last executing test programs:

1m4.80481736s ago: executing program 1 (id=947):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r4, &(0x7f0000000340)="07000000010000", 0x7)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r3, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_newaddr={0x20, 0x14, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0xff, r3}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0)
socket$inet(0x2, 0x3, 0x5)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x4)
sendmsg$nl_route(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0xe)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x7400, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x1300, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}}, 0x0)

53.859609888s ago: executing program 1 (id=947):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r4, &(0x7f0000000340)="07000000010000", 0x7)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r3, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_newaddr={0x20, 0x14, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0xff, r3}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0)
socket$inet(0x2, 0x3, 0x5)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x4)
sendmsg$nl_route(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0xe)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x7400, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x1300, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}}, 0x0)

43.844704023s ago: executing program 1 (id=947):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r4, &(0x7f0000000340)="07000000010000", 0x7)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r3, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_newaddr={0x20, 0x14, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0xff, r3}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0)
socket$inet(0x2, 0x3, 0x5)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x4)
sendmsg$nl_route(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0xe)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x7400, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x1300, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}}, 0x0)

31.76949568s ago: executing program 1 (id=947):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r4, &(0x7f0000000340)="07000000010000", 0x7)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r3, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_newaddr={0x20, 0x14, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0xff, r3}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0)
socket$inet(0x2, 0x3, 0x5)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x4)
sendmsg$nl_route(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0xe)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x7400, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x1300, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}}, 0x0)

21.262881408s ago: executing program 1 (id=947):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r4, &(0x7f0000000340)="07000000010000", 0x7)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r3, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_newaddr={0x20, 0x14, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0xff, r3}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0)
socket$inet(0x2, 0x3, 0x5)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x4)
sendmsg$nl_route(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0xe)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x7400, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x1300, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}}, 0x0)

10.540251941s ago: executing program 2 (id=3403):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=ANY=[@ANYBLOB="6cac4fbeb07ccc3732bf9d3d9b23f629de89bc7b35ab07000000000000007f00", @ANYBLOB], 0x6c}, 0x1, 0x0, 0x0, 0xc8dc}, 0x1)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="20010000", @ANYRES16=r1, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r3, @ANYBLOB="47000e00800000000802110000400802110000015050505050500000000000000000000064000000000602020202020204060000000000000602000025030034003c040106b80400080026006c09000008000c006400000008000d0000000000a2000f00329c"], 0x120}, 0x1, 0x0, 0x0, 0x90}, 0x0)

10.131948465s ago: executing program 2 (id=3407):
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e23, 0x400, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3b}}}, 0x1c)
setsockopt$sock_linger(r0, 0x1, 0x3c, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f0000000440)}}], 0x1, 0x840)

10.01011783s ago: executing program 2 (id=3410):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000011c80)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}, @TCA_RATE={0x6}]}, 0x34}}, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x40, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xb, 0xb}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_FLAGS={0x8, 0x3, 0x1}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0x10}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)

9.640922495s ago: executing program 2 (id=3415):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000001000010700000000200000000a0000000c0002006e6c3830323131"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000002c0)={0x74, 0x3c, 0x107, 0xfffffffc, 0x0, {0x3, 0x7c}, [@nested={0x4, 0x136}, @nested={0x5c, 0x1, 0x0, 0x1, [@generic="4afb09f51a636400571c31fec5c71fdc45276eb631f417e3b663e78d9dd4ae2fcf8fe5f825c69efe453ce7610a180673a0ab2b437f0a2b5b8507120069843985ff5aa8afca5b70d371147ab78694fecc3063d626261e2ac7"]}]}, 0x74}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
recvmmsg(r0, &(0x7f0000001440)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000011c0)=""/70, 0x46}, {&(0x7f00000000c0)=""/43, 0x21}, {&(0x7f0000003c80)=""/4106, 0x104d}, {&(0x7f00000015c0)=""/4096, 0x1000}], 0x4}, 0x1801}], 0x1, 0x10020, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b40500000000000069106b0000000000bc001000000000009500000000000000ef4f7c81f5427c16bd2aacf32cdbb47063fd9a7bb1f3ad622c3261f324e081c0ea39bd16d9869302cc08fbd94867708cb208e22cc0ad536525e3b39869285c126353f6a49bc5abc6b9a4eab313655286ee33a56f03b665dd5f1739bda6accc3b9b0d26450d3161263aed01194269a5fba4553bb18fa1f37e2f68a8ef81f090829d0ee04b52611a41642b31a6fe2653171379cc327fc11e38418b589777f8c8ddcbf88df947a05937ea"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r4=>0x0})
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000100)={r4, 0x2, 0x6, @local}, 0x10)
r5 = socket$rxrpc(0x21, 0x2, 0xa)
sendto$rxrpc(r5, 0x0, 0x0, 0x40080, 0x0, 0x0)
bind$rxrpc(r5, &(0x7f0000000100)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x2, @local}}, 0x24)
setsockopt$packet_drop_memb(r2, 0x107, 0x2, &(0x7f0000000080)={0x0, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2d}}, 0x10)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r8, 0x0)
writev(r7, &(0x7f0000003500)=[{&(0x7f00000035c0)='42', 0x2}, {&(0x7f0000000080)='C&', 0x2}, {0x0}, {&(0x7f0000001240)="d3", 0x1}], 0x4)
bind$bt_l2cap(r6, 0x0, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010000000900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a320000000084000000060a010400000000000000000100000008000b40000000005c000480340001800b000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000240001800a0001007265646972000000140002800800014000000012080002400000000e0900010073797a300000"], 0xf8}}, 0x0)
r10 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r10, 0x114, 0x7, &(0x7f0000000000), 0xa0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2000, &(0x7f0000009200)={0x77359400})
r11 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
setsockopt$llc_int(r11, 0x10c, 0x6, &(0x7f0000000bc0)=0x8001, 0x4)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c0000005200000229bd7000ffdbdf250a08000500090000000800060008000000080006000600000008000100", @ANYRES32=r4, @ANYBLOB="08000600"/21], 0x3c}}, 0x0)

9.300660976s ago: executing program 2 (id=3418):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=ANY=[@ANYBLOB="6cac4fbeb07ccc3732bf9d3d9b23f629de89bc7b35ab07000000000000007f00", @ANYBLOB], 0x6c}, 0x1, 0x0, 0x0, 0xc8dc}, 0x1)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="20010000", @ANYRES16=r1, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r3, @ANYBLOB="47000e00800000000802110000600802110000015050505050500000000000000000000064000000000602020202020204060000000000000602000025030034003c040106b80400080026006c09000008000c006400000008000d0000000000a2000f00329c"], 0x120}, 0x1, 0x0, 0x0, 0x90}, 0x0)

9.131748283s ago: executing program 2 (id=3422):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x48, 0x24, 0x300, 0x0, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {}, {0x2, 0xffff}, {0xfff3, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x1ff}, @TCA_CAKE_AUTORATE={0x8, 0x9, 0x1}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0xc4014}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c0000000200000000000000023e0004"], 0x0, 0x56, 0x0, 0x8, 0x0, 0x0, @void, @value}, 0x20)

9.065749425s ago: executing program 1 (id=947):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r4, &(0x7f0000000340)="07000000010000", 0x7)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r3, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_newaddr={0x20, 0x14, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0xff, r3}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0)
socket$inet(0x2, 0x3, 0x5)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x4)
sendmsg$nl_route(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0xe)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x7400, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x1300, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}}, 0x0)

4.50893161s ago: executing program 4 (id=3438):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
bpf$LINK_GET_NEXT_ID(0x24, 0x0, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_START_AP(r4, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
listen(r3, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000fc02000000140001800500020001"], 0x28}, 0x1, 0x0, 0x0, 0x20044811}, 0x2000c094)

3.729631204s ago: executing program 3 (id=3445):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000001000000280001801400040000030000000000000000ffffac1414aa060001000a"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)

3.540610738s ago: executing program 4 (id=3447):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4004)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYRES16=r4, @ANYBLOB="0101000000", @ANYRES32], 0x54}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x11, &(0x7f0000000540)=0x8, 0x4)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="a800000000010904000500000000000002000000240001801400018008000100e000000108000200ac1e01010c000280050001000000090024000280"], 0xa8}}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000000004400000008000300", @ANYRES32, @ANYBLOB="08002700851600000a00180000000000000000001c005a801800018014"], 0x4c}}, 0x4000804)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

3.486790091s ago: executing program 3 (id=3448):
r0 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0xff00000000000000, &(0x7f0000000040)={0xa, 0x1, 0x0, @local, 0xe7a}, 0x1c)

3.36506787s ago: executing program 3 (id=3449):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000cc0)={'wlan0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000e40)={0x0, 0xd, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2508007a0000000000000700000008000300", @ANYRES32=r2, @ANYBLOB="1400140064756d6d7930000000000000020000001400040076657468315f746f5f626f016400000005005300010000000800050004"], 0x54}}, 0x0)

911.594637ms ago: executing program 0 (id=3450):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000400000a20000000000a01030000000000000000010000000900010073797a300000000034000000030a01080000000000000000010000000900030073797a320000000008000a40000000020900010073797a30"], 0x7c}}, 0x0)

840.835603ms ago: executing program 3 (id=3451):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300", @ANYRES32=r0], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="b800000019000100000000f7ffffff00e000000200"/43, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000700000000000000000000000000000000000000000000000200000000000000ffffffffffffffff0000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff"], 0xb8}}, 0x4004)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x11}, 0x80)
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYRES16, @ANYBLOB="0101000000", @ANYRES32], 0x54}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x11, &(0x7f0000000540)=0x8, 0x4)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="a800000000010904000500000000000002000000240001801400018008000100e000000108000200ac1e01010c000280050001000000090024000280"], 0xa8}}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000000004400000008000300", @ANYRES32, @ANYBLOB="08002700851600000a00180000000000000000001c005a801800018014"], 0x4c}}, 0x4000804)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={0x0, 0x6f4}}, 0x0)

780.760639ms ago: executing program 4 (id=3452):
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x7c}}, 0x10) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r0, 0x0, 0x8088)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f00000022c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000030000006a0af2fe000000008500000009000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989425f5d0b79f6584d0416d7c4bb9f547b328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f01000000010000006e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b98d2de10c21d3ea02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d000000200008000000000000001abc11c800000000000000000000000928ee53595a779d243a48cea769470424d20a04c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e09758bd445ab91d20baca005472b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92fe8bad99ca332af00f191b66b6a6f732a91f0e2e9190e4b448da7de018c58e950767f9b320be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c52573d9308a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73cfd1e76982f3d899f71e495f0ba8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e4a48dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f00000021f8547d393dabe616fbbde21c90be00b5a22671395c7a69c6dd4d022ffc97ddb6aa025131652d409da1d8cfc3d219d4b1c1b7b8170d7c33d91db2b73f7ae02485a209a2474b5d0790d05c01bec623056e4d3f4d3149373a28b26a15a1fcce73d57e6eaf7e6f315fe275ebc9ef7aeca277dde01dde724f419803a2172a7833ceab38d21ca4f1dea5e1f4d8824167b21dd289dd4e6ecfba9e163bdbc48e1e758ecde05c10809c9edfa6d77c652fd742e6dad13d2a397bebe3ea8bc087d3720e2202f36c7719ae34f042e19dc08a3323a3d94098a7ec171469352bab1662c3e4d4803c565cfcce32dad628fade43a4844abb230ce608726fd87e93c405a96cf638c41510f26e9da5f316"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040), 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x62, 0xfe, &(0x7f0000000140)="cb74445b7d4c0b24676c6c71ae37efcedaf40242309766deb4e793f90000000000000000dbc856cbc664650634231454ca2d8034c4ca29e0d99c3b6615e91835a600c08f989af45438a54981be310aad92ae545b1c961e5f3762a51fe4c736edec6f", &(0x7f0000000440)=""/254, 0x2f00, 0x0, 0xff, 0x194, &(0x7f0000000980)="ffc4438e5c3081d0e133e812196ec0ed923733aa8b5aba32c8650e7a66d6136853773dfbc6226be13039e230d511f1ac50cc7811aac0400e4c833fedf842ae2918e6fddb550729246fcf4c0a01bc64989ea3985fb362751a83991bd56e761379caa64f6148893ff25f38d5cd6dd695bbf9ca709a9960e0e6b054d5e2239bcb7c0fb2ac66dc4c8f534e439ff20ccaf0d48a98c19c92a3b437a699350f49606d21a403f8c112c46fea5486bf367a854b0f6c1e563b656e4794f6793a08bb3656c391643f6df71d0255054368a938d38503d064da82d5dbf395ad47ed3932669168d324ed0f6de8360d499042ddc7d02b6c0772128257702bfe6d0971f00fea85da062cdc", &(0x7f00000007c0)="4c87fe555ceb79157b1e507ff4d3cc053321e42ae89f596427188b4877ab8f1776c0685784f1174c6401ecc1dd6e2a77bc79238f87ad9215a92ff203a30099e77c543e702b4a4438d358616381745f24f74e585498af129c4b173b242f445b08135f7fa40eb7ba78160ff4f0c80e1b324d0c234cb7f43a3ff9e9535dc16000c797113a039f4508a09144090000009f38a90a24f173b3e68377e4272950a80cfcd3aa6850e917bc7e57370060f5e6db941d67fc98a1e98103830b821657438325578d2af822dd4fc13ea7a7eef8d9be4e715aec8fd6cadc41c8da5ce9da2b9e1559d92a1936fc2b3a00000000000000000072200e10ba6269b634f10f7098c65ba67ba65c0e2687637e131fb8d5ba6c12c09c8356853c434a44ff0878e496dcf9a4f5ca02c293279948f37ebb28843f92c87c057a3b410e04418557d5deda7ddd3bd1d384d64ec980187e8b64a0696571a49e847db79349c9b3c3fab5f1f977bde4d802d9026ae0c11744eb1525c5195fd215d7a432497f35c2f2cfcd2b6336b26dfef0cb968c910ea2af5cdd4d58cc08535d5514", 0x2, 0x0, 0x10000}, 0x24)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[], 0x80}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000080)={@link_local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x2, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x2, 0x8c, 0x100, @val=0x80}}}}}}}, 0x0)
r2 = socket$kcm(0x29, 0x5, 0x0)
sendmsg(r2, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000040)=[{0x0}, {0x0}], 0x2}, 0x40040) (async)
sendmsg(r2, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000040)=[{0x0}, {0x0}], 0x2}, 0x40040)
syz_emit_ethernet(0xbe, &(0x7f00000001c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x4, "9e188a80c32aa9b86ed6ce56992732d9f7fc6cda762c07530a038941764a92bb", "074336477e9205df5f47f7da965c25c746ba7f8ca07841d3da17308a6df3f54855ecedd6d8664fa125e3972a48e81039", "a562ff321beb3f036b9fd27aeff89c8e79a57a3873e0b4e6553e2c44", {"4cf02a016458a5f67aa497153eddc6a1", "9a3f9661ac468177dc130be49bdd8eb5"}}}}}}}, 0x0) (async)
syz_emit_ethernet(0xbe, &(0x7f00000001c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x4, "9e188a80c32aa9b86ed6ce56992732d9f7fc6cda762c07530a038941764a92bb", "074336477e9205df5f47f7da965c25c746ba7f8ca07841d3da17308a6df3f54855ecedd6d8664fa125e3972a48e81039", "a562ff321beb3f036b9fd27aeff89c8e79a57a3873e0b4e6553e2c44", {"4cf02a016458a5f67aa497153eddc6a1", "9a3f9661ac468177dc130be49bdd8eb5"}}}}}}}, 0x0)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x58c, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x58c, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_ro(r3, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000200)=0x1, 0x12)
write$cgroup_int(r4, &(0x7f00000000c0), 0x12)
accept4$unix(r4, &(0x7f0000000300)=@abs, &(0x7f0000000540)=0x6e, 0x800) (async)
accept4$unix(r4, &(0x7f0000000300)=@abs, &(0x7f0000000540)=0x6e, 0x800)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20)
pipe(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r5, 0x0, r6, 0x0, 0x800, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@map_val={0x18, 0x5, 0x2, 0x0, r5, 0x0, 0x0, 0x0, 0xb5d0a5a3}, @jmp={0x5, 0x1, 0x4, 0x1, 0x5, 0x1, 0xfffffffffffffffc}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@map_val={0x18, 0x5, 0x2, 0x0, r5, 0x0, 0x0, 0x0, 0xb5d0a5a3}, @jmp={0x5, 0x1, 0x4, 0x1, 0x5, 0x1, 0xfffffffffffffffc}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)

661.860352ms ago: executing program 3 (id=3453):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x81, 0x0, 0x0, 0x40f00, 0x29, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000240)='kfree_skb\x00', r1, 0x0, 0x8}, 0x18)
r2 = socket$inet_icmp(0x2, 0x2, 0x1)
sendto$inet(r2, &(0x7f0000000000)="990468cdad5b5773e7752971de0d1ef9547a3d35ecedb76f6bf4ce440af856", 0x1f, 0x0, &(0x7f0000000080)={0x2, 0x4e22, @broadcast}, 0x10)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r3, &(0x7f0000000300)={{0x6, @rose, 0xffffffff}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x48)
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0xce)
ioctl$SIOCAX25DELFWD(r4, 0x89eb, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_pauseparam={0x12, 0xfffffffc, 0x2, 0x7}})

661.610233ms ago: executing program 4 (id=3454):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = socket(0x10, 0x80002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)
close(r2)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, &(0x7f0000000000))
sendmsg$nl_route(r1, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x4000010)
epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0xfffeffff, 0x0, 0x0)
setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x13, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x4040)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100000000006000000000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)

659.598509ms ago: executing program 0 (id=3455):
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e23, 0x400, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3b}}}, 0x1c)
setsockopt$sock_linger(r0, 0x1, 0x3c, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000015c0)="b3548172276d926b290c3b385134dd8a6591808db6d7d5b469c135f37737d6a91e8ce282c8081b9da7a0308bd9a0098bddf96e69102e0de3712f879abaf58566ee136326749f7bb820aca0aca172a4b57d558c320dfa4f8e20cd24f2e38a41d62fc52138100aca7ef252746a5ffacd0fbbb31754737790862496b9ffc9e3f6198f88929a068b40fb1241aa66a0becdde19f6ea47783855969b4d746edc687d906a0f720220122b12819e8ab9605077796fcb5ecaf9b57ced2c86b12fb9cca3eb145ca7a5aa5b36d6f29bcf4d86e5e5f05f75f3a80902ec255f3a1ae37a33d78ebe43bc50be23ccb6863bf2be72588bda8b314479e6bd2fb435c7b8bb218619aa3118fe768afd7e4922c1836c7df59f9a91e32537ba2cfa348d646b9437400e904367f92fd8f494dfdea2c0d4e9557e1b21b7d4d0c303f01ee6dd2b0b9a3093085a117641a294f8ea9d2b04c1f495963ebb67904e2cc9bbbd63d89b8fa32962ba5b505deaa5b4bf2e67ac84fc4ecb9ab2864741ee27df0e30177b12bb38642bc2d35b03c1307cda0c0c292a4239a707a5e4fb6fc77b50837703b0458e19868bb5c5fdcfd3b9deea8ded6fecca96d99a43adb83c3380562f30b09a36ad63e9ab2e7b05b338c04595c067f6d33090724cff6427b2df60a3eb910e46c51f6fd02ffdc495f23dd9b840cd67bfebaa77957735125e5a57dd7c06e10a4d7628bf8f66f5251f1f609591289eeeb4f74f2dbfd178d3909a009916b84f614b1a09a9c15652e1f317f0eab85233575bdad51d6684418e67a69a41b6b094f955f60f05aaf9ded92f9080361e7e7641d0e72720eecd94c2628aab023cb49a888fd3abb9c90b4a933ddab8bcbe34e4c99e10ecc381b3c74bdbdd14c17a6929ef9d9ffc342474b93f69ca09f6427db5d04706ec5b41ef08bb41c513f03d5f4b3b94c3e538bf0ef6b94721e366f709a423a45ce600bd3c090b512fddcd086c0a5b1162d054d7afc909cef14c3e4bd42283250496a831f967e2925927af50cbba5720f59c14878bdb88f7c1b96aa19efdd2b8ac66de3daf48f4afdc6b762e4fdc1bdb2dc812f526e14484607b69088e87809507d6793608d5c084e91916127f54249fe3b01cd1aae5d57b36455bcfedaaeb3198a0ef8fb1b5c8d59c20f3d7deb16d713e5508f5f443844ab765bd0e6c37cfec1469679084850f1ea9773d65d2b43df98b08ad3a98ffacc0d815a88085d65b0cfb51a159649c2db87594e5b6f3c1493533482dd111f72e440bb508555a48cbb0718852b2409671133a8d0de6616392fc53a11cef4a4a19328367a8e827fc774055b87acffdc95d49964dac21b56c7cbf33000f62789759683cd4928d36d3b6df0eb19bef8a36114abc192b4c7beb9d95e03dfad3f4ccc3e55489a38a5dd8e381632f441b2d6fd6f7be3d09ee19a2ad1846c6ed6af375", 0x400}], 0x1}}], 0x1, 0x840)

