __dev_queue_xmit+0x27e/0x3a70
[  358.742546][T12612]  ? __lock_acquire+0xab9/0xd20
[  358.742606][T12612]  ? __pfx_rtnl_newlink+0x10/0x10
[  358.742631][T12612]  rtnetlink_rcv_msg+0x7cc/0xb70
[  358.742661][T12612]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  358.742687][T12612]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  358.742710][T12612]  ? ref_tracker_free+0x63a/0x7d0
[  358.742736][T12612]  ? __copy_skb_header+0xa7/0x550
[  358.742768][T12612]  ? __pfx_ref_tracker_free+0x10/0x10
[  358.742796][T12612]  ? __skb_clone+0x63/0x7a0
[  358.742836][T12612]  netlink_rcv_skb+0x208/0x470
[  358.742864][T12612]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  358.742892][T12612]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  358.742935][T12612]  ? netlink_deliver_tap+0x2e/0x1b0
[  358.742960][T12612]  ? netlink_deliver_tap+0x2e/0x1b0
[  358.742993][T12612]  netlink_unicast+0x75b/0x8d0
[  358.743030][T12612]  netlink_sendmsg+0x805/0xb30
[  358.743069][T12612]  ? __pfx_netlink_sendmsg+0x10/0x10
[  358.743100][T12612]  ? aa_sock_msg_perm+0x94/0x160
[  358.743130][T12612]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  358.743156][T12612]  ? __pfx_netlink_sendmsg+0x10/0x10
[  358.743185][T12612]  __sock_sendmsg+0x219/0x270
[  358.743212][T12612]  ____sys_sendmsg+0x505/0x830
[  358.743250][T12612]  ? __pfx_____sys_sendmsg+0x10/0x10
[  358.743293][T12612]  ? import_iovec+0x74/0xa0
[  358.743318][T12612]  ___sys_sendmsg+0x21f/0x2a0
[  358.743352][T12612]  ? __pfx____sys_sendmsg+0x10/0x10
[  358.743433][T12612]  ? __fget_files+0x2a/0x420
[  358.743456][T12612]  ? __fget_files+0x3a0/0x420
[  358.743492][T12612]  __x64_sys_sendmsg+0x19b/0x260
[  358.743528][T12612]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  358.743571][T12612]  ? __pfx_ksys_write+0x10/0x10
[  358.743602][T12612]  ? rcu_is_watching+0x15/0xb0
[  358.743641][T12612]  ? do_syscall_64+0xbe/0x3b0
[  358.743672][T12612]  do_syscall_64+0xfa/0x3b0
[  358.743696][T12612]  ? lockdep_hardirqs_on+0x9c/0x150
[  358.743719][T12612]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.743740][T12612]  ? clear_bhb_loop+0x60/0xb0
[  358.743767][T12612]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.743788][T12612] RIP: 0033:0x7f806cf8e929
[  358.743807][T12612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  358.743826][T12612] RSP: 002b:00007f806deb8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  358.743849][T12612] RAX: ffffffffffffffda RBX: 00007f806d1b5fa0 RCX: 00007f806cf8e929
[  358.743882][T12612] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  358.743896][T12612] RBP: 00007f806deb8090 R08: 0000000000000000 R09: 0000000000000000
[  358.743910][T12612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  358.743923][T12612] R13: 0000000000000000 R14: 00007f806d1b5fa0 R15: 00007ffd1f001b88
[  358.743958][T12612]  </TASK>
[  358.744530][T12616] __nla_validate_parse: 4 callbacks suppressed
[  358.744546][T12616] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2064'.
[  359.213277][T12624] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2062'.
[  359.323948][T12619] vlan0: entered promiscuous mode
[  359.329176][T12624] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2062'.
[  359.364948][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  359.374185][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  359.387864][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  359.398790][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  359.408749][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  360.043275][T12648] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2072'.
[  360.481180][T12628] chnl_net:caif_netlink_parms(): no params data found
[  361.015225][T12628] bridge0: port 1(bridge_slave_0) entered blocking state
[  361.042726][T12628] bridge0: port 1(bridge_slave_0) entered disabled state
[  361.063130][T12628] bridge_slave_0: entered allmulticast mode
[  361.079484][T12628] bridge_slave_0: entered promiscuous mode
[  361.202744][T12676] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2079'.
