last executing test programs:

1m39.058791407s ago: executing program 4 (id=20):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newqdisc={0x54, 0x10, 0x1, 0x18, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x691, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8c0}, 0x0)

1m38.558860987s ago: executing program 4 (id=23):
socket$packet(0x11, 0xa, 0x300)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
write$tun(r0, &(0x7f00000002c0)={@val={0x4000, 0x86dd}, @val={0x0, 0x1, 0x11, 0x4, 0x0, 0xca6}, @mpls={[], @ipv6=@gre_packet={0xe, 0x6, "ec00be", 0x44, 0x2f, 0xff, @local, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x3}, {0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1}, {0xa888, 0x88be, 0x2, {{0x6, 0x1, 0x9, 0x2, 0x1, 0x0, 0x3, 0x5}, 0x1, {0x8100}}}, {0x8, 0x22eb, 0x20000, {{0x0, 0x2, 0xc, 0x0, 0x0, 0x2, 0x7, 0x8}, 0x2, {0x2, 0x4, 0x0, 0x5, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x2}}}}}}, 0x7a)

1m20.063929176s ago: executing program 4 (id=23):
socket$packet(0x11, 0xa, 0x300)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
write$tun(r0, &(0x7f00000002c0)={@val={0x4000, 0x86dd}, @val={0x0, 0x1, 0x11, 0x4, 0x0, 0xca6}, @mpls={[], @ipv6=@gre_packet={0xe, 0x6, "ec00be", 0x44, 0x2f, 0xff, @local, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x3}, {0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1}, {0xa888, 0x88be, 0x2, {{0x6, 0x1, 0x9, 0x2, 0x1, 0x0, 0x3, 0x5}, 0x1, {0x8100}}}, {0x8, 0x22eb, 0x20000, {{0x0, 0x2, 0xc, 0x0, 0x0, 0x2, 0x7, 0x8}, 0x2, {0x2, 0x4, 0x0, 0x5, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x2}}}}}}, 0x7a)

1m9.54407504s ago: executing program 3 (id=169):
r0 = socket(0x23, 0x1, 0x7)
shutdown(r0, 0x0)
ioctl$SIOCX25SCAUSEDIAG(r0, 0x89ec, &(0x7f0000000000)={0x9, 0x2})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r2, 0x11, 0x67, &(0x7f0000000200)=0x3, 0x4)
connect$inet6(r2, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x20}}}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @mcast1, 0x7}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
r3 = openat$cgroup_ro(r1, &(0x7f0000000140)='devices.list\x00', 0x0, 0x0)
readv(r3, &(0x7f0000000040)=[{&(0x7f0000001640)=""/244, 0xf4}], 0x1)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a320000000050000000060a010400000000000000000100000008000b400000000028000480240001800c0001006269747769736500140002800800034000000002080001400000001409004dafc0010073797a3000000000140000050000000000000000000000000700000a73c668e3e06e5f2f500b5cfe8f2d4b2c7dd704701f5d2677bc2e113d6e150c9360be2669453c17cc3da84356855276efee06bc5d3f3f60d09b69a864228925f8502f6b6b5b61e5ec59182f170934ce1f6c0e312a2476ad1c0d49d192954dad7047f2eecb928a4bb3a83aca2477a47f5d27f34014e910d96ed80e373eb63205acd484e3a4b4e1eb3b73520f4c55ce947a9160c3547e64ab4dbb36e2e9e006050bccec9211dca0bbbbba05a274e847f461ac53cabca2a7633dda3c3457bfc44e75"], 0xc4}}, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x4, 0xf, &(0x7f0000000480)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x600}}, [], {{0x5, 0x1, 0x7, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet_icmp_raw(0x2, 0x3, 0x1)

1m8.413103482s ago: executing program 3 (id=175):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000380)=@security={'security\x00', 0xe, 0x4, 0x3f8, 0xffffffff, 0x120, 0x258, 0x120, 0xffffffff, 0xffffffff, 0x360, 0x360, 0x360, 0xffffffff, 0x4, &(0x7f0000000080), {[{{@ip={@remote, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xff000000, 0xffffff00, 'wg1\x00', 'nicvf0\x00', {}, {}, 0xc, 0x1, 0xfc867d3ae0416cfe}, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz1\x00', 0x0, 0x1, 0x2, 0x2}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x3, [0x5, 0x2, 0x2, 0x0, 0xc], 0x2}, {0x3, [0x0, 0x4, 0x0, 0x4, 0x1], 0x2}}}}, {{@ip={@remote, @rand_addr=0x64010101, 0x0, 0xff, 'bond_slave_0\x00', 'caif0\x00', {}, {}, 0x16, 0x2, 0x1a}, 0x0, 0xd8, 0x138, 0x0, {}, [@common=@ah={{0x30}, {[0x8, 0x9], 0x1}}, @common=@unspec=@connbytes={{0x38}, {[{0x32}, {0x3}], 0x1, 0x1}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @random="86add4b0a116", 0x8, 0xd, [0x33, 0x1c, 0x6, 0xd, 0x0, 0x3d, 0x11, 0x21, 0xc, 0x36, 0x32, 0xa, 0x19, 0x15, 0x1e, 0xd], 0x0, 0x1, 0x7}}}, {{@uncond, 0x0, 0xe0, 0x108, 0x0, {}, [@common=@inet=@multiport={{0x50}, {0x1, 0x9, [0x4e23, 0x4e23, 0x4e20, 0x4e22, 0x4e20, 0x4e24, 0x4e22, 0x4e20, 0x4e20, 0x4e24, 0x4e20, 0x4e21, 0x4e21, 0x4e22, 0x4e20], [0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1], 0x1}}, @common=@socket0={{0x20}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0xda2, 0x7}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x458)
setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000040)=0x2, 0x4)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="380000000314010028bd7000f6dbdf250900020073797a31001800000800410073697700140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x884}, 0x810)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x8000}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r3, r4, 0x2, 0x2}, 0x10)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r5, r6, 0x2, 0x2}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000003c0)={@cgroup=r5, 0x2, 0x0, 0x3, &(0x7f0000000180)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000000280), 0x0, 0x0}, 0x40)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002280), r2)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl(r8, 0xfffffff8, &(0x7f0000002380)="e5d4c3a151940ceab705adcf829f36280635e1de00ad78c69ff12ed7247fdd6a378bb7a73ebdfc72fbda79660ece2175c86cbbb0")
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={0x1c, r9, 0x1, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r10}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4080}, 0x810)
ioctl$SIOCRSGL2CALL(r2, 0x89e5, &(0x7f00000023c0)=@rose)
sendmsg$NL80211_CMD_GET_INTERFACE(r2, &(0x7f0000002340)={&(0x7f0000002240)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000002300)={&(0x7f00000022c0)={0x28, r7, 0x800, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x4, 0x3e}}}}, ["", "", "", "", "", ""]}, 0x28}}, 0x0)
write$cgroup_int(r2, &(0x7f0000000200), 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x5, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x80000}, [@btf_id={0x18, 0x8, 0x3, 0x0, 0x4}]}, &(0x7f0000000180)='syzkaller\x00', 0x8, 0x1020, &(0x7f0000001200)=""/4128, 0x40f00}, 0x94)
socket$key(0xf, 0x3, 0x2)
sendmsg$RDMA_NLDEV_CMD_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="20000000021401040000000001dcdf2508000100000000000500540041"], 0x20}, 0x1, 0x0, 0x0, 0x4000801}, 0x40810)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8924, &(0x7f00000000c0)={'dummy0\x00', 0x4000})

1m8.084920828s ago: executing program 3 (id=179):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x20004440)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @empty}], 0x1c)
sendto$inet6(r1, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r0, 0x0, 0x8000)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000100)={0x10})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, r3)
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r3, 0x0, 0x8000)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080)={0xa002a008})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
close(0x4)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'ip6_vti0\x00', &(0x7f0000000140)={'syztnl1\x00', <r6=>0x0, 0x4, 0x2, 0x10, 0x3ff, 0x6, @empty, @mcast2, 0x7800, 0x8, 0x7, 0x7}})
r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000001c0)=ANY=[@ANYRES16=r6], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', r6, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r7, 0x8, 0x25, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
epoll_create(0x27400000)
r8 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r8, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f00000004c0)="1ed8b706d457", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000940b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000810)

1m5.735878946s ago: executing program 3 (id=185):
socket$inet6(0xa, 0x80001, 0x3)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x2404c8c0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x8, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r1=>0x0, 0xcd, &(0x7f0000000380)=[{}], 0x8, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0xa6, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xd, 0x20000000000000bb, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x31, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="b400000000000000791093000000000062000000000000009500000000000000f42f9c31907ae9d028cc75e61c7db26519a29dc2b33043b3ce1030f95253523819600952532ad7c4604f25e5c2543ac6bce5e6f98728be9c7bb2cc7a54207d268d3dedde707e17cdf77b17dbf58a6d959826b7a4d74e7fec21e721fa0a815d02"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x4e, 0x0, 0xffffffffffffffff, 0x3000000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41100, 0x39, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0xa, 0x200008, 0x5, 0x1ffff}, 0x10}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r0], 0x4c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x400d0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {0xffff, 0xffff}, {0xc}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001380)=@newchain={0x24, 0x64, 0x1, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, {0x10, 0x1}, {0xe, 0x9}, {0x5, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x44851}, 0x20040054)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x19, &(0x7f0000000140)=0x3, 0x4)
sendmmsg$inet6(r7, &(0x7f0000001540)=[{{&(0x7f0000000340)={0xa, 0x4e24, 0x0, @remote}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="e8020000000000002900000004000000005a"], 0x2e8}}], 0x1, 0x80)
recvfrom$inet6(r7, 0x0, 0x0, 0x12020, 0x0, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b0400000000000000000200fffe4c0004802800018007000100637400001c00028008000140000000020800024000000013000003000000000020000180070001006374000014000280080002400000000d08000440000000"], 0xa0}, 0x1, 0x0, 0x0, 0x840}, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x4)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="2800000010000108000000000000000002000000", @ANYRES32=0x0, @ANYBLOB="b40200000000000008001b"], 0x28}}, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)

57.885281048s ago: executing program 1 (id=212):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8}, @NFTA_META_KEY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_USERDATA={0x5, 0x7, 0x1, 0x0, '\f'}]}], {0x14}}, 0x84}}, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x78, r2, 0x205, 0x24000000, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x4a, 0xe, {{{}, {}, @device_b, @device_b, @from_mac}, 0x0, @random=0xd6db, 0x5d7f, @void, @void, @val={0x3, 0x1, 0x4c}, @void, @void, @void, @void, @val={0x2a, 0x1, {0x0, 0x1}}, @void, @val={0x2d, 0x1a, {0x10, 0x1, 0x6, 0x0, {0x40009, 0xc9, 0x0, 0x7, 0x0, 0x1, 0x0, 0x2, 0x1}, 0x308, 0xb, 0x4}}, @void, @void, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x78}}, 0x0)

57.68285187s ago: executing program 1 (id=214):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000380)=@security={'security\x00', 0xe, 0x4, 0x3f8, 0xffffffff, 0x120, 0x258, 0x120, 0xffffffff, 0xffffffff, 0x360, 0x360, 0x360, 0xffffffff, 0x4, &(0x7f0000000080), {[{{@ip={@remote, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xff000000, 0xffffff00, 'wg1\x00', 'nicvf0\x00', {}, {}, 0xc, 0x1, 0xfc867d3ae0416cfe}, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz1\x00', 0x0, 0x1, 0x2, 0x2}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x3, [0x5, 0x2, 0x2, 0x0, 0xc], 0x2}, {0x3, [0x0, 0x4, 0x0, 0x4, 0x1], 0x2}}}}, {{@ip={@remote, @rand_addr=0x64010101, 0x0, 0xff, 'bond_slave_0\x00', 'caif0\x00', {}, {}, 0x16, 0x2, 0x1a}, 0x0, 0xd8, 0x138, 0x0, {}, [@common=@ah={{0x30}, {[0x8, 0x9], 0x1}}, @common=@unspec=@connbytes={{0x38}, {[{0x32}, {0x3}], 0x1, 0x1}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @random="86add4b0a116", 0x8, 0xd, [0x33, 0x1c, 0x6, 0xd, 0x0, 0x3d, 0x11, 0x21, 0xc, 0x36, 0x32, 0xa, 0x19, 0x15, 0x1e, 0xd], 0x0, 0x1, 0x7}}}, {{@uncond, 0x0, 0xe0, 0x108, 0x0, {}, [@common=@inet=@multiport={{0x50}, {0x1, 0x9, [0x4e23, 0x4e23, 0x4e20, 0x4e22, 0x4e20, 0x4e24, 0x4e22, 0x4e20, 0x4e20, 0x4e24, 0x4e20, 0x4e21, 0x4e21, 0x4e22, 0x4e20], [0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1], 0x1}}, @common=@socket0={{0x20}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0xda2, 0x7}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x458)
setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000040)=0x2, 0x4)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="380000000314010028bd7000f6dbdf250900020073797a31001800000800410073697700140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x884}, 0x810)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x8000}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r3, r4, 0x2, 0x2}, 0x10)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r5, r6, 0x2, 0x2}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000003c0)={@cgroup=r5, 0x2, 0x0, 0x3, &(0x7f0000000180)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000000280), 0x0, 0x0}, 0x40)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002280), r2)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl(r8, 0xfffffff8, &(0x7f0000002380)="e5d4c3a151940ceab705adcf829f36280635e1de00ad78c69ff12ed7247fdd6a378bb7a73ebdfc72fbda79660ece2175c86cbbb0")
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={0x1c, r9, 0x1, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r10}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4080}, 0x810)
ioctl$SIOCRSGL2CALL(r2, 0x89e5, &(0x7f00000023c0)=@rose)
sendmsg$NL80211_CMD_GET_INTERFACE(r2, &(0x7f0000002340)={&(0x7f0000002240)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000002300)={&(0x7f00000022c0)={0x28, r7, 0x800, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x4, 0x3e}}}}, ["", "", "", "", "", ""]}, 0x28}}, 0x0)
write$cgroup_int(r2, &(0x7f0000000200), 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x5, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x80000}, [@btf_id={0x18, 0x8, 0x3, 0x0, 0x4}]}, &(0x7f0000000180)='syzkaller\x00', 0x8, 0x1020, &(0x7f0000001200)=""/4128, 0x40f00}, 0x94)
socket$key(0xf, 0x3, 0x2)
sendmsg$RDMA_NLDEV_CMD_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="20000000021401040000000001dcdf2508000100000000000500540041"], 0x20}, 0x1, 0x0, 0x0, 0x4000801}, 0x40810)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8924, &(0x7f00000000c0)={'dummy0\x00', 0x4000})

57.275286184s ago: executing program 1 (id=216):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x73, 0xfffff034}, {0x50, 0x0, 0x5, 0x2}, {0x6, 0x0, 0x2, 0xffffffff}]}, 0x10)
recvmsg$kcm(0xffffffffffffffff, 0x0, 0x12040)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2400c049, &(0x7f00000001c0)={0xa, 0x4e20, 0x18000000, @loopback={0xfec0}}, 0x1c)

56.541851539s ago: executing program 1 (id=219):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r1, &(0x7f00000004c0)='W', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback, 0x8}, 0x1c)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f0000000040), 0x4)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e)
setsockopt$bt_BT_RCVMTU(r5, 0x112, 0xd, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
writev(r6, &(0x7f0000000200)=[{&(0x7f0000000080)='/', 0x1}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r6, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f00000001c0)={<r7=>r0, 0x4afe, 0xc, 0xffffffffffff1dfc})
r8 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r8, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r10 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
close(r10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000000200)={'syzkaller0\x00', @random="e5db029ea53c"})
write$cgroup_devices(r9, &(0x7f0000000140)=ANY=[@ANYBLOB="1e000300008c71ef28ff4b"], 0xffdd)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r6}, &(0x7f00000000c0), &(0x7f0000000200)=r7}, 0x20)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000002640)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r4, {0x0, 0xffe0}, {}, {0xfff3, 0xfff3}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x10, 0x2, [@TCA_CGROUP_EMATCHES={0xc, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x9}}]}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

51.768196019s ago: executing program 2 (id=235):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)

51.372935352s ago: executing program 2 (id=236):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000380)=@security={'security\x00', 0xe, 0x4, 0x3f8, 0xffffffff, 0x120, 0x258, 0x120, 0xffffffff, 0xffffffff, 0x360, 0x360, 0x360, 0xffffffff, 0x4, &(0x7f0000000080), {[{{@ip={@remote, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xff000000, 0xffffff00, 'wg1\x00', 'nicvf0\x00', {}, {}, 0xc, 0x1, 0xfc867d3ae0416cfe}, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz1\x00', 0x0, 0x1, 0x2, 0x2}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x3, [0x5, 0x2, 0x2, 0x0, 0xc], 0x2}, {0x3, [0x0, 0x4, 0x0, 0x4, 0x1], 0x2}}}}, {{@ip={@remote, @rand_addr=0x64010101, 0x0, 0xff, 'bond_slave_0\x00', 'caif0\x00', {}, {}, 0x16, 0x2, 0x1a}, 0x0, 0xd8, 0x138, 0x0, {}, [@common=@ah={{0x30}, {[0x8, 0x9], 0x1}}, @common=@unspec=@connbytes={{0x38}, {[{0x32}, {0x3}], 0x1, 0x1}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @random="86add4b0a116", 0x8, 0xd, [0x33, 0x1c, 0x6, 0xd, 0x0, 0x3d, 0x11, 0x21, 0xc, 0x36, 0x32, 0xa, 0x19, 0x15, 0x1e, 0xd], 0x0, 0x1, 0x7}}}, {{@uncond, 0x0, 0xe0, 0x108, 0x0, {}, [@common=@inet=@multiport={{0x50}, {0x1, 0x9, [0x4e23, 0x4e23, 0x4e20, 0x4e22, 0x4e20, 0x4e24, 0x4e22, 0x4e20, 0x4e20, 0x4e24, 0x4e20, 0x4e21, 0x4e21, 0x4e22, 0x4e20], [0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1], 0x1}}, @common=@socket0={{0x20}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0xda2, 0x7}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x458)
setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000040)=0x2, 0x4)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="380000000314010028bd7000f6dbdf250900020073797a31001800000800410073697700140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x884}, 0x810)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x8000}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r3, r4, 0x2, 0x2}, 0x10)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r5, r6, 0x2, 0x2}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000003c0)={@cgroup=r5, 0x2, 0x0, 0x3, &(0x7f0000000180)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000000280), 0x0, 0x0}, 0x40)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002280), r2)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl(r8, 0xfffffff8, &(0x7f0000002380)="e5d4c3a151940ceab705adcf829f36280635e1de00ad78c69ff12ed7247fdd6a378bb7a73ebdfc72fbda79660ece2175c86cbbb0")
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={0x1c, r9, 0x1, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r10}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4080}, 0x810)
ioctl$SIOCRSGL2CALL(r2, 0x89e5, &(0x7f00000023c0)=@rose)
sendmsg$NL80211_CMD_GET_INTERFACE(r2, &(0x7f0000002340)={&(0x7f0000002240)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000002300)={&(0x7f00000022c0)={0x28, r7, 0x800, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x4, 0x3e}}}}, ["", "", "", "", "", ""]}, 0x28}}, 0x0)
write$cgroup_int(r2, &(0x7f0000000200), 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x5, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x80000}, [@btf_id={0x18, 0x8, 0x3, 0x0, 0x4}]}, &(0x7f0000000180)='syzkaller\x00', 0x8, 0x1020, &(0x7f0000001200)=""/4128, 0x40f00}, 0x94)
socket$key(0xf, 0x3, 0x2)
sendmsg$RDMA_NLDEV_CMD_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="20000000021401040000000001dcdf2508000100000000000500540041"], 0x20}, 0x1, 0x0, 0x0, 0x4000801}, 0x40810)

50.406148623s ago: executing program 2 (id=239):
socket$igmp(0x2, 0x3, 0x2)
r0 = socket$inet(0x2, 0x800, 0x6)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x70bd2d, 0x4, {0x0, 0x0, 0x0, 0x0, {0xe, 0x3}, {0x6, 0xd}, {0x10, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x4080}, 0x40004)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r1, 0x104, 0x5, &(0x7f0000000440)=0x8, 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003e000900000000000008000003000000040004001c000180180010"], 0x34}}, 0x84)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0x7, 0x4, 0x3f0, 0x0, 0x0, 0x1f8, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@random, @rand_addr=0x64010100, @broadcast, 0x2, 0xffffffff}}}, {{@arp={@rand_addr=0x64010101, @rand_addr, 0x0, 0x0, 0xc, 0x3, {@empty, {[0xff, 0xff, 0x0, 0x0, 0xff]}}, {@empty, {[0x8a8cfb792f7af7f0]}}, 0x0, 0xfffc, 0x0, 0xa51, 0x0, 0x1000, 'team_slave_0\x00', 'veth0\x00', {0xff}}, 0xc0, 0xe8}, @unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0x4}}}, {{@arp={@local, @remote, 0xffffffff, 0x0, 0x0, 0x5, {@mac, {[0x0, 0x0, 0xff]}}, {@mac=@random="7c3a86e2977f", {[0x0, 0x0, 0x0, 0xff]}}, 0x0, 0x0, 0xffff, 0x0, 0x0, 0xffff, 'veth0_to_bond\x00', 'geneve1\x00', {}, {0xff}}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @local, @empty, 0x4, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28, '\x00', 0x0, 0xfffffffb}}}}, 0xb4adf735)