532.628955ms ago: executing program 0 (id=3456):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000440)={&(0x7f0000007000)={0x3688, r2, 0x300, 0x70bd2d, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x0, 0x41}}}}, [@NL80211_ATTR_NAN_FUNC={0x2c8, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_TX_MATCH_FILTER={0x1dc, 0xe, 0x0, 0x1, [{0x94, 0x0, "3ae24da39362a38f3afb247472aab0ef4038a5e9e7c640a2e4ecc62ad152b456309d960fa5cb166a7ec2d8ef0be66cb8aed071e59194ea5b4437d23f221ff02dc0efdab4a5b6336b5aba9258cd646be5500c1b2186e3358dc5ee60266705afecfc9598892690549f6fa5e690b7934d23924181db874342af92697c31fbba0d674d9d98b4a6a913b698735c39807914fb"}, {0x19, 0x0, "6b5bc1a6a1d187bb1f7deb845a726fd9678cb4bc3f"}, {0xa9, 0x0, "7d1ec2f8caccb40d2df6c9638d16ded6249d3af23e35d727a353fdb9ead084b863c852e13c99f8f20abea2bf0ce2ad20c101c01c05220e0167a0af0ef8993e50db338f841a90b0e5bf2c98f4e7a2dc768092ec663e29e8f3c311029baf4447c05e1aa749ef27d29aebb099e092f2ae795eb1ec4b3ce9d5579d0e91719f624e211d8c717f080690b0dd17793bbf29f136b1c58b280bc672edf907bc3fc214ffc54b19cd391d"}, {0x7b, 0x0, "800a6c5face94dd23a3e2a7f9e9433bce3c312071f04638e8b6978207d27519b20cbe9ea6e762dfcf55260d8f9d15432e0b029b6e31b37bc421b3650c537cc711aef9a26e83b22a87b947474018b80d7f8f05c363f19dc56589c306eda6e580c6f92682f773fd031babcd8745b5e2e4ae52f67f72c4481"}]}, @NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID={0x5, 0x7, 0x8}, @NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x3}, @NL80211_NAN_FUNC_TX_MATCH_FILTER={0xb8, 0xe, 0x0, 0x1, [{0x4c, 0x0, "e93efd4048435c83807345898ba464ca67d906b30904657260f6ba282a320cbbc3904686befea400bb8c97f0fcde4b346aa2372280ed139c21ad85f7a5142ea7a9f75b9d54e05fb1"}, {0x38, 0x0, "55ee3ac8bc5269e9278ec5962ddddea7198a4aba125cd95725a0fc90485330f1a7f007a51c023790ff2e6770cd7f2038b7b89bf4"}, {0x2e, 0x0, "85772426f0bf41791f820d9564bc753401259b0e4436e7a513730fd6cf562725fe6ddbe3f5c355158b05"}]}, @NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE={0x4}, @NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "bcff92cd8b2f"}, @NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x6}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}]}, @NL80211_ATTR_NAN_FUNC={0x60c, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "431cb60af197"}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}, @NL80211_NAN_FUNC_RX_MATCH_FILTER={0x2a4, 0xd, 0x0, 0x1, [{0x72, 0x0, "42d32a801f490f670f2c52728cd72a0613026fd0a55e7a2bcc9dcef359dbd23e47e346d1e589ab3027c65e3c2daac75520fb7049da6e1caa5b39973ff063bf934fdc051f3b26ef864840f5d8baa6770163b6eeb48ba47b5f56a17cb6e889c07bd505fc3362fba3451cb612df26dd"}, {0x82, 0x0, "325ceed359e912073ab93146f402a98bb7e963c395aaa77756979f1a0ce850982ee72a906e4d17d0b40dfb475d4f0b912270e386d902a6812ea29ff414ff1f4f3339c70607ecb02678a156e2bd5dd1cbc834d20ef32aa960b373696940a7129070d269e9dfa0c66def1cb9ecdc4b33334a26766649b9a2db670240e81415"}, {0xbc, 0x0, "73aa97c664146e3ded0b3dd248f0cd0f3d3c50d43a93a9721516e05cc2c5a7088431108ac0c7e78d63abdd0bf2cc06e4785782253aff6234492a4bb775af005dc87c62e28337b18809f6a0062bd74006b39d6e0040cb75a90d1e62967bd519a89ebaa14bb661a80013d79fac9f2db2cbecbfbbd921effc721464dfa06cd6391504a7ab8f17089a4e07f4a990760f79e2add1fdeacd93d1aa2d253f37142def0be3b0a946c824db8f452e3b90f98f8a847f71cdfedc4c7321"}, {0xe9, 0x0, "7f4a0ee43ea6375159652b8986059b4cf90929be468f101648c792e0e206d5f9107f28fc8a4e4aff60c0f24f03b664093e9afb5bae799c576550f44eb78999813b2c951be3150a5bec27935ab98b1d13f0bffe94ab49c9edf7d09a1e4614d4e858c6be3568a94d211970f8b94028525a1150127a473a7b0c5904685292949cfa3ecf9e63e20305ebce975195a3ea996e66f9c769d2ec0f168b44fb302867021097e6e8ae51dad73fe5d196b8b827ceec1e83579f0e616865c4189779016b61a7907bfe5cad711555e4085727a2444be61a48ecf45744ca466b4aede89a29f8bbe05197eeb1"}]}, @NL80211_NAN_FUNC_TTL={0x8, 0xa, 0xf2}, @NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE={0x4}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}, @NL80211_NAN_FUNC_SRF={0x334, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_MAC_ADDRS={0x1c, 0x4, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}]}, @NL80211_NAN_SRF_BF={0x103, 0x2, "20f843070d87e204146517ea93e0dcfa66fccd41c8aee3ec9b4bde3deaac38278e28880e9fac42df98a804a148093293029742f21b3a74201963e7cbfa802da2a69ce4ce7fc539d61060d527db1f901cb31a152a4a2eed0f8ec97106fcc125ae27283eb7c0ab7df8998f1579c7536892fa8e671d56fa459b44bccb5aeda9be184ff18c179b1e2810aee7f3be4339d30726d90f7c448c2cf6b95d8acd7bcbcfb05c4726715260e4462c6e09cc44b361a428ef19d9507e958d090b9529bef7903d7c0144565054df912cf09e1f83ca5291a8e52945843305e3d61249b5c5d5349c06a348bd3648181fe9647aa7638ccd1e1bc01d7c3550636b083eaf24faa012"}, @NL80211_NAN_SRF_BF={0x103, 0x2, "8e010db598e8b2cd4da18a709072ee381850512b35ccf88f273949718defb1ac34bcef41cc0cdf89a14c27ad77bc4767b34acc48cf7d429eeceff0d4620a26ee48674ac3c49b3f64e96d4ab92d55a0e8ae1976d6cec544940b6d67e74d5f51c19437c931a5d9083ca93ac325f11ba3791f289060f429e8044173d0cdd658ea653782eb18f65e0360bfd4f8abb351bea3a3592039a8baa5d19c7ee532ccdb8329048478de978a2faf14f9fc13bdd571af2961a80ff2417dccbc58442e1af11a573133fb0a4b609f6704af9f137d196ff8f2993278a7ffc883de2a30558457f75020c59fb03439b237ea997ca6101ff64c4cbfca797b8342b194c2c8ac362df6"}, @NL80211_NAN_SRF_BF={0x103, 0x2, "f5a4ce37058048660c6b2e3faa547dbdc441127cdc1b6a20fc73b7891e5008814019c0c585d345da648b79e224b77e7a1860d0afeb7186d94c5a85dff2b5893e4914e5769c564b49d592515688dbddf1ced30609668ec03adc82ecc27e8ec161a5208e72693529160e34ae3082a76e8f85416437624c3491c8e559b7d095013c321a97440a12bff2925e8651e6d3e3f1de31036671dd7a3316f87ab3baf66183d935ee5099fa5c17097038934deae5944b555e3c223bcb7e81eea7c3f0bd88b995e55fb7e6ab4b71eb5ff276f0c764390a5d7f54a02c2a18389708a1802636eb399b8b04043fd2c9e32346d922297daf0581e747e1a218627fdb92792ed445"}, @NL80211_NAN_SRF_BF_IDX={0x5}]}, @NL80211_NAN_FUNC_INSTANCE_ID={0x5, 0xf, 0x10}, @NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x6}]}, @NL80211_ATTR_NAN_FUNC={0x10, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "5402578d9b68"}]}, @NL80211_ATTR_NAN_FUNC={0x10, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "aa63469e5fe1"}]}, @NL80211_ATTR_NAN_FUNC={0x588, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID={0x5, 0x7, 0x90}, @NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID={0x5, 0x7, 0x9}, @NL80211_NAN_FUNC_SERVICE_INFO={0x25, 0xb, "c490be1c74907af700af72f5d33eedb45abaf1cd59d8e3f725dac343f09e724eb4"}, @NL80211_NAN_FUNC_INSTANCE_ID={0x5, 0xf, 0x44}, @NL80211_NAN_FUNC_SRF={0x320, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_BF={0x103, 0x2, "1de6e1dac5d014aa6e2355c89e4e1f9e331a1bc511f08a88bca517e5a35638e65aaed99ea701c4f2c3edd1f58f216214576ef7a0173823e4e770bdd6582f84bd0435d723e2de8ee725689aca3278ff547ee9bcdbf129da28e0dbbcd51a7036d11a55f2e8a8bfb8bab4ac5e197ae45a9e788912a83c3b882015c38df2fc9aeacdd39fdfddbfa0108c5fbc323e35825eb6634690ad852fd3d8493b8566410310e55d573f75c7f63dcfa2b704420d326d79ec87c86f3c75dcc221a1939aa84797a737e4d326e52f8129e5cf28ae94dfb0f23c7f17c3a43eb289de88d2d09851abe517fd222a7ef18ef5359ad3b193deab29d28a653d251555f0c9cdade8d67afd"}, @NL80211_NAN_SRF_BF={0x103, 0x2, "db8adf5c58c195a6de64b6f37932314eacf29c3df65bd104dcdfd8109d0888907f4be961c5a6570c8b61fd68e288ce2aa93381492f352df16e96a51f535157e8cd25211a8b551b634244b096945d74c8b272d804999d30a456798795e1368eab203bacba11aa25b36b93e824c62b7bf5aa9d4eff01bc559d1f261df978ba6b2df910d9aba8eca9e246363fbfffd153af6875c66a1ab292d6ae89cf9bdd984f065509c382d7106a4543e2af407b864eea20bb7fa738ec89efd585dc6c635be96b4a22825745e9575b291d2fe370782d262e9ef41f560af9cd29868af76b131fd487268b669fa58bf9570cd46cff79b81a5a93c28d0f8978fcac3ca5f50710a0"}, @NL80211_NAN_SRF_BF={0x103, 0x2, "d44784eb27dc059b0c78c4b50ebfb831f03f7c51104b580d913d6f70825a596bec4cfcdd8f4b0570467644d905da2f1f7e3b04b13cc0abd32640795e809a70bdc111cc76129d9b83775888df69fc3994dd34d0602a9171592e887321952ecc38ec4f428994a35af3271933dce1c4a0b4005e9ac541c2c26e2c40e86d8b1ff491deb8b17695159a8ff28f11e0819781011c2ea04a6c16e2e2b0e2968edd60344c2a922a2c728c77cec2292f36e58057f181a1165e38a228234507a4d568ddc0b3d0e48d4d0fee14a097718c60e50f4a42844228fdbd0ec02f193eb38d5b265e8c8c58848ccd1ba5f142f2acd16210cce0a89bdfb46313e1c770f5eafc4bc7d0"}, @NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x8}, @NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0xe}]}, @NL80211_NAN_FUNC_SRF={0x224, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x6}, @NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x6}, @NL80211_NAN_SRF_BF={0x103, 0x2, "db41671a3a27bcb03d3b2ed1d36a52b497f9b7eb13a40580da2b2d9ebc692f07846304beab6709cb42b39e3d9c310312df5b578ebbaaa45cd283276f6808f026f4f3ae0eb70da9d2acb154e0174afd6ab8f876ea39a6be669ea2f259c8816af86cc6e933c53dfc58daf870d11134f404277717334fc360f4316cdd4a009f1d2f34a1cad135c09ce1525aa2df1d83ea9e5fafeab43309a0551c48eb1fadbe469f91aa2bdc3fb277c1456dfae5015d2f12c9fa78ce0266a0c0e1189a0fdf7104fd8d8f1921c514e47e9f9f90f7761091d92dc103838d6754dfa079761d27cee2f0ab2ba1d93c4bb6301d02df37566619476438833e9ade7a4119c860c03b3085"}, @NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x4}, @NL80211_NAN_SRF_BF={0x103, 0x2, "87bd2767cec09ec7f5d7562e7e207ea4cc628178a253cac7081961a19c2389b8b5f6d8a11fe934442c773087391c6b7189687d3bcec37d77799f5fbd4fb512128c279441044f4071dfd1e1a9fd98a765435195aab40f1b4d8170dc2204c8c542f544842fc414989b799e55abe1ec03536023876fafd6b1cf8f48102810302d68dbdeed03dc866abc1440a5f5027c5a2de27728feedb3e44ea2d201ffcc9284cafced0a896cb89bd6e09b0bd605d0586c15ea68eb7ec51d59fc8926d3905ac4126c10e92af4799316f5e5f2f649f34ce6a308d892b284903f29a8a2a6f4588303bed81b29cf8e0e3bceb5fec21bcfdc493b83e27a897349452502e99a96f042"}]}]}, @NL80211_ATTR_NAN_FUNC={0x398, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_TX_MATCH_FILTER={0x1b8, 0xe, 0x0, 0x1, [{0x13, 0x0, "223f80fc9619ca0aa2f1f09f8b4a27"}, {0x9, 0x0, "83b99e8fd1"}, {0x95, 0x0, "532dd4f35c39a931adb054874955407e3609bc1c9f27b73ff26b4d9b16b9138fd048e2a9db6869fc5b3f77fc211c0d0f7ad002f919db4b4c95c8b321cd5b9b09c1c131f54a7aa888ed707ca266bc51f4e97d1e06663f7edefd6a80552b61cc389779381e8fcfd19c129494148fc1f2fad519c757979a6f9fe82659a2b54174f4599413efc269b3f4bd31f5982eba947ca8"}, {0x41, 0x0, "62801fcd887d4e2ef5041e90f9e142a1b2b3fb293930f8473f95d56776368402b8c246e58d309545f18dc6a117c9a34f8346050f4085fd1323f8a71d2d"}, {0x4}, {0x9, 0x0, "061a84aa76"}, {0xa7, 0x0, "d68ccab161c5f5a49c6bc420b319adbe9a9c5771f6d1901902684ee4ffdea3302592dada888adaea92c9a993ee3ac0712d70488fcfc8631ea03e723942dc16068a44d10595c77528a0fe95d06a6703cf38bcf9066cd3774b8b30f875ce5b9b53eda06090bc3a2efd382d4a7ae6eb221bc77222b4a81996438a1055efa86ee47a4da27be2faf58a1f1beea98cc5462311d6eb520573e5716aef927c7f0ba92c4524ae04"}]}, @NL80211_NAN_FUNC_RX_MATCH_FILTER={0x1a0, 0xd, 0x0, 0x1, [{0xd, 0x0, "344698780855cc6e36"}, {0xaf, 0x0, "6b6670f8ac1156d19c17c55f5606344bf8d4c030a58f3a65e64e719d3c4211309459aeac01a5752b3430029744bd204a6c14b7aed9effea1e5212109e928c9008942f6c5f0fc2066e6d6732bdaaadf6e89cf5888f2984f20e0a747b7ebee8fb7aac3bcf13f701e2d979a9f74360d5beb52a3d8f9cc00b3a116a83e889d0562a5f2ce711d3bfba0b98db4d1b2feb4918113745599810b27c0185c9ad3ea76b020d45067fe1c9a425eebf60c"}, {0x52, 0x0, "e66ed4df54f17c71ba4da3edc05165023dd6209454c978c6a9fefd59157993cc718ecf26246cb9f016f8b3081aef64d153672daf1f6c15634e2790f281e5c0957698e6f479dbed62254136ae9b24"}, {0x87, 0x0, "dccf86e884f7332a88784ff387b1d1a5efd6aa7cd726c7799197ee806d6988a492ccb723ce7976106398115bd9882cf41d4ce9cccfcde972768c9e51333a2f7d6aa29621f43914dbb585923fce4dfa7f584510c9a9e43504682ff93bd850cb710a3cedc28951d9ee874cc15506ee2fc675b38656ac5d2de09002fdaf72b5f5f35c40d2"}]}, @NL80211_NAN_FUNC_TYPE={0x5}, @NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x2}, @NL80211_NAN_FUNC_SRF={0x10, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_INCLUDE={0x4}, @NL80211_NAN_SRF_INCLUDE={0x4}, @NL80211_NAN_SRF_MAC_ADDRS={0x4}]}, @NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE={0x4}, @NL80211_NAN_FUNC_PUBLISH_TYPE={0x5, 0x3, 0x5c}, @NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID={0x5, 0x7, 0x8}, @NL80211_NAN_FUNC_TTL={0x8, 0xa, 0x800}]}, @NL80211_ATTR_NAN_FUNC={0x2454, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_TYPE={0x5}, @NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID={0x5, 0x7, 0x2}, @NL80211_NAN_FUNC_PUBLISH_TYPE={0x5, 0x3, 0x1}, @NL80211_NAN_FUNC_RX_MATCH_FILTER={0x242c, 0xd, 0x0, 0x1, [{0xd6, 0x0, "343ae1193b7d1e607034e7c86fb4d5ff449fa341a89d2d10ca6e1289a5e33020b5203d79255ed11b5298ad86980c32afabb568b80a29425fe77b522b8edbe431593941faed40a9e07bd5f049bd283d6e7616e3aaeced636f99422aee3daa34bef22b699ce166c0aa945b6f644434ad10fc16997653a8d8c2762bc95ef2ea609cdcc71a29b18adc60c5244e22471b866ca4cc4c3f73f515481da68a4a44acd2a714c4eb99ec6d5117be96971616b4c3203a2f91c02eb78069953e2cff0de69490df3e96b6e68a4ff431bd34bc16142926bfdf"}, {0x4}, {0x1004, 0x0, "2fedc86195d28d627e9ebc672460d08cd4ff4164e826e2d729571c1fb058525a385985a3b887972b3a5012dc81614e1fffc4a439b1892c5e8bf5cbc24d31854ccaac8bf59498681c08519b2b6adfe7a6551672ff46da8df7693b5685246d871157eb73605fcb217d1b5851d252686013c00473cb25d2142e5c1382e08f16fa2a38d14ac14a459ccc2fe3218ef711921e76ef7cdaadc9d6e673082e393c2c4aefd1aebc51a2c8cebd44cd1fe8250f3d25387a1654b928b1e7f87f744fd752c39f56824a04d746636d34ac0af1fda338ca1892a7510059d5b542d0a3557fee8fd2ee6780342b761d53497f906ef1e2ff8206fb155a0592c4ed6244b72f8533bbe32fcc0a1c8200b115acaff6bc9b4d09b672e03c9c500e5714dd223178545b08fc809db17f5e5834b8b04b366e5e20ae8e2b0c4783c9504189e08f0d9902e28c10a64d8ab63eb570f8b6863af34fcdbb8046ba242287565d7a249ec3fd476532d474646517d6f642ccb6ee19c461cd850c4593a6df5d48a88799eb7bf0aed01a3e4925d6a80607ec50ac7b73f21577df69df0dd18e60ee8744695cf4ebfc0a9a3701a70f32faeb42fb44452480d2e9b3e2fb045d68070a81d8e7872d0663783acb001dab6f8dfb239e27a260f025c79b80c894f0c11abbf14f5b971ca333289276754d50997d6af6b61b027a37b1ef52d4069b777d4ac5ec70fc2141079aba41f26d6698f22220bc76783fa47d54d35602ffb638aee9cf40240bc1f7146325974e63448851603ca743822e39ef0feb711fb143bdecaeef19627030b5cbac8a20bb74bf9c26c1600727132f843f57369fa224cf744995446df9dab6bf07b8e3b0ea6d0e1cbaf415b9dc19e106e85d18f107d3b6c84e3db9ce6b24d20ec91cb327be65cb365e66f474e2d8abc7fc52fdf01a02ed5e883132667846773dc0239ac3aa166a036527c90a8f9604885ecae4b1f04e73a6560c87e2ab379bcb48ed59fa0ace6f64bd3329889c3138597f6fc48bfbd074e8d142a22a80b2a983f0061ff1d45213553a06b68720327c2514b5c6460965f127fe63545069bf493cb664fcde2482c2ed1a451982313e1b0a6716d7df796c84bb511ad307b5f6ec8e7bcf1773ad844aba10f44c3c74d015b2f4b79bf0b0e10b9689aa35f1e9142584b9dd9fbe5f863278e962cb4362e2009fa6aeac0d27b78a1aa1b9864d6a6bcb5f0973121ace6e2eecf74a465a1aa9d1735b55c29a23cbaaaa6cc84c2997fe4a5a5a43661471a4853526a772727eb75a406deaca4152caac4fffafa87d5472e645c9dfde0d96678da49d3da22a1cfe806a8d8ede1b09653b8c8bbc85432f2e5a02cfc4fdb82554b48a7d4d4e53989a505f2c157365409e744ec105dbb02187ac29084f8902d420a71cefd92ff2d7fb259c9867e689d0e223a2b5298dfbf07d2667211e50fd48b0752422e9a54f95afe3ca0f9f17deda29e02af425c6f16ab86b226de050a2df9618f3484d3e722f5757dcb3426b983c41750bd5cbe59b980becb8e61d491265fd32a514f3a0ec0cec8e5d36a83073c5fbfeafc2ae4f3c408423073961ef9e7a8e4f7c3dc175fdc5aa1048b3ddc9151984a7ddd5c68a6b66dba0e6d681ed11fe6754fb0ba86f90acc5383a6946b486c6b56272e316c0d5e2ae6c26edf80b86b61167d31060b6cf9084f6259c007e813265dbd63ae2ab9c05d3be8823703fc9891881f581a076625c10344260e8b5048bdb1d02c8361bba776ba91a7cdf3c31cb0cd4d2b5b57abe89cd4fa97c053fa305c27f2f4e213fa7384e39e6bf332b909f3be689c97e331d92f506853205d0404cbb57cc30a9cc5086307b2bb7689a22ad4a8d9d5e1dad6323a312ea91316b4c73537fea36eb77be24d9da48e3d33440ea4f96af128c5306ce1431006eac6452775725300868440aab552945c1328754f588e818f5dc31807b5b8e8b1e1040690bfe49a19710c92af3b2388b18ca50779a643eb8d12103fe3b7b8e959d72719df209fedea6419a58a4d24af1180905140df82d4bd4af5922b7e24e13d49905333d402c088c97ad203b5be3ff98af1a4df06152d220803cc545d74719dde50a629533c3eebdceca0d61a76b8f85c7fd26a9111143a93ba89971d2ac160547218ffc785bd4825d33ce306f1319885a13d60b92671d6df14b5ca6b9b9c6759e4e35f6dac871454fc1634cecf8d54a2fbdf6950046d4197ffd65ebd790a7412bcedbc021994fa33acecfebd0cd1b3a1b34406d1a706ec366dd4fba4a7572afca5d05220df14cd99f874383f47c531fbea9ac03ed7c471aadb8daba8e1f38e5d911627ed6b2dd3dbbce9b39e67efb6b6fb320ff24f292eed582f8824a8fecce84628cb80f701484b7bd9b0a283474b2e784d79b24ae13d1472ea6453330809a487cca0f0ba7f0fa23ec9aa6daea8775c4387fc18dbd69ca019473ca4ca496dc62c434d1983e2799aaeca3a1e6bd1d9acaf609cae92fcf972c5f77d399e2d5d63a4dc3dc0c83f45969108a48def8990e10cdd7a1634b6b34382dc3532694af1907dc463be668a1ff188d51306541dd37b468d74d77d04a11bcb11e74812e58beff3449d2b2020f0b343975d094f10c877e5d99e794f44f051df9579d3a7949217abe3903ec49be8f030e169df33135a6db5bfc400896bbca0dbd1939897aaf59f0fff6675ab9acf1e6fe3f0b35bad7a17ffbbeac0b7311fbeb1ff13f4cd10f2dd7bb26747e0e297d6694a7d15c9373c002c44ddc4fbf82a0d7bd8bb03b29a220173afc2fc155b67c1651d9fb6e78f2b2219d7252f8249ccc2ba467f535650998b52d437e0b2