[  361.218811][T12628] bridge0: port 2(bridge_slave_1) entered blocking state
[  361.233900][T12628] bridge0: port 2(bridge_slave_1) entered disabled state
[  361.241331][T12628] bridge_slave_1: entered allmulticast mode
[  361.249278][T12628] bridge_slave_1: entered promiscuous mode
[  361.364221][T12628] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  361.397319][T12628] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  361.430908][ T5845] Bluetooth: hci4: command tx timeout
[  361.474647][T12687] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2084'.
[  361.519868][T12628] team0: Port device team_slave_0 added
[  361.564492][T12628] team0: Port device team_slave_1 added
[  361.788994][T12628] batman_adv: batadv0: Adding interface: batadv_slave_0
[  361.827396][T12628] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  361.870492][T12628] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  361.934224][T12628] batman_adv: batadv0: Adding interface: batadv_slave_1
[  361.957612][T12628] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  362.034207][T12628] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  362.297528][T12628] hsr_slave_0: entered promiscuous mode
[  362.322507][T12628] hsr_slave_1: entered promiscuous mode
[  362.349333][T12628] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  362.362146][T12628] Cannot create hsr debugfs directory
[  362.382669][T12706] netlink: 'syz.4.2093': attribute type 4 has an invalid length.
[  362.543718][T12715] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2097'.
[  362.734223][T12721] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2096'.
[  362.918619][T12730] vlan2: entered promiscuous mode
[  363.208948][T12628] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  363.219316][T12628] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  363.236000][T12628] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  363.247082][T12628] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  363.346469][T12628] 8021q: adding VLAN 0 to HW filter on device bond0
[  363.377135][T12628] 8021q: adding VLAN 0 to HW filter on device team0
[  363.389711][ T7904] bridge0: port 1(bridge_slave_0) entered blocking state
[  363.396966][ T7904] bridge0: port 1(bridge_slave_0) entered forwarding state
[  363.417471][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  363.424676][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  363.510366][ T5845] Bluetooth: hci4: command tx timeout
[  363.624090][T12740] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2102'.
[  363.635335][T12742] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2103'.
[  363.775057][T12746] netlink: 124 bytes leftover after parsing attributes in process `syz.4.2104'.
[  363.987540][T12628] 8021q: adding VLAN 0 to HW filter on device batadv0
[  364.023621][T12757] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2109'.
[  364.133952][T12628] veth0_vlan: entered promiscuous mode
[  364.163886][T12628] veth1_vlan: entered promiscuous mode
[  364.275467][T12628] veth0_macvtap: entered promiscuous mode
[  364.331843][T12628] veth1_macvtap: entered promiscuous mode
[  364.499694][T12628] batman_adv: batadv0: Interface activated: batadv_slave_0
[  364.512892][T12628] batman_adv: batadv0: Interface activated: batadv_slave_1
[  364.581737][ T7911] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  364.591350][ T7911] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  364.611327][ T7905] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  364.645584][ T7905] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  364.911283][ T7904] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  364.945138][ T7904] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  364.993545][ T7905] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  365.040441][ T7905] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  365.484824][T12790] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.896181][T12790] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.108606][T12842] geneve0: entered promiscuous mode
[  366.119469][T12842] geneve0: entered allmulticast mode
[  366.177135][T12790] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.229625][ T7905] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  366.254007][ T7905] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  366.352574][T12790] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.412752][ T7905] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  366.439061][ T7905] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  366.511828][T12857] vlan0: entered promiscuous mode
[  366.744040][ T7905] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  366.825015][ T7908] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  366.885015][ T7904] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.922604][ T7908] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  366.957602][ T7905] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  367.211751][ T7904] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.335715][ T7904] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.426518][ T7904] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.533251][ T7904] bridge_slave_1: left allmulticast mode
[  367.538934][ T7904] bridge_slave_1: left promiscuous mode
[  367.545107][ T7904] bridge0: port 2(bridge_slave_1) entered disabled state
[  367.554346][ T7904] bridge_slave_0: left allmulticast mode
[  367.560649][ T7904] bridge_slave_0: left promiscuous mode
[  367.566497][ T7904] bridge0: port 1(bridge_slave_0) entered disabled state
[  367.868956][ T7904] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  367.882941][ T7904] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  367.893644][ T7904] bond0 (unregistering): Released all slaves
[  368.108932][ T7904] hsr_slave_0: left promiscuous mode
[  368.115039][ T7904] hsr_slave_1: left promiscuous mode
[  368.124366][ T7904] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  368.132427][ T7904] batman_adv: batadv0: Removing interface: batadv_slave_0
[  368.140555][ T7904] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  368.148031][ T7904] batman_adv: batadv0: Removing interface: batadv_slave_1
[  368.172021][ T7904] veth1_macvtap: left promiscuous mode
[  368.177600][ T7904] veth0_macvtap: left promiscuous mode
[  368.183397][ T7904] veth1_vlan: left promiscuous mode
[  368.188707][ T7904] veth0_vlan: left promiscuous mode
[  368.586956][ T7904] team0 (unregistering): Port device team_slave_1 removed
[  368.625897][ T7904] team0 (unregistering): Port device team_slave_0 removed
[  368.863024][T12870] Cannot find add_set index 3 as target
[  369.350193][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  369.360296][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  369.370024][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  369.378713][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  369.386653][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  369.442028][T12867] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2136'.