50.048260475s ago: executing program 2 (id=241):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0)

48.636784491s ago: executing program 4 (id=23):
socket$packet(0x11, 0xa, 0x300)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
write$tun(r0, &(0x7f00000002c0)={@val={0x4000, 0x86dd}, @val={0x0, 0x1, 0x11, 0x4, 0x0, 0xca6}, @mpls={[], @ipv6=@gre_packet={0xe, 0x6, "ec00be", 0x44, 0x2f, 0xff, @local, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x3}, {0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1}, {0xa888, 0x88be, 0x2, {{0x6, 0x1, 0x9, 0x2, 0x1, 0x0, 0x3, 0x5}, 0x1, {0x8100}}}, {0x8, 0x22eb, 0x20000, {{0x0, 0x2, 0xc, 0x0, 0x0, 0x2, 0x7, 0x8}, 0x2, {0x2, 0x4, 0x0, 0x5, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x2}}}}}}, 0x7a)

38.868671423s ago: executing program 3 (id=185):
socket$inet6(0xa, 0x80001, 0x3)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x2404c8c0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x8, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r1=>0x0, 0xcd, &(0x7f0000000380)=[{}], 0x8, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0xa6, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xd, 0x20000000000000bb, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x31, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="b400000000000000791093000000000062000000000000009500000000000000f42f9c31907ae9d028cc75e61c7db26519a29dc2b33043b3ce1030f95253523819600952532ad7c4604f25e5c2543ac6bce5e6f98728be9c7bb2cc7a54207d268d3dedde707e17cdf77b17dbf58a6d959826b7a4d74e7fec21e721fa0a815d02"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x4e, 0x0, 0xffffffffffffffff, 0x3000000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41100, 0x39, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0xa, 0x200008, 0x5, 0x1ffff}, 0x10}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r0], 0x4c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x400d0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {0xffff, 0xffff}, {0xc}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001380)=@newchain={0x24, 0x64, 0x1, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, {0x10, 0x1}, {0xe, 0x9}, {0x5, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x44851}, 0x20040054)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x19, &(0x7f0000000140)=0x3, 0x4)
sendmmsg$inet6(r7, &(0x7f0000001540)=[{{&(0x7f0000000340)={0xa, 0x4e24, 0x0, @remote}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="e8020000000000002900000004000000005a"], 0x2e8}}], 0x1, 0x80)
recvfrom$inet6(r7, 0x0, 0x0, 0x12020, 0x0, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b0400000000000000000200fffe4c0004802800018007000100637400001c00028008000140000000020800024000000013000003000000000020000180070001006374000014000280080002400000000d08000440000000"], 0xa0}, 0x1, 0x0, 0x0, 0x840}, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x4)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="2800000010000108000000000000000002000000", @ANYRES32=0x0, @ANYBLOB="b40200000000000008001b"], 0x28}}, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)

35.281860925s ago: executing program 1 (id=219):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r1, &(0x7f00000004c0)='W', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback, 0x8}, 0x1c)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f0000000040), 0x4)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e)
setsockopt$bt_BT_RCVMTU(r5, 0x112, 0xd, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
writev(r6, &(0x7f0000000200)=[{&(0x7f0000000080)='/', 0x1}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r6, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f00000001c0)={<r7=>r0, 0x4afe, 0xc, 0xffffffffffff1dfc})
r8 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r8, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r10 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
close(r10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000000200)={'syzkaller0\x00', @random="e5db029ea53c"})
write$cgroup_devices(r9, &(0x7f0000000140)=ANY=[@ANYBLOB="1e000300008c71ef28ff4b"], 0xffdd)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r6}, &(0x7f00000000c0), &(0x7f0000000200)=r7}, 0x20)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000002640)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r4, {0x0, 0xffe0}, {}, {0xfff3, 0xfff3}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x10, 0x2, [@TCA_CGROUP_EMATCHES={0xc, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x9}}]}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

31.473340076s ago: executing program 2 (id=241):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0)

27.922770359s ago: executing program 4 (id=23):
socket$packet(0x11, 0xa, 0x300)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
write$tun(r0, &(0x7f00000002c0)={@val={0x4000, 0x86dd}, @val={0x0, 0x1, 0x11, 0x4, 0x0, 0xca6}, @mpls={[], @ipv6=@gre_packet={0xe, 0x6, "ec00be", 0x44, 0x2f, 0xff, @local, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x3}, {0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1}, {0xa888, 0x88be, 0x2, {{0x6, 0x1, 0x9, 0x2, 0x1, 0x0, 0x3, 0x5}, 0x1, {0x8100}}}, {0x8, 0x22eb, 0x20000, {{0x0, 0x2, 0xc, 0x0, 0x0, 0x2, 0x7, 0x8}, 0x2, {0x2, 0x4, 0x0, 0x5, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x2}}}}}}, 0x7a)

18.528579037s ago: executing program 3 (id=185):
socket$inet6(0xa, 0x80001, 0x3)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x2404c8c0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x8, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r1=>0x0, 0xcd, &(0x7f0000000380)=[{}], 0x8, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0xa6, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xd, 0x20000000000000bb, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x31, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="b400000000000000791093000000000062000000000000009500000000000000f42f9c31907ae9d028cc75e61c7db26519a29dc2b33043b3ce1030f95253523819600952532ad7c4604f25e5c2543ac6bce5e6f98728be9c7bb2cc7a54207d268d3dedde707e17cdf77b17dbf58a6d959826b7a4d74e7fec21e721fa0a815d02"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x4e, 0x0, 0xffffffffffffffff, 0x3000000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41100, 0x39, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0xa, 0x200008, 0x5, 0x1ffff}, 0x10}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r0], 0x4c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x400d0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {0xffff, 0xffff}, {0xc}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001380)=@newchain={0x24, 0x64, 0x1, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, {0x10, 0x1}, {0xe, 0x9}, {0x5, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x44851}, 0x20040054)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x19, &(0x7f0000000140)=0x3, 0x4)
sendmmsg$inet6(r7, &(0x7f0000001540)=[{{&(0x7f0000000340)={0xa, 0x4e24, 0x0, @remote}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="e8020000000000002900000004000000005a"], 0x2e8}}], 0x1, 0x80)
recvfrom$inet6(r7, 0x0, 0x0, 0x12020, 0x0, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b0400000000000000000200fffe4c0004802800018007000100637400001c00028008000140000000020800024000000013000003000000000020000180070001006374000014000280080002400000000d08000440000000"], 0xa0}, 0x1, 0x0, 0x0, 0x840}, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x4)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="2800000010000108000000000000000002000000", @ANYRES32=0x0, @ANYBLOB="b40200000000000008001b"], 0x28}}, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)

17.367096418s ago: executing program 1 (id=219):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r1, &(0x7f00000004c0)='W', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback, 0x8}, 0x1c)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f0000000040), 0x4)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e)
setsockopt$bt_BT_RCVMTU(r5, 0x112, 0xd, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
writev(r6, &(0x7f0000000200)=[{&(0x7f0000000080)='/', 0x1}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r6, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f00000001c0)={<r7=>r0, 0x4afe, 0xc, 0xffffffffffff1dfc})
r8 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r8, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r10 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
close(r10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000000200)={'syzkaller0\x00', @random="e5db029ea53c"})
write$cgroup_devices(r9, &(0x7f0000000140)=ANY=[@ANYBLOB="1e000300008c71ef28ff4b"], 0xffdd)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r6}, &(0x7f00000000c0), &(0x7f0000000200)=r7}, 0x20)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000002640)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r4, {0x0, 0xffe0}, {}, {0xfff3, 0xfff3}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x10, 0x2, [@TCA_CGROUP_EMATCHES={0xc, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x9}}]}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

10.223292644s ago: executing program 2 (id=241):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0)

4.875372683s ago: executing program 4 (id=23):
socket$packet(0x11, 0xa, 0x300)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
write$tun(r0, &(0x7f00000002c0)={@val={0x4000, 0x86dd}, @val={0x0, 0x1, 0x11, 0x4, 0x0, 0xca6}, @mpls={[], @ipv6=@gre_packet={0xe, 0x6, "ec00be", 0x44, 0x2f, 0xff, @local, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x3}, {0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1}, {0xa888, 0x88be, 0x2, {{0x6, 0x1, 0x9, 0x2, 0x1, 0x0, 0x3, 0x5}, 0x1, {0x8100}}}, {0x8, 0x22eb, 0x20000, {{0x0, 0x2, 0xc, 0x0, 0x0, 0x2, 0x7, 0x8}, 0x2, {0x2, 0x4, 0x0, 0x5, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x2}}}}}}, 0x7a)

2.154976877s ago: executing program 0 (id=324):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="18050000000000000000000000000000810000000000000095"], &(0x7f0000000000)='GPL\x00', 0x8, 0xee, &(0x7f0000000740)=""/238}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa397}, 0x94)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000000)={0x0, {0x2, 0x4e20, @local}, {0x2, 0x4e22, @local}, {0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x66, 0x0, 0x0, 0x0, 0xff80, 0x0, 0xffffffff9fcc7ceb, 0x9, 0x4})
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000140)='percpu_alloc_percpu\x00', r0, 0x0, 0x1}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x12, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0, 0x0, 0x0, 0x0, 0x4000000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4000000}, @generic={0x66, 0x8, 0x0, 0x0, 0x1000000}, @initr0={0x18, 0x0, 0x0, 0x300, 0x10000000, 0x0, 0x0, 0x0, 0x200}, @exit, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="b80000000001010400000000000000000a0000003c0001802c0001801400030000000000000000000000ffffac1414aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300ff0200000000000b000000000000000114000400fe8000000000000000000000000000aa0c0002800500010000000000080007400000000008000480040003801c000f800800014000000000080002"], 0xb8}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c0000001a0001000000000000000000810000000000000010000000321e84070ff9edea3cc830115d50d3fea8d84c4fbc9c18ec219262d0a88d163275de24f0a2e24d5145c3eefd4fedc0457e88ca24cffc96525eb67f2e90c647f9"], 0x1c}}, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'vlan0\x00', <r6=>0x0})
sendto$packet(r4, &(0x7f0000000000)="374ea6e9e85d43fb57dc070081", 0x18, 0x4000000, &(0x7f0000000100)={0x11, 0x3, r6, 0x1, 0xa7, 0x6, @remote}, 0x14)
r7 = socket$netlink(0x10, 0x3, 0x0)
writev(r7, &(0x7f00000000c0)=[{&(0x7f0000000040)="3900000013000318680907070000000f0000ff3f04000000170a001700000000040037000d00030001332564aa58b92f4411f6bbf44dc48f57", 0x39}], 0x1)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000500)='blkio.bfq.io_service_time_recursive\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r8}, 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb01001800000000000000380000003800000003000000010000000000000e0300000000000000000000000000000105000046100000000000000000000003000000000200000002000000c9f400000061"], 0x0, 0x53}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x20, 0x5, &(0x7f0000000880)=ANY=[@ANYBLOB="18008000000000000000000000000000f17200000000000000000000d620971c3d7383a8bbbd2974000000009500000000000000"], &(0x7f0000000840)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x17, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000ff000000000067cf387a091b246c00000000000050"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', <r10=>0x0})
sendmsg$nl_route(r9, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="340000001c00010428bd7000fddbdf2507000000", @ANYRES32=r10, @ANYBLOB="80002c010a0002000180c200000200000c000ea30500010003000000"], 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x24040040)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r11)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000000)='/proc/net/\x00\x00t4/c+\x0fG\xf9aK\fX\a0\x04\x00\x00\x82q\xee'}, 0x30)
r13 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_ro(r13, &(0x7f0000000100)='blkio.bfq.io_wait_time\x00', 0x80040, 0x408)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r11, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYRESDEC=r13, @ANYRESHEX=r13, @ANYRES8=0x0, @ANYRES32=r0, @ANYRES64=r11, @ANYRESDEC=r12, @ANYRES16=r2], 0x3c}, 0x1, 0x0, 0x0, 0x4888}, 0x24040804)

1.85188322s ago: executing program 0 (id=325):
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000380)={&(0x7f0000000040)="b64b6779e728a585fc6d831c9c111ee3bf867c7fa20663508d961b5b0bc1d4eded804b84c8ee0b5e7b55af44aa8bf4a16c4d4aaf896a13f650a3b4f737945a9a179a6ceb93adadb8dd841258d0f04b02868cd415ab9bc48b055a8b3f92b143cb16138c216513a045af2101e7e3c507bedee404330f1171812cdaeed17a0e89dd4863a4e6808ca6b7046c38f33b9a0417e1c8fae7a9e1b4c8161b02", 0x0, 0x0, 0x0}, 0x38)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="d8000000310081044e81f782db44b904021d080005000000e8fe55a1180015000600142603600e120900210000000401a8001600a40001", 0x37}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000000e8ffffffffffff050000"], 0x48)
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="2b40000048009125745c7388641f9c0e0a"], 0xfe33)
r1 = socket$kcm(0x10, 0x3, 0x10)
syz_emit_ethernet(0x47e, &(0x7f0000000400)={@multicast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x448, 0x3a, 0xff, @local, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, [{0x0, 0xa, "a78ce54006598080a8030003004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000050000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x0, 0xb, "17dcea46c56aa00148c356de6b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x18, 0x7, "b8a3e10000a3e1100000006f00ff12164039d0ebab140888c235c0fffe00000000600000ff0bc0fe0000000000000000fe20e23f6541c3"}, {0x0, 0x22, "5e14f0e74d2d36cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18061c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3be0800c5fd97622c676d8800871a6aa54155de489abaa522c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c872d3126a3913336064fd440198947cb61124c665548344da863da2dfcd578ed9b048c76415994fc6c83db3be26b6328cb52bf265ae2f1e3da6fe8f39a1ca6d9d4e6ddc17dca63ccb904a23f32ea0a16dbfd2c84d9253d3cfc6400297b0f596bd4cd93f292043fff5a50aad2c4a9871bb6f215421d960fbf5f12"}, {0x3, 0x10, "41489859faad6b7894fe1137424008d432183a0113681c77fc82aec87a233d898a11c5cd98182e0722cd47409df61e0bba337962ebd666210dc03bdacde3052d2e9c5aa731b244867e503ea12228ee0be34e90eb3bf9d5935a7bf990cfb04124927b9452145135264a5e76623102303008f3d1b94be70c274ab2d3f2f578"}]}}}}}}, 0x0)
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0xc4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e22, @local}, 0x10)
sendmsg$kcm(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000080)="1400000016000b63d25a80648c2566e506bce1e8", 0x14}], 0x1}, 0x0)
r3 = accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendto$packet(r3, 0x0, 0x0, 0x40, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'bond_slave_0\x00', <r4=>0x0})
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c000000190001000000000000000000802090000011000500"], 0x2c}, 0x1, 0x0, 0x0, 0xa800}, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f0000000480)={{{@in=@local, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in6=@empty}, 0x0, @in=@multicast2}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
sendto$inet(r9, &(0x7f0000000080)='\x00\x00', 0xfdef, 0x8080, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_int(r9, 0x0, 0xb, &(0x7f0000000000)=0x8, 0x4)
sendmmsg$inet(r9, &(0x7f0000002780)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000bc0)="39739832bb7490f89d6f55b666b380869e121d3af7cebe29fd32c3fc791a2d265400e0bb7a14e361f323c03e7ee6aaae9ca90b8dc1c2430b9b6363cb9a087151b1a05fcb4842a131061784e7f13ab5c8392b79cc77e3f1c8e7ce026db61560b2988bc2f7fd4f85e74b2f2c72756a2ddc390047f9fe1771ac80cfb8f112a716d2927b4f981bf803029b88ed89873675d220e6dc277f50626fd9f053d55f6fd3e1ac1952144b8b3e184946c4d0ad315f29484c806905b385db5846b65be4593e2ceb1e2e10", 0xc4}], 0x1}}, {{0x0, 0x0, &(0x7f0000002140)=[{&(0x7f0000000f40)="9fe17636c697c59a461ac5769fd7479e26119d278f79c24da4d5ab7c788c2b75a4b5f6cb49c856d0f59224d502800aabad13eae245ced41642eae9db17a81026548c614f1990688037d5b75dad526d67e6d3aceeb4e1b5789ed28804434865564ea3556c4d46698cf5dda4169ae71f50612588c108f330910cef6f1945b9a667a6e01d54d1edcca4db3eae6535c2ad4af2df9088b556078285dd51d6d582061055edd49c483da8952fead0ed7587b4b4534ccdeeb7b70e6892292c5c6d99baf0dd6671ce6dff7dd313cbdc267b46d3d1682b4b7bcf1a2c8f333c4312cdabc0ab8fe025e5614028dff7032dc310739317aa04b580489e10fa5a3f29d2d4c66b426909248f3da76104225206209ef5a8a049817dec201b55f9df196c6d89985be326ca99bd78483feeac7820a119ace16609", 0x131}], 0x1}}], 0x2, 0xc8c0)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, 0x0, 0x40000)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r8, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000880)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="01002abd7000fcdbdf2515000000180001801400020064756d6d793000000000000000000000dd0ae43d74c1b175555e4d15952e7af0f149f27a216d35dab64881fb314f515d972bd6bce1a4501eab07fbb90b83f88e125ede36024c1c866be1a51e768360bef6b7efb611dc2686c53e49337bfdc364b5c4ac187a85ee602f16239955bed71fa7ba82f61222f3d3d87e1ffd932e781cef9fc845b716f056405fe69a2b94356d1f2172f23bda0a7f964e5b9f"], 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x40)
sendmsg$nl_xfrm(r5, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000400)={&(0x7f0000000300)=ANY=[@ANYBLOB="c80000001b00200027bd7000ffdbdf25ff020000000000000000000000000001ac1414bb0000000000000000000000004e2100024e2000030a00400001000000", @ANYRES32=r4, @ANYRES32=r7, @ANYBLOB="01000000000000000000000000000000020000000000000009000000000000000400000000000000080000000000000009000000000000008c41008c500000000008000000000000690e0000000000001337a501000000b86b6e000100010200000000f70000000000000008001e0001040000"], 0xc8}, 0x1, 0x0, 0x0, 0x2000085d}, 0x800)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000000c0)={0x0, 0x0, <r11=>0x0}, &(0x7f0000000100)=0xc)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000980)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c0000000500000009000000040000130000000607000000f7ffffff0700000001000000d700000003000000050000000100000007000000080000000000010059b32a55002e006100c80ab08e04f8eb557a8c112aa5bd717e62cc9fa164593512072c13c15dd45f05ea42d9ae9fe25ae2abe99fcafa9e4a016aece60886c4ec2416cf859dc87dfc74ca0583de48c2ca1a714cf4f7dd312c55bf9fefaf15975ad5e25c9f58be3f25fa70dfa356ba36413b9541c78f1a93ca20f1b10f463032903835f094923a82ce3cade507f330447a9aacac6549b5f28297ff248a8606c62dc3d9c1e7a28ef2bc7897357fb2173d3ea0e3df640d754f5aeb1865b0d8ecfffff2f7cf4a79f47d19207b2ad88af7f387f207040f9db2"], &(0x7f0000000580)=""/127, 0x59, 0x7f, 0x0, 0x10000}, 0x28)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)=@kern={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000040), 0x0, &(0x7f0000000180)=[@cred={{0x1c, 0x1, 0x2, {0x0, r7, r11}}}], 0x20, 0x844}, 0x20008002)

1.632089718s ago: executing program 0 (id=326):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'xfrm0\x00'}) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4) (async)
bind$inet6(r4, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @empty, 0xffffffff}, 0x1c) (async)
r5 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4) (async)
bind$inet6(r5, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xffffffff}, 0x1c) (async)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000008095"], 0x0, 0x3}, 0x94) (async)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) (async)
sendmsg$NL80211_CMD_GET_POWER_SAVE(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x20, r3, 0x10, 0x70bd29, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x2, 0x1}}}}, ["", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x2}, 0x10) (async)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x64}, 0x1, 0x0, 0x0, 0x8001}, 0x0)

1.142866646s ago: executing program 0 (id=327):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0, 0x4100}, 0x200001}, {{0x0, 0x0, 0x0}, 0x2046}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000800)=""/213, 0xd5}, {&(0x7f0000000000)=""/242, 0xf2}, {&(0x7f0000003e00)=""/4088, 0xff8}], 0x3}, 0x101}, {{0x0, 0x0, 0x0}, 0x40}], 0x4, 0x40012120, 0x0)