e547a932c872603d7bc612dd95e98105010499ca9281e2f7b5b900c68e812c8c7d5103185034a1d8bfadedb4e5abb095858a4b38cc76d96f2cc3313440b18cd6cd702e259691f36262c5f3354cda78eb989223cded328777f1fc24217fd0b11668d18dcca12c6df10b41fbb26dd5be3f5ac4ab3ceaa477dabf654a90d5911426877ac38ec29c6b05302a43450c9cb6a09b6b0db60b4d057b9a7d4f41051d70979dc0b8c700905315fc4de16e694f6ae2ed32cef4bea169bddfb026f5abbe0455b174ccabb0ac10c670b2a61172841e4edd18f5bb54ef246cf423d1d07e65ace9b9822271b41802c8e4961cac33deaab086f6434f00c681ba65dcbc3831b4805d661589ac6de4d7430d1784bd62c67709d1c2afc8bafd2b6f0a640c4ba926e0824d5c80637b35053a32e4215e3040dc0dc991d3fd7ca377a9d25425ba65e6562f9527c904d33a2581e67906b930698d53736d9975524b5c3cd038f23672665e6b552340edf7fb9e6951aeab94be1e63be0fdba78539daca8b5e7ee6d7e02e9dfd84f155b3e17883f17b9072280aebd5dad9dafdafc3f505b606d09807b8cb0340b09cf3d2d901a1234f15b3ccc5ec9a7538b99bcabe48a348a1dc41360b946f9be390865641c7e07a8647a6008414fd5956034452159453b558886e99a1b158aa37dd59d715341237b761e991a48eef18966a5df4154cbfbdbe73960c02b97a357fa566374fc4223f247ddc6813027bc17d14d778c052a1f835ea833724aab76991b83bea45d0b6529b1a8041196e22d8bc4ac8592e7ee7af6c3457d1213c5627758b06f19d339b06c4f47dfcdf85789ffc57d20f843680861b61cbdaf1211c72ab1ca061f7c288d802f3068820036b6f7ffefdd36feae3541252753a25daaae11f12e407c9dba37a293c33dc7390b42377d03a222acae7a0c4acd4b2d997c2934b07f09441b757787bfa05e4e221a6abe2d45ad1156079a31f7337339d86f2f356c6863cf71c49be8aad9eaf1bc9c3ca509edd710ac9929fdfc0d87ba1a83b84c4199206fe809993df9bdd7b366851e415359355242abfbcb4f6b2eebf15268cd94f215e947862bc0bafe20f4b7d9c67784e9a24d8a971f1ff5b73781627683d3639b09824e12912baec0c05cb32f99482876390c96a3dba867ceb0eb6c647dc5adecc7c712147dc3578e09bbfcbeced2dc8da17b81eee00d3713cbfb16fd2deb576044fe46b799d9da02f3ea1782afe455ae56b5f1321833c0f3ebfbf0095a8bbf05269087515264843a0a57af1e86472e30060bb318585de5ee699b2d9c0494b40e51d5c404cce29db66151c66fb3600e48d42df9de427a17e30884b309d0bdf23b242dca3c9cb41cb07e542014502cefe4bc007c1a7982d71757edda9b758cbb642bee99ecb1e3051e8e3677773155fc1c9560c0436a06477a3863649a9128109186c56c54dfec278c388db499a5f466519efa747c114884cd5fd93ab098ff7fe94ebecc9140849956c079d1370be408a9bd62c889671ab1985adb713ed3161dc6e78c4eba1f51c601e9f9d95deee36b8d2e1c920df065fdb74e3453a016c9283f019dbda4e128ebfe95fc22d214ff39cfed4a29653bf7820d753d968d1ccb671453b3c1575ccadcc50581dd1e941f3845970e7f014815aa014c1e1d1296dff89d49da446384a8a5c4bc61f3b79cca11d406953ecc6683ff5a6573638d99652b14675155865f71ab7f6609ba6a00cfaccf7222dc007dc2db6f52dcfece25415b2f6059bbb4bc0d4614df91f81dd3f28f5d86d79c14f8fbb1504c27b2a1ace2d50560b1d537cb2aa7a5c95b7ece58bf6dbea2dccd0786d71f9ac510fde3ce125cca210fbf0f64bb226fbe1b767756a1ed56fafb58f58f3c922010dbfd8a844d7d2919a56c61c661d7884bc161907f267053182a3749856fbdf5ecda4b422b83d6817675a2bdcdab631eac060e19179ab3ca8d8b34ddc3d7df2380f772a5a6789a42523b5cba90eab7426a286d2fd64541a020ea579c00c3988cb071e65be3420c000caa23fcc59fa4b3bd49dcece4726c9919cbc92471bcbb70c0d25f20a3f32b56d34c4cd7a64086f2457cf61371ef1381c959836eba1f65977b561215f6c0d5d360f9742e6501fde6c602fb84165472623a14721311a1fbafb00c2dfdb18700e1334bdc69f695b112a213966602ba2aaa325a9018b2e20db02a7c654f8c4bfb92ec6d196abba2889eeee5254d10bdf618ca9d2a38923cd3795c99b6eb031105184493e709d9945b205688522fe080691389d9e9d6680ddc10ecaf5cf3b890b8f718857e1736acfbf583a074f13792d5747bebf1b3065178c2f7e7b6a61996840189591d75615c2d9f9c512f7d8aaf2258a51ac4c4d54282121edc674046f30b292d6fa477eec7c482868aced43f4ecf3a1c9fb71361c357f2e810e9f2b50cb26e36d770aa4c5cba516de3a5741fddc318a0fcb288cf284efb2fdc0a12ded90367358ab0df3896e56a185974a7352e056de2dffabc430f034a04e31491640ef1bc3c7f77f6bbb666b810a3c4c9c8c35b0776721842edf5f0178606a130cb2dce92fb88e1ef8a5e6274b9e4e7651e381a6db5c86e962c9711db7becb44a8f6ced57728551e645d851b20a54b689de936f8cf0e1a7e0058ae5a8480929ff12b586cac45f11b4000fb3a56b6b7eb4b2264f5ad3e68c04ef5546c10680844203935cf6843afa566f28c137dd6e5e0d4706ec7efde14fadb2f37d3d7a9adbb4cb07d83bfd117c8b25accbced4806ce666b647235365b82ae7abbcb05dd1ccfa5715cf46b0bf5c84bec5e103f9f629008c68d740fa6bb434822b7f3a48df894cedba201554fdb74273876ab8249d0be058207a24518c27b1a3d12295dcffb458e9412f111705dbc05ce7c3c093e1d0f804d0a70a8805a3e9b37627278b70c467bdf4192f54c249be8273e736947c1913"}, {0xef, 0x0, "7ef69b0ff0f5ddcaccfadd26f40c7b6629f6d397297ed7dd7671cb9f02ce286be4986388418801bf38526810df74a3d7cd4b9e76b69d88bbdf6f2bb93d5fb8245478c4960ec0dd22d0ba0affadb83bc8ec5048a677f435a72bce95fffaac2694ae738d9342a21dd1945a611f4d1f3112e4eb28420d14d4c6cdcabb34351a6215e6e7e49902bcb77e307325771fad5fa9d17deed7e3a13f51d1c3038c2d8a4b31a17363d63787d9ebb09d4396116a609918e01591afcb1c8c785d13fb0f12c53018c18d85f69a89948bdd52d46349a893f60416786853a920abd4f3a7b97c4bb0cf183d83b3daabd07cd385"}, {0x1004, 0x0, "f8b0f0456ec7940a30e4e444810cba2c064b19e6d16f17129e8ef8ec2246e4239b5e2f31f45b0e363f74300c2b61ee5a61e63ae29a7383bbf207d5d990bf0aa7e3db541aeff998a583021b2b6ce6ea15f00f389367cd238e5c103b5988cf5a4106440322f88279c20936d9431a1b6d0336837ce0b8526f225b765d01ed511face695b866e4f4ac72881e38f48ed91013bac5f0b327b65cddefccdc71baffdfc2269be8f44ca72823fce4264bc679814635d66c441ea4a7c0d513c697e8230e862cf8e38c976f654749bde44983906742e9c592090eed45b6682c291ad44a10d6aca4e73950c46e09017244091c879c0d4c21ebc23419b07aeda52c0977002c0b0d54d70264b7d4a1f97d60edddf73949962c321cc5a91074937dd19e649760b7e449bea1518993b41e7fe618674698714b4c0200548a370eeb985e723b3d79f336214222a55b06658bea0ca6819b47104bcc8fcb421684096aebc00f459c3aad5fae92ab7b9d629fa86f2f1b0821bad938a153f318d64d46bde75ccd50968197fa091ba65f9030e693271560cf15bd0445491dfaeee6b4e4c4f02e176832b1dd5e583ca750af713c4d1b861ad07324343aea31f7b429caf8dd07e4d40402426e967d7de439544bd28e6a13c1440fb8bcf9b98b252eb540faa1abdc3269b5a24c2e1208a01de2b3138124615e35375ff6be903de9f607429e7d27ea63b77b306e8a3bf8ce63746a813df1315993c331ce7f712a0e8a3ea2843e3d1472573d915129acbee2e7e13589d2a679e0b12ac7797971ceb53bda1e1f9171544a620fda8e7561c46a54fdaae2e2df3f17ee87ee480c73a5f6fd512b833811f0c3e6607d40c03b12fd93d721b5ed4e30411bffc941f87995631b92b0012ea15c5262ed45563767d2474e270d8dbaedf3882e3ef0e27e34ecb619e24b22ed6900a61fdabda1e099640df3878c37e7df1c9bfe5248a1ed96eca375743ece4c88750fe92ab52b783e0d2a7a2eecd42fb64bffef720578f2135e3537a976a749eb6c001363bb9e51b220701adb27c918d99f6b0c79c85d111ec530567ac0a3df5d951c5e15f98692a68489911f2b3f83a373b1dc39c26645f77f17730a35409504881a7ca1495ec662fdc27df085ec4223869702bf807a17bcb5cccf2c989eb6fbc14e2bc100731e60ab1e79aae42092d67a70d1ff1c26af6124f983047897870ee8b6171a92fb9ce3760aaed1f2250099fecdbb1fa9146cf357d7a6a34bb433bfed95d87cb7ad8ab71ae7edaf47cf8015b9c399fa5f90a33a6727d28635f825185f2fc5a8322704c05791112048d70dfa10824266ea086e6f64a6237890f622a7ee61383800a75080426741d713e63e7ba47e31a403edcccb312500c774a9bb8b849b96700a00820db9bdc5678f0ace5e4c3b16d06800e86fad0e56cebfebb947f1089dbd5726b64dc516e0c8b60dbf6677659083493470c39e39b35b180846687777b31fa858e4c2dbb96bbfddc3aba8c5cd29355e431852872b77beea26971e56f04da50bae8c1f5cd3af833f19c21759f7858bb8be045b49a226bc4861477d3932ec026da761a830876eee86b688b8677c7949e9126dc7f2004851563162140b560b4c71d3c02bd53eb8dc2d1e5bac9f9ebfa0f6301f586c55c20ccfd940d55f1cd37388d4f168a4bb247d6817d864304db6b3f03e9ba9b754e33ca480e9febef6e2c0a6ab44806cf77d442e7d4553e80a600179f820e5e35dfaf2d842879ace076b76fa3b549f13804d0e542f96af14b3d9865388346ec3d3a0118a7d73cf056b16d372489a4c7ca095e205a7cbd5e2ef5be55f44bca2f13a8b1e9602963476619045aec2727dee18679f2f47bf916867e9b9979a6b42f81362e16726af17a9d831e5d3b0f538c2a2069f8702003689626a15021ccc514fb34d70261f765834b80c7f114a6588e5dbc151fbcc05ba2e166bae68b39fe1bfa392a42e1bba11d3e41ec3a7af746a8a70f1cd3d9855e9ac0e158bc6888f75f7a56b517ae3191dfacb5fbf131490ca77e6ffa62c61afbb46311bef9a3836156228c09c15f026c11b476849af8c2211b46526d562a41ae7cb79168cd4139f9b58129bc9f9613c32e8c18717ae04b03bcdd10c42c15957415e6801ca069d75bcc6e60783077948f5ded95b0cae58498b00d4f3e8e99877845248d201dce0b7fef3a01925d9284eba361a285b8dafc4ff0a32119e05d57e3bb2a70594327a8ea4a3efdfdc48ebd3432dfed8f4b91aa725ffbe7bf1eb3685fb53c0a999e6bc1fa2461870c68a414af23f271fc13bb96a92682f7b037de586eebec43b56b3820d03c29837d95a42357d31e13513074c757a9a2b627067d9c480defc197d06bf02fc96022edbf4d4b6abd9f9b3213a52a8ec48a729ab6a3dfb73158056177e1770da6d9ea2480774dfe8ed33348997fbe0669dd01647529ea98d3d9591515b1c531412fcb67c07c4b9263ed7c5875f943e74da11eec8e7550edcd0a7617e47ce5c1d908fdedb1b022eb75d31db8a9ff8051a78eb636f9bdfde7843958d4b4b4a0100e0e3119869d296357b350878ad206024f570e547a21e7b37c4971ca254ae95a85c0524eae18c6f4c421d1dffcf871aa224f1fd340cdf9ae7f607852c7cee886bf89fcf066f5f058b6769931be280089c43dbfb766d56162ce19a0d7f06f85b5bcdf34e1206141afc4f4e09e9182500fc1b2a3867201ad49de41b9acdae738f6d8efd0dc99717f16e580fe2ec2dfcf8c49e9da1b5def50b400d440eb63e07a3f79f961750cbe195302b22ff6861e3a055b52ef09e150d2e0dfe59e29d3c36dd9f09307444620daf7c715c593901d087dd8404caf4145dae663454628b0fef0a361a466269ac007308a72f677593d898d40390350b3dcbbd75e8782176c2d50e684238887860c1a0f9c0abde3dd86d5bb66606b9733d83ba62af91c1dd8c4cbcb8379039dea9df5064f84cafcaa604e9627a6947e64338ceceb543e8239d4543e1882c7404ad54d478c151133484c57a8940ec87b99ee6e458d3396b70fc9a7efb3c5d00d49fbc104d4709f69b2ecaf7658ede9253e7844fcca355e23c64a7caa4ebfb068152f35d019cbc0f54e756988e2b09eff9ff1d12442e02a9c8a84d9f3edd0f642bf628e74a682d054a6fa8990c271b9a953551d053f46778b3ea6fe763eeed084ae04a8a60ee346de9eab1b178cb6ca0dc1e278d8e798bd95ff903cc1ee0b3dfbec8cb098860e7759cdeb8dc53de43f2cca6a8748889fe47e68c03b30673a6d83d7f1cb4aba81c01b871a23cab385880da16094ede8f52fd3a5a2b826eb21d82c138f6a9f93974182172cbc196c926592134b7bb210c5acaf79903227af1584463e871ef2b0091ce871ca360bccceb9c0fe48ccd180d4f9d5e7e86c65a6c5184f08b351c5f8ddbb218905cbe746c21a4a3f31bf3d4e463ac4a49c473546bb3c973df57d191eac054b2c37f49ef95e82f1260ecdb540821e98c4270c1902dfb0f5e5805a879aec21e8b48b1e9e31ad885d2820d55c8e476ad0b42cb0466ff762da0a9504d20a2fd5091d8eb6b028d27542964b4e86e7c89011b5c791f3f75d83537f30f95e69e5b77065cf1c86bbb8168beb4d30c16cc6e9eb4a482af7be9f593bdae3cd89faa8867a8ca2d5969356344ee4aad29b3048aba3eef4f4246dbad9de3e8c686c03ae88bff0be20907727c11961ee65ddd4e9c0028107c01dbdd2c8f0622a7c0635073cf5dcf31d7260a2763822ea6e7d8a42107905d2a0ba2f55464fcd085868ec4ec8c75ccda3c2c6026c5c1744698ccf04eb93e644c15f505a6004d83437feb20932e524f3327edbdb2990cacae2686d5d2e4f2f80760d11b0aeddc6735659ca61b556d51bcf9027cb5b4ad453d5d7bb319321a25c7ad25401bad258e925a9dd2da11dbd63a31934592c91525f91cf0758439b539a38f56fe93a8a61dc2b6842b8cdde971f5074b4865d135540653c3e947232053fb2fa57a1fad5fe79b1d7444d2b90d5c3d8ed796848bc90f7e90cc06233b5117b19047563dae2538d40e18e77274a4efa0c70db27b8abb0a7554ff4b13488402d800e9ba523bda62276ebdc5c439dee0ecd0df1fcff936af96304962975a5c6182384acce365e29ee35290f5a6da793399d544fb752f7b061f6315e0c127e7a14e48ee4ae3e7feb81d3fd140096f2b0a25e3df1b5ec734043e648b46eb8ac75571ad18460215817e9bd92617a359019558c32dbdb719d168344d73eb447ad3f31817665401a640e3629ceb576531c377e43b1a47e5bea04081673f017e255aa04a8e9c460e05a96cf78b06b1ca36fd358292243f2da60993f817bea6141820593385354758c4293afc80018607d36cd23cde4a7e00f22f6d3c6402eaf1defcd961a48e4ec42434195c9e32ca57b5143c83b41d6eaa6613da21438ba2e88dd11d0fe03de5e8b37ecaa05cf35ac31aa475ca43bc6b2311efad6e3e3b2c6478dd609068bad5b28da7728736dad2c940248abaeb6dae11d1af90c896571bafe4c9c876e0b1f2985817418ce09efe6bc133caab55bb6b5c7a05e415fb8d6e413280a80b01c10bab65eadcc4a2b5ff15495af92d97b840aa84442865747e471f34b72ba1fab88222b3ea56eec3126078b946ae2f45778c19c21a877b2e8d3a10a4960f8cd940c0473241e4bf6d88d330d1748ec7374b4edf1ab157927e60d896bc2e049653ad2e2c0a0d3ef995bddafc816add533502eafc060a679878331bb821f83380621f652b2580c1c7da37ddfccdb4360af4e92017d9492e354d13b7040deeb7ccd9b2b1175184d590a56f1780d2ffc6245b28a2b61e08841e64453b7ee46e9fa570bddc1883f88bcbe3830de572d51bef68ff3e607c9c2602543dfe0e1b58d61a0241aa5c370a849fe17dc98f53d4698f83932d7c53628d968b2cb246efc30bca95100ea736dc2d53d3c151a720136d78eb209005e114800c0e044d5972aadd3277649ca58d23277af569242198685100e5f52db19db90aba04a3d488605b94f61e8f5b73187b38c74d6f97aa3caebcf36cf59f887c3780494bb3735ef826e53ce07e4e6461994d31b8960432975286c8c3116448fd73428c6c800155d07583f4b98903903de96d0383d0984c7b98dc6f9aa90424cc65012807dbb502566efec5a63bf825c14641b93cffdeed0243704af019e05720e57ced4f4c8330a02b324c59a28167e05904041fea4c0eebb7ab7eefeebece47f034efcdce75ebe24b36bf7db6c3639595f9c5351f94b42358db8a3871ec116f112bc82a8366566171e449cd697be0fa1d02e98ae6efccea658e4e8600331f96e34b6c8eff25ca8580a4d533c0d31eac539cb6e7e0cd8e7efc65c89f26766d551eecbdd1101908ea60de31b2d78d86c9df46ea58020e95bb2a06eab289ebd579fc903454bbb1ca2ae4babdb478a0057259fc22fe4bc9bcb9f2537cf42028d2a88afec2af00b539e9c2f38180453318325462069ecdf9bb9b7ea5c86c45a3c6abc4659c91bee13de38b25b6b05bf13766b1256fb0db0b8676e5353611f51b13d718d9bf1a14959a1c06d9c4f71f45ea655fde12aa2949059b7d7e684e449e877147f17d373aa36e071f370d9d551ae34e08b80f26aaca429f18552ba89dce9dadc3cb46d9ec23a2a2db24b53de9883e9544a1d1374204385628953f72701f9ae87f3b662ec565d43b8a0afe0c6218b61721ae2eef9ce5989fa06f0cd471214fbad356f1f4e6eee8e65417670a4982ad77d9bdcd3b9aa06ddd54f062"}, {0xec, 0x0, "5676d1160b49fe59c6f49cfac13021b1a75064f5a663d1dd975ca5dd457d811af3650b274ca53b679624cbe190c6b5f6d004f42cd3214da23ac3d977aef7d1d23c0f66a9725559163075c357c7b9bb41e48bb20b28681deb9f7f92ab50e36d6fe7fa7122243903ad5b2115b55f597dac254992551f472deca3ce9cd65c67435da8eb4b92ac7e1a7b1e7238f252d5db71de4b754dd0871e06e48ed1b7a279e6495031bfeadcad21b19edefc67a1c38fe3ee7d0845b7da26e5132515ce1d41a9231231f11dba72a4648874efe1f3d700f3ed835b517bd3508be609faecca3060a64c117cfc6487c7e3"}, {0x9c, 0x0, "d5b7e5b3988c10899a1140c2df50d9f75bf1bfa2a2e851a2f101dec19dbdcb40c04ffeeb4000b806d83363e7157b9d2ee0c705fc13df631b71e852816d9066b1632ad5b6aa4debf4da2338cc5fc3f157fe1bd4e28ed50445dc0cae806b75b00434c0b018276869b80810831d1a284d439c33b8d218e06ebdf29201a55c330a4b5556c66b0af9bcece0f3f500d81636de320107abe7f9920a"}, {0x29, 0x0, "4fe109759a98bfae8a198c681a9820e6de7e9518819fd67adc332f0d6aaa2c9a3f2da8d9e0"}, {0x9f, 0x0, "f6632306e6d5eff182b49aa8bcad971ddb51f72cbed81d341408a7080225dc1b67c00e22e3f1c334807b4948e56bba96f4e9db6fc2f4a75007ae7f695e5b3727c7a727e03901088a9136827bb1fa7178342b3dec65781d396235f1366174d92a55da472a7400102debdaa9ce3a526fc51dda13be6ee621deb5e4f8e9b42b027b48b31089c18e420288001efd2ca89e33daddc0774f34690d730575"}]}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}, @NL80211_NAN_FUNC_PUBLISH_TYPE={0x5, 0x3, 0x6}]}]}, 0x3688}, 0x1, 0x0, 0x0, 0x404c0d4}, 0x40045)
r3 = socket(0x10, 0x2, 0x2)
socket$inet(0x2, 0x1, 0xfffffffd)
sendmsg$nl_route_sched(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_generic(r3, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000300)={&(0x7f00000001c0)=ANY=[@ANYBLOB="e40000001200000325bd7000fcdbdf250800000008000d00", @ANYRES32=r0, @ANYBLOB="0800c200030000000c009c000700000000000000b000500085d9387ccf683541e171f7eae4c7adfb79e639e54f450cdc589ae0e0580eab7808f0d407de84e1edea310e5e18b1fe2e1dd5b1e0b8ffb3a28ed3df975796fcfbb025025ab6e2dfd86310defc728d12834d47ac85e7602a54f57e9d9b1e8eb8bb817b3eec68c10dade4313c04eb1f2415514f8aaf83f95f6bd342befe0106cb57b3538628f98e2bb39cfadfaa8faa211def66036916ffab9f08cc41f7820400468000"/200], 0xe4}}, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x28, r5, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}]}]}, 0x28}}, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
ioctl$FS_IOC_SETFSLABEL(r6, 0x41009432, &(0x7f00000006c0)="583e3268814c070ba8ebe10e0f94f91fbf4b3cb8ee37ef25ff7e6843f1b41a5c137499792e8bfbc2a2708ee89888bd1c593ec15422a985668f7cb93c77f8ef3f9bad26eb5ee8c9d61e90d61c7a4a87d0292faf5b4223145c29446df954aa1d22c16298627e4e33b3020c2c98d474de29ed6eb9d99a8e7feaa03257ef0e29f0d0e7f138e31059ba96cc0731ed530bd984fb74d971975a9b268c70a35746a8d1047b0e8a994bbf231e5bc7edc01f5fa4882e0dd20c28c2301f76f063e2dd0844a2e0d9f039ecfab0cfce92ad3d04e0fcb04a52ea31171a0df9bb2a51490b6321a55e077f708650b0b3493c8342c66657e2567b20b1e8914512628b92cad2c858ab")
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b70800000c000000638af8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018240000", @ANYRES32=r7, @ANYBLOB="0000000000000000b703"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000400)={r8, 0x0, 0x0}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000940)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4c, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0x4e1e2563543d84f9}, @TCA_TBF_PBURST={0x8, 0x7, 0x1fc0}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0xffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x1000000, 0x81}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xcb59372f370e8465}]}}]}, 0x78}}, 0x4000080)
setsockopt$inet_sctp_SCTP_INITMSG(r3, 0x84, 0x2, &(0x7f0000000500)={0x6, 0x0, 0x3, 0x9}, 0x8)
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r0, &(0x7f0000000800)="410309fc1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0)