[  369.459068][T12870] geneve2: entered promiscuous mode
[  369.465756][T12870] geneve2: entered allmulticast mode
[  369.527510][   T12] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  369.547826][   T12] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  369.557317][   T12] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  369.617977][   T12] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  369.628562][T12891] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2140'.
[  370.208708][T12889] chnl_net:caif_netlink_parms(): no params data found
[  370.395076][T12915] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2146'.
[  370.806065][T12889] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.820793][T12889] bridge0: port 1(bridge_slave_0) entered disabled state
[  370.840253][T12889] bridge_slave_0: entered allmulticast mode
[  370.863778][T12889] bridge_slave_0: entered promiscuous mode
[  370.885690][T12889] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.924392][T12889] bridge0: port 2(bridge_slave_1) entered disabled state
[  370.940255][T12889] bridge_slave_1: entered allmulticast mode
[  370.948198][T12889] bridge_slave_1: entered promiscuous mode
[  371.187015][T12941] vlan2: entered promiscuous mode
[  371.193002][T12941] vlan2: entered allmulticast mode
[  371.215040][T12944] vlan0: entered promiscuous mode
[  371.233650][T12944] vlan0: entered allmulticast mode
[  371.255309][T12889] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  371.331949][T12889] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  371.408509][T12889] team0: Port device team_slave_0 added
[  371.425268][T12889] team0: Port device team_slave_1 added
[  371.431288][ T5845] Bluetooth: hci4: command tx timeout
[  371.486468][T12889] batman_adv: batadv0: Adding interface: batadv_slave_0
[  371.520897][T12889] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  371.580039][T12889] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  371.607134][T12960] FAULT_INJECTION: forcing a failure.
[  371.607134][T12960] name failslab, interval 1, probability 0, space 0, times 0
[  371.644028][T12960] CPU: 1 UID: 0 PID: 12960 Comm: syz.2.2158 Not tainted 6.16.0-rc3-syzkaller-00901-gf22e6fdf7b33 #0 PREEMPT(full) 
[  371.644059][T12960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  371.644072][T12960] Call Trace:
[  371.644081][T12960]  <TASK>
[  371.644090][T12960]  dump_stack_lvl+0x189/0x250
[  371.644128][T12960]  ? __pfx____ratelimit+0x10/0x10
[  371.644152][T12960]  ? __pfx_dump_stack_lvl+0x10/0x10
[  371.644184][T12960]  ? __pfx__printk+0x10/0x10
[  371.644214][T12960]  ? ref_tracker_alloc+0x318/0x460
[  371.644245][T12960]  should_fail_ex+0x414/0x560
[  371.644275][T12960]  should_failslab+0xa8/0x100
[  371.644299][T12960]  kmem_cache_alloc_noprof+0x73/0x3c0
[  371.644332][T12960]  ? skb_clone+0x212/0x3a0
[  371.644368][T12960]  skb_clone+0x212/0x3a0
[  371.644404][T12960]  __netlink_deliver_tap+0x404/0x850
[  371.644449][T12960]  ? netlink_deliver_tap+0x2e/0x1b0
[  371.644476][T12960]  netlink_deliver_tap+0x19c/0x1b0
[  371.644504][T12960]  netlink_unicast+0x72f/0x8d0