879.836966ms ago: executing program 0 (id=328):
r0 = socket$kcm(0x29, 0x5, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0400"/28], 0x48)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0x20, &(0x7f0000000280)={&(0x7f0000000a40)=""/4096, 0x1000, <r4=>0x0, 0x0}}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a44, 0x1700)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r6, &(0x7f00000000c0), 0x9)
sendfile(r6, r5, 0x0, 0x10000)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r3}, {}, {}, {}, {0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffe00}, {}, {}, {0x85, 0x0, 0x0, 0x55}}]}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @xdp, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYRESDEC, @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r7}, 0x18)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r8, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'veth0_virt_wifi\x00', 0x2000000}, 0x18)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r8, 0x0, 0x48c, &(0x7f00000002c0)={0x1, 'ipvlan1\x00', 0x100}, 0x18)
write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x5, 0x4, 0x6, 0x4, 0x0, 0xffffffffffffffff, 0x3}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006"], 0x48)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000020000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000070000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000008200000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r11}, 0x10)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000240)="9b919e18a5", 0x5}], 0x1}, 0x10)
ioctl$sock_netdev_private(r0, 0x89f9, &(0x7f0000000500)="f4be260d933e63f29f8136e7e6e8a448de16fd64bc53b8303fcea0975a0a851f2d39a662a50fd0a117fdface1f69109da41d5eba")
sendfile(r0, r1, 0x0, 0xffffffff000)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_GET(r12, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="49f30000", @ANYRES16=r13, @ANYBLOB="040029bd7000fddbdf250e0000000c00058008000100756470000c00078008000100000000001400038008000200ff0f000008000300080000001400098008000100090000000800010001000000b40004800900010073797a31000000001300010062726f6164636173742d6c696e6b00000900010073797a31000000000c000780080002000900000044000780080004000300000008000100080000000800020001000000080003000200000008000200030000000800010014000000080002000900000008000100040000000900010073797a30000000001300010062726f6164636173742d6c696e6b00001300010062726f6164636173742d6c696e6b0000400005803c0002800800020001000000080001000000000008000400020000000800020044000000080004000200000008000400080000000800040007000000380005801c00028008000300ff0f00000800030004000000080001000300000007000100696200000800010065746800080001006574680088000680080001000100000008000600050000000800060009000000040002000400020008000600070000004100040067636d286165732900000000000000000000000000000000000000000000000019000000ae418ecfc603a49bc2071ce50e2d05144e6645e0ec492431e900000008000600ff7f00000800060007000000080001000600000038000280080001007100000024000380080001000000000008000200010001000800020004000000080001000900000008000100000000001400038008000100dac300000800010000fa0000"], 0x254}, 0x1, 0x0, 0x0, 0x4014}, 0x14)
sendmsg$TIPC_NL_KEY_SET(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r13, @ANYBLOB="0100000000000000000017000000440006803c00040067636d286165732900000000000000000000000000000000000000000000000000000000e3de3d7b4cd07ec3ee777de774fc7987cca4198904000500"], 0x58}, 0x1, 0x0, 0x0, 0x40}, 0x4000004)

0s ago: executing program 0 (id=329):
r0 = socket(0x2a, 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
r3 = socket$kcm(0x29, 0x5, 0x0)
write$cgroup_pressure(r3, &(0x7f0000000140)={'full'}, 0xfffffdef)
setsockopt$sock_int(r3, 0x1, 0x53, &(0x7f0000000000)=0x2, 0x4)
r4 = socket$kcm(0x2d, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r5, 0x0, 0x1}, 0x18)
r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r6}, 0x8)
close(r7)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000480)="d8001c00180081064e81f7050044fd56170d12a0b9b54570", 0x18}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e3, &(0x7f0000000180)={r4, r8})
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f00000001c0)={'wpan0\x00'})
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000fddbdf252000000034002d800500040000000000050001000000000005000400010000000800030008000000080003000700000008000200010000001c002d80050004000100000005000100010000000800020007000000454e428b8fe81d5399729796d38aae3f02a4a1341a29b4fa364affe1009d5f45b1dd92279446197c9adaad1588bed2ca89e4225cfe8526dfce6c88153a07d087155133eb124093523376990c97"], 0x64}, 0x1, 0x0, 0x0, 0x8800}, 0x4048040)
socket(0x1d, 0x2, 0xee)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
r10 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r11, &(0x7f0000000400)={0x0, 0xa7, &(0x7f00000003c0)={&(0x7f0000000300)={0x4c, r10, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x8, 0x8e, 0x1}}]}, 0x4c}}, 0x0)
r12 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r12, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r13 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r13, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x40000, 0x0, 0x2, 0x1}})
r14 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r14, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newtaction={0x7c, 0x30, 0x29, 0x0, 0x25dfdbfe, {}, [{0x68, 0x1, [@m_mpls={0x64, 0x1, 0x0, 0x0, {{0x9}, {0x38, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x0, 0x1880, 0x2}, 0x3}}, @TCA_MPLS_LABEL={0x8, 0x5, 0xd4e9}, @TCA_MPLS_LABEL={0x8, 0x5, 0x1f871}, @TCA_MPLS_BOS={0x5}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x7d42c12918034ffd)
ioctl$sock_SIOCETHTOOL(r13, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}})

kernel console output (not intermixed with test programs):