296.747434ms ago: executing program 4 (id=3457):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f000000c800)=[{{0x0, 0x0, &(0x7f0000002e40)=[{&(0x7f0000000340)=""/25, 0x19}, {&(0x7f0000000480)=""/103, 0x67}, {&(0x7f0000000940)=""/132, 0x84}, {&(0x7f0000001b00)=""/4109, 0x100d}, {&(0x7f0000002d40)=""/190, 0xbe}, {&(0x7f0000001a80)=""/102, 0x66}], 0x6, 0x0, 0x0, 0x11f8}, 0xc}, {{0x0, 0x0, 0x0}, 0x24c9ddb}, {{0x0, 0x0, 0x0}, 0x68}, {{0x0, 0x0, 0x0}, 0x1}], 0x4, 0x40000000, 0x0)

289.720883ms ago: executing program 0 (id=3458):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x40, 0x6, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0xfffffff8, 0x0, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000b00)=@can_delroute={0x2c, 0x19, 0x1, 0xfffffffe, 0x80000, {0x1d, 0x1, 0x6}, [@CGW_SRC_IF={0x8}, @CGW_DST_IF={0x8}, @CGW_CS_XOR={0x8, 0x5, {0xfffffffffffffffc, 0x4, 0x2, 0x5}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000040)=ANY=[@ANYBLOB="2000000a0000f0ff9712ae44b3d08f0000000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\n\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c0000003b0007a737e41bcac743098701"], 0x2c}}, 0xc000)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)

265.234987ms ago: executing program 3 (id=3459):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0007000042009103", @ANYRES16], 0xfe33)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x0, @multicast2}, 0x2}}, 0x26)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002bbd7000fec8df25050000000800090002000000060001000700000008000c00aa0a000008000b"], 0x40}, 0x1, 0x0, 0x0, 0x20006911}, 0x0)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
getsockopt$netrom_NETROM_T4(r5, 0x103, 0x6, 0x0, &(0x7f0000000000)=0xfffffffffffffea1)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001240)=[{&(0x7f0000004580)=""/4095, 0xfff}, {&(0x7f0000000140)=""/4092, 0xffc}, {&(0x7f0000001140)=""/181, 0xb5}], 0x3}, 0x0)
socket$kcm(0x10, 0x400000002, 0x0) (async)
write$cgroup_subtree(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0007000042009103", @ANYRES16], 0xfe33) (async)
socket$pppl2tp(0x18, 0x1, 0x1) (async)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x0, @multicast2}, 0x2}}, 0x26) (async)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$L2TP_CMD_SESSION_DELETE(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002bbd7000fec8df25050000000800090002000000060001000700000008000c00aa0a000008000b"], 0x40}, 0x1, 0x0, 0x0, 0x20006911}, 0x0) (async)
syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async)
getsockopt$netrom_NETROM_T4(r5, 0x103, 0x6, 0x0, &(0x7f0000000000)=0xfffffffffffffea1) (async)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001240)=[{&(0x7f0000004580)=""/4095, 0xfff}, {&(0x7f0000000140)=""/4092, 0xffc}, {&(0x7f0000001140)=""/181, 0xb5}], 0x3}, 0x0) (async)

121.031936ms ago: executing program 0 (id=3460):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x4, [@fwd={0xa}]}, {0x0, [0x30, 0x2e]}}, &(0x7f00000001c0)=""/77, 0x28, 0x4d, 0x0, 0xb, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000180)=@framed={{}, [@ldst={0x2, 0x2, 0x3, 0x1, 0x0, 0x9f}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$kcm(0x29, 0x7, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000000)={0x18, 0x0, {0x0, @remote, 'batadv_slave_1\x00'}}, 0x1e)

73.243078ms ago: executing program 0 (id=3461):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="60000000020601080000000000000000000000001400078008001140000000000500150003000000050005000a"], 0x60}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="30000000190001000000000000000000021800000000ff000000000008000100ac1414000c00090008"], 0x30}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)={0x20, 0x1, 0x2, 0x3, 0x0, 0x0, {0x3, 0x0, 0x5}, [@CTA_EXPECT_TUPLE={0x4}, @CTA_EXPECT_ZONE={0x6}]}, 0x20}, 0x1, 0x0, 0x0, 0x24040080}, 0x4040000)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r2, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x44, 0x0, 0x8, 0x301, 0x0, 0x0, {0x7, 0x0, 0x6}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0x14, 0x0, &(0x7f0000000740)="070029000000000008004c6588a840b3c1d68627", 0x0, 0x99b9, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000700)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x4)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000940)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x80000000, '\x00', 0x0, r1, 0x3, 0x2, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a80)={0x6, 0x10, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x8}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1000}}]}, &(0x7f0000000440)='syzkaller\x00', 0x8001, 0x83, &(0x7f0000000800)=""/131, 0x40f00, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000006c0)={0x1, 0x10, 0xfffffff7, 0xdc}, 0x10, 0x0, 0x0, 0x8, &(0x7f00000009c0)=[0xffffffffffffffff, r4, r5], &(0x7f0000000a00)=[{0x4, 0x4, 0xa, 0x9}, {0x2, 0x2, 0x3, 0x6}, {0x2, 0x4, 0x8}, {0x2, 0x5, 0x2, 0x7}, {0x5, 0x3, 0x6, 0xc}, {0x2, 0x5, 0xf, 0x6}, {0x1, 0x4, 0x2, 0x5}, {0x5, 0x1, 0x5, 0x6}], 0x10, 0x80000001, @void, @value}, 0x94)
setsockopt$inet6_tcp_int(r3, 0x6, 0xa, &(0x7f0000000cc0)=0x5, 0x4)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000100001000000000000dfff000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e65766530000000000000000000140001006c6f0000000000000000000000000000080002"], 0xb4}}, 0x0)
r7 = socket(0x1d, 0x2, 0x6)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r7, 0x6a, 0x3, 0x0, &(0x7f0000000000)=0xfffffffffffffd68)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000001e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_HASH_SREG={0x8, 0x1, 0x1, 0x0, 0x15}, @NFTA_HASH_LEN={0x8}, @NFTA_HASH_DREG={0x8}, @NFTA_HASH_MODULUS={0x8, 0x4, 0x1, 0x0, 0x9}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0)
r9 = socket$vsock_stream(0x28, 0x1, 0x0)
r10 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r10, 0x8933, &(0x7f0000000600)={'team0\x00', <r11=>0x0})
r12 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r12, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000002d80)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r11, {}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd], 0x0, [0x8, 0x4, 0x7209, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x8]}}]}}]}, 0x8c}}, 0x0)
sendto$packet(r7, &(0x7f0000000380)="57276f8eaa06d63107cf8177890b0e09109de83c1df838ed55107218a54326a1970d4fbfbe9d6ac0fc223e32f38618d083764a75527164adb6", 0x39, 0x2000c000, &(0x7f00000003c0)={0x11, 0x8, r11, 0x1, 0x3, 0x6, @local}, 0x14)
accept4$vsock_stream(r9, &(0x7f0000000080)={0x28, 0x0, 0xffffffff}, 0x10, 0x80000)

0s ago: executing program 4 (id=3462):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300", @ANYRES32=r0], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="b800000019000100000000f7ffffff00e000000200"/43, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000700000000000000000000000000000000000000000000000200000000000000ffffffffffffffff0000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff"], 0xb8}}, 0x4004)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x11}, 0x80)
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYRES16, @ANYBLOB="0101000000", @ANYRES32], 0x54}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x11, &(0x7f0000000540)=0x8, 0x4)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="a800000000010904000500000000000002000000240001801400018008000100e000000108000200ac1e01010c000280050001000000090024000280"], 0xa8}}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000000004400000008000300", @ANYRES32, @ANYBLOB="08002700851600000a00180000000000000000001c005a801800018014"], 0x4c}}, 0x4000804)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={0x0, 0x6f4}}, 0x0)

kernel console output (not intermixed with test programs):