[  371.644539][T12960]  netlink_sendmsg+0x805/0xb30
[  371.644576][T12960]  ? __pfx_netlink_sendmsg+0x10/0x10
[  371.644606][T12960]  ? aa_sock_msg_perm+0x94/0x160
[  371.644634][T12960]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  371.644661][T12960]  ? __pfx_netlink_sendmsg+0x10/0x10
[  371.644688][T12960]  __sock_sendmsg+0x219/0x270
[  371.644714][T12960]  ____sys_sendmsg+0x505/0x830
[  371.644752][T12960]  ? __pfx_____sys_sendmsg+0x10/0x10
[  371.644794][T12960]  ? import_iovec+0x74/0xa0
[  371.644817][T12960]  ___sys_sendmsg+0x21f/0x2a0
[  371.644849][T12960]  ? __pfx____sys_sendmsg+0x10/0x10
[  371.644922][T12960]  ? __fget_files+0x2a/0x420
[  371.644944][T12960]  ? __fget_files+0x3a0/0x420
[  371.644987][T12960]  __x64_sys_sendmsg+0x19b/0x260
[  371.645022][T12960]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  371.645064][T12960]  ? __pfx_ksys_write+0x10/0x10
[  371.645094][T12960]  ? rcu_is_watching+0x15/0xb0
[  371.645132][T12960]  ? do_syscall_64+0xbe/0x3b0
[  371.645163][T12960]  do_syscall_64+0xfa/0x3b0
[  371.645185][T12960]  ? lockdep_hardirqs_on+0x9c/0x150
[  371.645207][T12960]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.645228][T12960]  ? clear_bhb_loop+0x60/0xb0
[  371.645254][T12960]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.645274][T12960] RIP: 0033:0x7f806cf8e929
[  371.645293][T12960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  371.645312][T12960] RSP: 002b:00007f806deb8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  371.645334][T12960] RAX: ffffffffffffffda RBX: 00007f806d1b5fa0 RCX: 00007f806cf8e929
[  371.645350][T12960] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[  371.645364][T12960] RBP: 00007f806deb8090 R08: 0000000000000000 R09: 0000000000000000
[  371.645377][T12960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  371.645389][T12960] R13: 0000000000000000 R14: 00007f806d1b5fa0 R15: 00007ffd1f001b88
[  371.645424][T12960]  </TASK>
[  371.660346][T12958] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2156'.
[  371.751135][T12889] batman_adv: batadv0: Adding interface: batadv_slave_1
[  371.964983][T12889] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  371.991079][T12889] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  372.012557][T12960] vlan0: entered promiscuous mode
[  372.015622][T12967] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2160'.
[  372.017793][T12960] vlan0: entered allmulticast mode
[  372.096478][T12889] hsr_slave_0: entered promiscuous mode
[  372.103385][T12889] hsr_slave_1: entered promiscuous mode
[  372.109759][T12889] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  372.118214][T12889] Cannot create hsr debugfs directory
[  372.194316][T12970] bridge0: port 2(bridge_slave_1) entered blocking state
[  372.201709][T12970] bridge0: port 2(bridge_slave_1) entered listening state
[  372.209050][T12970] bridge0: port 1(bridge_slave_0) entered blocking state
[  372.216204][T12970] bridge0: port 1(bridge_slave_0) entered listening state
[  372.250893][T12970] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  372.260719][T12973] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2162'.