t+0x759/0x8e0
[  131.462109][ T6706]  ? netlink_sendmsg+0x805/0xb30
[  131.462147][ T6706]  should_fail_ex+0x414/0x560
[  131.462193][ T6706]  should_failslab+0xa8/0x100
[  131.462223][ T6706]  kmem_cache_alloc_noprof+0x73/0x3c0
[  131.462246][ T6706]  ? fib6_add+0x3b0/0x18a0
[  131.462278][ T6706]  fib6_add+0x3b0/0x18a0
[  131.462321][ T6706]  ? __pfx_fib6_add+0x10/0x10
[  131.462357][ T6706]  ? inet6_rtm_newroute+0xa8f/0x18c0
[  131.462387][ T6706]  inet6_rtm_newroute+0xaa8/0x18c0
[  131.462420][ T6706]  ? nlmon_xmit+0xb0/0x100
[  131.462442][ T6706]  ? kmem_cache_free+0x18f/0x400
[  131.462470][ T6706]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[  131.462498][ T6706]  ? __local_bh_enable_ip+0x12d/0x1c0
[  131.462586][ T6706]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[  131.462613][ T6706]  rtnetlink_rcv_msg+0x7cc/0xb70
[  131.462646][ T6706]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  131.462678][ T6706]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  131.462702][ T6706]  ? ref_tracker_free+0x63a/0x7d0
[  131.462729][ T6706]  ? __copy_skb_header+0xa7/0x550
[  131.462752][ T6706]  ? __pfx_ref_tracker_free+0x10/0x10
[  131.462794][ T6706]  netlink_rcv_skb+0x205/0x470
[  131.462824][ T6706]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  131.462853][ T6706]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  131.462896][ T6706]  ? netlink_deliver_tap+0x2e/0x1b0
[  131.462923][ T6706]  ? netlink_deliver_tap+0x2e/0x1b0
[  131.462957][ T6706]  netlink_unicast+0x759/0x8e0
[  131.462992][ T6706]  netlink_sendmsg+0x805/0xb30
[  131.463031][ T6706]  ? __pfx_netlink_sendmsg+0x10/0x10
[  131.463063][ T6706]  ? aa_sock_msg_perm+0x94/0x160
[  131.463094][ T6706]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  131.463123][ T6706]  ? __pfx_netlink_sendmsg+0x10/0x10
[  131.463151][ T6706]  __sock_sendmsg+0x21c/0x270
[  131.463177][ T6706]  ____sys_sendmsg+0x505/0x830
[  131.463224][ T6706]  ? __pfx_____sys_sendmsg+0x10/0x10
[  131.463264][ T6706]  ? import_iovec+0x74/0xa0
[  131.463292][ T6706]  ___sys_sendmsg+0x21f/0x2a0
[  131.463314][ T6706]  ? __pfx____sys_sendmsg+0x10/0x10
[  131.463376][ T6706]  ? __fget_files+0x2a/0x420
[  131.463401][ T6706]  ? __fget_files+0x3a0/0x420
[  131.463440][ T6706]  __x64_sys_sendmsg+0x19b/0x260
[  131.463462][ T6706]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  131.463491][ T6706]  ? __pfx_ksys_write+0x10/0x10
[  131.463511][ T6706]  ? rcu_is_watching+0x15/0xb0
[  131.463541][ T6706]  ? do_syscall_64+0xbe/0x3b0
[  131.463574][ T6706]  do_syscall_64+0xfa/0x3b0
[  131.463601][ T6706]  ? lockdep_hardirqs_on+0x9c/0x150
[  131.463627][ T6706]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.463647][ T6706]  ? clear_bhb_loop+0x60/0xb0
[  131.463672][ T6706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.463691][ T6706] RIP: 0033:0x7f080f98e929
[  131.463710][ T6706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.463727][ T6706] RSP: 002b:00007f08107e2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  131.463748][ T6706] RAX: ffffffffffffffda RBX: 00007f080fbb5fa0 RCX: 00007f080f98e929
[  131.463762][ T6706] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  131.463775][ T6706] RBP: 00007f08107e2090 R08: 0000000000000000 R09: 0000000000000000
[  131.463787][ T6706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.463798][ T6706] R13: 0000000000000000 R14: 00007f080fbb5fa0 R15: 00007fffd81a9868
[  131.463831][ T6706]  </TASK>
[  131.902844][ T6712] netlink: 'syz.0.165': attribute type 1 has an invalid length.
[  131.933243][ T6712] netlink: 224 bytes leftover after parsing attributes in process `syz.0.165'.
[  131.974225][ T6713] netlink: 40 bytes leftover after parsing attributes in process `syz.0.165'.
[  132.123530][ T6709] dummy0: entered promiscuous mode
[  132.128930][ T6709] macsec1: entered promiscuous mode
[  132.134671][ T6709] macsec1: entered allmulticast mode
[  132.142836][ T6709] dummy0: entered allmulticast mode
[  132.183211][ T6709] dummy0: left allmulticast mode
[  132.216182][ T6709] dummy0: left promiscuous mode
[  132.726242][ T6729] FAULT_INJECTION: forcing a failure.
[  132.726242][ T6729] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  132.772915][ T6729] CPU: 0 UID: 0 PID: 6729 Comm: syz.2.172 Not tainted 6.16.0-rc5-syzkaller-01461-g511ad4c26446 #0 PREEMPT(full) 
[  132.772947][ T6729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  132.772959][ T6729] Call Trace:
[  132.772968][ T6729]  <TASK>
[  132.772977][ T6729]  dump_stack_lvl+0x189/0x250
[  132.773007][ T6729]  ? __pfx____ratelimit+0x10/0x10
[  132.773035][ T6729]  ? __pfx_dump_stack_lvl+0x10/0x10
[  132.773060][ T6729]  ? __pfx__printk+0x10/0x10
[  132.773088][ T6729]  ? __might_fault+0xb0/0x130
[  132.773127][ T6729]  should_fail_ex+0x414/0x560
[  132.773163][ T6729]  _copy_from_user+0x2d/0xb0
[  132.773189][ T6729]  kstrtouint_from_user+0xc4/0x170
[  132.773224][ T6729]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  132.773277][ T6729]  proc_fail_nth_write+0x88/0x240
[  132.773307][ T6729]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  132.773343][ T6729]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  132.773373][ T6729]  vfs_write+0x27e/0xa90
[  132.773407][ T6729]  ? __pfx_vfs_write+0x10/0x10
[  132.773433][ T6729]  ? __fget_files+0x2a/0x420
[  132.773466][ T6729]  ? __fget_files+0x3a0/0x420
[  132.773491][ T6729]  ? __fget_files+0x2a/0x420
[  132.773528][ T6729]  ksys_write+0x145/0x250
[  132.773555][ T6729]  ? __pfx_ksys_write+0x10/0x10
[  132.773575][ T6729]  ? rcu_is_watching+0x15/0xb0
[  132.773605][ T6729]  ? do_syscall_64+0xbe/0x3b0
[  132.773638][ T6729]  do_syscall_64+0xfa/0x3b0
[  132.773664][ T6729]  ? lockdep_hardirqs_on+0x9c/0x150
[  132.773691][ T6729]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.773711][ T6729]  ? clear_bhb_loop+0x60/0xb0
[  132.773736][ T6729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.773756][ T6729] RIP: 0033:0x7f080f98d3df
[  132.773774][ T6729] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  132.773791][ T6729] RSP: 002b:00007f08107e2030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  132.773812][ T6729] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f080f98d3df
[  132.773826][ T6729] RDX: 0000000000000001 RSI: 00007f08107e20a0 RDI: 0000000000000004
[  132.773838][ T6729] RBP: 00007f08107e2090 R08: 0000000000000000 R09: 0000000000000000
[  132.773850][ T6729] R10: 0000000000000102 R11: 0000000000000293 R12: 0000000000000001
[  132.773862][ T6729] R13: 0000000000000000 R14: 00007f080fbb5fa0 R15: 00007fffd81a9868
[  132.773903][ T6729]  </TASK>
[  133.139660][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  133.159468][ T6738] siw: device registration error -23
[  133.233740][ T6740] IPVS: stopping master sync thread 6741 ...
[  135.596790][ T6757] dummy0: entered promiscuous mode
[  135.602054][ T6757] macsec1: entered promiscuous mode
[  135.609973][ T6757] macsec1: entered allmulticast mode
[  135.615691][ T6757] dummy0: entered allmulticast mode
[  135.642627][ T6757] dummy0: left allmulticast mode
[  135.657370][ T6757] dummy0: left promiscuous mode
[  135.932498][   T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.050427][   T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.298275][   T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.334307][ T6773] netlink: 32 bytes leftover after parsing attributes in process `syz.0.188'.
[  136.346818][ T6773] netem: unknown loss type 13
[  136.352291][ T6773] netem: change failed
[  136.360934][ T6769] netlink: 8 bytes leftover after parsing attributes in process `syz.2.187'.
[  136.376371][ T6769] netlink: 8 bytes leftover after parsing attributes in process `syz.2.187'.
[  136.398771][ T6769] netlink: 24 bytes leftover after parsing attributes in process `syz.2.187'.
[  136.504862][ T6780] netlink: 'syz.2.187': attribute type 1 has an invalid length.
[  136.517726][   T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.578356][ T6784] IPv6: Can't replace route, no match found
[  136.905616][ T6521] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  136.948634][ T5868] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  136.970360][ T5868] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  136.978996][ T5868] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  137.000656][ T5868] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  137.011923][ T5868] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  137.066144][ T6521] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  137.085214][   T13] bridge_slave_1: left allmulticast mode
[  137.091685][   T13] bridge_slave_1: left promiscuous mode
[  137.102496][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.124364][   T13] bridge_slave_0: left allmulticast mode
[  137.130209][   T13] bridge_slave_0: left promiscuous mode
[  137.139397][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.375065][ T6809] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  137.562976][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  137.582314][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  137.593835][   T13] bond0 (unregistering): Released all slaves
[  137.609993][ T6521] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  137.637022][ T6803] netlink: 4 bytes leftover after parsing attributes in process `syz.0.193'.
[  137.682248][ T6521] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  137.808674][ T6790] lo speed is unknown, defaulting to 1000
[  139.049856][ T6790] lo speed is unknown, defaulting to 1000
[  139.085925][ T6815] dummy0: entered promiscuous mode
[  139.091222][ T6815] macsec1: entered promiscuous mode
[  139.096656][ T5859] Bluetooth: hci3: command tx timeout
[  139.104115][ T6815] macsec1: entered allmulticast mode
[  139.109556][ T6815] dummy0: entered allmulticast mode
[  139.120071][ T6815] dummy0: left allmulticast mode
[  139.125398][ T6815] dummy0: left promiscuous mode
[  139.366205][ T6831] FAULT_INJECTION: forcing a failure.
[  139.366205][ T6831] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.411824][ T6831] CPU: 0 UID: 0 PID: 6831 Comm: syz.2.200 Not tainted 6.16.0-rc5-syzkaller-01461-g511ad4c26446 #0 PREEMPT(full) 
[  139.411854][ T6831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  139.411866][ T6831] Call Trace:
[  139.411874][ T6831]  <TASK>
[  139.411883][ T6831]  dump_stack_lvl+0x189/0x250
[  139.411914][ T6831]  ? __pfx____ratelimit+0x10/0x10
[  139.411943][ T6831]  ? __pfx_dump_stack_lvl+0x10/0x10
[  139.411969][ T6831]  ? __pfx__printk+0x10/0x10
[  139.411998][ T6831]  ? __might_fault+0xb0/0x130
[  139.412036][ T6831]  should_fail_ex+0x414/0x560
[  139.412070][ T6831]  _copy_from_user+0x2d/0xb0
[  139.412096][ T6831]  __sys_bind+0x199/0x3e0
[  139.412126][ T6831]  ? __pfx___sys_bind+0x10/0x10
[  139.412166][ T6831]  ? __pfx_ksys_write+0x10/0x10
[  139.412187][ T6831]  ? rcu_is_watching+0x15/0xb0
[  139.412220][ T6831]  __x64_sys_bind+0x7a/0x90
[  139.412247][ T6831]  do_syscall_64+0xfa/0x3b0
[  139.412283][ T6831]  ? lockdep_hardirqs_on+0x9c/0x150
[  139.412310][ T6831]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.412331][ T6831]  ? clear_bhb_loop+0x60/0xb0
[  139.412355][ T6831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.412375][ T6831] RIP: 0033:0x7f080f98e929
[  139.412394][ T6831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.412410][ T6831] RSP: 002b:00007f08107c1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  139.412432][ T6831] RAX: ffffffffffffffda RBX: 00007f080fbb6080 RCX: 00007f080f98e929
[  139.412447][ T6831] RDX: 0000000000000060 RSI: 0000200000000080 RDI: 0000000000000007
[  139.412459][ T6831] RBP: 00007f08107c1090 R08: 0000000000000000 R09: 0000000000000000
[  139.412472][ T6831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.412484][ T6831] R13: 0000000000000000 R14: 00007f080fbb6080 R15: 00007fffd81a9868
[  139.412517][ T6831]  </TASK>
[  139.680892][ T6521] 8021q: adding VLAN 0 to HW filter on device bond0
[  139.702045][ T6521] 8021q: adding VLAN 0 to HW filter on device team0
[  139.760345][ T6839] netlink: 100 bytes leftover after parsing attributes in process `syz.1.203'.
[  139.776095][ T6833] syzkaller0: entered promiscuous mode
[  139.781615][ T6833] syzkaller0: entered allmulticast mode
[  139.813342][ T3075] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.820571][ T3075] bridge0: port 1(bridge_slave_0) entered forwarding state
[  139.832030][ T3075] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.839272][ T3075] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.899038][   T13] hsr_slave_0: left promiscuous mode
[  139.923454][   T13] hsr_slave_1: left promiscuous mode
[  139.929717][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  139.938087][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  139.947342][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  139.955827][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  139.979723][   T13] veth1_macvtap: left promiscuous mode
[  139.985546][   T13] veth0_macvtap: left promiscuous mode
[  139.991298][   T13] veth1_vlan: left promiscuous mode
[  139.998355][   T13] veth0_vlan: left promiscuous mode
[  140.119240][   T13] team0 (unregistering): Port device batadv1 removed
[  140.248781][ T6844] netlink: 'syz.2.205': attribute type 16 has an invalid length.
[  140.256779][ T6844] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.205'.
[  140.402858][ T6846] IPv6: Can't replace route, no match found
[  140.570688][   T13] team0 (unregistering): Port device team_slave_1 removed
[  140.612470][   T13] team0 (unregistering): Port device team_slave_0 removed
[  141.173221][ T5859] Bluetooth: hci3: command tx timeout
[  143.255380][ T5859] Bluetooth: hci3: command tx timeout
[  143.529627][ T6859] 8021q: VLANs not supported on ipvlan0
[  143.570469][ T6865] dummy0: entered promiscuous mode
[  143.586816][ T6865] macsec1: entered promiscuous mode
[  143.592345][ T6865] macsec1: entered allmulticast mode
[  143.601782][ T6865] dummy0: entered allmulticast mode
[  143.619281][ T6865] dummy0: left allmulticast mode
[  143.638158][ T6865] dummy0: left promiscuous mode
[  143.868183][ T6790] chnl_net:caif_netlink_parms(): no params data found
[  144.245674][ T6790] bridge0: port 1(bridge_slave_0) entered blocking state
[  144.263367][ T6790] bridge0: port 1(bridge_slave_0) entered disabled state
[  144.281775][ T6790] bridge_slave_0: entered allmulticast mode
[  144.303601][ T6790] bridge_slave_0: entered promiscuous mode
[  144.324027][ T6790] bridge0: port 2(bridge_slave_1) entered blocking state
[  144.331300][ T6790] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.342953][ T6790] bridge_slave_1: entered allmulticast mode
[  144.362215][ T6790] bridge_slave_1: entered promiscuous mode
[  144.501524][ T6891] FAULT_INJECTION: forcing a failure.
[  144.501524][ T6891] name failslab, interval 1, probability 0, space 0, times 0
[  144.523037][ T6891] CPU: 1 UID: 0 PID: 6891 Comm: syz.2.217 Not tainted 6.16.0-rc5-syzkaller-01461-g511ad4c26446 #0 PREEMPT(full) 
[  144.523076][ T6891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  144.523089][ T6891] Call Trace:
[  144.523097][ T6891]  <TASK>
[  144.523106][ T6891]  dump_stack_lvl+0x189/0x250
[  144.523137][ T6891]  ? __pfx____ratelimit+0x10/0x10
[  144.523164][ T6891]  ? __pfx_dump_stack_lvl+0x10/0x10
[  144.523187][ T6891]  ? __pfx__printk+0x10/0x10
[  144.523215][ T6891]  ? __pfx___might_resched+0x10/0x10
[  144.523236][ T6891]  ? fs_reclaim_acquire+0x7d/0x100
[  144.523270][ T6891]  should_fail_ex+0x414/0x560
[  144.523304][ T6891]  should_failslab+0xa8/0x100
[  144.523330][ T6891]  __kmalloc_cache_noprof+0x70/0x3d0
[  144.523354][ T6891]  ? alloc_fs_context+0x61/0x7d0
[  144.523383][ T6891]  alloc_fs_context+0x61/0x7d0
[  144.523416][ T6891]  mq_init_ns+0x10a/0x510
[  144.523445][ T6891]  copy_ipcs+0x2f6/0x4f0
[  144.523476][ T6891]  create_new_namespaces+0x218/0x720
[  144.523502][ T6891]  ? security_capable+0x7e/0x2e0
[  144.523536][ T6891]  unshare_nsproxy_namespaces+0x11c/0x170
[  144.523563][ T6891]  ksys_unshare+0x4c8/0x8c0
[  144.523599][ T6891]  ? __pfx_ksys_unshare+0x10/0x10
[  144.523627][ T6891]  ? __pfx_ksys_write+0x10/0x10
[  144.523662][ T6891]  __x64_sys_unshare+0x38/0x50
[  144.523689][ T6891]  do_syscall_64+0xfa/0x3b0
[  144.523716][ T6891]  ? lockdep_hardirqs_on+0x9c/0x150
[  144.523742][ T6891]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.523761][ T6891]  ? clear_bhb_loop+0x60/0xb0
[  144.523786][ T6891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.523804][ T6891] RIP: 0033:0x7f080f98e929
[  144.523824][ T6891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.523840][ T6891] RSP: 002b:00007f08107e2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  144.523861][ T6891] RAX: ffffffffffffffda RBX: 00007f080fbb5fa0 RCX: 00007f080f98e929
[  144.523875][ T6891] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002c020400
[  144.523887][ T6891] RBP: 00007f08107e2090 R08: 0000000000000000 R09: 0000000000000000
[  144.523899][ T6891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  144.523910][ T6891] R13: 0000000000000001 R14: 00007f080fbb5fa0 R15: 00007fffd81a9868
[  144.523958][ T6891]  </TASK>
[  144.839574][ T6790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  144.919745][ T6790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  144.954776][ T6521] 8021q: adding VLAN 0 to HW filter on device batadv0
[  145.150705][ T4062] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.303448][ T6903] netlink: 'syz.2.221': attribute type 10 has an invalid length.
[  145.333998][ T5859] Bluetooth: hci3: command tx timeout
[  145.391055][ T4062] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.453568][ T6903] 8021q: adding VLAN 0 to HW filter on device team0
[  145.476757][ T6903] bond0: (slave team0): Enslaving as an active interface with an up link
[  145.492247][ T6790] team0: Port device team_slave_0 added
[  145.514889][ T6790] team0: Port device team_slave_1 added
[  145.709966][ T4062] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.750606][ T6790] batman_adv: batadv0: Adding interface: batadv_slave_0
[  145.758497][ T6790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.801419][ T6790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  145.847320][ T6790] batman_adv: batadv0: Adding interface: batadv_slave_1
[  145.857871][ T6790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.886171][ T6790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  145.946404][ T6918] dummy0: entered promiscuous mode
[  145.951668][ T6918] macsec1: entered promiscuous mode
[  145.974368][ T6918] macsec1: entered allmulticast mode
[  145.992933][ T6918] dummy0: entered allmulticast mode
[  146.013680][ T6918] dummy0: left allmulticast mode
[  146.018934][ T6918] dummy0: left promiscuous mode
[  146.102287][ T4062] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.164630][ T5868] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  146.174107][ T5868] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  146.182589][ T5868] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  146.191535][ T5868] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  146.200485][ T5868] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  147.429021][ T6790] hsr_slave_0: entered promiscuous mode
[  147.450786][ T6790] hsr_slave_1: entered promiscuous mode
[  147.458394][ T6790] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  147.481532][ T6790] Cannot create hsr debugfs directory
[  147.655533][ T6926] lo speed is unknown, defaulting to 1000
[  147.702331][ T6926] lo speed is unknown, defaulting to 1000
[  147.703627][ T6934] lo speed is unknown, defaulting to 1000
[  147.772524][ T6934] lo speed is unknown, defaulting to 1000
[  147.852911][ T4062] bridge_slave_1: left allmulticast mode
[  147.858611][ T4062] bridge_slave_1: left promiscuous mode
[  147.873079][ T4062] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.889516][ T4062] bridge_slave_0: left allmulticast mode
[  147.912879][ T4062] bridge_slave_0: left promiscuous mode
[  147.920549][ T4062] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.275930][ T4062] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  148.287729][ T4062] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  148.296835][ T5859] Bluetooth: hci2: command tx timeout
[  148.305190][ T4062] bond0 (unregistering): Released all slaves
[  148.474233][ T6521] veth0_vlan: entered promiscuous mode
[  148.490773][ T4062] þ: left promiscuous mode
[  148.748525][ T4062] tipc: Left network mode
[  148.784629][ T6521] veth1_vlan: entered promiscuous mode
[  149.270021][ T6521] veth0_macvtap: entered promiscuous mode
[  149.303445][ T6521] veth1_macvtap: entered promiscuous mode
[  149.330402][ T6926] chnl_net:caif_netlink_parms(): no params data found
[  149.440351][ T4062] hsr_slave_0: left promiscuous mode
[  149.453236][ T4062] hsr_slave_1: left promiscuous mode
[  149.466671][ T4062] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  149.482141][ T4062] batman_adv: batadv0: Removing interface: batadv_slave_0
[  149.498636][ T4062] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  149.515372][ T4062] batman_adv: batadv0: Removing interface: batadv_slave_1
[  149.565201][ T4062] veth1_macvtap: left promiscuous mode
[  149.570810][ T4062] veth0_macvtap: left promiscuous mode
[  149.583001][ T4062] veth1_vlan: left promiscuous mode
[  149.588545][ T4062] veth0_vlan: left promiscuous mode
[  149.631565][ T6960] netlink: 20 bytes leftover after parsing attributes in process `syz.0.234'.
[  149.653334][ T6960] FAULT_INJECTION: forcing a failure.
[  149.653334][ T6960] name failslab, interval 1, probability 0, space 0, times 0
[  149.672954][ T6960] CPU: 1 UID: 0 PID: 6960 Comm: syz.0.234 Not tainted 6.16.0-rc5-syzkaller-01461-g511ad4c26446 #0 PREEMPT(full) 
[  149.672982][ T6960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  149.672994][ T6960] Call Trace:
[  149.673002][ T6960]  <TASK>
[  149.673011][ T6960]  dump_stack_lvl+0x189/0x250
[  149.673041][ T6960]  ? __pfx____ratelimit+0x10/0x10
[  149.673068][ T6960]  ? __pfx_dump_stack_lvl+0x10/0x10
[  149.673092][ T6960]  ? __pfx__printk+0x10/0x10
[  149.673126][ T6960]  ? __pfx___might_resched+0x10/0x10
[  149.673173][ T6960]  should_fail_ex+0x414/0x560
[  149.673209][ T6960]  should_failslab+0xa8/0x100
[  149.673237][ T6960]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  149.673263][ T6960]  ? __alloc_skb+0x112/0x2d0
[  149.673296][ T6960]  __alloc_skb+0x112/0x2d0
[  149.673329][ T6960]  inet_rtm_getroute+0x752/0x27b0
[  149.673363][ T6960]  ? lockdep_hardirqs_on+0x9c/0x150
[  149.673398][ T6960]  ? nlmon_xmit+0xb0/0x100
[  149.673419][ T6960]  ? kmem_cache_free+0x18f/0x400
[  149.673444][ T6960]  ? __pfx_inet_rtm_getroute+0x10/0x10
[  149.673500][ T6960]  ? __dev_queue_xmit+0x1d79/0x3b50
[  149.673559][ T6960]  ? __pfx_inet_rtm_getroute+0x10/0x10
[  149.673583][ T6960]  rtnetlink_rcv_msg+0x7cc/0xb70
[  149.673615][ T6960]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  149.673650][ T6960]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  149.673675][ T6960]  ? ref_tracker_free+0x63a/0x7d0
[  149.673703][ T6960]  ? __copy_skb_header+0xa7/0x550
[  149.673725][ T6960]  ? __pfx_ref_tracker_free+0x10/0x10
[  149.673754][ T6960]  ? __skb_clone+0x63/0x7a0
[  149.673782][ T6960]  netlink_rcv_skb+0x205/0x470
[  149.673811][ T6960]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  149.673839][ T6960]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  149.673882][ T6960]  ? netlink_deliver_tap+0x2e/0x1b0
[  149.673909][ T6960]  ? netlink_deliver_tap+0x2e/0x1b0
[  149.673943][ T6960]  netlink_unicast+0x759/0x8e0
[  149.673980][ T6960]  netlink_sendmsg+0x805/0xb30
[  149.674021][ T6960]  ? __pfx_netlink_sendmsg+0x10/0x10
[  149.674053][ T6960]  ? aa_sock_msg_perm+0x94/0x160
[  149.674084][ T6960]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  149.674114][ T6960]  ? __pfx_netlink_sendmsg+0x10/0x10
[  149.674143][ T6960]  __sock_sendmsg+0x21c/0x270
[  149.674171][ T6960]  ____sys_sendmsg+0x505/0x830
[  149.674211][ T6960]  ? __pfx_____sys_sendmsg+0x10/0x10
[  149.674282][ T6960]  ? import_iovec+0x74/0xa0
[  149.674310][ T6960]  ___sys_sendmsg+0x21f/0x2a0
[  149.674332][ T6960]  ? __pfx____sys_sendmsg+0x10/0x10
[  149.674393][ T6960]  ? __fget_files+0x2a/0x420
[  149.674418][ T6960]  ? __fget_files+0x3a0/0x420
[  149.674456][ T6960]  __x64_sys_sendmsg+0x19b/0x260
[  149.674478][ T6960]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  149.674523][ T6960]  ? __pfx_ksys_write+0x10/0x10
[  149.674544][ T6960]  ? rcu_is_watching+0x15/0xb0