R08: 0000000000000000 R09: 0000000000000000
[  306.559820][T13824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  306.559831][T13824] R13: 0000000000000000 R14: 00007f34747b5fa0 R15: 00007ffcbc7c5b28
[  306.559865][T13824]  </TASK>
[  306.810500][T13826] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2725'.
[  307.011785][ T1140] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.046789][ T1140] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.120489][ T1140] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.166187][T13834] openvswitch: netlink: nsh attribute has 1 unknown bytes.
[  308.181013][T13834] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  308.270060][ T1140] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.710076][ T1140] bridge_slave_1: left allmulticast mode
[  308.716927][ T1140] bridge_slave_1: left promiscuous mode
[  308.729095][ T1140] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.842076][ T5844] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  308.854537][ T5844] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  308.868643][ T5844] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  308.879182][ T1140] bridge_slave_0: left allmulticast mode
[  308.884892][ T1140] bridge_slave_0: left promiscuous mode
[  308.898570][ T5844] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  308.907227][ T1140] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.915701][ T5844] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  309.512311][ T1140] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  309.524347][ T1140] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  309.536450][ T1140] bond0 (unregistering): Released all slaves
[  309.584379][T13867] 8021q: adding VLAN 0 to HW filter on device bond0
[  309.601783][T13867] bond0: (slave vcan1): The slave device specified does not support setting the MAC address
[  309.649203][T13867] bond0: (slave vcan1): Error -95 calling set_mac_address
[  309.814238][T13860] vxcan1 speed is unknown, defaulting to 1000
[  310.058220][T13886] mac80211_hwsim hwsim8 syzkaller0: left promiscuous mode
[  310.074932][T13888] FAULT_INJECTION: forcing a failure.
[  310.074932][T13888] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  310.076338][T13886] mac80211_hwsim hwsim8 syzkaller0: left allmulticast mode
[  310.097721][T13888] CPU: 0 UID: 0 PID: 13888 Comm: syz.2.2748 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  310.097751][T13888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  310.097764][T13888] Call Trace:
[  310.097772][T13888]  <TASK>
[  310.097781][T13888]  dump_stack_lvl+0x189/0x250
[  310.097815][T13888]  ? __lock_acquire+0xaac/0xd20
[  310.097848][T13888]  ? __pfx_dump_stack_lvl+0x10/0x10
[  310.097878][T13888]  ? __pfx__printk+0x10/0x10
[  310.097899][T13888]  ? __might_fault+0xb0/0x130
[  310.097939][T13888]  should_fail_ex+0x414/0x560
[  310.097968][T13888]  _copy_from_user+0x2d/0xb0
[  310.098008][T13888]  ___sys_sendmsg+0x158/0x2a0
[  310.098041][T13888]  ? __pfx____sys_sendmsg+0x10/0x10
[  310.098113][T13888]  ? __fget_files+0x2a/0x420
[  310.098140][T13888]  ? __fget_files+0x3a0/0x420
[  310.098179][T13888]  __x64_sys_sendmsg+0x19b/0x260
[  310.098212][T13888]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  310.098262][T13888]  ? do_syscall_64+0xba/0x210
[  310.098294][T13888]  do_syscall_64+0xf6/0x210
[  310.098322][T13888]  ? clear_bhb_loop+0x60/0xb0
[  310.098348][T13888]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.098368][T13888] RIP: 0033:0x7f201558e969
[  310.098385][T13888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.098403][T13888] RSP: 002b:00007f201638a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  310.098425][T13888] RAX: ffffffffffffffda RBX: 00007f20157b5fa0 RCX: 00007f201558e969
[  310.098440][T13888] RDX: 000000002000c094 RSI: 0000200000000000 RDI: 0000000000000003
[  310.098453][T13888] RBP: 00007f201638a090 R08: 0000000000000000 R09: 0000000000000000
[  310.098466][T13888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  310.098477][T13888] R13: 0000000000000000 R14: 00007f20157b5fa0 R15: 00007ffc1433b1f8
[  310.098511][T13888]  </TASK>
[  310.330348][T13891] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input7
[  310.773337][T13907] __nla_validate_parse: 12 callbacks suppressed
[  310.773382][T13907] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2753'.
[  310.806219][ T1140] hsr_slave_0: left promiscuous mode
[  310.812395][ T1140] hsr_slave_1: left promiscuous mode
[  310.819034][ T1140] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  310.829741][ T1140] batman_adv: batadv0: Removing interface: batadv_slave_0
[  310.838786][ T1140] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  310.848473][ T1140] batman_adv: batadv0: Removing interface: batadv_slave_1
[  310.870399][ T1140] veth1_macvtap: left promiscuous mode
[  310.876043][ T1140] veth0_macvtap: left promiscuous mode
[  310.881703][ T1140] veth1_vlan: left promiscuous mode
[  310.887829][ T1140] veth0_vlan: left promiscuous mode
[  310.988439][ T5140] Bluetooth: hci4: command tx timeout
[  311.178742][T13909] netlink: 'syz.0.2754': attribute type 11 has an invalid length.
[  311.186839][T13909] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2754'.
[  311.199183][T13909] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2754'.
[  311.421321][ T1140] team0 (unregistering): Port device team_slave_1 removed
[  311.465595][ T1140] team0 (unregistering): Port device team_slave_0 removed
[  312.290607][T13927] FAULT_INJECTION: forcing a failure.
[  312.290607][T13927] name failslab, interval 1, probability 0, space 0, times 0
[  312.311976][T13860] chnl_net:caif_netlink_parms(): no params data found
[  312.335063][T13927] CPU: 0 UID: 0 PID: 13927 Comm: syz.2.2759 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  312.335095][T13927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  312.335109][T13927] Call Trace:
[  312.335118][T13927]  <TASK>
[  312.335127][T13927]  dump_stack_lvl+0x189/0x250
[  312.335168][T13927]  ? __pfx_dump_stack_lvl+0x10/0x10
[  312.335198][T13927]  ? __pfx__printk+0x10/0x10
[  312.335236][T13927]  should_fail_ex+0x414/0x560
[  312.335266][T13927]  should_failslab+0xa8/0x100
[  312.335296][T13927]  __kmalloc_cache_noprof+0x70/0x3d0
[  312.335323][T13927]  ? sctp_add_bind_addr+0x8c/0x370
[  312.335357][T13927]  sctp_add_bind_addr+0x8c/0x370
[  312.335391][T13927]  sctp_copy_local_addr_list+0x30b/0x4e0
[  312.335425][T13927]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  312.335453][T13927]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  312.335489][T13927]  ? sctp_v4_is_any+0x35/0x60
[  312.335516][T13927]  ? sctp_copy_one_addr+0x93/0x360
[  312.335547][T13927]  sctp_bind_addr_copy+0xb3/0x3c0
[  312.335576][T13927]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  312.335605][T13927]  sctp_connect_new_asoc+0x2e0/0x690
[  312.335630][T13927]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  312.335649][T13927]  ? __local_bh_enable_ip+0x12d/0x1c0
[  312.335679][T13927]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  312.335705][T13927]  ? security_sctp_bind_connect+0x7e/0x2e0
[  312.335730][T13927]  sctp_sendmsg+0x155c/0x2810
[  312.335765][T13927]  ? __pfx_sctp_sendmsg+0x10/0x10
[  312.335796][T13927]  ? aa_sk_perm+0x81e/0x950
[  312.335824][T13927]  ? __pfx_aa_sk_perm+0x10/0x10
[  312.335850][T13927]  ? sock_rps_record_flow+0x19/0x400
[  312.335885][T13927]  ? inet_sendmsg+0x2f4/0x370
[  312.335920][T13927]  __sock_sendmsg+0x19c/0x270
[  312.335947][T13927]  ____sys_sendmsg+0x505/0x830
[  312.335984][T13927]  ? __pfx_____sys_sendmsg+0x10/0x10
[  312.336024][T13927]  ? import_iovec+0x74/0xa0
[  312.336058][T13927]  ___sys_sendmsg+0x21f/0x2a0
[  312.336090][T13927]  ? __pfx____sys_sendmsg+0x10/0x10
[  312.336165][T13927]  ? __fget_files+0x2a/0x420
[  312.336192][T13927]  ? __fget_files+0x3a0/0x420
[  312.336232][T13927]  __x64_sys_sendmsg+0x19b/0x260
[  312.336265][T13927]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  312.336315][T13927]  ? do_syscall_64+0xba/0x210
[  312.336347][T13927]  do_syscall_64+0xf6/0x210
[  312.336374][T13927]  ? clear_bhb_loop+0x60/0xb0
[  312.336401][T13927]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.336420][T13927] RIP: 0033:0x7f201558e969
[  312.336439][T13927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.336455][T13927] RSP: 002b:00007f201638a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  312.336477][T13927] RAX: ffffffffffffffda RBX: 00007f20157b5fa0 RCX: 00007f201558e969
[  312.336492][T13927] RDX: 0000000000000040 RSI: 0000200000000e40 RDI: 0000000000000003
[  312.336504][T13927] RBP: 00007f201638a090 R08: 0000000000000000 R09: 0000000000000000
[  312.336516][T13927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  312.336528][T13927] R13: 0000000000000000 R14: 00007f20157b5fa0 R15: 00007ffc1433b1f8
[  312.336564][T13927]  </TASK>
[  312.751125][T13932] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2762'.
[  312.834609][T13943] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2766'.
[  312.868321][T13939] netlink: 'syz.4.2764': attribute type 1 has an invalid length.
[  312.876586][T13944] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2765'.
[  312.894706][T13944] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2765'.
[  313.007989][T13860] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.016502][T13860] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.024115][T13860] bridge_slave_0: entered allmulticast mode
[  313.037521][T13860] bridge_slave_0: entered promiscuous mode
[  313.048604][T13860] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.056248][T13860] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.063662][T13860] bridge_slave_1: entered allmulticast mode
[  313.072564][ T5140] Bluetooth: hci4: command tx timeout
[  313.088513][T13860] bridge_slave_1: entered promiscuous mode
[  313.126015][T13948] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2765'.
[  313.188193][T13860] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  313.204266][T13860] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  313.311233][T13860] team0: Port device team_slave_0 added
[  313.324921][T13860] team0: Port device team_slave_1 added
[  313.390106][T13860] batman_adv: batadv0: Adding interface: batadv_slave_0
[  313.401958][T13860] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  313.431509][T13860] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  313.444750][T13860] batman_adv: batadv0: Adding interface: batadv_slave_1
[  313.453558][T13860] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  313.495845][T13860] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  313.589377][T13974] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2778'.
[  313.599355][T13860] hsr_slave_0: entered promiscuous mode
[  313.607202][T13860] hsr_slave_1: entered promiscuous mode
[  313.615442][T13975] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.2777'.
[  313.747560][T13981] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN
[  313.908008][T13988] FAULT_INJECTION: forcing a failure.
[  313.908008][T13988] name failslab, interval 1, probability 0, space 0, times 0
[  313.941285][T13988] CPU: 0 UID: 0 PID: 13988 Comm: syz.0.2782 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  313.941327][T13988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  313.941341][T13988] Call Trace:
[  313.941349][T13988]  <TASK>
[  313.941359][T13988]  dump_stack_lvl+0x189/0x250
[  313.941398][T13988]  ? __pfx_dump_stack_lvl+0x10/0x10
[  313.941429][T13988]  ? __pfx__printk+0x10/0x10
[  313.941452][T13988]  ? __pfx___might_resched+0x10/0x10
[  313.941473][T13988]  ? fs_reclaim_acquire+0x7d/0x100
[  313.941510][T13988]  should_fail_ex+0x414/0x560
[  313.941539][T13988]  should_failslab+0xa8/0x100
[  313.941568][T13988]  __kmalloc_noprof+0xcb/0x4f0
[  313.941594][T13988]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  313.941634][T13988]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  313.941675][T13988]  genl_family_rcv_msg_doit+0xb8/0x300
[  313.941716][T13988]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  313.941749][T13988]  ? __pfx___mutex_lock+0x10/0x10
[  313.941777][T13988]  ? __pfx_genl_get_cmd+0x10/0x10
[  313.941805][T13988]  ? __pfx_mptcp_pm_nl_get_addr_doit+0x10/0x10
[  313.941837][T13988]  ? __pfx_mptcp_pm_nl_get_addr_dumpit+0x10/0x10
[  313.941876][T13988]  ? stack_depot_save_flags+0x40/0x910
[  313.941907][T13988]  genl_rcv_msg+0x60e/0x790
[  313.941946][T13988]  ? __pfx_genl_rcv_msg+0x10/0x10
[  313.941975][T13988]  ? __pfx_mptcp_pm_nl_get_addr_doit+0x10/0x10
[  313.942025][T13988]  netlink_rcv_skb+0x219/0x490
[  313.942053][T13988]  ? __pfx_genl_rcv_msg+0x10/0x10
[  313.942086][T13988]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  313.942138][T13988]  ? down_read+0x1ad/0x2e0
[  313.942170][T13988]  genl_rcv+0x28/0x40
[  313.942197][T13988]  netlink_unicast+0x75b/0x8d0
[  313.942235][T13988]  netlink_sendmsg+0x805/0xb30
[  313.942272][T13988]  ? __pfx_netlink_sendmsg+0x10/0x10
[  313.942310][T13988]  ? aa_sock_msg_perm+0x94/0x160
[  313.942337][T13988]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  313.942361][T13988]  ? __pfx_netlink_sendmsg+0x10/0x10
[  313.942388][T13988]  __sock_sendmsg+0x21c/0x270
[  313.942415][T13988]  ____sys_sendmsg+0x505/0x830
[  313.942452][T13988]  ? __pfx_____sys_sendmsg+0x10/0x10
[  313.942494][T13988]  ? import_iovec+0x74/0xa0
[  313.942529][T13988]  ___sys_sendmsg+0x21f/0x2a0
[  313.942562][T13988]  ? __pfx____sys_sendmsg+0x10/0x10
[  313.942637][T13988]  ? __fget_files+0x2a/0x420
[  313.942663][T13988]  ? __fget_files+0x3a0/0x420
[  313.942703][T13988]  __x64_sys_sendmsg+0x19b/0x260
[  313.942736][T13988]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  313.942787][T13988]  ? do_syscall_64+0xba/0x210
[  313.942820][T13988]  do_syscall_64+0xf6/0x210
[  313.942848][T13988]  ? clear_bhb_loop+0x60/0xb0
[  313.942874][T13988]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.942893][T13988] RIP: 0033:0x7f7e5198e969
[  313.942912][T13988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.942929][T13988] RSP: 002b:00007f7e4f7f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  313.942952][T13988] RAX: ffffffffffffffda RBX: 00007f7e51bb5fa0 RCX: 00007f7e5198e969
[  313.942967][T13988] RDX: 000000002000c094 RSI: 0000200000000000 RDI: 0000000000000003
[  313.942980][T13988] RBP: 00007f7e4f7f6090 R08: 0000000000000000 R09: 0000000000000000
[  313.942992][T13988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  313.943004][T13988] R13: 0000000000000000 R14: 00007f7e51bb5fa0 R15: 00007ffddde77318
[  313.943038][T13988]  </TASK>
[  314.562053][T14003] syzkaller0: entered promiscuous mode
[  314.567864][T14003] syzkaller0: entered allmulticast mode
[  314.931326][T13860] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  314.952891][T13860] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  314.955124][T14030] netlink: 'syz.0.2797': attribute type 11 has an invalid length.
[  314.983683][T13860] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  315.007132][T13860] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  315.112115][T14034] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.149091][ T5140] Bluetooth: hci4: command tx timeout
[  315.199919][T14034] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.288660][T14034] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.378281][T13860] 8021q: adding VLAN 0 to HW filter on device bond0
[  315.403259][T14034] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.462036][T13860] 8021q: adding VLAN 0 to HW filter on device team0
[  315.499667][ T1108] bridge0: port 1(bridge_slave_0) entered blocking state
[  315.507005][ T1108] bridge0: port 1(bridge_slave_0) entered forwarding state
[  315.549368][ T1108] bridge0: port 2(bridge_slave_1) entered blocking state
[  315.556719][ T1108] bridge0: port 2(bridge_slave_1) entered forwarding state
[  315.612316][T14034] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  315.650070][T14034] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  315.693694][T14034] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  315.744840][T14034] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  316.113814][T14070] team0: Device vti1 is up. Set it down before adding it as a team port
[  316.229064][T13860] 8021q: adding VLAN 0 to HW filter on device batadv0
[  316.364742][T13860] veth0_vlan: entered promiscuous mode
[  316.398458][T13860] veth1_vlan: entered promiscuous mode
[  316.486963][T13860] veth0_macvtap: entered promiscuous mode
[  316.559665][T13860] veth1_macvtap: entered promiscuous mode
[  316.620139][T13860] batman_adv: batadv0: Interface activated: batadv_slave_0
[  316.622837][T14092] __nla_validate_parse: 8 callbacks suppressed
[  316.622859][T14092] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2816'.
[  316.721768][T14092] 8021q: adding VLAN 0 to HW filter on device bond3
[  316.741712][T14095] vlan0: entered allmulticast mode
[  316.748647][T14095] bond3: entered allmulticast mode
[  316.775249][T14092] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2816'.
[  316.793522][T14092] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2816'.
[  316.806592][T14097] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2817'.
[  316.819459][T13860] batman_adv: batadv0: Interface activated: batadv_slave_1
[  316.857659][T13860] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  316.866709][T13860] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  316.875832][T13860] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  316.903806][T13860] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  316.978366][T14106] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2821'.
[  316.994890][T14106] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2821'.
[  317.150188][T14114] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2824'.
[  317.195416][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  317.196804][T14114] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2824'.
[  317.212740][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  317.246126][ T5140] Bluetooth: hci4: command tx timeout
[  317.255714][T14114] FAULT_INJECTION: forcing a failure.
[  317.255714][T14114] name failslab, interval 1, probability 0, space 0, times 0
[  317.300541][T14114] CPU: 1 UID: 0 PID: 14114 Comm: syz.2.2824 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  317.300573][T14114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  317.300586][T14114] Call Trace:
[  317.300594][T14114]  <TASK>
[  317.300604][T14114]  dump_stack_lvl+0x189/0x250
[  317.300643][T14114]  ? __pfx_dump_stack_lvl+0x10/0x10
[  317.300673][T14114]  ? __pfx__printk+0x10/0x10
[  317.300702][T14114]  ? __pfx___might_resched+0x10/0x10
[  317.300728][T14114]  should_fail_ex+0x414/0x560
[  317.300758][T14114]  should_failslab+0xa8/0x100
[  317.300788][T14114]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  317.300818][T14114]  ? __alloc_skb+0x112/0x2d0
[  317.300841][T14114]  ? __pfx_mptcp_pm_parse_pm_addr_attr+0x10/0x10
[  317.300878][T14114]  __alloc_skb+0x112/0x2d0
[  317.300910][T14114]  mptcp_pm_nl_get_addr_doit+0x329/0x8e0
[  317.300952][T14114]  ? __pfx_mptcp_pm_nl_get_addr_doit+0x10/0x10
[  317.301004][T14114]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  317.301046][T14114]  genl_family_rcv_msg_doit+0x212/0x300
[  317.301086][T14114]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  317.301146][T14114]  genl_rcv_msg+0x60e/0x790
[  317.301186][T14114]  ? __pfx_genl_rcv_msg+0x10/0x10
[  317.301215][T14114]  ? __pfx_mptcp_pm_nl_get_addr_doit+0x10/0x10
[  317.301250][T14114]  ? ref_tracker_free+0x63a/0x7d0
[  317.301271][T14114]  ? __copy_skb_header+0xa7/0x550
[  317.301318][T14114]  netlink_rcv_skb+0x219/0x490
[  317.301345][T14114]  ? __pfx_genl_rcv_msg+0x10/0x10
[  317.301378][T14114]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  317.301432][T14114]  ? down_read+0x1ad/0x2e0
[  317.301464][T14114]  genl_rcv+0x28/0x40
[  317.301498][T14114]  netlink_unicast+0x75b/0x8d0
[  317.301534][T14114]  netlink_sendmsg+0x805/0xb30
[  317.301572][T14114]  ? __pfx_netlink_sendmsg+0x10/0x10
[  317.301602][T14114]  ? aa_sock_msg_perm+0x94/0x160
[  317.301628][T14114]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  317.301652][T14114]  ? __pfx_netlink_sendmsg+0x10/0x10
[  317.301679][T14114]  __sock_sendmsg+0x21c/0x270
[  317.301706][T14114]  ____sys_sendmsg+0x505/0x830
[  317.301742][T14114]  ? __pfx_____sys_sendmsg+0x10/0x10
[  317.301783][T14114]  ? import_iovec+0x74/0xa0
[  317.301818][T14114]  ___sys_sendmsg+0x21f/0x2a0
[  317.301851][T14114]  ? __pfx____sys_sendmsg+0x10/0x10
[  317.301926][T14114]  ? __fget_files+0x2a/0x420
[  317.301953][T14114]  ? __fget_files+0x3a0/0x420
[  317.301994][T14114]  __x64_sys_sendmsg+0x19b/0x260
[  317.302026][T14114]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  317.302077][T14114]  ? do_syscall_64+0xba/0x210
[  317.302109][T14114]  do_syscall_64+0xf6/0x210
[  317.302136][T14114]  ? clear_bhb_loop+0x60/0xb0
[  317.302163][T14114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.302182][T14114] RIP: 0033:0x7f201558e969
[  317.302200][T14114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.302217][T14114] RSP: 002b:00007f201638a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  317.302239][T14114] RAX: ffffffffffffffda RBX: 00007f20157b5fa0 RCX: 00007f201558e969
[  317.302254][T14114] RDX: 000000002000c094 RSI: 0000200000000000 RDI: 0000000000000003
[  317.302267][T14114] RBP: 00007f201638a090 R08: 0000000000000000 R09: 0000000000000000
[  317.302279][T14114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  317.302298][T14114] R13: 0000000000000000 R14: 00007f20157b5fa0 R15: 00007ffc1433b1f8
[  317.302333][T14114]  </TASK>
[  317.730695][T14132] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[  317.830645][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  317.869511][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  317.890215][T14136] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2831'.