[  372.482779][T12978] bridge_slave_0: left allmulticast mode
[  372.488475][T12978] bridge_slave_0: left promiscuous mode
[  372.503940][T12978] bridge0: port 1(bridge_slave_0) entered disabled state
[  372.530164][T12978] bridge_slave_1: left allmulticast mode
[  372.540695][T12978] bridge_slave_1: left promiscuous mode
[  372.561817][T12978] bridge0: port 2(bridge_slave_1) entered disabled state
[  372.600832][T12978] bond0: (slave bond_slave_0): Releasing backup interface
[  372.612874][T12978] bond_slave_0: left promiscuous mode
[  372.629380][T12978] bond0: (slave bond_slave_1): Releasing backup interface
[  372.641870][T12978] bond_slave_1: left promiscuous mode
[  372.669676][T12978] team0: Failed to send options change via netlink (err -105)
[  372.678216][T12978] team0: Failed to send port change of device team_slave_0 via netlink (err -105)
[  372.688560][T12978] team0: Port device team_slave_0 removed
[  372.700987][T12978] team0: Failed to send options change via netlink (err -105)
[  372.709054][T12978] team0: Failed to send port change of device team_slave_1 via netlink (err -105)
[  372.719291][T12978] team0: Port device team_slave_1 removed
[  372.726147][T12978] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  372.733970][T12978] batman_adv: batadv0: Removing interface: batadv_slave_0
[  372.744558][T12978] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  372.752687][T12978] batman_adv: batadv0: Removing interface: batadv_slave_1
[  372.768158][T12978] team0: Failed to send options change via netlink (err -105)
[  372.776667][T12978] team0: Failed to send port change of device bridge1 via netlink (err -105)
[  372.787713][T12978] team0: Port device bridge1 removed
[  372.801848][T12978] ip6gretap1: left allmulticast mode
[  372.807267][T12978] ip6gretap1: left promiscuous mode
[  372.813224][T12978] bridge1: port 1(ip6gretap1) entered disabled state
[  372.827522][T12978] team0: Failed to send options change via netlink (err -105)
[  372.835411][T12978] team0: Failed to send port change of device bridge2 via netlink (err -105)
[  372.845649][T12978] team0: Port device bridge2 removed
[  372.855255][T12978] bond1: (slave bridge3): Releasing backup interface
[  372.862072][T12978] bridge3: left promiscuous mode
[  372.877058][T12978] bond3: (slave bridge4): Releasing backup interface
[  372.884632][T12978] bridge4: left promiscuous mode
[  372.902367][T12978] team0: Failed to send options change via netlink (err -105)
[  372.914855][T12978] team0: Failed to send port change of device bridge6 via netlink (err -105)
[  372.925101][T12978] team0: Port device bridge6 removed
[  372.936505][T12978] team0: Failed to send options change via netlink (err -105)
[  372.944594][T12978] team0: Failed to send port change of device bridge8 via netlink (err -105)
[  372.954672][T12978] team0: Port device bridge8 removed
[  372.968381][T12978] team0: Failed to send options change via netlink (err -105)
[  372.976468][T12978] team0: Failed to send port change of device bridge9 via netlink (err -105)
[  372.986160][T12978] team0: Port device bridge9 removed
[  373.511887][ T5845] Bluetooth: hci4: command tx timeout
[  373.713311][T13013] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2178'.
[  373.941463][T13016] vlan2: entered promiscuous mode
[  374.074523][T13018] netlink: 'syz.2.2180': attribute type 12 has an invalid length.
[  374.096458][T13018] netlink: 'syz.2.2180': attribute type 29 has an invalid length.
[  374.152125][T13018] netlink: 148 bytes leftover after parsing attributes in process `syz.2.2180'.
[  374.191556][T13018] netlink: 59 bytes leftover after parsing attributes in process `syz.2.2180'.
[  374.487306][T12889] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  374.536932][T12889] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  374.565296][T12889] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  374.668581][T12889] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  374.894176][T12889] 8021q: adding VLAN 0 to HW filter on device bond0
[  374.956940][T12889] 8021q: adding VLAN 0 to HW filter on device team0
[  374.991615][ T7904] bridge0: port 1(bridge_slave_0) entered blocking state
[  374.998827][ T7904] bridge0: port 1(bridge_slave_0) entered forwarding state
[  375.037055][ T7904] bridge0: port 2(bridge_slave_1) entered blocking state
[  375.044285][ T7904] bridge0: port 2(bridge_slave_1) entered forwarding state
[  375.084932][T13050] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2192'.
[  375.103970][T13052] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input8
[  375.314482][T13060] 
[  375.316950][T13060] ======================================================
[  375.323996][T13060] WARNING: possible circular locking dependency detected
[  375.331041][T13060] 6.16.0-rc3-syzkaller-00901-gf22e6fdf7b33 #0 Not tainted
[  375.338161][T13060] ------------------------------------------------------
[  375.345185][T13060] syz.2.2194/13060 is trying to acquire lock:
[  375.351252][T13060] ffffffff8f669f58 (nr_neigh_list_lock){+...}-{3:3}, at: nr_remove_neigh+0x25/0xe0
[  375.360583][T13060] 
[  375.360583][T13060] but task is already holding lock:
[  375.367946][T13060] ffff88807914a770 (&nr_node->node_lock){+...}-{3:3}, at: nr_add_node+0xcce/0x2570
[  375.377267][T13060] 
[  375.377267][T13060] which lock already depends on the new lock.