[  149.674581][ T6960]  ? do_syscall_64+0xbe/0x3b0
[  149.674619][ T6960]  do_syscall_64+0xfa/0x3b0
[  149.674650][ T6960]  ? lockdep_hardirqs_on+0x9c/0x150
[  149.674675][ T6960]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.674694][ T6960]  ? clear_bhb_loop+0x60/0xb0
[  149.674719][ T6960]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.674743][ T6960] RIP: 0033:0x7f3df978e929
[  149.674762][ T6960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.674778][ T6960] RSP: 002b:00007f3dfa584038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  149.674799][ T6960] RAX: ffffffffffffffda RBX: 00007f3df99b5fa0 RCX: 00007f3df978e929
[  149.674819][ T6960] RDX: 0000000004040084 RSI: 0000200000000000 RDI: 0000000000000003
[  149.674831][ T6960] RBP: 00007f3dfa584090 R08: 0000000000000000 R09: 0000000000000000
[  149.674843][ T6960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.674854][ T6960] R13: 0000000000000000 R14: 00007f3df99b5fa0 R15: 00007ffcc2c121e8
[  149.674886][ T6960]  </TASK>
[  150.383005][ T5859] Bluetooth: hci2: command tx timeout
[  150.522158][ T4062] team0 (unregistering): Port device team_slave_1 removed
[  150.564458][ T4062] team0 (unregistering): Port device team_slave_0 removed
[  150.987603][ T5852] lo speed is unknown, defaulting to 1000
[  150.991430][ T6521] batman_adv: batadv0: Interface activated: batadv_slave_0
[  150.993935][ T5852] infiniband syz2: ib_query_port failed (-19)
[  151.008437][ T6521] batman_adv: batadv0: Interface activated: batadv_slave_1
[  151.047951][   T59] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  151.156914][   T59] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  151.170965][   T59] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  151.262605][ T6790] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  151.276009][   T59] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  151.318926][ T6790] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  151.376744][ T6790] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  151.401883][ T5848] syz-executor (5848) used greatest stack depth: 19160 bytes left
[  151.487520][ T6926] bridge0: port 1(bridge_slave_0) entered blocking state
[  151.499481][ T6926] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.508489][ T6926] bridge_slave_0: entered allmulticast mode
[  151.521802][ T6926] bridge_slave_0: entered promiscuous mode
[  151.529923][ T6790] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  151.589248][ T6926] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.603221][ T4062] IPVS: stop unused estimator thread 0...
[  151.617856][ T6926] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.638449][ T6926] bridge_slave_1: entered allmulticast mode
[  151.649088][ T6926] bridge_slave_1: entered promiscuous mode
[  151.662380][ T6976] lo speed is unknown, defaulting to 1000
[  151.795681][ T6926] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  151.826801][ T6926] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  151.847816][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.859208][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.935689][ T6926] team0: Port device team_slave_0 added
[  151.980636][ T4062] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.016147][ T6926] team0: Port device team_slave_1 added
[  152.081527][ T4062] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.155684][ T5868] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  152.172086][ T5868] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  152.182217][ T5868] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  152.190868][ T5868] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  152.201492][ T5868] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  152.227518][ T6926] batman_adv: batadv0: Adding interface: batadv_slave_0
[  152.235868][ T6926] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.265290][ T6926] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  152.308923][ T4062] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.336445][ T3550] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  152.353023][ T6926] batman_adv: batadv0: Adding interface: batadv_slave_1
[  152.360171][ T6926] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.382748][ T3550] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  152.422300][ T6926] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  152.452908][ T5859] Bluetooth: hci2: command tx timeout
[  152.475535][ T6989] lo speed is unknown, defaulting to 1000
[  152.533282][ T4062] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.715585][ T6926] hsr_slave_0: entered promiscuous mode
[  152.722041][ T6926] hsr_slave_1: entered promiscuous mode
[  152.737456][ T6926] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  152.745150][ T6926] Cannot create hsr debugfs directory
[  152.882852][ T7002] FAULT_INJECTION: forcing a failure.
[  152.882852][ T7002] name failslab, interval 1, probability 0, space 0, times 0
[  152.904725][ T7002] CPU: 0 UID: 0 PID: 7002 Comm: syz.0.244 Not tainted 6.16.0-rc5-syzkaller-01461-g511ad4c26446 #0 PREEMPT(full) 
[  152.904752][ T7002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  152.904763][ T7002] Call Trace:
[  152.904770][ T7002]  <TASK>
[  152.904778][ T7002]  dump_stack_lvl+0x189/0x250
[  152.904807][ T7002]  ? __pfx____ratelimit+0x10/0x10
[  152.904832][ T7002]  ? __pfx_dump_stack_lvl+0x10/0x10
[  152.904855][ T7002]  ? __pfx__printk+0x10/0x10
[  152.904888][ T7002]  ? __pfx___might_resched+0x10/0x10
[  152.904916][ T7002]  should_fail_ex+0x414/0x560
[  152.904950][ T7002]  should_failslab+0xa8/0x100
[  152.904976][ T7002]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  152.905000][ T7002]  ? __alloc_skb+0x112/0x2d0
[  152.905031][ T7002]  __alloc_skb+0x112/0x2d0
[  152.905062][ T7002]  netlink_sendmsg+0x5c6/0xb30
[  152.905100][ T7002]  ? __pfx_netlink_sendmsg+0x10/0x10
[  152.905131][ T7002]  ? aa_sock_msg_perm+0x94/0x160
[  152.905161][ T7002]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  152.905200][ T7002]  ? __pfx_netlink_sendmsg+0x10/0x10
[  152.905228][ T7002]  __sock_sendmsg+0x21c/0x270
[  152.905254][ T7002]  __sys_sendto+0x3bd/0x520
[  152.905284][ T7002]  ? __pfx___sys_sendto+0x10/0x10
[  152.905323][ T7002]  ? count_memcg_event_mm+0x21/0x260
[  152.905356][ T7002]  ? exc_page_fault+0x76/0xf0
[  152.905383][ T7002]  ? do_user_addr_fault+0xc8a/0x1390
[  152.905406][ T7002]  __x64_sys_sendto+0xde/0x100
[  152.905436][ T7002]  do_syscall_64+0xfa/0x3b0
[  152.905462][ T7002]  ? lockdep_hardirqs_on+0x9c/0x150
[  152.905486][ T7002]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.905504][ T7002]  ? clear_bhb_loop+0x60/0xb0
[  152.905527][ T7002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.905545][ T7002] RIP: 0033:0x7f3df97907bc
[  152.905562][ T7002] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  152.905577][ T7002] RSP: 002b:00007f3dfa582ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  152.905597][ T7002] RAX: ffffffffffffffda RBX: 00007f3dfa582fc0 RCX: 00007f3df97907bc
[  152.905610][ T7002] RDX: 0000000000000020 RSI: 00007f3dfa583010 RDI: 0000000000000003
[  152.905620][ T7002] RBP: 0000000000000000 R08: 00007f3dfa582f14 R09: 000000000000000c
[  152.905631][ T7002] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  152.905641][ T7002] R13: 00007f3dfa582f68 R14: 00007f3dfa583010 R15: 0000000000000000
[  152.905667][ T7002]  </TASK>
[  153.690582][ T4062] bridge_slave_1: left allmulticast mode
[  153.698978][ T4062] bridge_slave_1: left promiscuous mode
[  153.721201][ T4062] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.721368][ T5868] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  153.738947][ T4062] bridge_slave_0: left allmulticast mode
[  153.744239][ T5868] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  153.747873][ T4062] bridge_slave_0: left promiscuous mode
[  153.759811][ T5868] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  153.762194][ T4062] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.780311][ T5868] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  153.788281][ T5868] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  154.297150][ T5859] Bluetooth: hci1: command tx timeout
[  154.363626][ T4062] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  154.383327][ T4062] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  154.413339][ T4062] bond0 (unregistering): (slave team0): Releasing backup interface
[  154.426784][ T4062] bond0 (unregistering): Released all slaves
[  154.533156][ T5859] Bluetooth: hci2: command tx timeout
[  154.561045][ T6790] 8021q: adding VLAN 0 to HW filter on device bond0
[  154.707586][ T7009] lo speed is unknown, defaulting to 1000
[  154.770788][ T6989] chnl_net:caif_netlink_parms(): no params data found
[  154.797901][ T6790] 8021q: adding VLAN 0 to HW filter on device team0
[  154.954888][ T3550] bridge0: port 1(bridge_slave_0) entered blocking state
[  154.962068][ T3550] bridge0: port 1(bridge_slave_0) entered forwarding state
[  155.042867][ T3550] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.050033][ T3550] bridge0: port 2(bridge_slave_1) entered forwarding state
[  155.170538][ T7028] netlink: 12 bytes leftover after parsing attributes in process `syz.0.250'.
[  155.215705][ T7028] xt_CT: You must specify a L4 protocol and not use inversions on it
[  155.249457][ T4062] hsr_slave_0: left promiscuous mode
[  155.265188][ T4062] hsr_slave_1: left promiscuous mode
[  155.271152][ T4062] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  155.279498][ T4062] batman_adv: batadv0: Removing interface: batadv_slave_0
[  155.290519][ T4062] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  155.298751][ T4062] batman_adv: batadv0: Removing interface: batadv_slave_1
[  155.316801][ T4062] veth1_macvtap: left promiscuous mode
[  155.322387][ T4062] veth0_macvtap: left promiscuous mode
[  155.328181][ T4062] veth1_vlan: left allmulticast mode
[  155.333660][ T4062] veth1_vlan: left promiscuous mode
[  155.338997][ T4062] veth0_vlan: left promiscuous mode
[  155.777212][ T4062] team0 (unregistering): Port device team_slave_1 removed
[  155.813678][ T5859] Bluetooth: hci4: command tx timeout
[  155.820907][ T4062] team0 (unregistering): Port device team_slave_0 removed
[  156.234027][ T6989] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.241185][ T6989] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.265211][ T6989] bridge_slave_0: entered allmulticast mode
[  156.272497][ T6989] bridge_slave_0: entered promiscuous mode
[  156.290935][ T5840] lo speed is unknown, defaulting to 1000
[  156.305048][ T5840] infiniband syz1: ib_query_port failed (-19)
[  156.311998][ T6926] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  156.327671][ T6989] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.336436][ T6989] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.343922][ T6989] bridge_slave_1: entered allmulticast mode
[  156.361241][ T6989] bridge_slave_1: entered promiscuous mode
[  156.373356][ T5859] Bluetooth: hci1: command tx timeout
[  156.408756][ T6926] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  156.420381][ T6926] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  156.497606][ T6926] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  156.518816][ T6989] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  156.533837][ T6989] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  156.614163][ T6989] team0: Port device team_slave_0 added
[  156.650757][ T6989] team0: Port device team_slave_1 added
[  156.682321][ T7009] chnl_net:caif_netlink_parms(): no params data found
[  156.767748][ T6989] batman_adv: batadv0: Adding interface: batadv_slave_0
[  156.779392][ T6989] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.806667][ T6989] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  156.820041][ T6989] batman_adv: batadv0: Adding interface: batadv_slave_1
[  156.828232][ T6989] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.854776][ T6989] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  156.934113][ T4062] IPVS: stop unused estimator thread 0...
[  157.140330][ T6989] hsr_slave_0: entered promiscuous mode
[  157.159885][ T6989] hsr_slave_1: entered promiscuous mode
[  157.221601][ T7050] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  157.221853][ T7009] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.232766][ T7049] IPVS: stopping master sync thread 7050 ...
[  157.273640][ T7009] bridge0: port 1(bridge_slave_0) entered disabled state
[  157.281081][ T7009] bridge_slave_0: entered allmulticast mode
[  157.289757][ T7009] bridge_slave_0: entered promiscuous mode
[  157.309656][ T7009] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.316971][ T7009] bridge0: port 2(bridge_slave_1) entered disabled state
[  157.324463][ T7009] bridge_slave_1: entered allmulticast mode
[  157.332054][ T7009] bridge_slave_1: entered promiscuous mode
[  157.384555][ T4062] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.715868][ T4062] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.802261][ T7009] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  157.820950][ T6790] 8021q: adding VLAN 0 to HW filter on device batadv0
[  157.859508][ T4062] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.893435][ T5859] Bluetooth: hci4: command tx timeout
[  157.899513][ T7009] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  157.995282][ T4062] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.052557][ T7009] team0: Port device team_slave_0 added
[  158.077167][ T7009] team0: Port device team_slave_1 added
[  158.231918][ T7009] batman_adv: batadv0: Adding interface: batadv_slave_0
[  158.240116][ T7009] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.267861][ T7009] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  158.293548][ T7054] macvlan0: entered allmulticast mode
[  158.298983][ T7054] veth1_vlan: entered allmulticast mode
[  158.344092][ T7009] batman_adv: batadv0: Adding interface: batadv_slave_1
[  158.351080][ T7009] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.380270][ T7009] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  158.463223][ T5859] Bluetooth: hci1: command tx timeout
[  158.488004][ T4062] bridge_slave_1: left allmulticast mode
[  158.504059][ T4062] bridge_slave_1: left promiscuous mode
[  158.510130][ T4062] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.521508][ T4062] bridge_slave_0: left allmulticast mode
[  158.527669][ T4062] bridge_slave_0: left promiscuous mode
[  158.534651][ T4062] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.007024][ T4062] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  159.019214][ T4062] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  159.029710][ T4062] bond0 (unregistering): Released all slaves
[  159.078810][ T6926] 8021q: adding VLAN 0 to HW filter on device bond0
[  159.205374][ T7009] hsr_slave_0: entered promiscuous mode
[  159.212379][ T7009] hsr_slave_1: entered promiscuous mode
[  159.219657][ T7009] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  159.230348][ T7009] Cannot create hsr debugfs directory
[  159.329840][ T6790] veth0_vlan: entered promiscuous mode
[  159.391720][ T6926] 8021q: adding VLAN 0 to HW filter on device team0
[  159.544192][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.551388][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  159.577336][ T6790] veth1_vlan: entered promiscuous mode
[  159.605400][ T1101] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.612573][ T1101] bridge0: port 2(bridge_slave_1) entered forwarding state
[  159.649437][ T4062] hsr_slave_0: left promiscuous mode
[  159.656553][ T4062] hsr_slave_1: left promiscuous mode
[  159.662422][ T4062] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  159.675130][ T4062] batman_adv: batadv0: Removing interface: batadv_slave_0
[  159.683800][ T4062] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  159.691238][ T4062] batman_adv: batadv0: Removing interface: batadv_slave_1
[  159.711169][ T4062] veth1_macvtap: left promiscuous mode
[  159.716835][ T4062] veth0_macvtap: left promiscuous mode
[  159.722699][ T4062] veth1_vlan: left promiscuous mode
[  159.730184][ T4062] veth0_vlan: left promiscuous mode
[  159.984647][ T5859] Bluetooth: hci4: command tx timeout
[  160.151101][ T4062] team0 (unregistering): Port device team_slave_1 removed
[  160.187049][ T4062] team0 (unregistering): Port device team_slave_0 removed
[  160.533195][ T5859] Bluetooth: hci1: command tx timeout
[  160.616294][ T7070] mac80211_hwsim hwsim4 syzkaller0: entered promiscuous mode
[  160.624014][ T7070] mac80211_hwsim hwsim4 syzkaller0: entered allmulticast mode
[  160.740317][ T7073] FAULT_INJECTION: forcing a failure.
[  160.740317][ T7073] name failslab, interval 1, probability 0, space 0, times 0
[  160.753407][ T7073] CPU: 0 UID: 0 PID: 7073 Comm: syz.0.259 Not tainted 6.16.0-rc5-syzkaller-01461-g511ad4c26446 #0 PREEMPT(full) 
[  160.753434][ T7073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  160.753446][ T7073] Call Trace:
[  160.753454][ T7073]  <TASK>
[  160.753463][ T7073]  dump_stack_lvl+0x189/0x250
[  160.753504][ T7073]  ? __pfx____ratelimit+0x10/0x10
[  160.753533][ T7073]  ? __pfx_dump_stack_lvl+0x10/0x10
[  160.753557][ T7073]  ? __pfx__printk+0x10/0x10
[  160.753600][ T7073]  ? __pfx___might_resched+0x10/0x10
[  160.753622][ T7073]  ? fs_reclaim_acquire+0x7d/0x100
[  160.753650][ T7073]  should_fail_ex+0x414/0x560
[  160.753682][ T7073]  should_failslab+0xa8/0x100
[  160.753708][ T7073]  __kmalloc_noprof+0xcb/0x4f0
[  160.753730][ T7073]  ? tomoyo_encode+0x28b/0x550
[  160.753752][ T7073]  tomoyo_encode+0x28b/0x550
[  160.753777][ T7073]  tomoyo_realpath_from_path+0x58d/0x5d0
[  160.753799][ T7073]  ? tomoyo_domain+0xd9/0x130
[  160.753824][ T7073]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  160.753849][ T7073]  tomoyo_path_number_perm+0x1e8/0x5a0
[  160.753879][ T7073]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  160.753926][ T7073]  ? __lock_acquire+0xab9/0xd20
[  160.753991][ T7073]  ? __fget_files+0x2a/0x420
[  160.754021][ T7073]  ? __fget_files+0x2a/0x420
[  160.754046][ T7073]  ? __fget_files+0x3a0/0x420
[  160.754070][ T7073]  ? __fget_files+0x2a/0x420
[  160.754102][ T7073]  security_file_ioctl+0xcb/0x2d0
[  160.754131][ T7073]  __se_sys_ioctl+0x47/0x170
[  160.754156][ T7073]  do_syscall_64+0xfa/0x3b0
[  160.754182][ T7073]  ? lockdep_hardirqs_on+0x9c/0x150
[  160.754209][ T7073]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.754229][ T7073]  ? clear_bhb_loop+0x60/0xb0
[  160.754254][ T7073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.754274][ T7073] RIP: 0033:0x7f3df978e929
[  160.754292][ T7073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.754309][ T7073] RSP: 002b:00007f3dfa584038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  160.754330][ T7073] RAX: ffffffffffffffda RBX: 00007f3df99b5fa0 RCX: 00007f3df978e929
[  160.754344][ T7073] RDX: 0000000000000000 RSI: 0000000080047437 RDI: 0000000000000003
[  160.754356][ T7073] RBP: 00007f3dfa584090 R08: 0000000000000000 R09: 0000000000000000
[  160.754368][ T7073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.754379][ T7073] R13: 0000000000000000 R14: 00007f3df99b5fa0 R15: 00007ffcc2c121e8
[  160.754414][ T7073]  </TASK>
[  160.754496][ T7073] ERROR: Out of memory at tomoyo_realpath_from_path.
[  160.829702][ T6790] veth0_macvtap: entered promiscuous mode
[  161.065241][ T6926] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  161.087733][ T7075] mac80211_hwsim hwsim4 syzkaller0: left promiscuous mode
[  161.101077][ T7075] mac80211_hwsim hwsim4 syzkaller0: left allmulticast mode
[  161.113451][ T6790] veth1_macvtap: entered promiscuous mode
[  161.125110][ T6989] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  161.190832][ T6989] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  161.210751][ T6989] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  161.272495][ T6989] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  161.290774][ T6790] batman_adv: batadv0: Interface activated: batadv_slave_0
[  161.358282][ T6790] batman_adv: batadv0: Interface activated: batadv_slave_1
[  161.443696][ T7089] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  161.449266][ T7090] IPVS: stopping master sync thread 7089 ...
[  161.469741][   T59] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  161.491887][   T59] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  161.553634][   T59] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  161.620080][   T59] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  161.667972][ T6926] 8021q: adding VLAN 0 to HW filter on device batadv0
[  161.785582][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  161.798061][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  161.973500][ T7009] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  162.023739][ T6989] 8021q: adding VLAN 0 to HW filter on device bond0
[  162.045882][ T7009] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  162.063460][ T5859] Bluetooth: hci4: command tx timeout
[  162.074140][ T7009] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  162.120674][ T7009] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  162.134713][ T1101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  162.142327][ T6926] veth0_vlan: entered promiscuous mode
[  162.155399][ T1101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  162.166175][ T6989] 8021q: adding VLAN 0 to HW filter on device team0
[  162.211046][ T6926] veth1_vlan: entered promiscuous mode
[  162.231838][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.239041][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  162.306178][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.313461][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  162.551708][ T6926] veth0_macvtap: entered promiscuous mode
[  162.560413][ T7098] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  162.585957][ T7098] netlink: 40 bytes leftover after parsing attributes in process `syz.0.262'.
[  162.591803][ T6926] veth1_macvtap: entered promiscuous mode
[  162.738264][   T59] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.832448][ T7102] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  162.857683][ T7102] mac80211_hwsim hwsim4 syzkaller0: entered promiscuous mode
[  162.892783][ T7102] mac80211_hwsim hwsim4 syzkaller0: entered allmulticast mode
[  162.907931][ T6926] batman_adv: batadv0: Interface activated: batadv_slave_0
[  162.955850][   T59] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.010932][ T6926] batman_adv: batadv0: Interface activated: batadv_slave_1
[  163.047665][ T7009] 8021q: adding VLAN 0 to HW filter on device bond0
[  163.064390][ T7102] netlink: 8 bytes leftover after parsing attributes in process `syz.0.263'.
[  163.073876][ T7103] tipc: Resetting bearer <eth:syzkaller0>
[  163.107206][   T59] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.131925][ T3075] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  163.165429][ T3075] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  163.177795][ T6212] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  163.204346][ T6212] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  163.279995][   T59] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.319002][ T7009] 8021q: adding VLAN 0 to HW filter on device team0
[  163.341325][ T7109] !
: renamed from dummy0 (while UP)
[  163.416040][ T1101] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.423299][ T1101] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.496211][ T6989] 8021q: adding VLAN 0 to HW filter on device batadv0
[  163.539613][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.546825][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  163.717386][ T5868] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  163.731901][ T5868] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  163.742078][ T5868] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  163.769870][ T5868] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  163.778299][ T5868] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  163.796132][ T3075] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  163.814934][ T3075] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  163.907235][ T7009] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  163.937420][ T7009] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  164.123058][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  164.130925][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  164.189870][ T6989] veth0_vlan: entered promiscuous mode