[  317.917074][T14136] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2831'.
[  317.941253][T14139] netlink: 'syz.4.2832': attribute type 1 has an invalid length.
[  318.127742][T14147] FAULT_INJECTION: forcing a failure.
[  318.127742][T14147] name failslab, interval 1, probability 0, space 0, times 0
[  318.172741][T14147] CPU: 1 UID: 0 PID: 14147 Comm: syz.3.2836 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  318.172772][T14147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  318.172785][T14147] Call Trace:
[  318.172794][T14147]  <TASK>
[  318.172803][T14147]  dump_stack_lvl+0x189/0x250
[  318.172842][T14147]  ? __pfx_dump_stack_lvl+0x10/0x10
[  318.172873][T14147]  ? __pfx__printk+0x10/0x10
[  318.172911][T14147]  should_fail_ex+0x414/0x560
[  318.172948][T14147]  should_failslab+0xa8/0x100
[  318.172979][T14147]  __kmalloc_cache_noprof+0x70/0x3d0
[  318.173006][T14147]  ? sctp_add_bind_addr+0x8c/0x370
[  318.173041][T14147]  sctp_add_bind_addr+0x8c/0x370
[  318.173075][T14147]  sctp_copy_local_addr_list+0x30b/0x4e0
[  318.173106][T14147]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  318.173133][T14147]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  318.173167][T14147]  ? sctp_v4_is_any+0x35/0x60
[  318.173194][T14147]  ? sctp_copy_one_addr+0x93/0x360
[  318.173226][T14147]  sctp_bind_addr_copy+0xb3/0x3c0
[  318.173256][T14147]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  318.173286][T14147]  sctp_connect_new_asoc+0x2e0/0x690
[  318.173311][T14147]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  318.173330][T14147]  ? __local_bh_enable_ip+0x12d/0x1c0
[  318.173360][T14147]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  318.173386][T14147]  ? security_sctp_bind_connect+0x7e/0x2e0
[  318.173411][T14147]  sctp_sendmsg+0x155c/0x2810
[  318.173447][T14147]  ? __pfx_sctp_sendmsg+0x10/0x10
[  318.173472][T14147]  ? aa_sk_perm+0x81e/0x950
[  318.173501][T14147]  ? __pfx_aa_sk_perm+0x10/0x10
[  318.173527][T14147]  ? sock_rps_record_flow+0x19/0x400
[  318.173563][T14147]  ? inet_sendmsg+0x2f4/0x370
[  318.173600][T14147]  __sock_sendmsg+0x19c/0x270
[  318.173628][T14147]  ____sys_sendmsg+0x505/0x830
[  318.173664][T14147]  ? __pfx_____sys_sendmsg+0x10/0x10
[  318.173703][T14147]  ? import_iovec+0x74/0xa0
[  318.173739][T14147]  ___sys_sendmsg+0x21f/0x2a0
[  318.173772][T14147]  ? __pfx____sys_sendmsg+0x10/0x10
[  318.173847][T14147]  ? __fget_files+0x2a/0x420
[  318.173874][T14147]  ? __fget_files+0x3a0/0x420
[  318.173916][T14147]  __x64_sys_sendmsg+0x19b/0x260
[  318.173957][T14147]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  318.174006][T14147]  ? do_syscall_64+0xba/0x210
[  318.174037][T14147]  do_syscall_64+0xf6/0x210
[  318.174064][T14147]  ? clear_bhb_loop+0x60/0xb0
[  318.174090][T14147]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.174109][T14147] RIP: 0033:0x7fefa538e969
[  318.174128][T14147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.174145][T14147] RSP: 002b:00007fefa6161038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  318.174166][T14147] RAX: ffffffffffffffda RBX: 00007fefa55b5fa0 RCX: 00007fefa538e969
[  318.174179][T14147] RDX: 0000000000000040 RSI: 0000200000000e40 RDI: 0000000000000003
[  318.174191][T14147] RBP: 00007fefa6161090 R08: 0000000000000000 R09: 0000000000000000
[  318.174203][T14147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  318.174214][T14147] R13: 0000000000000000 R14: 00007fefa55b5fa0 R15: 00007ffe8b48ccc8
[  318.174247][T14147]  </TASK>
[  318.548492][T14149] bond0: entered promiscuous mode
[  318.872660][T14168] nbd: illegal input index 61504
[  319.110157][  T797] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.432437][  T797] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.575243][  T797] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.585886][ T5844] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  319.589047][ T5844] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  319.602384][ T5844] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  319.610651][ T5844] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  319.620459][ T5844] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  319.657078][T14185] vxcan1 speed is unknown, defaulting to 1000
[  319.687319][  T797] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.877474][  T797] bridge_slave_1: left allmulticast mode
[  319.883215][  T797] bridge_slave_1: left promiscuous mode
[  319.891133][  T797] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.912767][  T797] bridge_slave_0: left allmulticast mode
[  319.919509][  T797] bridge_slave_0: left promiscuous mode
[  319.925237][  T797] bridge0: port 1(bridge_slave_0) entered disabled state
[  320.261339][  T797] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  320.272964][  T797] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  320.283616][  T797] bond0 (unregistering): Released all slaves
[  320.533835][T14185] chnl_net:caif_netlink_parms(): no params data found
[  320.706557][T14185] bridge0: port 1(bridge_slave_0) entered blocking state
[  320.713871][T14185] bridge0: port 1(bridge_slave_0) entered disabled state
[  320.724074][T14185] bridge_slave_0: entered allmulticast mode
[  320.734579][T14185] bridge_slave_0: entered promiscuous mode
[  320.748371][T14185] bridge0: port 2(bridge_slave_1) entered blocking state
[  320.785703][T14185] bridge0: port 2(bridge_slave_1) entered disabled state
[  320.793284][T14185] bridge_slave_1: entered allmulticast mode
[  320.868074][T14185] bridge_slave_1: entered promiscuous mode
[  321.023387][  T797] hsr_slave_0: left promiscuous mode
[  321.042968][  T797] hsr_slave_1: left promiscuous mode
[  321.056777][  T797] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  321.064284][  T797] batman_adv: batadv0: Removing interface: batadv_slave_0
[  321.087445][  T797] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  321.103835][  T797] batman_adv: batadv0: Removing interface: batadv_slave_1
[  321.151583][  T797] veth1_macvtap: left promiscuous mode
[  321.157808][  T797] veth0_macvtap: left promiscuous mode
[  321.163518][  T797] veth1_vlan: left promiscuous mode
[  321.169522][T14210] FAULT_INJECTION: forcing a failure.
[  321.169522][T14210] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  321.183277][  T797] veth0_vlan: left promiscuous mode
[  321.189333][T14210] CPU: 1 UID: 0 PID: 14210 Comm: syz.2.2858 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  321.189362][T14210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  321.189375][T14210] Call Trace:
[  321.189383][T14210]  <TASK>
[  321.189393][T14210]  dump_stack_lvl+0x189/0x250
[  321.189425][T14210]  ? __lock_acquire+0xaac/0xd20
[  321.189458][T14210]  ? __pfx_dump_stack_lvl+0x10/0x10
[  321.189486][T14210]  ? __pfx__printk+0x10/0x10
[  321.189507][T14210]  ? __might_fault+0xb0/0x130
[  321.189547][T14210]  should_fail_ex+0x414/0x560
[  321.189585][T14210]  _copy_from_user+0x2d/0xb0
[  321.189616][T14210]  ___sys_recvmsg+0x12e/0x510
[  321.189653][T14210]  ? __pfx____sys_recvmsg+0x10/0x10
[  321.189712][T14210]  ? __fget_files+0x3a0/0x420
[  321.189754][T14210]  do_recvmmsg+0x307/0x760
[  321.189794][T14210]  ? __pfx_do_recvmmsg+0x10/0x10
[  321.189838][T14210]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  321.189887][T14210]  __x64_sys_recvmmsg+0x190/0x240
[  321.189921][T14210]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  321.189956][T14210]  ? do_syscall_64+0xba/0x210
[  321.189988][T14210]  do_syscall_64+0xf6/0x210
[  321.190015][T14210]  ? clear_bhb_loop+0x60/0xb0
[  321.190041][T14210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.190060][T14210] RIP: 0033:0x7f201558e969
[  321.190078][T14210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.190096][T14210] RSP: 002b:00007f2016369038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  321.190117][T14210] RAX: ffffffffffffffda RBX: 00007f20157b6080 RCX: 00007f201558e969
[  321.190133][T14210] RDX: 0000000000000004 RSI: 000020000000c800 RDI: 0000000000000003
[  321.190145][T14210] RBP: 00007f2016369090 R08: 0000000000000000 R09: 0000000000000000
[  321.190157][T14210] R10: 0000000040000000 R11: 0000000000000246 R12: 0000000000000001
[  321.190170][T14210] R13: 0000000000000001 R14: 00007f20157b6080 R15: 00007ffc1433b1f8
[  321.190204][T14210]  </TASK>
[  321.472185][ T5844] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  321.504535][ T5844] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  321.518892][ T5844] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  321.528691][ T5844] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  321.542681][ T5844] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  321.718645][ T5140] Bluetooth: hci3: command tx timeout
[  322.023965][  T797] team0 (unregistering): Port device team_slave_1 removed
[  322.068377][  T797] team0 (unregistering): Port device team_slave_0 removed
[  322.573348][T14185] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  322.616809][T14185] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  322.750699][T14185] team0: Port device team_slave_0 added
[  322.775958][T14217] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  322.786570][T14217] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.840480][T14185] team0: Port device team_slave_1 added
[  322.896138][T14217] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  322.923086][T14217] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.017006][T14185] batman_adv: batadv0: Adding interface: batadv_slave_0
[  323.030525][T14231] __nla_validate_parse: 10 callbacks suppressed
[  323.030547][T14231] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2865'.
[  323.033566][T14185] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  323.053652][T14231] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2865'.
[  323.082654][T14185] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  323.084584][T14211] vxcan1 speed is unknown, defaulting to 1000
[  323.110482][T14231] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2865'.
[  323.149803][T14217] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  323.176539][T14217] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.337701][T14237] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2867'.
[  323.347719][T14238] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2866'.
[  323.625763][ T5140] Bluetooth: hci4: command tx timeout
[  323.795788][ T5140] Bluetooth: hci3: command tx timeout
[  323.875061][T14185] batman_adv: batadv0: Adding interface: batadv_slave_1
[  323.882354][T14185] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  323.909591][T14185] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  323.922156][T14235] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2866'.
[  323.932311][T14235] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2866'.
[  323.948522][T14235] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2866'.
[  324.013897][T14217] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  324.037845][T14217] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  324.124013][T14244] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2870'.
[  324.141846][T14244] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2870'.
[  324.154517][T14244] FAULT_INJECTION: forcing a failure.
[  324.154517][T14244] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  324.171514][T14244] CPU: 0 UID: 0 PID: 14244 Comm: syz.2.2870 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  324.171546][T14244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  324.171558][T14244] Call Trace:
[  324.171567][T14244]  <TASK>
[  324.171576][T14244]  dump_stack_lvl+0x189/0x250
[  324.171614][T14244]  ? __pfx_dump_stack_lvl+0x10/0x10
[  324.171645][T14244]  ? __pfx__printk+0x10/0x10
[  324.171680][T14244]  should_fail_ex+0x414/0x560
[  324.171709][T14244]  _copy_to_user+0x31/0xb0
[  324.171743][T14244]  simple_read_from_buffer+0xe1/0x170
[  324.171773][T14244]  proc_fail_nth_read+0x1df/0x250
[  324.171806][T14244]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  324.171838][T14244]  ? rw_verify_area+0x258/0x650
[  324.171860][T14244]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  324.171891][T14244]  vfs_read+0x1fd/0x980
[  324.171918][T14244]  ? __pfx___mutex_lock+0x10/0x10
[  324.171946][T14244]  ? __pfx_vfs_read+0x10/0x10
[  324.171970][T14244]  ? __fget_files+0x2a/0x420
[  324.172001][T14244]  ? __fget_files+0x3a0/0x420
[  324.172025][T14244]  ? __fget_files+0x2a/0x420
[  324.172061][T14244]  ksys_read+0x145/0x250
[  324.172082][T14244]  ? rcu_is_watching+0x15/0xb0
[  324.172103][T14244]  ? __pfx_ksys_read+0x10/0x10
[  324.172129][T14244]  ? do_syscall_64+0xba/0x210
[  324.172161][T14244]  do_syscall_64+0xf6/0x210
[  324.172188][T14244]  ? clear_bhb_loop+0x60/0xb0
[  324.172215][T14244]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.172234][T14244] RIP: 0033:0x7f201558d37c
[  324.172263][T14244] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  324.172281][T14244] RSP: 002b:00007f201638a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  324.172303][T14244] RAX: ffffffffffffffda RBX: 00007f20157b5fa0 RCX: 00007f201558d37c
[  324.172318][T14244] RDX: 000000000000000f RSI: 00007f201638a0a0 RDI: 0000000000000004
[  324.172330][T14244] RBP: 00007f201638a090 R08: 0000000000000000 R09: 0000000000000000
[  324.172342][T14244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  324.172353][T14244] R13: 0000000000000000 R14: 00007f20157b5fa0 R15: 00007ffc1433b1f8
[  324.172388][T14244]  </TASK>
[  324.318086][T14217] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  324.401700][T14217] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  324.418702][T14185] hsr_slave_0: entered promiscuous mode
[  324.427071][T14185] hsr_slave_1: entered promiscuous mode
[  324.460981][T14217] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  324.471991][T14217] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  324.483988][T14211] chnl_net:caif_netlink_parms(): no params data found
[  324.522509][T14217] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  324.531435][T14217] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  324.577175][T14217] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  324.587983][T14217] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  324.771441][T14211] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.789231][T14211] bridge0: port 1(bridge_slave_0) entered disabled state
[  324.808818][T14211] bridge_slave_0: entered allmulticast mode
[  324.819252][T14211] bridge_slave_0: entered promiscuous mode
[  324.835760][T14211] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.843418][T14211] bridge0: port 2(bridge_slave_1) entered disabled state
[  324.856873][T14211] bridge_slave_1: entered allmulticast mode
[  324.865289][T14211] bridge_slave_1: entered promiscuous mode
[  325.036626][T14211] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  325.050037][T14211] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  325.164080][T14211] team0: Port device team_slave_0 added
[  325.199847][T14211] team0: Port device team_slave_1 added
[  325.287796][T14211] batman_adv: batadv0: Adding interface: batadv_slave_0
[  325.294831][T14211] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  325.327345][T14211] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  325.352639][T14211] batman_adv: batadv0: Adding interface: batadv_slave_1
[  325.359956][T14211] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  325.386790][T14211] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  325.521951][T14211] hsr_slave_0: entered promiscuous mode
[  325.529955][T14211] hsr_slave_1: entered promiscuous mode
[  325.536603][T14211] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  325.544387][T14211] Cannot create hsr debugfs directory
[  325.705591][ T5140] Bluetooth: hci4: command tx timeout
[  325.799891][T14185] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  325.829352][T14185] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  325.851529][T14185] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  325.867454][ T5140] Bluetooth: hci3: command tx timeout
[  325.906093][T14185] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  326.231161][T14185] 8021q: adding VLAN 0 to HW filter on device bond0
[  326.352938][T14185] 8021q: adding VLAN 0 to HW filter on device team0
[  326.408356][  T797] bridge0: port 1(bridge_slave_0) entered blocking state
[  326.415989][  T797] bridge0: port 1(bridge_slave_0) entered forwarding state
[  326.451335][  T797] bridge0: port 2(bridge_slave_1) entered blocking state
[  326.458608][  T797] bridge0: port 2(bridge_slave_1) entered forwarding state
[  326.474841][T14211] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  326.499319][T14211] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  326.539854][T14211] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  326.560871][T14211] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  326.875246][T14211] 8021q: adding VLAN 0 to HW filter on device bond0
[  326.941077][T14211] 8021q: adding VLAN 0 to HW filter on device team0
[  327.002291][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  327.009563][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  327.031684][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  327.038953][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  327.220980][T14343] A link change request failed with some changes committed already. Interface bond_slave_1 may have been left with an inconsistent configuration, please check.
[  327.333383][T14185] 8021q: adding VLAN 0 to HW filter on device batadv0
[  327.652644][T14211] 8021q: adding VLAN 0 to HW filter on device batadv0
[  327.786655][ T5140] Bluetooth: hci4: command tx timeout
[  327.826345][T14211] veth0_vlan: entered promiscuous mode
[  327.840051][T14369] IPVS: set_ctl: invalid protocol: 47 172.20.20.170:20000
[  327.917915][T14211] veth1_vlan: entered promiscuous mode
[  327.945944][ T5140] Bluetooth: hci3: command tx timeout
[  328.018699][T14185] veth0_vlan: entered promiscuous mode
[  328.060582][T14185] veth1_vlan: entered promiscuous mode
[  328.086652][T14211] veth0_macvtap: entered promiscuous mode
[  328.133418][T14211] veth1_macvtap: entered promiscuous mode
[  328.222029][T14378] A link change request failed with some changes committed already. Interface bond1 may have been left with an inconsistent configuration, please check.
[  328.260645][T14211] batman_adv: batadv0: Interface activated: batadv_slave_0
[  328.305039][T14211] batman_adv: batadv0: Interface activated: batadv_slave_1
[  328.341595][T14185] veth0_macvtap: entered promiscuous mode
[  328.362643][T14185] veth1_macvtap: entered promiscuous mode
[  328.371773][T14211] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  328.388491][T14211] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  328.397833][T14211] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  328.400055][T14384] __nla_validate_parse: 24 callbacks suppressed
[  328.400077][T14384] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2923'.
[  328.408378][T14211] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  328.560677][T14185] batman_adv: batadv0: Interface activated: batadv_slave_0
[  328.649569][T14185] batman_adv: batadv0: Interface activated: batadv_slave_1
[  328.673335][T14399] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2928'.
[  328.687455][T14185] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  328.697936][T14185] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  328.706823][T14399] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2928'.
[  328.728878][T14185] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  328.738200][T14185] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  328.864394][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  328.884182][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  328.951383][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  328.964780][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  328.964940][T14405] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2931'.
[  329.053136][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  329.094077][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  329.115419][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  329.140028][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  329.235407][T14412] A link change request failed with some changes committed already. Interface bond_slave_1 may have been left with an inconsistent configuration, please check.
[  329.304369][T14416] FAULT_INJECTION: forcing a failure.
[  329.304369][T14416] name failslab, interval 1, probability 0, space 0, times 0
[  329.320589][T14416] CPU: 1 UID: 0 PID: 14416 Comm: syz.4.2850 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  329.320624][T14416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  329.320637][T14416] Call Trace:
[  329.320647][T14416]  <TASK>
[  329.320657][T14416]  dump_stack_lvl+0x189/0x250
[  329.320696][T14416]  ? __pfx_dump_stack_lvl+0x10/0x10
[  329.320727][T14416]  ? __pfx__printk+0x10/0x10
[  329.320766][T14416]  should_fail_ex+0x414/0x560
[  329.320795][T14416]  should_failslab+0xa8/0x100
[  329.320827][T14416]  __kmalloc_cache_noprof+0x70/0x3d0
[  329.320855][T14416]  ? sctp_add_bind_addr+0x8c/0x370
[  329.320889][T14416]  sctp_add_bind_addr+0x8c/0x370
[  329.320924][T14416]  sctp_copy_local_addr_list+0x30b/0x4e0
[  329.320957][T14416]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  329.320986][T14416]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  329.321025][T14416]  ? sctp_v4_is_any+0x35/0x60
[  329.321053][T14416]  ? sctp_copy_one_addr+0x93/0x360
[  329.321086][T14416]  sctp_bind_addr_copy+0xb3/0x3c0
[  329.321116][T14416]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  329.321146][T14416]  sctp_connect_new_asoc+0x2e0/0x690
[  329.321171][T14416]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  329.321191][T14416]  ? __local_bh_enable_ip+0x12d/0x1c0