[  375.377267][T13060] 
[  375.387666][T13060] 
[  375.387666][T13060] the existing dependency chain (in reverse order) is:
[  375.396679][T13060] 
[  375.396679][T13060] -> #2 (&nr_node->node_lock){+...}-{3:3}:
[  375.404681][T13060]        lock_acquire+0x120/0x360
[  375.409717][T13060]        _raw_spin_lock_bh+0x36/0x50
[  375.415006][T13060]        nr_rt_device_down+0x12a/0x720
[  375.420468][T13060]        nr_device_event+0x137/0x150
[  375.425792][T13060]        notifier_call_chain+0x1b3/0x3e0
[  375.431435][T13060]        dev_close_many+0x29c/0x410
[  375.436656][T13060]        netif_close+0x158/0x210
[  375.441596][T13060]        dev_close+0x10a/0x220
[  375.446391][T13060]        bpq_device_event+0x2f4/0x600
[  375.451768][T13060]        notifier_call_chain+0x1b3/0x3e0
[  375.457413][T13060]        __dev_notify_flags+0x18d/0x2e0
[  375.462964][T13060]        netif_change_flags+0xe8/0x1a0
[  375.468427][T13060]        dev_change_flags+0x130/0x260
[  375.473803][T13060]        dev_ioctl+0x7b4/0x1150
[  375.478677][T13060]        sock_do_ioctl+0x22c/0x300
[  375.483786][T13060]        sock_ioctl+0x576/0x790
[  375.488636][T13060]        __se_sys_ioctl+0xfc/0x170
[  375.493754][T13060]        do_syscall_64+0xfa/0x3b0
[  375.498780][T13060]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.505194][T13060] 
[  375.505194][T13060] -> #1 (nr_node_list_lock){+...}-{3:3}:
[  375.513026][T13060]        lock_acquire+0x120/0x360
[  375.518061][T13060]        _raw_spin_lock_bh+0x36/0x50
[  375.523344][T13060]        nr_rt_device_down+0xa9/0x720
[  375.528719][T13060]        nr_device_event+0x137/0x150
[  375.534020][T13060]        notifier_call_chain+0x1b3/0x3e0
[  375.539694][T13060]        dev_close_many+0x29c/0x410
[  375.544891][T13060]        netif_close+0x158/0x210
[  375.549826][T13060]        dev_close+0x10a/0x220
[  375.554596][T13060]        bpq_device_event+0x2f4/0x600
[  375.559988][T13060]        notifier_call_chain+0x1b3/0x3e0
[  375.565624][T13060]        __dev_notify_flags+0x18d/0x2e0
[  375.571183][T13060]        netif_change_flags+0xe8/0x1a0
[  375.576646][T13060]        dev_change_flags+0x130/0x260
[  375.582020][T13060]        dev_ioctl+0x7b4/0x1150
[  375.586871][T13060]        sock_do_ioctl+0x22c/0x300
[  375.591989][T13060]        sock_ioctl+0x576/0x790
[  375.596939][T13060]        __se_sys_ioctl+0xfc/0x170
[  375.602083][T13060]        do_syscall_64+0xfa/0x3b0
[  375.607110][T13060]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.613522][T13060] 
[  375.613522][T13060] -> #0 (nr_neigh_list_lock){+...}-{3:3}:
[  375.621431][T13060]        validate_chain+0xb9b/0x2140
[  375.626718][T13060]        __lock_acquire+0xab9/0xd20
[  375.631925][T13060]        lock_acquire+0x120/0x360
[  375.636956][T13060]        _raw_spin_lock_bh+0x36/0x50
[  375.642248][T13060]        nr_remove_neigh+0x25/0xe0
[  375.647373][T13060]        nr_add_node+0x1d9f/0x2570
[  375.652499][T13060]        nr_rt_ioctl+0xc12/0xd50
[  375.657445][T13060]        sock_do_ioctl+0xd9/0x300
[  375.662466][T13060]        sock_ioctl+0x576/0x790
[  375.667316][T13060]        __se_sys_ioctl+0xfc/0x170
[  375.672438][T13060]        do_syscall_64+0xfa/0x3b0
[  375.677468][T13060]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.683878][T13060] 
[  375.683878][T13060] other info that might help us debug this:
[  375.683878][T13060] 
[  375.694103][T13060] Chain exists of:
[  375.694103][T13060]   nr_neigh_list_lock --> nr_node_list_lock --> &nr_node->node_lock
[  375.694103][T13060] 