[  164.238429][   T59] bridge_slave_1: left allmulticast mode
[  164.255537][   T59] bridge_slave_1: left promiscuous mode
[  164.276450][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[  164.318566][   T59] bridge_slave_0: left allmulticast mode
[  164.326350][   T59] bridge_slave_0: left promiscuous mode
[  164.333205][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.313952][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  165.387433][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  165.450977][   T59] bond0 (unregistering): Released all slaves
[  165.570813][ T6989] veth1_vlan: entered promiscuous mode
[  165.894053][ T5868] Bluetooth: hci3: command tx timeout
[  166.218458][ T6989] veth0_macvtap: entered promiscuous mode
[  166.229122][ T6989] veth1_macvtap: entered promiscuous mode
[  166.241158][ T7009] 8021q: adding VLAN 0 to HW filter on device batadv0
[  166.358079][   T59] hsr_slave_0: left promiscuous mode
[  166.377283][   T59] hsr_slave_1: left promiscuous mode
[  166.386894][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  166.402756][   T59] batman_adv: batadv0: Removing interface: batadv_slave_0
[  166.410916][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  166.423165][   T59] batman_adv: batadv0: Removing interface: batadv_slave_1
[  166.466568][   T59] veth1_macvtap: left promiscuous mode
[  166.472174][   T59] veth0_macvtap: left promiscuous mode
[  166.482957][   T59] veth1_vlan: left promiscuous mode
[  166.488375][   T59] veth0_vlan: left promiscuous mode
[  167.151190][ T5859] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  167.166929][ T5859] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  167.179067][ T5859] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  167.187887][ T5859] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  167.204755][ T5859] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  167.311717][   T59] team0 (unregistering): Port device team_slave_1 removed
[  167.347595][   T59] team0 (unregistering): Port device team_slave_0 removed
[  167.739812][ T7115] chnl_net:caif_netlink_parms(): no params data found
[  167.881964][ T6989] batman_adv: batadv0: Interface activated: batadv_slave_0
[  167.939611][ T7187] FAULT_INJECTION: forcing a failure.
[  167.939611][ T7187] name failslab, interval 1, probability 0, space 0, times 0
[  167.953814][ T7187] CPU: 0 UID: 0 PID: 7187 Comm: syz.0.266 Not tainted 6.16.0-rc5-syzkaller-01461-g511ad4c26446 #0 PREEMPT(full) 
[  167.953842][ T7187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  167.953853][ T7187] Call Trace:
[  167.953861][ T7187]  <TASK>
[  167.953870][ T7187]  dump_stack_lvl+0x189/0x250
[  167.953899][ T7187]  ? __pfx____ratelimit+0x10/0x10
[  167.953926][ T7187]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.953950][ T7187]  ? __pfx__printk+0x10/0x10
[  167.953983][ T7187]  ? __pfx___might_resched+0x10/0x10
[  167.954005][ T7187]  ? fs_reclaim_acquire+0x7d/0x100
[  167.954037][ T7187]  should_fail_ex+0x414/0x560
[  167.954072][ T7187]  should_failslab+0xa8/0x100
[  167.954099][ T7187]  kmem_cache_alloc_noprof+0x73/0x3c0
[  167.954121][ T7187]  ? alloc_empty_file+0x55/0x1d0
[  167.954153][ T7187]  alloc_empty_file+0x55/0x1d0
[  167.954190][ T7187]  alloc_file_pseudo+0x13d/0x210
[  167.954222][ T7187]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  167.954249][ T7187]  ? do_raw_spin_unlock+0x122/0x240
[  167.954280][ T7187]  ? _raw_spin_unlock+0x28/0x50
[  167.954313][ T7187]  sock_alloc_file+0xb8/0x2e0
[  167.954333][ T7187]  ? __sys_socket+0x12c/0x1b0
[  167.954360][ T7187]  __sys_socket+0x13d/0x1b0
[  167.954390][ T7187]  __x64_sys_socket+0x7a/0x90
[  167.954416][ T7187]  do_syscall_64+0xfa/0x3b0
[  167.954442][ T7187]  ? lockdep_hardirqs_on+0x9c/0x150
[  167.954467][ T7187]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.954486][ T7187]  ? clear_bhb_loop+0x60/0xb0
[  167.954510][ T7187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.954529][ T7187] RIP: 0033:0x7f3df9790847
[  167.954547][ T7187] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.954580][ T7187] RSP: 002b:00007f3dfa582f78 EFLAGS: 00000287 ORIG_RAX: 0000000000000029
[  167.954601][ T7187] RAX: ffffffffffffffda RBX: 00007f3df99b5fa0 RCX: 00007f3df9790847
[  167.954616][ T7187] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  167.954628][ T7187] RBP: 00007f3dfa584090 R08: 0000000000000000 R09: 0000000000000000
[  167.954640][ T7187] R10: 0000000000000000 R11: 0000000000000287 R12: 0000000000000001
[  167.954651][ T7187] R13: 0000000000000000 R14: 00007f3df99b5fa0 R15: 0000000000000000
[  167.954684][ T7187]  </TASK>
[  168.186372][ T5868] Bluetooth: hci3: command tx timeout
[  168.200073][ T6989] batman_adv: batadv0: Interface activated: batadv_slave_1
[  168.270772][ T6212] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  168.333386][   T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  168.357224][ T7115] bridge0: port 1(bridge_slave_0) entered blocking state
[  168.366722][ T7115] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.374186][ T7115] bridge_slave_0: entered allmulticast mode
[  168.381874][ T7115] bridge_slave_0: entered promiscuous mode
[  168.390277][ T7115] bridge0: port 2(bridge_slave_1) entered blocking state
[  168.397662][ T7115] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.409330][ T7115] bridge_slave_1: entered allmulticast mode
[  168.418013][ T7115] bridge_slave_1: entered promiscuous mode
[  168.455907][   T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  168.467795][   T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  168.494441][ T7115] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  168.506726][ T7115] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  168.594862][ T7115] team0: Port device team_slave_0 added
[  168.606497][ T7115] team0: Port device team_slave_1 added
[  168.729675][ T7194] team_slave_0: entered promiscuous mode
[  168.735531][ T7194] team_slave_1: entered promiscuous mode
[  168.741801][ T7194] vlan2: entered promiscuous mode
[  168.746944][ T7194] team0: entered promiscuous mode
[  168.768265][ T7115] batman_adv: batadv0: Adding interface: batadv_slave_0
[  168.775817][ T7115] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  168.802085][ T7115] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  168.815676][ T7115] batman_adv: batadv0: Adding interface: batadv_slave_1
[  168.822864][ T7115] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  168.848880][ T7115] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  168.888303][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  168.907631][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  169.019881][   T59] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.116424][   T59] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.156291][ T7115] hsr_slave_0: entered promiscuous mode
[  169.162802][ T7115] hsr_slave_1: entered promiscuous mode
[  169.169034][ T7115] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  169.176919][ T7115] Cannot create hsr debugfs directory
[  169.227311][ T7181] chnl_net:caif_netlink_parms(): no params data found
[  169.260967][   T59] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.263055][ T5868] Bluetooth: hci2: command tx timeout
[  169.289807][ T7159] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  169.309181][ T7159] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  169.326250][ T7009] veth0_vlan: entered promiscuous mode
[  169.385174][   T59] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.421891][ T7009] veth1_vlan: entered promiscuous mode
[  169.457368][ T7203] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  169.463259][ T7202] IPVS: stopping master sync thread 7203 ...
[  170.131741][ T7009] veth0_macvtap: entered promiscuous mode
[  170.163640][ T7181] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.202957][ T7181] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.210272][ T7181] bridge_slave_0: entered allmulticast mode
[  170.225648][ T5868] Bluetooth: hci3: command tx timeout
[  170.233896][ T7181] bridge_slave_0: entered promiscuous mode
[  170.258186][ T7181] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.265701][ T7181] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.287998][ T7181] bridge_slave_1: entered allmulticast mode
[  170.307670][ T7181] bridge_slave_1: entered promiscuous mode
[  170.406894][ T7009] veth1_macvtap: entered promiscuous mode
[  170.518185][ T7181] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  170.611747][ T7181] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  170.647511][ T7009] batman_adv: batadv0: Interface activated: batadv_slave_0
[  170.677006][   T59] bridge_slave_1: left allmulticast mode
[  170.693801][   T59] bridge_slave_1: left promiscuous mode
[  170.703172][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.722801][   T59] bridge_slave_0: left allmulticast mode
[  170.728519][   T59] bridge_slave_0: left promiscuous mode
[  170.744662][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.772452][ T7211] netlink: 'syz.0.270': attribute type 1 has an invalid length.
[  170.786416][ T7211] netlink: 144 bytes leftover after parsing attributes in process `syz.0.270'.
[  170.798501][ T7211] netlink: 'syz.0.270': attribute type 1 has an invalid length.
[  170.811243][ T7211] netlink: 76 bytes leftover after parsing attributes in process `syz.0.270'.
[  170.917970][ T5859] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  170.927238][ T5859] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  170.935716][ T5859] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  170.946793][ T5859] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  170.954728][ T5859] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  171.214061][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  171.227161][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  171.237457][   T59] bond0 (unregistering): Released all slaves
[  171.271290][ T7009] batman_adv: batadv0: Interface activated: batadv_slave_1
[  171.343942][ T5868] Bluetooth: hci2: command tx timeout
[  171.369356][ T7181] team0: Port device team_slave_0 added
[  171.404579][ T3550] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  171.414687][ T3550] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  171.469294][ T7181] team0: Port device team_slave_1 added
[  171.481071][ T3550] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  171.490640][ T3550] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  171.565985][ T7215] mac80211_hwsim hwsim4 syzkaller0: left promiscuous mode
[  171.579219][ T7215] mac80211_hwsim hwsim4 syzkaller0: left allmulticast mode
[  171.627224][ T7181] batman_adv: batadv0: Adding interface: batadv_slave_0
[  171.634319][ T7181] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.667169][ T7181] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  171.681107][ T7181] batman_adv: batadv0: Adding interface: batadv_slave_1
[  171.692723][ T7181] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.725483][ T7181] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  171.808218][   T59] hsr_slave_0: left promiscuous mode
[  171.815047][   T59] hsr_slave_1: left promiscuous mode
[  171.820945][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  171.831695][   T59] batman_adv: batadv0: Removing interface: batadv_slave_0
[  171.840270][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  171.841310][ T7219] netlink: 8 bytes leftover after parsing attributes in process `syz.0.272'.
[  171.848187][   T59] batman_adv: batadv0: Removing interface: batadv_slave_1
[  171.862088][ T7219] openvswitch: netlink: nsh attribute has 2338 unknown bytes.
[  171.872006][ T7219] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  171.912160][   T59] veth1_macvtap: left promiscuous mode
[  171.918538][   T59] veth0_macvtap: left promiscuous mode
[  171.925749][   T59] veth1_vlan: left promiscuous mode
[  171.931231][   T59] veth0_vlan: left promiscuous mode
[  172.293608][ T5868] Bluetooth: hci3: command tx timeout
[  172.366029][   T59] team0 (unregistering): Port device team_slave_1 removed
[  172.407239][   T59] team0 (unregistering): Port device team_slave_0 removed
[  172.824154][ T7181] hsr_slave_0: entered promiscuous mode
[  172.830962][ T7181] hsr_slave_1: entered promiscuous mode
[  172.838025][ T7181] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  172.845763][ T7181] Cannot create hsr debugfs directory
[  173.003236][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  173.011438][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  173.019407][ T5868] Bluetooth: hci1: command tx timeout
[  173.134637][ T7115] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  173.157620][ T7115] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  173.198926][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  173.200707][ T7115] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  173.212754][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  173.251000][ T7115] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  173.418686][ T5868] Bluetooth: hci2: command tx timeout
[  173.480369][   T49] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.614846][   T49] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.671675][ T7212] chnl_net:caif_netlink_parms(): no params data found
[  173.846786][   T49] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.977986][   T49] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.000779][ T7115] 8021q: adding VLAN 0 to HW filter on device bond0
[  174.008761][ T7212] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.017485][ T7212] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.029786][ T7212] bridge_slave_0: entered allmulticast mode
[  174.038816][ T7212] bridge_slave_0: entered promiscuous mode
[  174.048271][ T7212] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.057780][ T7212] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.067090][ T7212] bridge_slave_1: entered allmulticast mode
[  174.075034][ T7212] bridge_slave_1: entered promiscuous mode
[  174.159973][ T7212] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  174.174914][ T7212] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  174.219993][ T7181] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  174.243893][ T7212] team0: Port device team_slave_0 added
[  174.255355][ T7181] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  174.276867][ T7212] team0: Port device team_slave_1 added
[  174.286869][ T7181] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  174.297740][ T7181] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  174.406501][ T7212] batman_adv: batadv0: Adding interface: batadv_slave_0
[  174.423072][ T7212] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  174.450632][ T7212] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  174.495668][ T7115] 8021q: adding VLAN 0 to HW filter on device team0
[  174.512135][ T7240] vlan2: entered promiscuous mode
[  174.522608][ T7240] bridge0: entered promiscuous mode
[  174.528815][ T7240] vlan2: entered allmulticast mode
[  174.544615][ T7240] bridge0: entered allmulticast mode
[  174.552169][ T7212] batman_adv: batadv0: Adding interface: batadv_slave_1
[  174.572718][ T7212] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  174.633147][ T7212] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  174.741068][ T7250] netlink: 24 bytes leftover after parsing attributes in process `syz.0.277'.
[  174.828022][   T49] bridge_slave_1: left allmulticast mode
[  174.834215][   T49] bridge_slave_1: left promiscuous mode
[  174.835997][ T5859] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  174.840034][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.849003][ T5859] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  174.863724][ T5859] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  174.864616][   T49] bridge_slave_0: left allmulticast mode
[  174.872105][ T5859] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  174.884511][ T5859] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  174.885546][   T49] bridge_slave_0: left promiscuous mode
[  174.898363][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.937164][ T7254] netlink: 4 bytes leftover after parsing attributes in process `syz.0.277'.
[  175.095047][ T5868] Bluetooth: hci1: command tx timeout
[  175.228936][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  175.239925][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  175.250422][   T49] bond0 (unregistering): Released all slaves
[  175.274819][ T7212] hsr_slave_0: entered promiscuous mode
[  175.281283][ T7212] hsr_slave_1: entered promiscuous mode
[  175.288424][ T7212] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  175.296103][ T7212] Cannot create hsr debugfs directory
[  175.360989][ T1101] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.368254][ T1101] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.469439][ T3550] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.476753][ T3550] bridge0: port 2(bridge_slave_1) entered forwarding state
[  175.500699][ T5868] Bluetooth: hci2: command tx timeout
[  175.730274][   T49] hsr_slave_0: left promiscuous mode
[  175.736403][   T49] hsr_slave_1: left promiscuous mode
[  175.742267][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  175.750220][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  175.758292][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  175.765882][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  175.787191][   T49] veth1_macvtap: left promiscuous mode
[  175.792838][   T49] veth0_macvtap: left promiscuous mode
[  175.798545][   T49] veth1_vlan: left promiscuous mode
[  175.803981][   T49] veth0_vlan: left promiscuous mode
[  176.248784][   T49] team0 (unregistering): Port device team_slave_1 removed
[  176.285387][   T49] team0 (unregistering): Port device team_slave_0 removed
[  176.683525][ T7259] gretap0: entered promiscuous mode
[  176.689286][ T7259] vlan3: entered promiscuous mode
[  176.841561][ T7261] FAULT_INJECTION: forcing a failure.
[  176.841561][ T7261] name failslab, interval 1, probability 0, space 0, times 0
[  176.855383][ T7261] CPU: 0 UID: 0 PID: 7261 Comm: syz.0.280 Not tainted 6.16.0-rc5-syzkaller-01461-g511ad4c26446 #0 PREEMPT(full) 
[  176.855412][ T7261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  176.855425][ T7261] Call Trace:
[  176.855437][ T7261]  <TASK>
[  176.855446][ T7261]  dump_stack_lvl+0x189/0x250
[  176.855481][ T7261]  ? __pfx____ratelimit+0x10/0x10
[  176.855510][ T7261]  ? __pfx_dump_stack_lvl+0x10/0x10
[  176.855535][ T7261]  ? __pfx__printk+0x10/0x10
[  176.855571][ T7261]  ? __pfx___might_resched+0x10/0x10
[  176.855599][ T7261]  ? fs_reclaim_acquire+0x7d/0x100
[  176.855634][ T7261]  should_fail_ex+0x414/0x560
[  176.855669][ T7261]  ? rhashtable_init_noprof+0x4ee/0xbb0
[  176.855693][ T7261]  should_failslab+0xa8/0x100
[  176.855721][ T7261]  __kvmalloc_node_noprof+0x161/0x5f0
[  176.855748][ T7261]  ? rhashtable_init_noprof+0x4ee/0xbb0
[  176.855776][ T7261]  rhashtable_init_noprof+0x4ee/0xbb0
[  176.855805][ T7261]  rhltable_init_noprof+0x1e/0x60
[  176.855828][ T7261]  nf_tables_newtable+0x68f/0x1890
[  176.855888][ T7261]  nfnetlink_rcv+0x112f/0x2520
[  176.855949][ T7261]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  176.855996][ T7261]  ? ref_tracker_free+0x63a/0x7d0
[  176.856065][ T7261]  ? __netlink_deliver_tap+0x807/0x850
[  176.856106][ T7261]  ? netlink_deliver_tap+0x2e/0x1b0
[  176.856145][ T7261]  ? netlink_deliver_tap+0x2e/0x1b0
[  176.856181][ T7261]  netlink_unicast+0x759/0x8e0
[  176.856221][ T7261]  netlink_sendmsg+0x805/0xb30
[  176.856263][ T7261]  ? __pfx_netlink_sendmsg+0x10/0x10
[  176.856296][ T7261]  ? aa_sock_msg_perm+0x94/0x160
[  176.856341][ T7261]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  176.856371][ T7261]  ? __pfx_netlink_sendmsg+0x10/0x10
[  176.856412][ T7261]  __sock_sendmsg+0x21c/0x270
[  176.856441][ T7261]  ____sys_sendmsg+0x505/0x830
[  176.856480][ T7261]  ? __pfx_____sys_sendmsg+0x10/0x10
[  176.856535][ T7261]  ? import_iovec+0x74/0xa0
[  176.856565][ T7261]  ___sys_sendmsg+0x21f/0x2a0
[  176.856588][ T7261]  ? __pfx____sys_sendmsg+0x10/0x10
[  176.856654][ T7261]  ? __fget_files+0x2a/0x420
[  176.856681][ T7261]  ? __fget_files+0x3a0/0x420
[  176.856722][ T7261]  __x64_sys_sendmsg+0x19b/0x260
[  176.856745][ T7261]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  176.856779][ T7261]  ? __pfx_ksys_write+0x10/0x10
[  176.856799][ T7261]  ? rcu_is_watching+0x15/0xb0
[  176.856847][ T7261]  ? do_syscall_64+0xbe/0x3b0
[  176.856881][ T7261]  do_syscall_64+0xfa/0x3b0
[  176.856908][ T7261]  ? lockdep_hardirqs_on+0x9c/0x150
[  176.856935][ T7261]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.856955][ T7261]  ? clear_bhb_loop+0x60/0xb0
[  176.856981][ T7261]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.857001][ T7261] RIP: 0033:0x7f3df978e929
[  176.857025][ T7261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.857043][ T7261] RSP: 002b:00007f3dfa584038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  176.857065][ T7261] RAX: ffffffffffffffda RBX: 00007f3df99b5fa0 RCX: 00007f3df978e929
[  176.857080][ T7261] RDX: 0000000000000000 RSI: 000020000000c2c0 RDI: 0000000000000003
[  176.857093][ T7261] RBP: 00007f3dfa584090 R08: 0000000000000000 R09: 0000000000000000
[  176.857106][ T7261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.857118][ T7261] R13: 0000000000000000 R14: 00007f3df99b5fa0 R15: 00007ffcc2c121e8
[  176.857163][ T7261]  </TASK>
[  176.888427][ T7115] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  176.959757][ T5868] Bluetooth: hci4: command tx timeout
[  176.965457][ T7115] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  177.175679][ T5868] Bluetooth: hci1: command tx timeout
[  177.469832][ T7181] 8021q: adding VLAN 0 to HW filter on device bond0
[  177.677704][ T7181] 8021q: adding VLAN 0 to HW filter on device team0
[  177.718250][ T7115] 8021q: adding VLAN 0 to HW filter on device batadv0
[  177.752545][ T7251] chnl_net:caif_netlink_parms(): no params data found
[  177.864464][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.871619][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  177.885306][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.892504][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  177.925018][   T49] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.969538][ T7281] netlink: 28 bytes leftover after parsing attributes in process `syz.0.285'.
[  177.978849][ T7281] netlink: 28 bytes leftover after parsing attributes in process `syz.0.285'.
[  178.025192][   T49] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.107934][ T7251] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.115929][ T7251] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.123637][ T7251] bridge_slave_0: entered allmulticast mode
[  178.132522][ T7251] bridge_slave_0: entered promiscuous mode
[  178.144571][ T7251] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.151731][ T7251] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.159983][ T7251] bridge_slave_1: entered allmulticast mode
[  178.168434][ T7251] bridge_slave_1: entered promiscuous mode
[  178.205353][   T49] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.214019][ T7288] netlink: 12 bytes leftover after parsing attributes in process `syz.0.286'.
[  178.233895][ T7288] netlink: 12 bytes leftover after parsing attributes in process `syz.0.286'.
[  178.295347][ T7212] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  178.340443][   T49] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.365392][ T7251] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  178.378440][ T7251] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  178.389942][ T7212] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  178.402215][ T7212] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  178.465959][ T7291] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  178.473868][ T7291] batman_adv: batadv0: Removing interface: batadv_slave_0
[  178.482131][ T7291] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  178.490210][ T7291] batman_adv: batadv0: Removing interface: batadv_slave_1
[  178.525761][ T7212] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  178.560200][ T7251] team0: Port device team_slave_0 added
[  178.588156][ T7251] team0: Port device team_slave_1 added
[  178.660645][ T7299] FAULT_INJECTION: forcing a failure.