[  329.321221][T14416]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  329.321246][T14416]  ? security_sctp_bind_connect+0x7e/0x2e0
[  329.321271][T14416]  sctp_sendmsg+0x155c/0x2810
[  329.321307][T14416]  ? __pfx_sctp_sendmsg+0x10/0x10
[  329.321332][T14416]  ? aa_sk_perm+0x81e/0x950
[  329.321360][T14416]  ? __pfx_aa_sk_perm+0x10/0x10
[  329.321386][T14416]  ? sock_rps_record_flow+0x19/0x400
[  329.321422][T14416]  ? inet_sendmsg+0x2f4/0x370
[  329.321458][T14416]  __sock_sendmsg+0x19c/0x270
[  329.321486][T14416]  ____sys_sendmsg+0x505/0x830
[  329.321522][T14416]  ? __pfx_____sys_sendmsg+0x10/0x10
[  329.321569][T14416]  ? import_iovec+0x74/0xa0
[  329.321604][T14416]  ___sys_sendmsg+0x21f/0x2a0
[  329.321637][T14416]  ? __pfx____sys_sendmsg+0x10/0x10
[  329.321714][T14416]  ? __fget_files+0x2a/0x420
[  329.321741][T14416]  ? __fget_files+0x3a0/0x420
[  329.321782][T14416]  __x64_sys_sendmsg+0x19b/0x260
[  329.321815][T14416]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  329.321864][T14416]  ? do_syscall_64+0xba/0x210
[  329.321896][T14416]  do_syscall_64+0xf6/0x210
[  329.321924][T14416]  ? clear_bhb_loop+0x60/0xb0
[  329.321950][T14416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.321970][T14416] RIP: 0033:0x7f9a0f18e969
[  329.321989][T14416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  329.322007][T14416] RSP: 002b:00007f9a0ffdc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  329.322038][T14416] RAX: ffffffffffffffda RBX: 00007f9a0f3b5fa0 RCX: 00007f9a0f18e969
[  329.322053][T14416] RDX: 0000000000000040 RSI: 0000200000000e40 RDI: 0000000000000003
[  329.322066][T14416] RBP: 00007f9a0ffdc090 R08: 0000000000000000 R09: 0000000000000000
[  329.322078][T14416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  329.322090][T14416] R13: 0000000000000000 R14: 00007f9a0f3b5fa0 R15: 00007ffe32a07bb8
[  329.322126][T14416]  </TASK>
[  329.762483][T14422] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2936'.
[  329.997969][T14420] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2937'.
[  330.029715][T14420] netlink: 'syz.3.2937': attribute type 10 has an invalid length.
[  330.049645][   T36] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.112569][T14420] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[  330.151763][T14430] mac80211_hwsim hwsim5 syzkaller0: entered promiscuous mode
[  330.161038][T14430] mac80211_hwsim hwsim5 syzkaller0: entered allmulticast mode
[  330.193118][   T36] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.325135][   T36] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.755125][   T36] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.870587][   T36] bridge_slave_1: left allmulticast mode
[  330.876452][   T36] bridge_slave_1: left promiscuous mode
[  330.882232][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.892153][   T36] bridge_slave_0: left allmulticast mode
[  330.898220][   T36] bridge_slave_0: left promiscuous mode
[  330.905096][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.243830][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  331.255180][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  331.267628][   T36] bond0 (unregistering): Released all slaves
[  331.802957][T14447] FAULT_INJECTION: forcing a failure.
[  331.802957][T14447] name failslab, interval 1, probability 0, space 0, times 0
[  331.827754][T14447] CPU: 1 UID: 0 PID: 14447 Comm: syz.2.2946 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  331.827785][T14447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  331.827798][T14447] Call Trace:
[  331.827806][T14447]  <TASK>
[  331.827815][T14447]  dump_stack_lvl+0x189/0x250
[  331.827855][T14447]  ? __pfx_dump_stack_lvl+0x10/0x10
[  331.827886][T14447]  ? __pfx__printk+0x10/0x10
[  331.827924][T14447]  should_fail_ex+0x414/0x560
[  331.827953][T14447]  should_failslab+0xa8/0x100
[  331.827984][T14447]  __kmalloc_cache_noprof+0x70/0x3d0
[  331.828017][T14447]  ? sctp_add_bind_addr+0x8c/0x370
[  331.828051][T14447]  sctp_add_bind_addr+0x8c/0x370
[  331.828084][T14447]  sctp_copy_local_addr_list+0x30b/0x4e0
[  331.828116][T14447]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  331.828144][T14447]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  331.828186][T14447]  ? sctp_v4_is_any+0x35/0x60
[  331.828213][T14447]  ? sctp_copy_one_addr+0x93/0x360
[  331.828245][T14447]  sctp_bind_addr_copy+0xb3/0x3c0
[  331.828274][T14447]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  331.828303][T14447]  sctp_connect_new_asoc+0x2e0/0x690
[  331.828340][T14447]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  331.828360][T14447]  ? __local_bh_enable_ip+0x12d/0x1c0
[  331.828388][T14447]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  331.828412][T14447]  ? security_sctp_bind_connect+0x7e/0x2e0
[  331.828437][T14447]  sctp_sendmsg+0x155c/0x2810
[  331.828471][T14447]  ? __pfx_sctp_sendmsg+0x10/0x10
[  331.828499][T14447]  ? aa_sk_perm+0x81e/0x950
[  331.828527][T14447]  ? __pfx_aa_sk_perm+0x10/0x10
[  331.828558][T14447]  ? sock_rps_record_flow+0x19/0x400
[  331.828593][T14447]  ? inet_sendmsg+0x2f4/0x370
[  331.828629][T14447]  __sock_sendmsg+0x19c/0x270
[  331.828656][T14447]  ____sys_sendmsg+0x505/0x830
[  331.828698][T14447]  ? __pfx_____sys_sendmsg+0x10/0x10
[  331.828739][T14447]  ? import_iovec+0x74/0xa0
[  331.828774][T14447]  ___sys_sendmsg+0x21f/0x2a0
[  331.828807][T14447]  ? __pfx____sys_sendmsg+0x10/0x10
[  331.828882][T14447]  ? __fget_files+0x2a/0x420
[  331.828909][T14447]  ? __fget_files+0x3a0/0x420
[  331.828951][T14447]  __x64_sys_sendmsg+0x19b/0x260
[  331.828983][T14447]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  331.829032][T14447]  ? do_syscall_64+0xba/0x210
[  331.829064][T14447]  do_syscall_64+0xf6/0x210
[  331.829092][T14447]  ? clear_bhb_loop+0x60/0xb0
[  331.829119][T14447]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.829140][T14447] RIP: 0033:0x7f201558e969
[  331.829159][T14447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.829176][T14447] RSP: 002b:00007f201638a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  331.829199][T14447] RAX: ffffffffffffffda RBX: 00007f20157b5fa0 RCX: 00007f201558e969
[  331.829216][T14447] RDX: 0000000000000040 RSI: 0000200000000e40 RDI: 0000000000000003
[  331.829228][T14447] RBP: 00007f201638a090 R08: 0000000000000000 R09: 0000000000000000
[  331.829241][T14447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  331.829253][T14447] R13: 0000000000000000 R14: 00007f20157b5fa0 R15: 00007ffc1433b1f8
[  331.829288][T14447]  </TASK>
[  331.834715][   T36] hsr_slave_0: left promiscuous mode
[  331.925395][T14450] netlink: 'syz.4.2947': attribute type 13 has an invalid length.
[  332.167320][   T36] hsr_slave_1: left promiscuous mode
[  332.173689][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  332.197333][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  332.206238][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  332.213742][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  332.253289][   T36] veth1_macvtap: left promiscuous mode
[  332.259276][   T36] veth0_macvtap: left promiscuous mode
[  332.268688][   T36] veth1_vlan: left promiscuous mode
[  332.274414][   T36] veth0_vlan: left promiscuous mode
[  332.316662][ T5844] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  332.326664][ T5844] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  332.335177][ T5844] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  332.343620][ T5844] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  332.351897][ T5844] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  333.020110][   T36] team0 (unregistering): Port device team_slave_1 removed
[  333.064937][   T36] team0 (unregistering): Port device team_slave_0 removed
[  333.621703][T14456] vxcan1 speed is unknown, defaulting to 1000
[  333.847843][T14467] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  334.307357][T14489] tipc: Started in network mode
[  334.312531][T14489] tipc: Node identity , cluster identity 4711
[  334.425966][ T5140] Bluetooth: hci4: command tx timeout
[  334.460829][T14456] chnl_net:caif_netlink_parms(): no params data found
[  334.664311][T14512] netlink: 'syz.4.2967': attribute type 1 has an invalid length.
[  334.677175][T14512] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2967'.
[  334.677934][T14456] bridge0: port 1(bridge_slave_0) entered blocking state
[  334.696986][T14456] bridge0: port 1(bridge_slave_0) entered disabled state
[  334.704356][T14456] bridge_slave_0: entered allmulticast mode
[  334.712848][T14456] bridge_slave_0: entered promiscuous mode
[  334.764666][T14456] bridge0: port 2(bridge_slave_1) entered blocking state
[  334.786686][T14456] bridge0: port 2(bridge_slave_1) entered disabled state
[  334.794001][T14456] bridge_slave_1: entered allmulticast mode
[  334.817802][T14456] bridge_slave_1: entered promiscuous mode
[  334.866776][T14517] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  334.927070][T14456] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  334.944030][T14456] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  335.059800][T14456] team0: Port device team_slave_0 added
[  335.071872][T14456] team0: Port device team_slave_1 added
[  335.079395][T14525] openvswitch: netlink: Message has -1 unknown bytes.
[  335.100548][T14525] sctp: [Deprecated]: syz.4.2972 (pid 14525) Use of struct sctp_assoc_value in delayed_ack socket option.
[  335.100548][T14525] Use struct sctp_sack_info instead
[  335.149678][T14525] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2972'.
[  335.213973][T14456] batman_adv: batadv0: Adding interface: batadv_slave_0
[  335.232081][T14456] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.289001][T14456] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  335.327416][T14456] batman_adv: batadv0: Adding interface: batadv_slave_1
[  335.342479][T14456] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.394677][T14456] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  335.436731][T14541] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2978'.
[  335.458754][T14541] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2978'.
[  335.483236][T14541] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2978'.
[  335.638766][T14456] hsr_slave_0: entered promiscuous mode
[  335.655347][T14456] hsr_slave_1: entered promiscuous mode
[  335.681764][T14456] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  335.701841][T14456] Cannot create hsr debugfs directory
[  335.852373][T14564] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2984'.
[  335.872000][T14564] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2984'.
[  335.900672][T14566] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2985'.
[  335.906110][T14564] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2984'.
[  336.104285][T14574] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2986'.
[  336.189259][T14578] bridge0: left allmulticast mode
[  336.505894][ T5140] Bluetooth: hci4: command tx timeout
[  336.530635][T14593] openvswitch: netlink: Message has -1 unknown bytes.
[  336.574590][T14456] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  336.589441][T14593] sctp: [Deprecated]: syz.2.2996 (pid 14593) Use of struct sctp_assoc_value in delayed_ack socket option.
[  336.589441][T14593] Use struct sctp_sack_info instead
[  336.622856][T14456] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  336.643057][T14456] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  336.661160][T14456] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  336.868081][T14456] 8021q: adding VLAN 0 to HW filter on device bond0
[  336.906161][T14456] 8021q: adding VLAN 0 to HW filter on device team0
[  336.928592][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.935839][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  336.977898][ T3065] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.985148][ T3065] bridge0: port 2(bridge_slave_1) entered forwarding state
[  337.090032][T14615] FAULT_INJECTION: forcing a failure.
[  337.090032][T14615] name failslab, interval 1, probability 0, space 0, times 0
[  337.112223][T14615] CPU: 0 UID: 0 PID: 14615 Comm: syz.4.3004 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  337.112256][T14615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  337.112269][T14615] Call Trace:
[  337.112277][T14615]  <TASK>
[  337.112285][T14615]  dump_stack_lvl+0x189/0x250
[  337.112325][T14615]  ? __pfx_dump_stack_lvl+0x10/0x10
[  337.112355][T14615]  ? __pfx__printk+0x10/0x10
[  337.112392][T14615]  should_fail_ex+0x414/0x560
[  337.112421][T14615]  should_failslab+0xa8/0x100
[  337.112451][T14615]  __kmalloc_cache_noprof+0x70/0x3d0
[  337.112477][T14615]  ? sctp_add_bind_addr+0x8c/0x370
[  337.112510][T14615]  sctp_add_bind_addr+0x8c/0x370
[  337.112542][T14615]  sctp_copy_local_addr_list+0x30b/0x4e0
[  337.112575][T14615]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  337.112602][T14615]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  337.112632][T14615]  ? sctp_v4_is_any+0x35/0x60
[  337.112657][T14615]  ? sctp_copy_one_addr+0x93/0x360
[  337.112689][T14615]  sctp_bind_addr_copy+0xb3/0x3c0
[  337.112718][T14615]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  337.112746][T14615]  sctp_connect_new_asoc+0x2e0/0x690
[  337.112771][T14615]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  337.112789][T14615]  ? __local_bh_enable_ip+0x12d/0x1c0
[  337.112818][T14615]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  337.112843][T14615]  ? security_sctp_bind_connect+0x7e/0x2e0
[  337.112866][T14615]  sctp_sendmsg+0x155c/0x2810
[  337.112902][T14615]  ? __pfx_sctp_sendmsg+0x10/0x10
[  337.112926][T14615]  ? aa_sk_perm+0x81e/0x950
[  337.112953][T14615]  ? __pfx_aa_sk_perm+0x10/0x10
[  337.112979][T14615]  ? sock_rps_record_flow+0x19/0x400
[  337.113015][T14615]  ? inet_sendmsg+0x2f4/0x370
[  337.113051][T14615]  __sock_sendmsg+0x19c/0x270
[  337.113078][T14615]  ____sys_sendmsg+0x505/0x830
[  337.113115][T14615]  ? __pfx_____sys_sendmsg+0x10/0x10
[  337.113155][T14615]  ? import_iovec+0x74/0xa0
[  337.113189][T14615]  ___sys_sendmsg+0x21f/0x2a0
[  337.113230][T14615]  ? __pfx____sys_sendmsg+0x10/0x10
[  337.113303][T14615]  ? __fget_files+0x2a/0x420
[  337.113329][T14615]  ? __fget_files+0x3a0/0x420
[  337.113370][T14615]  __x64_sys_sendmsg+0x19b/0x260
[  337.113401][T14615]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  337.113450][T14615]  ? do_syscall_64+0xba/0x210
[  337.113482][T14615]  do_syscall_64+0xf6/0x210
[  337.113510][T14615]  ? clear_bhb_loop+0x60/0xb0
[  337.113536][T14615]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.113556][T14615] RIP: 0033:0x7f9a0f18e969
[  337.113574][T14615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.113592][T14615] RSP: 002b:00007f9a0ffdc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  337.113614][T14615] RAX: ffffffffffffffda RBX: 00007f9a0f3b5fa0 RCX: 00007f9a0f18e969
[  337.113629][T14615] RDX: 0000000000000040 RSI: 0000200000000e40 RDI: 0000000000000003
[  337.113642][T14615] RBP: 00007f9a0ffdc090 R08: 0000000000000000 R09: 0000000000000000
[  337.113655][T14615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  337.113666][T14615] R13: 0000000000000000 R14: 00007f9a0f3b5fa0 R15: 00007ffe32a07bb8
[  337.113700][T14615]  </TASK>
[  337.143676][T14456] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  337.454742][T14456] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  337.893587][T14456] 8021q: adding VLAN 0 to HW filter on device batadv0
[  338.001612][T14653] FAULT_INJECTION: forcing a failure.
[  338.001612][T14653] name failslab, interval 1, probability 0, space 0, times 0
[  338.022026][T14653] CPU: 1 UID: 0 PID: 14653 Comm: syz.4.3019 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  338.022060][T14653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  338.022074][T14653] Call Trace:
[  338.022083][T14653]  <TASK>
[  338.022092][T14653]  dump_stack_lvl+0x189/0x250
[  338.022136][T14653]  ? __pfx_dump_stack_lvl+0x10/0x10
[  338.022169][T14653]  ? __pfx__printk+0x10/0x10
[  338.022252][T14653]  should_fail_ex+0x414/0x560
[  338.022286][T14653]  should_failslab+0xa8/0x100
[  338.022320][T14653]  __kmalloc_cache_noprof+0x70/0x3d0
[  338.022350][T14653]  ? sctp_add_bind_addr+0x8c/0x370
[  338.022386][T14653]  sctp_add_bind_addr+0x8c/0x370
[  338.022422][T14653]  sctp_copy_local_addr_list+0x30b/0x4e0
[  338.022456][T14653]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  338.022485][T14653]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  338.022520][T14653]  ? sctp_v4_is_any+0x35/0x60
[  338.022549][T14653]  ? sctp_copy_one_addr+0x93/0x360
[  338.022584][T14653]  sctp_bind_addr_copy+0xb3/0x3c0
[  338.022614][T14653]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  338.022646][T14653]  sctp_connect_new_asoc+0x2e0/0x690
[  338.022673][T14653]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  338.022693][T14653]  ? __local_bh_enable_ip+0x12d/0x1c0
[  338.022724][T14653]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  338.022751][T14653]  ? security_sctp_bind_connect+0x7e/0x2e0
[  338.022777][T14653]  sctp_sendmsg+0x155c/0x2810
[  338.022827][T14653]  ? __pfx_sctp_sendmsg+0x10/0x10
[  338.022855][T14653]  ? aa_sk_perm+0x81e/0x950
[  338.022886][T14653]  ? __pfx_aa_sk_perm+0x10/0x10
[  338.022915][T14653]  ? sock_rps_record_flow+0x19/0x400
[  338.022955][T14653]  ? inet_sendmsg+0x2f4/0x370
[  338.022993][T14653]  __sock_sendmsg+0x19c/0x270
[  338.023022][T14653]  ____sys_sendmsg+0x505/0x830
[  338.023062][T14653]  ? __pfx_____sys_sendmsg+0x10/0x10
[  338.023106][T14653]  ? import_iovec+0x74/0xa0
[  338.023143][T14653]  ___sys_sendmsg+0x21f/0x2a0
[  338.023177][T14653]  ? __pfx____sys_sendmsg+0x10/0x10
[  338.023258][T14653]  ? __fget_files+0x2a/0x420
[  338.023286][T14653]  ? __fget_files+0x3a0/0x420
[  338.023332][T14653]  __x64_sys_sendmsg+0x19b/0x260
[  338.023370][T14653]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  338.023426][T14653]  ? do_syscall_64+0xba/0x210
[  338.023460][T14653]  do_syscall_64+0xf6/0x210
[  338.023491][T14653]  ? clear_bhb_loop+0x60/0xb0
[  338.023518][T14653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.023538][T14653] RIP: 0033:0x7f9a0f18e969
[  338.023559][T14653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.023578][T14653] RSP: 002b:00007f9a0ffdc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  338.023602][T14653] RAX: ffffffffffffffda RBX: 00007f9a0f3b5fa0 RCX: 00007f9a0f18e969
[  338.023619][T14653] RDX: 0000000000000040 RSI: 0000200000000e40 RDI: 0000000000000003
[  338.023633][T14653] RBP: 00007f9a0ffdc090 R08: 0000000000000000 R09: 0000000000000000
[  338.023646][T14653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  338.023658][T14653] R13: 0000000000000000 R14: 00007f9a0f3b5fa0 R15: 00007ffe32a07bb8
[  338.023695][T14653]  </TASK>
[  338.342643][T14456] veth0_vlan: entered promiscuous mode
[  338.356844][T14456] veth1_vlan: entered promiscuous mode
[  338.386687][T14456] veth0_macvtap: entered promiscuous mode
[  338.397361][T14456] veth1_macvtap: entered promiscuous mode
[  338.457367][T14456] batman_adv: batadv0: Interface activated: batadv_slave_0
[  338.470400][T14456] batman_adv: batadv0: Interface activated: batadv_slave_1
[  338.484119][T14456] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  338.493494][T14456] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  338.503422][T14456] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  338.518690][T14456] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  338.587162][ T5140] Bluetooth: hci4: command tx timeout
[  338.613649][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  338.655601][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  338.720302][ T3065] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  338.748301][ T3065] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  338.760764][T14668] netlink: 'syz.2.3023': attribute type 2 has an invalid length.
[  339.055985][T14684] netlink: 'syz.2.3027': attribute type 1 has an invalid length.
[  339.371951][T14698] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  339.898573][T14732] netlink: 'syz.2.3045': attribute type 2 has an invalid length.
[  339.978271][  T797] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.359421][  T797] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.622261][  T797] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.797334][  T797] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.908817][  T797] bridge_slave_1: left allmulticast mode
[  340.914545][  T797] bridge_slave_1: left promiscuous mode
[  340.922242][  T797] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.931840][  T797] bridge_slave_0: left allmulticast mode
[  340.937950][  T797] bridge_slave_0: left promiscuous mode
[  340.943693][  T797] bridge0: port 1(bridge_slave_0) entered disabled state
[  341.269748][  T797] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  341.281675][  T797] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  341.292855][  T797] bond0 (unregistering): Released all slaves
[  341.639972][T14746] netlink: 'syz.2.3050': attribute type 20 has an invalid length.
[  341.800609][T14750] __nla_validate_parse: 23 callbacks suppressed
[  341.800631][T14750] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3054'.
[  341.843098][T14750] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3054'.
[  341.895919][T14754] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3056'.
[  342.046219][T14759] netlink: 'syz.2.3056': attribute type 39 has an invalid length.
[  342.140424][  T797] hsr_slave_0: left promiscuous mode
[  342.167638][  T797] hsr_slave_1: left promiscuous mode
[  342.188777][  T797] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  342.219618][  T797] batman_adv: batadv0: Removing interface: batadv_slave_0
[  342.265899][  T797] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  342.298315][  T797] batman_adv: batadv0: Removing interface: batadv_slave_1
[  342.368542][  T797] veth1_macvtap: left promiscuous mode