[  375.707925][T13060]  Possible unsafe locking scenario:
[  375.707925][T13060] 
[  375.715372][T13060]        CPU0                    CPU1
[  375.720737][T13060]        ----                    ----
[  375.726101][T13060]   lock(&nr_node->node_lock);
[  375.730870][T13060]                                lock(nr_node_list_lock);
[  375.737986][T13060]                                lock(&nr_node->node_lock);
[  375.745288][T13060]   lock(nr_neigh_list_lock);
[  375.749967][T13060] 
[  375.749967][T13060]  *** DEADLOCK ***
[  375.749967][T13060] 
[  375.758106][T13060] 1 lock held by syz.2.2194/13060:
[  375.763227][T13060]  #0: ffff88807914a770 (&nr_node->node_lock){+...}-{3:3}, at: nr_add_node+0xcce/0x2570
[  375.772991][T13060] 
[  375.772991][T13060] stack backtrace:
[  375.778893][T13060] CPU: 1 UID: 0 PID: 13060 Comm: syz.2.2194 Not tainted 6.16.0-rc3-syzkaller-00901-gf22e6fdf7b33 #0 PREEMPT(full) 
[  375.778926][T13060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  375.778942][T13060] Call Trace:
[  375.778952][T13060]  <TASK>
[  375.778960][T13060]  dump_stack_lvl+0x189/0x250
[  375.778996][T13060]  ? __pfx_dump_stack_lvl+0x10/0x10
[  375.779025][T13060]  ? __pfx__printk+0x10/0x10
[  375.779042][T13060]  ? stack_trace_save+0x9c/0xe0
[  375.779068][T13060]  print_circular_bug+0x2ee/0x310
[  375.779088][T13060]  check_noncircular+0x134/0x160
[  375.779109][T13060]  validate_chain+0xb9b/0x2140
[  375.779148][T13060]  __lock_acquire+0xab9/0xd20
[  375.779175][T13060]  ? nr_remove_neigh+0x25/0xe0
[  375.779195][T13060]  lock_acquire+0x120/0x360
[  375.779217][T13060]  ? nr_remove_neigh+0x25/0xe0
[  375.779240][T13060]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  375.779260][T13060]  ? nr_remove_neigh+0x25/0xe0
[  375.779279][T13060]  _raw_spin_lock_bh+0x36/0x50
[  375.779296][T13060]  ? nr_remove_neigh+0x25/0xe0
[  375.779314][T13060]  nr_remove_neigh+0x25/0xe0
[  375.779334][T13060]  nr_add_node+0x1d9f/0x2570
[  375.779353][T13060]  ? __asan_memcpy+0x40/0x70
[  375.779377][T13060]  ? nr_call_to_digi+0x126/0x1b0
[  375.779397][T13060]  nr_rt_ioctl+0xc12/0xd50
[  375.779414][T13060]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  375.779442][T13060]  ? kasan_quarantine_put+0xdd/0x220
[  375.779467][T13060]  ? __pfx_nr_rt_ioctl+0x10/0x10
[  375.779489][T13060]  ? apparmor_capable+0x137/0x1b0
[  375.779520][T13060]  ? capable+0x89/0xe0
[  375.779546][T13060]  ? nr_ioctl+0x1b1/0x3b0
[  375.779571][T13060]  sock_do_ioctl+0xd9/0x300
[  375.779656][T13060]  ? __pfx_sock_do_ioctl+0x10/0x10
[  375.779688][T13060]  ? __lock_acquire+0xab9/0xd20
[  375.779724][T13060]  sock_ioctl+0x576/0x790
[  375.779745][T13060]  ? __pfx_sock_ioctl+0x10/0x10
[  375.779764][T13060]  ? __fget_files+0x2a/0x420
[  375.779785][T13060]  ? __fget_files+0x3a0/0x420
[  375.779805][T13060]  ? __fget_files+0x2a/0x420
[  375.779836][T13060]  ? bpf_lsm_file_ioctl+0x9/0x20
[  375.779864][T13060]  ? __pfx_sock_ioctl+0x10/0x10
[  375.779882][T13060]  __se_sys_ioctl+0xfc/0x170
[  375.779912][T13060]  do_syscall_64+0xfa/0x3b0
[  375.779937][T13060]  ? lockdep_hardirqs_on+0x9c/0x150
[  375.779960][T13060]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.779983][T13060]  ? clear_bhb_loop+0x60/0xb0
[  375.780006][T13060]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.780025][T13060] RIP: 0033:0x7f806cf8e929
[  375.780050][T13060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  375.780068][T13060] RSP: 002b:00007f806deb8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  375.780091][T13060] RAX: ffffffffffffffda RBX: 00007f806d1b5fa0 RCX: 00007f806cf8e929