[  178.660645][ T7299] name failslab, interval 1, probability 0, space 0, times 0
[  178.675136][ T7115] veth0_vlan: entered promiscuous mode
[  178.681117][ T7299] CPU: 0 UID: 0 PID: 7299 Comm: syz.0.288 Not tainted 6.16.0-rc5-syzkaller-01461-g511ad4c26446 #0 PREEMPT(full) 
[  178.681144][ T7299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  178.681158][ T7299] Call Trace:
[  178.681165][ T7299]  <TASK>
[  178.681173][ T7299]  dump_stack_lvl+0x189/0x250
[  178.681204][ T7299]  ? __pfx____ratelimit+0x10/0x10
[  178.681229][ T7299]  ? __pfx_dump_stack_lvl+0x10/0x10
[  178.681250][ T7299]  ? __pfx__printk+0x10/0x10
[  178.681279][ T7299]  ? __pfx___might_resched+0x10/0x10
[  178.681303][ T7299]  should_fail_ex+0x414/0x560
[  178.681331][ T7299]  ? hash_ip_create+0x78d/0x1410
[  178.681353][ T7299]  should_failslab+0xa8/0x100
[  178.681382][ T7299]  __kvmalloc_node_noprof+0x161/0x5f0
[  178.681405][ T7299]  ? hash_ip_create+0x78d/0x1410
[  178.681426][ T7299]  ? hash_ip_create+0x6d5/0x1410
[  178.681455][ T7299]  hash_ip_create+0x78d/0x1410
[  178.681481][ T7299]  ? __lock_acquire+0xab9/0xd20
[  178.681517][ T7299]  ? __pfx_hash_ip_create+0x10/0x10
[  178.681547][ T7299]  ? __nla_parse+0x40/0x60
[  178.681566][ T7299]  ? __pfx_hash_ip_create+0x10/0x10
[  178.681596][ T7299]  ip_set_create+0xa94/0x1940
[  178.681618][ T7299]  ? ip_set_create+0x4a2/0x1940
[  178.681652][ T7299]  ? __pfx_ip_set_create+0x10/0x10
[  178.681716][ T7299]  nfnetlink_rcv_msg+0xb4d/0x1130
[  178.681742][ T7299]  ? nfnetlink_rcv_msg+0x20d/0x1130
[  178.681789][ T7299]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  178.681810][ T7299]  ? kasan_save_free_info+0x46/0x50
[  178.681921][ T7299]  netlink_rcv_skb+0x205/0x470
[  178.681951][ T7299]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  178.681983][ T7299]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  178.682025][ T7299]  ? bpf_lsm_capable+0x9/0x20
[  178.682048][ T7299]  ? security_capable+0x7e/0x2e0
[  178.682082][ T7299]  nfnetlink_rcv+0x26a/0x2520
[  178.682104][ T7299]  ? __dev_queue_xmit+0x1d79/0x3b50
[  178.682131][ T7299]  ? __dev_queue_xmit+0x27b/0x3b50
[  178.682148][ T7299]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.682173][ T7299]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  178.682192][ T7299]  ? __pfx___dev_queue_xmit+0x10/0x10
[  178.682225][ T7299]  ? ref_tracker_free+0x63a/0x7d0
[  178.682249][ T7299]  ? __copy_skb_header+0xa7/0x550
[  178.682267][ T7299]  ? __pfx_ref_tracker_free+0x10/0x10
[  178.682292][ T7299]  ? __skb_clone+0x63/0x7a0
[  178.682311][ T7299]  ? __skb_clone+0x483/0x7a0
[  178.682334][ T7299]  ? skb_clone+0x246/0x3a0
[  178.682354][ T7299]  ? __netlink_deliver_tap+0x807/0x850
[  178.682379][ T7299]  ? netlink_deliver_tap+0x2e/0x1b0
[  178.682411][ T7299]  ? netlink_deliver_tap+0x2e/0x1b0
[  178.682432][ T7299]  ? netlink_deliver_tap+0x2e/0x1b0
[  178.682460][ T7299]  netlink_unicast+0x759/0x8e0
[  178.682494][ T7299]  netlink_sendmsg+0x805/0xb30
[  178.682526][ T7299]  ? __pfx_netlink_sendmsg+0x10/0x10
[  178.682552][ T7299]  ? aa_sock_msg_perm+0x94/0x160
[  178.682579][ T7299]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  178.682604][ T7299]  ? __pfx_netlink_sendmsg+0x10/0x10
[  178.682634][ T7299]  __sock_sendmsg+0x21c/0x270
[  178.682666][ T7299]  ____sys_sendmsg+0x505/0x830
[  178.682704][ T7299]  ? __pfx_____sys_sendmsg+0x10/0x10
[  178.682747][ T7299]  ? import_iovec+0x74/0xa0
[  178.682776][ T7299]  ___sys_sendmsg+0x21f/0x2a0
[  178.682798][ T7299]  ? __pfx____sys_sendmsg+0x10/0x10
[  178.682863][ T7299]  ? __fget_files+0x2a/0x420
[  178.682889][ T7299]  ? __fget_files+0x3a0/0x420
[  178.682929][ T7299]  __x64_sys_sendmsg+0x19b/0x260
[  178.682953][ T7299]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  178.682996][ T7299]  ? __pfx_ksys_write+0x10/0x10
[  178.683017][ T7299]  ? rcu_is_watching+0x15/0xb0
[  178.683047][ T7299]  ? do_syscall_64+0xbe/0x3b0
[  178.683081][ T7299]  do_syscall_64+0xfa/0x3b0
[  178.683108][ T7299]  ? lockdep_hardirqs_on+0x9c/0x150
[  178.683131][ T7299]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.683150][ T7299]  ? clear_bhb_loop+0x60/0xb0
[  178.683175][ T7299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.683196][ T7299] RIP: 0033:0x7f3df978e929
[  178.683216][ T7299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.683233][ T7299] RSP: 002b:00007f3dfa584038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  178.683255][ T7299] RAX: ffffffffffffffda RBX: 00007f3df99b5fa0 RCX: 00007f3df978e929
[  178.683270][ T7299] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  178.683283][ T7299] RBP: 00007f3dfa584090 R08: 0000000000000000 R09: 0000000000000000
[  178.683296][ T7299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  178.683308][ T7299] R13: 0000000000000000 R14: 00007f3df99b5fa0 R15: 00007ffcc2c121e8
[  178.683342][ T7299]  </TASK>
[  179.129695][ T5868] Bluetooth: hci4: command tx timeout
[  179.143405][ T7251] batman_adv: batadv0: Adding interface: batadv_slave_0
[  179.151040][ T7251] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  179.180163][ T7251] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  179.197058][   T49] bridge_slave_1: left allmulticast mode
[  179.203527][   T49] bridge_slave_1: left promiscuous mode
[  179.209346][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.222123][   T49] bridge_slave_0: left allmulticast mode
[  179.235925][   T49] bridge_slave_0: left promiscuous mode
[  179.241810][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.255603][ T5868] Bluetooth: hci1: command tx timeout
[  179.617776][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  179.629598][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  179.642306][   T49] bond0 (unregistering): Released all slaves
[  179.660860][ T7251] batman_adv: batadv0: Adding interface: batadv_slave_1
[  179.672006][ T7251] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  179.698334][ T7251] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  179.832635][ T7115] veth1_vlan: entered promiscuous mode
[  179.999769][ T7251] hsr_slave_0: entered promiscuous mode
[  180.011691][ T7251] hsr_slave_1: entered promiscuous mode
[  180.179407][ T7309] vlan3: entered promiscuous mode
[  180.216496][   T49] hsr_slave_0: left promiscuous mode
[  180.222423][   T49] hsr_slave_1: left promiscuous mode
[  180.229747][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  180.237442][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  180.246563][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  180.254762][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  180.285137][   T49] veth1_macvtap: left promiscuous mode
[  180.290834][   T49] veth0_macvtap: left promiscuous mode
[  180.297820][   T49] veth1_vlan: left promiscuous mode
[  180.304245][   T49] veth0_vlan: left promiscuous mode
[  180.739764][   T49] team0 (unregistering): Port device team_slave_1 removed
[  180.788116][   T49] team0 (unregistering): Port device team_slave_0 removed
[  181.172917][ T5868] Bluetooth: hci4: command tx timeout
[  181.220526][ T7115] veth0_macvtap: entered promiscuous mode
[  181.252431][ T7115] veth1_macvtap: entered promiscuous mode
[  181.381962][ T7181] 8021q: adding VLAN 0 to HW filter on device batadv0
[  181.396436][ T7314] netlink: 160 bytes leftover after parsing attributes in process `syz.0.292'.
[  181.429762][ T7115] batman_adv: batadv0: Interface activated: batadv_slave_0
[  181.503516][ T7115] batman_adv: batadv0: Interface activated: batadv_slave_1
[  181.579258][   T59] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  181.621676][   T59] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  181.633909][   T59] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  181.646016][   T59] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  181.674345][ T7212] 8021q: adding VLAN 0 to HW filter on device bond0
[  181.685484][ T7181] veth0_vlan: entered promiscuous mode
[  181.691820][ T7319] netlink: 'syz.0.294': attribute type 9 has an invalid length.
[  181.704331][ T7181] veth1_vlan: entered promiscuous mode
[  181.857244][ T7181] veth0_macvtap: entered promiscuous mode
[  181.863493][ T1101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  181.871450][ T1101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  181.877135][ T7181] veth1_macvtap: entered promiscuous mode
[  181.895746][ T7212] 8021q: adding VLAN 0 to HW filter on device team0
[  181.993693][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  182.000859][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  182.026961][ T7181] batman_adv: batadv0: Interface activated: batadv_slave_0
[  182.064905][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  182.072055][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  182.095185][ T6212] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  182.116200][ T6212] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  182.130804][ T7181] batman_adv: batadv0: Interface activated: batadv_slave_1
[  182.211262][ T6212] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.291804][ T6212] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.306220][ T6212] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.355610][ T6212] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  182.366357][ T7322] netlink: 'syz.0.295': attribute type 2 has an invalid length.
[  182.410682][ T7322] FAULT_INJECTION: forcing a failure.
[  182.410682][ T7322] name failslab, interval 1, probability 0, space 0, times 0
[  182.426238][ T7322] CPU: 0 UID: 0 PID: 7322 Comm: syz.0.295 Not tainted 6.16.0-rc5-syzkaller-01461-g511ad4c26446 #0 PREEMPT(full) 
[  182.426260][ T7322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  182.426270][ T7322] Call Trace:
[  182.426276][ T7322]  <TASK>
[  182.426282][ T7322]  dump_stack_lvl+0x189/0x250
[  182.426305][ T7322]  ? __pfx____ratelimit+0x10/0x10
[  182.426326][ T7322]  ? __pfx_dump_stack_lvl+0x10/0x10
[  182.426343][ T7322]  ? __pfx__printk+0x10/0x10
[  182.426369][ T7322]  ? __pfx___might_resched+0x10/0x10
[  182.426386][ T7322]  ? fs_reclaim_acquire+0x7d/0x100
[  182.426411][ T7322]  should_fail_ex+0x414/0x560
[  182.426437][ T7322]  should_failslab+0xa8/0x100
[  182.426458][ T7322]  __kmalloc_noprof+0xcb/0x4f0
[  182.426475][ T7322]  ? fib_trie_table+0x33/0x1d0
[  182.426502][ T7322]  fib_trie_table+0x33/0x1d0
[  182.426526][ T7322]  fib_new_table+0x135/0x2d0
[  182.426544][ T7322]  fib_magic+0x24f/0x390
[  182.426559][ T7322]  ? __lock_acquire+0xab9/0xd20
[  182.426578][ T7322]  ? __pfx_fib_magic+0x10/0x10
[  182.426608][ T7322]  ? addr_event+0x83/0x470
[  182.426626][ T7322]  fib_add_ifaddr+0x144/0x5f0
[  182.426657][ T7322]  fib_inetaddr_event+0x12e/0x190
[  182.426677][ T7322]  notifier_call_chain+0x1b3/0x3e0
[  182.426702][ T7322]  blocking_notifier_call_chain+0x6a/0x90
[  182.426723][ T7322]  __inet_insert_ifa+0xa13/0xbf0
[  182.426752][ T7322]  ? __pfx___inet_insert_ifa+0x10/0x10
[  182.426778][ T7322]  inet_rtm_newaddr+0xf3a/0x18b0
[  182.426802][ T7322]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  182.426833][ T7322]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  182.426847][ T7322]  rtnetlink_rcv_msg+0x7cc/0xb70
[  182.426871][ T7322]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  182.426890][ T7322]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  182.426927][ T7322]  netlink_rcv_skb+0x205/0x470
[  182.426949][ T7322]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  182.426970][ T7322]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  182.427015][ T7322]  ? netlink_deliver_tap+0x2e/0x1b0
[  182.427042][ T7322]  ? netlink_deliver_tap+0x2e/0x1b0
[  182.427077][ T7322]  netlink_unicast+0x759/0x8e0
[  182.427115][ T7322]  netlink_sendmsg+0x805/0xb30
[  182.427155][ T7322]  ? __pfx_netlink_sendmsg+0x10/0x10
[  182.427189][ T7322]  ? aa_sock_msg_perm+0x94/0x160
[  182.427219][ T7322]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  182.427248][ T7322]  ? __pfx_netlink_sendmsg+0x10/0x10
[  182.427277][ T7322]  __sock_sendmsg+0x21c/0x270
[  182.427305][ T7322]  ____sys_sendmsg+0x505/0x830
[  182.427342][ T7322]  ? __pfx_____sys_sendmsg+0x10/0x10
[  182.427385][ T7322]  ? import_iovec+0x74/0xa0
[  182.427410][ T7322]  ___sys_sendmsg+0x21f/0x2a0
[  182.427426][ T7322]  ? __pfx____sys_sendmsg+0x10/0x10
[  182.427471][ T7322]  ? __fget_files+0x2a/0x420
[  182.427490][ T7322]  ? __fget_files+0x3a0/0x420
[  182.427519][ T7322]  __x64_sys_sendmsg+0x19b/0x260
[  182.427536][ T7322]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  182.427558][ T7322]  ? __pfx_ksys_write+0x10/0x10
[  182.427573][ T7322]  ? rcu_is_watching+0x15/0xb0
[  182.427596][ T7322]  ? do_syscall_64+0xbe/0x3b0
[  182.427620][ T7322]  do_syscall_64+0xfa/0x3b0
[  182.427639][ T7322]  ? lockdep_hardirqs_on+0x9c/0x150
[  182.427681][ T7322]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.427696][ T7322]  ? clear_bhb_loop+0x60/0xb0
[  182.427715][ T7322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.427729][ T7322] RIP: 0033:0x7f3df978e929
[  182.427743][ T7322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.427756][ T7322] RSP: 002b:00007f3dfa584038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  182.427772][ T7322] RAX: ffffffffffffffda RBX: 00007f3df99b5fa0 RCX: 00007f3df978e929
[  182.427783][ T7322] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000004
[  182.427792][ T7322] RBP: 00007f3dfa584090 R08: 0000000000000000 R09: 0000000000000000
[  182.427801][ T7322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.427810][ T7322] R13: 0000000000000000 R14: 00007f3df99b5fa0 R15: 00007ffcc2c121e8
[  182.427834][ T7322]  </TASK>
[  182.920613][ T7251] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  182.980871][ T7251] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  183.223896][ T7251] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  183.253173][ T5868] Bluetooth: hci4: command tx timeout
[  183.311125][ T3550] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.311583][ T7251] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  183.342997][ T3550] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.576535][ T1101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.612455][ T1101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.698282][ T7212] 8021q: adding VLAN 0 to HW filter on device batadv0
[  184.059251][ T6212] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.098097][ T5859] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  184.125356][ T5859] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  184.133952][ T5859] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  184.145247][ T5859] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  184.178810][ T5859] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  184.254037][ T6212] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.431284][ T6212] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.652905][ T6212] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.776874][ T7212] veth0_vlan: entered promiscuous mode
[  184.865239][ T7212] veth1_vlan: entered promiscuous mode
[  185.106595][ T5859] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  185.116113][ T5859] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  185.130436][ T5859] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  185.140041][ T7251] 8021q: adding VLAN 0 to HW filter on device bond0
[  185.163433][ T5859] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  185.172264][ T5859] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  185.355518][ T7212] veth0_macvtap: entered promiscuous mode
[  185.446221][ T7251] 8021q: adding VLAN 0 to HW filter on device team0
[  185.471561][ T7212] veth1_macvtap: entered promiscuous mode
[  185.701008][ T6212] bridge_slave_1: left allmulticast mode
[  185.716107][ T6212] bridge_slave_1: left promiscuous mode
[  185.721941][ T6212] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.764360][ T6212] bridge_slave_0: left allmulticast mode
[  185.770063][ T6212] bridge_slave_0: left promiscuous mode
[  185.793193][ T6212] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.226839][ T5859] Bluetooth: hci2: command tx timeout
[  186.763430][ T6212] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  186.783424][ T6212] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  186.809294][ T6212] bond0 (unregistering): Released all slaves
[  186.869452][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.876684][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  186.914752][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.921956][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  187.189743][ T7212] batman_adv: batadv0: Interface activated: batadv_slave_0
[  187.202365][ T7212] batman_adv: batadv0: Interface activated: batadv_slave_1
[  187.251778][   T59] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  187.264566][   T59] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  187.277128][   T59] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  187.287115][   T59] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  187.296067][ T5859] Bluetooth: hci3: command tx timeout
[  187.475289][ T7358] chnl_net:caif_netlink_parms(): no params data found
[  187.690586][ T6212] hsr_slave_0: left promiscuous mode
[  187.709904][ T6212] hsr_slave_1: left promiscuous mode
[  187.719086][ T6212] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  187.738305][ T6212] batman_adv: batadv0: Removing interface: batadv_slave_0
[  187.746847][ T6212] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  187.759554][ T6212] batman_adv: batadv0: Removing interface: batadv_slave_1
[  187.794619][ T6212] veth1_macvtap: left promiscuous mode
[  187.800227][ T6212] veth0_macvtap: left promiscuous mode
[  187.817178][ T6212] veth1_vlan: left promiscuous mode
[  187.822705][ T6212] veth0_vlan: left promiscuous mode
[  188.293382][ T5859] Bluetooth: hci2: command tx timeout
[  188.689660][ T6212] team0 (unregistering): Port device team_slave_1 removed
[  188.935427][ T6212] team0 (unregistering): Port device team_slave_0 removed
[  189.332859][ T5859] Bluetooth: hci3: command tx timeout
[  189.638148][ T7367] Set syz1 is full, maxelem 65536 reached
[  189.751620][ T7411] netlink: 'syz.0.300': attribute type 1 has an invalid length.
[  189.779888][ T7411] 8021q: adding VLAN 0 to HW filter on device bond2
[  189.860245][ T7413] bond2: (slave ip6gretap1): making interface the new active one
[  189.874463][ T7413] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[  189.928626][ T7411] veth5: entered promiscuous mode
[  189.939747][ T7411] bond2: (slave veth5): Enslaving as an active interface with a down link
[  190.016118][ T7413] erspan0: entered allmulticast mode
[  190.029228][ T7413] bond2: (slave erspan0): Enslaving as an active interface with an up link
[  190.040362][ T7358] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.063017][ T7358] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.070457][ T7358] bridge_slave_0: entered allmulticast mode
[  190.082434][ T7358] bridge_slave_0: entered promiscuous mode
[  190.111766][ T7419] netlink: 12 bytes leftover after parsing attributes in process `syz.0.301'.
[  190.127714][ T7418] netlink: 12 bytes leftover after parsing attributes in process `syz.0.301'.
[  190.182232][ T7358] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.217384][ T7358] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.226717][ T7358] bridge_slave_1: entered allmulticast mode
[  190.240580][ T7358] bridge_slave_1: entered promiscuous mode
[  190.252149][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  190.272854][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  190.298607][ T7378] chnl_net:caif_netlink_parms(): no params data found
[  190.373510][ T5859] Bluetooth: hci2: command tx timeout
[  190.407073][ T7358] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  190.465062][ T7427] vlan3: entered promiscuous mode
[  190.488028][ T7358] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  190.674325][ T7358] team0: Port device team_slave_0 added
[  190.713288][ T1101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  190.721159][ T1101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  190.733623][ T7358] team0: Port device team_slave_1 added
[  190.747379][ T7436] Bluetooth: MGMT ver 1.23
[  190.820455][ T7358] batman_adv: batadv0: Adding interface: batadv_slave_0
[  190.846846][ T7358] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  190.874196][ T7358] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  190.888590][ T7358] batman_adv: batadv0: Adding interface: batadv_slave_1
[  190.901254][ T7358] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  190.928481][ T7358] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  190.939946][ T7378] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.948018][ T7378] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.957219][ T7378] bridge_slave_0: entered allmulticast mode
[  190.965381][ T7378] bridge_slave_0: entered promiscuous mode
[  190.974952][ T7378] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.982155][ T7378] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.989651][ T7378] bridge_slave_1: entered allmulticast mode
[  190.998863][ T7378] bridge_slave_1: entered promiscuous mode
[  191.062594][ T6212] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.119310][ T7378] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  191.147014][ T7378] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  191.239875][ T6212] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.327882][ T7358] hsr_slave_0: entered promiscuous mode
[  191.345314][ T7358] hsr_slave_1: entered promiscuous mode
[  191.354750][ T7358] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  191.362343][ T7358] Cannot create hsr debugfs directory
[  191.373507][ T7378] team0: Port device team_slave_0 added
[  191.388122][ T7251] 8021q: adding VLAN 0 to HW filter on device batadv0
[  191.413780][ T5859] Bluetooth: hci3: command tx timeout
[  191.456637][ T6212] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.553426][ T7378] team0: Port device team_slave_1 added
[  191.676683][ T7378] batman_adv: batadv0: Adding interface: batadv_slave_0
[  191.692730][ T7378] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.719599][ T7378] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  191.785768][ T6212] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.809126][ T7378] batman_adv: batadv0: Adding interface: batadv_slave_1
[  191.823976][ T7378] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.881661][ T7378] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  192.048792][ T7378] hsr_slave_0: entered promiscuous mode
[  192.058234][ T7378] hsr_slave_1: entered promiscuous mode
[  192.069225][ T7378] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  192.077547][ T7378] Cannot create hsr debugfs directory
[  192.156307][ T5868] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  192.173594][ T5868] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  192.183516][ T5868] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  192.191543][ T5868] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  192.201184][ T5868] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  192.439005][ T6212] bridge_slave_1: left allmulticast mode
[  192.445371][ T6212] bridge_slave_1: left promiscuous mode
[  192.451323][ T6212] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.453134][ T5859] Bluetooth: hci2: command tx timeout
[  192.475256][ T6212] bridge_slave_0: left allmulticast mode
[  192.480960][ T6212] bridge_slave_0: left promiscuous mode
[  192.491413][ T6212] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.570272][ T7464] FAULT_INJECTION: forcing a failure.
[  192.570272][ T7464] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  192.587441][ T7464] CPU: 1 UID: 0 PID: 7464 Comm: syz.0.310 Not tainted 6.16.0-rc5-syzkaller-01461-g511ad4c26446 #0 PREEMPT(full) 
[  192.587471][ T7464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  192.587483][ T7464] Call Trace:
[  192.587492][ T7464]  <TASK>
[  192.587500][ T7464]  dump_stack_lvl+0x189/0x250
[  192.587529][ T7464]  ? __pfx____ratelimit+0x10/0x10
[  192.587568][ T7464]  ? __pfx_dump_stack_lvl+0x10/0x10
[  192.587597][ T7464]  ? __pfx__printk+0x10/0x10
[  192.587623][ T7464]  ? __might_fault+0xb0/0x130
[  192.587656][ T7464]  should_fail_ex+0x414/0x560
[  192.587689][ T7464]  _copy_from_user+0x2d/0xb0
[  192.587711][ T7464]  ___sys_recvmsg+0x12e/0x510
[  192.587737][ T7464]  ? __pfx____sys_recvmsg+0x10/0x10
[  192.587782][ T7464]  ? __fget_files+0x3a0/0x420
[  192.587818][ T7464]  do_recvmmsg+0x307/0x770
[  192.587846][ T7464]  ? __pfx_do_recvmmsg+0x10/0x10
[  192.587899][ T7464]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  192.587945][ T7464]  __x64_sys_recvmmsg+0x190/0x240
[  192.587968][ T7464]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  192.587984][ T7464]  ? rcu_is_watching+0x15/0xb0
[  192.588012][ T7464]  ? do_syscall_64+0xbe/0x3b0
[  192.588042][ T7464]  do_syscall_64+0xfa/0x3b0
[  192.588065][ T7464]  ? lockdep_hardirqs_on+0x9c/0x150
[  192.588089][ T7464]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.588107][ T7464]  ? clear_bhb_loop+0x60/0xb0
[  192.588130][ T7464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.588167][ T7464] RIP: 0033:0x7f3df978e929
[  192.588185][ T7464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.588202][ T7464] RSP: 002b:00007f3dfa584038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  192.588222][ T7464] RAX: ffffffffffffffda RBX: 00007f3df99b5fa0 RCX: 00007f3df978e929
[  192.588236][ T7464] RDX: 0000000000000001 RSI: 0000200000001c00 RDI: 0000000000000003
[  192.588248][ T7464] RBP: 00007f3dfa584090 R08: 0000000000000000 R09: 0000000000000000
[  192.588260][ T7464] R10: 000000000000002b R11: 0000000000000246 R12: 0000000000000001
[  192.588272][ T7464] R13: 0000000000000000 R14: 00007f3df99b5fa0 R15: 00007ffcc2c121e8
[  192.588309][ T7464]  </TASK>
[  193.130821][ T6212] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  193.142150][ T6212] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  193.154991][ T6212] bond0 (unregistering): Released all slaves
[  193.340316][ T7251] veth0_vlan: entered promiscuous mode
[  193.479460][ T7251] veth1_vlan: entered promiscuous mode
[  193.493163][ T5859] Bluetooth: hci3: command tx timeout
[  193.602068][ T6212] hsr_slave_0: left promiscuous mode
[  193.609542][ T6212] hsr_slave_1: left promiscuous mode
[  193.616259][ T6212] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  193.623912][ T6212] batman_adv: batadv0: Removing interface: batadv_slave_0
[  193.632137][ T6212] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  193.644149][ T6212] batman_adv: batadv0: Removing interface: batadv_slave_1
[  193.661759][ T6212] veth1_macvtap: left promiscuous mode
[  193.667404][ T6212] veth0_macvtap: left promiscuous mode
[  193.673288][ T6212] veth1_vlan: left promiscuous mode
[  193.678672][ T6212] veth0_vlan: left promiscuous mode
[  194.102404][ T6212] team0 (unregistering): Port device team_slave_1 removed
[  194.141115][ T6212] team0 (unregistering): Port device team_slave_0 removed
[  194.218571][ T5859] Bluetooth: hci1: command tx timeout
[  194.542941][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  194.563615][ T7251] veth0_macvtap: entered promiscuous mode
[  194.606971][ T7251] veth1_macvtap: entered promiscuous mode
[  194.728494][ T7455] chnl_net:caif_netlink_parms(): no params data found
[  194.761525][ T7251] batman_adv: batadv0: Interface activated: batadv_slave_0
[  194.799928][ T7251] batman_adv: batadv0: Interface activated: batadv_slave_1
[  194.884725][ T7358] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  194.906582][ T7358] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  194.983200][ T7358] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  195.007897][   T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  195.021290][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  195.076925][ T7358] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  195.087490][   T59] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  195.097745][ T1101] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  195.162272][ T7455] bridge0: port 1(bridge_slave_0) entered blocking state
[  195.170114][ T7455] bridge0: port 1(bridge_slave_0) entered disabled state
[  195.182168][ T7455] bridge_slave_0: entered allmulticast mode
[  195.191497][ T7455] bridge_slave_0: entered promiscuous mode
[  195.223075][ T7455] bridge0: port 2(bridge_slave_1) entered blocking state
[  195.232620][ T7455] bridge0: port 2(bridge_slave_1) entered disabled state
[  195.240646][ T7455] bridge_slave_1: entered allmulticast mode
[  195.248198][ T7455] bridge_slave_1: entered promiscuous mode
[  195.294680][ T6212] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.456200][ T6212] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.475826][ T7455] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  195.496916][ T7455] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  195.516343][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  195.526139][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  195.539713][ T7497] IPVS: stopping master sync thread 7498 ...
[  195.545999][ T7498] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  195.646863][ T6212] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.725342][ T6212] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.780490][ T7455] team0: Port device team_slave_0 added
[  195.789502][ T7455] team0: Port device team_slave_1 added
[  196.075281][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  196.083685][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  196.095597][ T7455] batman_adv: batadv0: Adding interface: batadv_slave_0
[  196.102594][ T7455] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.142834][ T7455] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  196.165483][ T7455] batman_adv: batadv0: Adding interface: batadv_slave_1
[  196.172529][ T7455] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.202942][ T7455] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  196.226261][ T7378] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  196.298269][ T7378] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  196.307897][ T5859] Bluetooth: hci1: command tx timeout
[  196.419621][ T7378] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  196.431158][ T7378] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  196.516874][ T7455] hsr_slave_0: entered promiscuous mode
[  196.524601][ T7455] hsr_slave_1: entered promiscuous mode
[  196.530791][ T7455] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  196.538891][ T7455] Cannot create hsr debugfs directory
[  196.639139][ T6212] bridge_slave_1: left allmulticast mode
[  196.649120][ T6212] bridge_slave_1: left promiscuous mode
[  196.655677][ T6212] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.673196][ T6212] bridge_slave_0: left allmulticast mode
[  196.679053][ T6212] bridge_slave_0: left promiscuous mode
[  196.689518][ T6212] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.066225][ T6212] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  197.079187][ T6212] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  197.089628][ T6212] bond0 (unregistering): Released all slaves
[  197.181887][ T7358] 8021q: adding VLAN 0 to HW filter on device bond0
[  197.311641][ T7358] 8021q: adding VLAN 0 to HW filter on device team0
[  197.449313][ T1101] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.456552][ T1101] bridge0: port 1(bridge_slave_0) entered forwarding state
[  197.481666][ T1101] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.488990][ T1101] bridge0: port 2(bridge_slave_1) entered forwarding state
[  197.667702][ T6212] hsr_slave_0: left promiscuous mode
[  197.695462][ T6212] hsr_slave_1: left promiscuous mode
[  197.701595][ T6212] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  197.723742][ T6212] batman_adv: batadv0: Removing interface: batadv_slave_0
[  197.745087][ T6212] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  197.752523][ T6212] batman_adv: batadv0: Removing interface: batadv_slave_1
[  197.790451][ T6212] veth1_macvtap: left promiscuous mode
[  197.796294][ T6212] veth0_macvtap: left promiscuous mode
[  197.803068][ T6212] veth1_vlan: left promiscuous mode
[  197.808438][ T6212] veth0_vlan: left promiscuous mode
[  197.881323][ T5868] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  197.892139][ T5868] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  197.904013][ T5868] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  197.916284][ T5868] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  197.928965][ T5868] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  198.304370][ T6212] team0 (unregistering): Port device team_slave_1 removed
[  198.342115][ T6212] team0 (unregistering): Port device team_slave_0 removed
[  198.383006][ T5868] Bluetooth: hci1: command tx timeout
[  198.707101][ T7515] FAULT_INJECTION: forcing a failure.
[  198.707101][ T7515] name failslab, interval 1, probability 0, space 0, times 0
[  198.723000][ T7515] CPU: 1 UID: 0 PID: 7515 Comm: syz.0.321 Not tainted 6.16.0-rc5-syzkaller-01461-g511ad4c26446 #0 PREEMPT(full) 
[  198.723030][ T7515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  198.723043][ T7515] Call Trace:
[  198.723051][ T7515]  <TASK>
[  198.723060][ T7515]  dump_stack_lvl+0x189/0x250
[  198.723091][ T7515]  ? __pfx____ratelimit+0x10/0x10
[  198.723119][ T7515]  ? __pfx_dump_stack_lvl+0x10/0x10
[  198.723144][ T7515]  ? __pfx__printk+0x10/0x10
[  198.723180][ T7515]  ? __pfx___might_resched+0x10/0x10
[  198.723211][ T7515]  should_fail_ex+0x414/0x560
[  198.723246][ T7515]  ? __veth_napi_enable_range+0x28b/0x6f0
[  198.723268][ T7515]  should_failslab+0xa8/0x100
[  198.723304][ T7515]  __kvmalloc_node_noprof+0x161/0x5f0
[  198.723331][ T7515]  ? __veth_napi_enable_range+0x28b/0x6f0
[  198.723362][ T7515]  __veth_napi_enable_range+0x28b/0x6f0
[  198.723396][ T7515]  ? __pfx___veth_napi_enable_range+0x10/0x10
[  198.723438][ T7515]  ? netif_napi_set_irq_locked+0x20b/0x720
[  198.723471][ T7515]  veth_napi_enable_range+0xff/0x200
[  198.723504][ T7515]  veth_set_features+0x1c8/0x2a0
[  198.723528][ T7515]  __netdev_update_features+0xa43/0x1be0
[  198.723570][ T7515]  ? __pfx___netdev_update_features+0x10/0x10
[  198.723593][ T7515]  ? __lock_acquire+0xab9/0xd20
[  198.723627][ T7515]  ? __might_fault+0xb0/0x130
[  198.723680][ T7515]  ethtool_set_one_feature+0x2b4/0x300
[  198.723706][ T7515]  ? __pfx_ethtool_set_one_feature+0x10/0x10
[  198.723731][ T7515]  ? bpf_lsm_capable+0x9/0x20
[  198.723753][ T7515]  ? security_capable+0x7e/0x2e0
[  198.723793][ T7515]  dev_ethtool+0x108d/0x19b0
[  198.723828][ T7515]  ? __pfx_dev_ethtool+0x10/0x10
[  198.723869][ T7515]  ? dev_load+0x21/0x1f0
[  198.723897][ T7515]  dev_ioctl+0x392/0x1150
[  198.723929][ T7515]  sock_do_ioctl+0x22c/0x300
[  198.723957][ T7515]  ? __pfx_sock_do_ioctl+0x10/0x10
[  198.723978][ T7515]  ? __lock_acquire+0xab9/0xd20
[  198.724020][ T7515]  sock_ioctl+0x576/0x790
[  198.724046][ T7515]  ? __pfx_sock_ioctl+0x10/0x10
[  198.724070][ T7515]  ? __fget_files+0x2a/0x420
[  198.724095][ T7515]  ? __fget_files+0x3a0/0x420
[  198.724120][ T7515]  ? __fget_files+0x2a/0x420
[  198.724162][ T7515]  ? bpf_lsm_file_ioctl+0x9/0x20
[  198.724182][ T7515]  ? __pfx_sock_ioctl+0x10/0x10
[  198.724204][ T7515]  __se_sys_ioctl+0xfc/0x170
[  198.724228][ T7515]  do_syscall_64+0xfa/0x3b0
[  198.724253][ T7515]  ? lockdep_hardirqs_on+0x9c/0x150
[  198.724278][ T7515]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.724304][ T7515]  ? clear_bhb_loop+0x60/0xb0
[  198.724329][ T7515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.724348][ T7515] RIP: 0033:0x7f3df978e929
[  198.724366][ T7515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.724383][ T7515] RSP: 002b:00007f3dfa584038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  198.724404][ T7515] RAX: ffffffffffffffda RBX: 00007f3df99b5fa0 RCX: 00007f3df978e929
[  198.724436][ T7515] RDX: 00002000000002c0 RSI: 0000000000008946 RDI: 0000000000000008
[  198.724449][ T7515] RBP: 00007f3dfa584090 R08: 0000000000000000 R09: 0000000000000000
[  198.724463][ T7515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  198.724475][ T7515] R13: 0000000000000000 R14: 00007f3df99b5fa0 R15: 00007ffcc2c121e8
[  198.724509][ T7515]  </TASK>
[  198.727123][ T7515] veth0_to_team: set_features() failed (-12); wanted 0x0000612e4fdd49e9, left 0x0000612e4fdd09e9
[  199.140629][ T7378] 8021q: adding VLAN 0 to HW filter on device bond0
[  199.354971][ T7378] 8021q: adding VLAN 0 to HW filter on device team0
[  199.418574][ T7531] netlink: 8 bytes leftover after parsing attributes in process `syz.0.324'.
[  199.430420][ T7531] netlink: 5 bytes leftover after parsing attributes in process `syz.0.324'.
[  199.473131][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.480335][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  199.516406][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.523650][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  199.673194][ T7536] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.325'.
[  199.760419][ T7455] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  199.778355][ T7536] netlink: 16 bytes leftover after parsing attributes in process `syz.0.325'.
[  199.849542][ T7358] 8021q: adding VLAN 0 to HW filter on device batadv0
[  199.857857][ T7455] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  199.889500][ T7455] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  199.908917][ T7455] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  199.973747][ T5868] Bluetooth: hci4: command tx timeout
[  200.350640][ T7520] chnl_net:caif_netlink_parms(): no params data found
[  200.454735][ T5868] Bluetooth: hci1: command tx timeout
[  200.587297][ T6212] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.680126][ T7561] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  200.680319][ T7559] IPVS: stopping master sync thread 7561 ...
[  200.733765][ T6212] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.876594][ T6212] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.894063][ T7520] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.901343][ T7520] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.913426][ T7520] bridge_slave_0: entered allmulticast mode
[  200.921445][ T7520] bridge_slave_0: entered promiscuous mode
[  200.964613][ T6212] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.996289][ T7520] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.017673][ T7520] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.025117][ T7520] bridge_slave_1: entered allmulticast mode
[  201.033584][ T7520] bridge_slave_1: entered promiscuous mode
[  201.058952][ T7378] 8021q: adding VLAN 0 to HW filter on device batadv0
[  201.179807][ T7520] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  201.198295][ T7520] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  201.346373][ T7520] team0: Port device team_slave_0 added
[  201.356261][ T7358] veth0_vlan: entered promiscuous mode
[  201.394231][ T7520] team0: Port device team_slave_1 added
[  201.500245][ T7520] batman_adv: batadv0: Adding interface: batadv_slave_0
[  201.515603][ T7520] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.548433][ T7520] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  201.596059][ T7520] batman_adv: batadv0: Adding interface: batadv_slave_1
[  201.607777][ T7520] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.639189][ T7520] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  201.665243][ T7358] veth1_vlan: entered promiscuous mode
[  201.699308][ T7455] 8021q: adding VLAN 0 to HW filter on device bond0
[  201.737380][ T7378] veth0_vlan: entered promiscuous mode
[  201.788206][ T6212] bridge_slave_1: left allmulticast mode
[  201.799064][ T6212] bridge_slave_1: left promiscuous mode
[  201.805744][ T6212] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.817986][ T6212] bridge_slave_0: left allmulticast mode
[  201.824383][ T6212] bridge_slave_0: left promiscuous mode
[  201.830216][ T6212] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.062906][ T5868] Bluetooth: hci4: command tx timeout
[  202.200866][ T6212] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  202.216404][ T6212] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  202.226689][ T6212] bond0 (unregistering): Released all slaves
[  202.277967][ T7569] ------------[ cut here ]------------
[  202.284145][ T7569] WARNING: CPU: 1 PID: 7569 at net/core/dev.c:7311 netif_napi_add_weight_locked+0x7ee/0x970
[  202.295151][ T7569] Modules linked in:
[  202.299280][ T7569] CPU: 1 UID: 0 PID: 7569 Comm: syz.0.329 Not tainted 6.16.0-rc5-syzkaller-01461-g511ad4c26446 #0 PREEMPT(full) 
[  202.311686][ T7569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  202.322765][ T7569] RIP: 0010:netif_napi_add_weight_locked+0x7ee/0x970
[  202.329505][ T7569] Code: 00 00 fc ff df 0f b6 04 03 84 c0 0f 85 78 01 00 00 c6 45 00 00 e9 20 ff ff ff e8 cd 3e 68 f8 e9 16 ff ff ff e8 c3 3e 68 f8 90 <0f> 0b 90 48 83 c4 38 5b 41 5c 41 5d 41 5e 41 5f 5d e9 7c e9 1b 02
[  202.350078][ T7569] RSP: 0018:ffffc900035976d8 EFLAGS: 00010283
[  202.356873][ T7569] RAX: ffffffff8957f90d RBX: dffffc0000000000 RCX: 0000000000080000
[  202.365025][ T7569] RDX: ffffc9000fee4000 RSI: 00000000000004ac RDI: 00000000000004ad
[  202.373579][ T7569] RBP: 0000000000000040 R08: ffff888066de2497 R09: 1ffff1100cdbc492
[  202.381604][ T7569] R10: dffffc0000000000 R11: ffffed100cdbc493 R12: ffffffff86737820
[  202.389707][ T7569] R13: ffff888066de2490 R14: ffff888066de2480 R15: dffffc0000000000
[  202.397796][ T7569] FS:  00007f3dfa5216c0(0000) GS:ffff888125d0f000(0000) knlGS:0000000000000000
[  202.407275][ T7569] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  202.414346][ T7569] CR2: 00007f3dfa520f98 CR3: 0000000046fce000 CR4: 00000000003526f0
[  202.422367][ T7569] Call Trace:
[  202.425904][ T7569]  <TASK>
[  202.428889][ T7569]  ? netif_napi_set_irq_locked+0x129/0x720
[  202.434927][ T7569]  veth_napi_enable_range+0xaf/0x200
[  202.440302][ T7569]  veth_set_features+0x1c8/0x2a0
[  202.445680][ T7569]  __netdev_update_features+0xa43/0x1be0
[  202.452955][ T7569]  ? __pfx___netdev_update_features+0x10/0x10
[  202.459334][ T7569]  ? __lock_acquire+0xab9/0xd20
[  202.464331][ T7569]  ? __might_fault+0xb0/0x130
[  202.469181][ T7569]  ethtool_set_one_feature+0x2b4/0x300
[  202.474777][ T7569]  ? __pfx_ethtool_set_one_feature+0x10/0x10
[  202.480809][ T7569]  ? bpf_lsm_capable+0x9/0x20
[  202.485600][ T7569]  ? security_capable+0x7e/0x2e0
[  202.490965][ T7569]  dev_ethtool+0x108d/0x19b0
[  202.495759][ T7569]  ? __pfx_dev_ethtool+0x10/0x10
[  202.501273][ T7569]  ? dev_load+0x21/0x1f0
[  202.506326][ T7569]  dev_ioctl+0x392/0x1150
[  202.510732][ T7569]  sock_do_ioctl+0x22c/0x300
[  202.515627][ T7569]  ? __pfx_sock_do_ioctl+0x10/0x10
[  202.520781][ T7569]  ? __lock_acquire+0xab9/0xd20
[  202.525786][ T7569]  sock_ioctl+0x576/0x790
[  202.530171][ T7569]  ? __pfx_sock_ioctl+0x10/0x10
[  202.535485][ T7569]  ? __fget_files+0x2a/0x420
[  202.540132][ T7569]  ? __fget_files+0x3a0/0x420
[  202.545175][ T7569]  ? __fget_files+0x2a/0x420
[  202.549833][ T7569]  ? bpf_lsm_file_ioctl+0x9/0x20
[  202.554858][ T7569]  ? __pfx_sock_ioctl+0x10/0x10
[  202.559760][ T7569]  __se_sys_ioctl+0xfc/0x170
[  202.564452][ T7569]  do_syscall_64+0xfa/0x3b0
[  202.569011][ T7569]  ? lockdep_hardirqs_on+0x9c/0x150
[  202.574386][ T7569]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.580516][ T7569]  ? clear_bhb_loop+0x60/0xb0
[  202.585316][ T7569]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.591256][ T7569] RIP: 0033:0x7f3df978e929
[  202.595805][ T7569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.616515][ T7569] RSP: 002b:00007f3dfa521038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  202.625488][ T7569] RAX: ffffffffffffffda RBX: 00007f3df99b6240 RCX: 00007f3df978e929
[  202.633620][ T7569] RDX: 00002000000002c0 RSI: 0000000000008946 RDI: 000000000000000e
[  202.641636][ T7569] RBP: 00007f3df9810ca1 R08: 0000000000000000 R09: 0000000000000000
[  202.649737][ T7569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  202.658400][ T7569] R13: 0000000000000000 R14: 00007f3df99b6240 R15: 00007ffcc2c121e8
[  202.666576][ T7569]  </TASK>
[  202.669648][ T7569] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  202.676960][ T7569] CPU: 1 UID: 0 PID: 7569 Comm: syz.0.329 Not tainted 6.16.0-rc5-syzkaller-01461-g511ad4c26446 #0 PREEMPT(full) 
[  202.688921][ T7569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  202.699006][ T7569] Call Trace:
[  202.702311][ T7569]  <TASK>
[  202.705270][ T7569]  dump_stack_lvl+0x99/0x250
[  202.709933][ T7569]  ? __asan_memcpy+0x40/0x70
[  202.714540][ T7569]  ? __pfx_dump_stack_lvl+0x10/0x10
[  202.719767][ T7569]  ? __pfx__printk+0x10/0x10
[  202.724401][ T7569]  panic+0x2db/0x790
[  202.728316][ T7569]  ? __pfx_panic+0x10/0x10
[  202.732847][ T7569]  __warn+0x31b/0x4b0
[  202.736838][ T7569]  ? netif_napi_add_weight_locked+0x7ee/0x970
[  202.742922][ T7569]  ? netif_napi_add_weight_locked+0x7ee/0x970
[  202.749000][ T7569]  report_bug+0x2be/0x4f0
[  202.753344][ T7569]  ? netif_napi_add_weight_locked+0x7ee/0x970
[  202.759436][ T7569]  ? netif_napi_add_weight_locked+0x7ee/0x970
[  202.765520][ T7569]  ? netif_napi_add_weight_locked+0x7f0/0x970
[  202.771603][ T7569]  handle_bug+0x84/0x160
[  202.775865][ T7569]  exc_invalid_op+0x1a/0x50
[  202.780389][ T7569]  asm_exc_invalid_op+0x1a/0x20
[  202.785257][ T7569] RIP: 0010:netif_napi_add_weight_locked+0x7ee/0x970
[  202.791958][ T7569] Code: 00 00 fc ff df 0f b6 04 03 84 c0 0f 85 78 01 00 00 c6 45 00 00 e9 20 ff ff ff e8 cd 3e 68 f8 e9 16 ff ff ff e8 c3 3e 68 f8 90 <0f> 0b 90 48 83 c4 38 5b 41 5c 41 5d 41 5e 41 5f 5d e9 7c e9 1b 02
[  202.811584][ T7569] RSP: 0018:ffffc900035976d8 EFLAGS: 00010283
[  202.817682][ T7569] RAX: ffffffff8957f90d RBX: dffffc0000000000 RCX: 0000000000080000
[  202.825681][ T7569] RDX: ffffc9000fee4000 RSI: 00000000000004ac RDI: 00000000000004ad
[  202.833670][ T7569] RBP: 0000000000000040 R08: ffff888066de2497 R09: 1ffff1100cdbc492
[  202.841655][ T7569] R10: dffffc0000000000 R11: ffffed100cdbc493 R12: ffffffff86737820
[  202.849639][ T7569] R13: ffff888066de2490 R14: ffff888066de2480 R15: dffffc0000000000
[  202.857641][ T7569]  ? __pfx_veth_poll+0x10/0x10
[  202.862424][ T7569]  ? netif_napi_add_weight_locked+0x7ed/0x970
[  202.868517][ T7569]  ? netif_napi_add_weight_locked+0x7ed/0x970
[  202.874605][ T7569]  ? netif_napi_set_irq_locked+0x129/0x720
[  202.880434][ T7569]  veth_napi_enable_range+0xaf/0x200
[  202.885754][ T7569]  veth_set_features+0x1c8/0x2a0
[  202.890713][ T7569]  __netdev_update_features+0xa43/0x1be0
[  202.896380][ T7569]  ? __pfx___netdev_update_features+0x10/0x10
[  202.902464][ T7569]  ? __lock_acquire+0xab9/0xd20
[  202.907355][ T7569]  ? __might_fault+0xb0/0x130
[  202.912076][ T7569]  ethtool_set_one_feature+0x2b4/0x300
[  202.917564][ T7569]  ? __pfx_ethtool_set_one_feature+0x10/0x10
[  202.923566][ T7569]  ? bpf_lsm_capable+0x9/0x20
[  202.928263][ T7569]  ? security_capable+0x7e/0x2e0
[  202.933244][ T7569]  dev_ethtool+0x108d/0x19b0
[  202.937881][ T7569]  ? __pfx_dev_ethtool+0x10/0x10
[  202.942857][ T7569]  ? dev_load+0x21/0x1f0
[  202.947133][ T7569]  dev_ioctl+0x392/0x1150
[  202.951511][ T7569]  sock_do_ioctl+0x22c/0x300
[  202.956135][ T7569]  ? __pfx_sock_do_ioctl+0x10/0x10
[  202.961257][ T7569]  ? __lock_acquire+0xab9/0xd20
[  202.966183][ T7569]  sock_ioctl+0x576/0x790
[  202.970543][ T7569]  ? __pfx_sock_ioctl+0x10/0x10
[  202.975508][ T7569]  ? __fget_files+0x2a/0x420
[  202.980112][ T7569]  ? __fget_files+0x3a0/0x420
[  202.984805][ T7569]  ? __fget_files+0x2a/0x420
[  202.989513][ T7569]  ? bpf_lsm_file_ioctl+0x9/0x20
[  202.994460][ T7569]  ? __pfx_sock_ioctl+0x10/0x10
[  202.999327][ T7569]  __se_sys_ioctl+0xfc/0x170
[  203.003932][ T7569]  do_syscall_64+0xfa/0x3b0
[  203.008451][ T7569]  ? lockdep_hardirqs_on+0x9c/0x150
[  203.013669][ T7569]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.019748][ T7569]  ? clear_bhb_loop+0x60/0xb0
[  203.024450][ T7569]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.030356][ T7569] RIP: 0033:0x7f3df978e929
[  203.034789][ T7569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.054492][ T7569] RSP: 002b:00007f3dfa521038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  203.062916][ T7569] RAX: ffffffffffffffda RBX: 00007f3df99b6240 RCX: 00007f3df978e929
[  203.070898][ T7569] RDX: 00002000000002c0 RSI: 0000000000008946 RDI: 000000000000000e
[  203.078881][ T7569] RBP: 00007f3df9810ca1 R08: 0000000000000000 R09: 0000000000000000
[  203.086871][ T7569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  203.094851][ T7569] R13: 0000000000000000 R14: 00007f3df99b6240 R15: 00007ffcc2c121e8
[  203.102852][ T7569]  </TASK>
[  203.106211][ T7569] Kernel Offset: disabled
[  203.110539][ T7569] Rebooting in 86400 seconds..