[  375.780107][T13060] RDX: 0000200000000240 RSI: 000000000000890b RDI: 0000000000000005
[  375.780120][T13060] RBP: 00007f806d010b39 R08: 0000000000000000 R09: 0000000000000000
[  375.780133][T13060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  375.780145][T13060] R13: 0000000000000000 R14: 00007f806d1b5fa0 R15: 00007ffd1f001b88
[  375.780167][T13060]  </TASK>
[  376.123517][ T5845] Bluetooth: hci4: command tx timeout
[  376.234567][T13058] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2193'.
[  376.246653][T13060] xt_hashlimit: size too large, truncated to 1048576
[  376.324914][T12889] 8021q: adding VLAN 0 to HW filter on device batadv0
[  376.456507][T12889] veth0_vlan: entered promiscuous mode
[  376.493553][T12889] veth1_vlan: entered promiscuous mode
[  376.589278][T12889] veth0_macvtap: entered promiscuous mode
[  376.605396][T12889] veth1_macvtap: entered promiscuous mode
[  376.641795][T12889] batman_adv: batadv0: Interface activated: batadv_slave_0
[  376.666923][T12889] batman_adv: batadv0: Interface activated: batadv_slave_1
[  376.688802][   T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  376.719460][ T7908] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  376.728431][ T7908] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  376.744647][ T7908] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  376.792885][T12889] ieee80211 phy50: Selected rate control algorithm 'minstrel_ht'
[  376.818857][ T7908] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  376.820492][T12889] ieee80211 phy51: Selected rate control algorithm 'minstrel_ht'
[  376.827019][ T7908] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  376.864568][ T7907] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  376.875107][ T7907] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  377.938454][ T7911] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.858972][ T7911] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.395528][ T7911] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.467859][ T7911] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.553445][ T7911] bridge_slave_1: left allmulticast mode
[  379.559866][ T7911] bridge_slave_1: left promiscuous mode
[  379.565793][ T7911] bridge0: port 2(bridge_slave_1) entered disabled state
[  379.578119][ T7911] bridge_slave_0: left allmulticast mode
[  379.584069][ T7911] bridge_slave_0: left promiscuous mode
[  379.589785][ T7911] bridge0: port 1(bridge_slave_0) entered disabled state
[  379.741559][ T7911] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  379.754136][ T7911] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  379.764787][ T7911] bond0 (unregistering): Released all slaves
[  379.999273][ T7911] hsr_slave_0: left promiscuous mode
[  380.007702][ T7911] hsr_slave_1: left promiscuous mode
[  380.013604][ T7911] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  380.023190][ T7911] batman_adv: batadv0: Removing interface: batadv_slave_0
[  380.032778][ T7911] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  380.042350][ T7911] batman_adv: batadv0: Removing interface: batadv_slave_1
[  380.053730][ T7911] veth1_macvtap: left promiscuous mode
[  380.059269][ T7911] veth0_macvtap: left promiscuous mode
[  380.069101][ T7911] veth1_vlan: left promiscuous mode
[  380.074728][ T7911] veth0_vlan: left promiscuous mode
[  380.311267][ T7911] team0 (unregistering): Port device team_slave_1 removed
[  380.338239][ T7911] team0 (unregistering): Port device team_slave_0 removed