[  342.388658][  T797] veth0_macvtap: left promiscuous mode
[  342.410007][  T797] veth1_vlan: left promiscuous mode
[  342.429933][  T797] veth0_vlan: left promiscuous mode
[  342.461261][ T5844] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  342.472556][ T5844] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  342.482016][ T5844] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  342.493613][ T5844] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  342.503633][ T5844] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  343.086500][  T797] team0 (unregistering): Port device team_slave_1 removed
[  343.132393][  T797] team0 (unregistering): Port device team_slave_0 removed
[  343.550436][T14785] netlink: 'syz.4.3061': attribute type 1 has an invalid length.
[  343.569826][T14781] vxcan1 speed is unknown, defaulting to 1000
[  343.840376][T14802] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3072'.
[  344.062160][T14810] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3073'.
[  344.127388][T14810] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3073'.
[  344.138395][T14810] netlink: 'syz.2.3073': attribute type 14 has an invalid length.
[  344.165116][T14810] netlink: 'syz.2.3073': attribute type 13 has an invalid length.
[  344.175934][T14814] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3076'.
[  344.316728][T14822] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3079'.
[  344.361398][T14822] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3079'.
[  344.388757][T14822] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3079'.
[  344.585671][ T5140] Bluetooth: hci4: command tx timeout
[  344.593122][T14781] chnl_net:caif_netlink_parms(): no params data found
[  345.088704][T14781] bridge0: port 1(bridge_slave_0) entered blocking state
[  345.105689][T14781] bridge0: port 1(bridge_slave_0) entered disabled state
[  345.134786][T14781] bridge_slave_0: entered allmulticast mode
[  345.150278][T14781] bridge_slave_0: entered promiscuous mode
[  345.177498][T14781] bridge0: port 2(bridge_slave_1) entered blocking state
[  345.184761][T14781] bridge0: port 2(bridge_slave_1) entered disabled state
[  345.207668][T14781] bridge_slave_1: entered allmulticast mode
[  345.227373][T14781] bridge_slave_1: entered promiscuous mode
[  345.411651][T14781] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  345.468362][T14781] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  345.640325][T14781] team0: Port device team_slave_0 added
[  345.652635][T14781] team0: Port device team_slave_1 added
[  345.672633][T14897] netlink: 'syz.2.3100': attribute type 13 has an invalid length.
[  345.811971][T14781] batman_adv: batadv0: Adding interface: batadv_slave_0
[  345.828338][T14781] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  345.856500][T14907] delete_channel: no stack
[  345.875924][T14781] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  345.894392][T14912] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  345.904673][T14781] batman_adv: batadv0: Adding interface: batadv_slave_1
[  345.914611][T14781] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  345.942741][T14781] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  346.102536][T14915] : entered promiscuous mode
[  346.127296][T14781] hsr_slave_0: entered promiscuous mode
[  346.152378][T14781] hsr_slave_1: entered promiscuous mode
[  346.164794][T14781] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  346.196002][T14781] Cannot create hsr debugfs directory
[  346.665863][ T5140] Bluetooth: hci4: command tx timeout
[  346.680738][T14946] openvswitch: netlink: Flow actions attr not present in new flow.
[  346.877115][T14951] raw_sendmsg: syz.2.3120 forgot to set AF_INET. Fix it!
[  347.219910][T14961] __nla_validate_parse: 23 callbacks suppressed
[  347.219932][T14961] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3121'.
[  347.261963][T14961] nbd: must specify at least one socket
[  347.293753][T14964] netlink: 220 bytes leftover after parsing attributes in process `syz.3.3121'.
[  347.327783][T14781] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  347.356041][T14781] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  347.400476][T14781] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  347.453885][T14970] netlink: 'syz.0.3127': attribute type 1 has an invalid length.
[  347.584977][T14970] 8021q: adding VLAN 0 to HW filter on device bond4
[  347.607006][T14973] veth0_to_bond: left promiscuous mode
[  347.612534][T14973] veth0_to_bond: left allmulticast mode
[  347.639392][T14973] bond4: (slave veth0_to_bond): Enslaving as an active interface with a down link
[  347.668906][T14781] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  347.694903][T14976] 8021q: VLANs not supported on gre0
[  347.848627][T14981] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3131'.
[  348.001564][T14781] 8021q: adding VLAN 0 to HW filter on device bond0
[  348.069186][T14781] 8021q: adding VLAN 0 to HW filter on device team0
[  348.093183][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  348.100556][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  348.154318][  T797] bridge0: port 2(bridge_slave_1) entered blocking state
[  348.161600][  T797] bridge0: port 2(bridge_slave_1) entered forwarding state
[  348.226232][ T3065] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  348.244054][ T3065] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  348.376118][T15007] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3139'.
[  348.631973][T14781] 8021q: adding VLAN 0 to HW filter on device batadv0
[  348.642185][T15021] netlink: 'syz.3.3142': attribute type 13 has an invalid length.
[  348.658247][T15021] gretap0: refused to change device tx_queue_len
[  348.664667][T15021] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  348.733330][T14781] veth0_vlan: entered promiscuous mode
[  348.755900][ T5844] Bluetooth: hci4: command tx timeout
[  348.764980][T14781] veth1_vlan: entered promiscuous mode
[  348.800896][T14781] veth0_macvtap: entered promiscuous mode
[  348.811943][T14781] veth1_macvtap: entered promiscuous mode
[  348.833515][T14781] batman_adv: batadv0: Interface activated: batadv_slave_0
[  348.855037][T14781] batman_adv: batadv0: Interface activated: batadv_slave_1
[  348.914027][T14781] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  348.959199][T14781] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  348.973187][T14781] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  348.998328][T14781] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  349.021975][T15033] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3147'.
[  349.038431][T15033] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3147'.
[  349.052233][T15033] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3147'.
[  349.185220][T15036] FAULT_INJECTION: forcing a failure.
[  349.185220][T15036] name failslab, interval 1, probability 0, space 0, times 0
[  349.199015][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  349.225791][T15036] CPU: 1 UID: 0 PID: 15036 Comm: syz.3.3149 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  349.225823][T15036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  349.225836][T15036] Call Trace:
[  349.225844][T15036]  <TASK>
[  349.225853][T15036]  dump_stack_lvl+0x189/0x250
[  349.225893][T15036]  ? __pfx_dump_stack_lvl+0x10/0x10
[  349.225920][T15036]  ? __pfx__printk+0x10/0x10
[  349.225945][T15036]  ? __pfx___might_resched+0x10/0x10
[  349.225963][T15036]  ? fs_reclaim_acquire+0x7d/0x100
[  349.226000][T15036]  should_fail_ex+0x414/0x560
[  349.226026][T15036]  should_failslab+0xa8/0x100
[  349.226055][T15036]  __kmalloc_cache_noprof+0x70/0x3d0
[  349.226080][T15036]  ? sctp_transport_new+0x7e/0x640
[  349.226101][T15036]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  349.226133][T15036]  sctp_transport_new+0x7e/0x640
[  349.226160][T15036]  sctp_assoc_add_peer+0x260/0x13b0
[  349.226184][T15036]  ? sctp_bind_addr_copy+0x380/0x3c0
[  349.226221][T15036]  sctp_connect_new_asoc+0x30a/0x690
[  349.226246][T15036]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  349.226265][T15036]  ? __local_bh_enable_ip+0x12d/0x1c0
[  349.226294][T15036]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  349.226321][T15036]  ? security_sctp_bind_connect+0x7e/0x2e0
[  349.226345][T15036]  sctp_sendmsg+0x155c/0x2810
[  349.226381][T15036]  ? __pfx_sctp_sendmsg+0x10/0x10
[  349.226406][T15036]  ? aa_sk_perm+0x81e/0x950
[  349.226433][T15036]  ? __pfx_aa_sk_perm+0x10/0x10
[  349.226458][T15036]  ? sock_rps_record_flow+0x19/0x400
[  349.226492][T15036]  ? inet_sendmsg+0x2f4/0x370
[  349.226525][T15036]  __sock_sendmsg+0x19c/0x270
[  349.226550][T15036]  ____sys_sendmsg+0x505/0x830
[  349.226583][T15036]  ? __pfx_____sys_sendmsg+0x10/0x10
[  349.226623][T15036]  ? import_iovec+0x74/0xa0
[  349.226655][T15036]  ___sys_sendmsg+0x21f/0x2a0
[  349.226687][T15036]  ? __pfx____sys_sendmsg+0x10/0x10
[  349.226771][T15036]  ? __fget_files+0x2a/0x420
[  349.226797][T15036]  ? __fget_files+0x3a0/0x420
[  349.226837][T15036]  __x64_sys_sendmsg+0x19b/0x260
[  349.226870][T15036]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  349.226921][T15036]  ? do_syscall_64+0xba/0x210
[  349.226952][T15036]  do_syscall_64+0xf6/0x210
[  349.226981][T15036]  ? clear_bhb_loop+0x60/0xb0
[  349.227006][T15036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.227025][T15036] RIP: 0033:0x7fefa538e969
[  349.227044][T15036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  349.227057][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  349.227060][T15036] RSP: 002b:00007fefa6161038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  349.227083][T15036] RAX: ffffffffffffffda RBX: 00007fefa55b5fa0 RCX: 00007fefa538e969
[  349.227096][T15036] RDX: 0000000000000040 RSI: 0000200000000e40 RDI: 0000000000000003
[  349.227107][T15036] RBP: 00007fefa6161090 R08: 0000000000000000 R09: 0000000000000000
[  349.227117][T15036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  349.227127][T15036] R13: 0000000000000000 R14: 00007fefa55b5fa0 R15: 00007ffe8b48ccc8
[  349.227163][T15036]  </TASK>
[  349.642384][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  349.691204][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  349.727353][T15054] Bluetooth: MGMT ver 1.23
[  349.777310][T15058] netlink: 'syz.3.3155': attribute type 10 has an invalid length.
[  349.821835][T15058] veth0_to_bond: entered allmulticast mode
[  349.860070][T15065] netlink: 'syz.3.3155': attribute type 10 has an invalid length.
[  350.114592][T15077] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  350.124270][T15078] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3161'.
[  350.145733][T15078] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3161'.
[  350.168874][T15078] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3161'.
[  350.435280][T15091] netlink: 'syz.3.3166': attribute type 20 has an invalid length.
[  350.567968][T15098] netlink: 'syz.3.3168': attribute type 64 has an invalid length.
[  350.825972][ T5844] Bluetooth: hci4: command 0x0419 tx timeout
[  350.848235][T15113] IPVS: set_ctl: invalid protocol: 188 224.0.0.2:20002
[  350.871004][T15115] IPVS: set_ctl: invalid protocol: 188 224.0.0.2:20002
[  351.018770][T15121] netlink: 'syz.4.3178': attribute type 20 has an invalid length.
[  351.255732][T15138] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_macvtap, syncid = 0, id = 0
[  351.256532][T15136] netlink: 'syz.0.3184': attribute type 21 has an invalid length.
[  351.390778][T15144] netlink: 'syz.4.3185': attribute type 178 has an invalid length.
[  351.653615][T15159] netlink: 'syz.4.3191': attribute type 20 has an invalid length.
[  351.982557][T15174] netlink: 'syz.0.3197': attribute type 11 has an invalid length.
[  352.025001][T15174] netlink: 'syz.0.3197': attribute type 11 has an invalid length.
[  352.097199][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.289960][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.389175][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.464287][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.575804][   T12] bridge_slave_1: left allmulticast mode
[  352.581522][   T12] bridge_slave_1: left promiscuous mode
[  352.588242][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  352.599044][   T12] bridge_slave_0: left allmulticast mode
[  352.604741][   T12] bridge_slave_0: left promiscuous mode
[  352.611070][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  352.955040][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  352.968333][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  352.979512][   T12] bond0 (unregistering): Released all slaves
[  353.363692][   T12] hsr_slave_0: left promiscuous mode
[  353.379315][   T12] hsr_slave_1: left promiscuous mode
[  353.385278][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  353.393014][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  353.401293][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  353.408926][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  353.436472][   T12] veth1_macvtap: left promiscuous mode
[  353.442040][   T12] veth0_macvtap: left promiscuous mode
[  353.447853][   T12] veth1_vlan: left promiscuous mode
[  353.453173][   T12] veth0_vlan: left promiscuous mode
[  353.955873][T15183] __nla_validate_parse: 11 callbacks suppressed
[  353.955894][T15183] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3199'.
[  353.956018][T15184] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  354.071435][   T12] team0 (unregistering): Port device team_slave_1 removed
[  354.182815][   T12] team0 (unregistering): Port device team_slave_0 removed
[  354.366165][ T5844] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  354.378917][ T5844] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  354.389831][ T5844] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  354.409827][ T5844] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  354.433016][ T5844] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  354.816505][T15187] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3203'.
[  354.832003][T15187] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3203'.
[  354.841607][T15187] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3203'.
[  354.923271][T15194] vxcan1 speed is unknown, defaulting to 1000
[  354.997527][T15203] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3207'.
[  355.292669][T15217] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3212'.
[  355.344099][T15221] sctp: [Deprecated]: syz.0.3213 (pid 15221) Use of int in max_burst socket option deprecated.
[  355.344099][T15221] Use struct sctp_assoc_value instead
[  355.782138][T15245] netlink: 'syz.0.3219': attribute type 1 has an invalid length.
[  355.783244][T15234] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  355.879258][T15245] bond5: entered promiscuous mode
[  355.884985][T15245] 8021q: adding VLAN 0 to HW filter on device bond5
[  355.939132][T15247] 8021q: adding VLAN 0 to HW filter on device bond5
[  355.948831][T15247] bond5: (slave wireguard0): The slave device specified does not support setting the MAC address
[  355.961119][T15247] bond5: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[  356.011062][T15247] bond5: (slave wireguard0): making interface the new active one
[  356.028414][T15247] wireguard0: entered promiscuous mode
[  356.040514][T15247] bond5: (slave wireguard0): Enslaving as an active interface with an up link
[  356.110881][T15234] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.289177][T15234] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.412202][T15278] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3228'.
[  356.440737][T15280] netlink: 'syz.2.3227': attribute type 2 has an invalid length.
[  356.441973][T15234] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.505658][ T5140] Bluetooth: hci4: command tx timeout
[  356.629816][T15287] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3228'.
[  356.723609][T15194] chnl_net:caif_netlink_parms(): no params data found
[  356.822484][T15234] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  356.872758][T15234] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  356.902374][T15300] veth1_macvtap: left promiscuous mode
[  356.915617][T15300] macsec0: entered allmulticast mode
[  356.977812][T15234] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  357.001005][T15234] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  357.153551][T15194] bridge0: port 1(bridge_slave_0) entered blocking state
[  357.177224][T15194] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.184560][T15194] bridge_slave_0: entered allmulticast mode
[  357.218991][T15194] bridge_slave_0: entered promiscuous mode
[  357.243296][T15194] bridge0: port 2(bridge_slave_1) entered blocking state
[  357.252370][T15194] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.260859][T15194] bridge_slave_1: entered allmulticast mode
[  357.289345][T15194] bridge_slave_1: entered promiscuous mode
[  357.428474][T15325] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3238'.
[  357.453839][T15325] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3238'.
[  357.467591][T15194] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  357.507429][T15194] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  357.610107][T15194] team0: Port device team_slave_0 added
[  357.623391][T15194] team0: Port device team_slave_1 added
[  357.660924][T15339] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  357.671179][T15340] tipc: Started in network mode
[  357.676874][T15340] tipc: Node identity 8e188aea4cfa, cluster identity 4711
[  357.684614][T15340] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  357.692376][T15194] batman_adv: batadv0: Adding interface: batadv_slave_0
[  357.699745][T15194] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  357.727220][T15194] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  357.745258][T15341] pim6reg: entered allmulticast mode
[  357.751963][T15194] batman_adv: batadv0: Adding interface: batadv_slave_1
[  357.760059][T15194] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  357.786891][T15194] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  357.798604][T15340] syzkaller0: entered promiscuous mode
[  357.804366][T15340] syzkaller0: entered allmulticast mode
[  357.813725][T15339] pim6reg: left allmulticast mode
[  357.855637][T15340] tipc: Resetting bearer <eth:syzkaller0>
[  357.884042][T15338] tipc: Resetting bearer <eth:syzkaller0>
[  357.927882][T15338] tipc: Disabling bearer <eth:syzkaller0>
[  357.966549][T15194] hsr_slave_0: entered promiscuous mode
[  357.973622][T15194] hsr_slave_1: entered promiscuous mode
[  357.982859][T15194] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  357.992098][T15194] Cannot create hsr debugfs directory
[  358.413326][T15360] netlink: 'syz.2.3250': attribute type 1 has an invalid length.
[  358.423295][T15364] netlink: 'syz.0.3251': attribute type 23 has an invalid length.
[  358.585735][ T5844] Bluetooth: hci4: command tx timeout
[  358.639378][T15376] gretap1: entered allmulticast mode
[  359.012918][T15194] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  359.044159][T15194] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  359.059551][T15390] __nla_validate_parse: 5 callbacks suppressed
[  359.059570][T15390] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3260'.
[  359.080436][T15194] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  359.127922][T15194] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  359.168463][T15391] sock: sock_set_timeout: `syz.2.3259' (pid 15391) tries to set negative timeout
[  359.443699][T15194] 8021q: adding VLAN 0 to HW filter on device bond0
[  359.508338][T15406] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3267'.
[  359.518179][T15406] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3267'.
[  359.556320][T15194] 8021q: adding VLAN 0 to HW filter on device team0
[  359.568238][T15410] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3269'.
[  359.579778][T15410] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3269'.
[  359.607579][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state
[  359.614827][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state
[  359.653052][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state
[  359.660326][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state
[  359.955741][T15427] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3275'.
[  360.034833][T15431] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3276'.
[  360.066064][T15431] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3276'.
[  360.080808][T15432] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3277'.
[  360.327482][T15450] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3280'.
[  360.427326][T15194] 8021q: adding VLAN 0 to HW filter on device batadv0
[  360.582046][T15194] veth0_vlan: entered promiscuous mode
[  360.609031][T15194] veth1_vlan: entered promiscuous mode
[  360.674072][T15194] veth0_macvtap: entered promiscuous mode
[  360.676838][ T5844] Bluetooth: hci4: command 0x040f tx timeout
[  360.682303][T15465] netlink: 'syz.2.3287': attribute type 39 has an invalid length.
[  360.713893][T15194] veth1_macvtap: entered promiscuous mode
[  360.744557][T15465] veth0_macvtap: left promiscuous mode
[  360.877094][T15194] batman_adv: batadv0: Interface activated: batadv_slave_0
[  360.913056][T15472] team0: Device sit2 is up. Set it down before adding it as a team port
[  360.973097][T15194] batman_adv: batadv0: Interface activated: batadv_slave_1
[  360.994891][T15194] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  361.014155][T15194] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  361.029861][T15194] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  361.042386][T15194] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  361.142784][T15484] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.246148][T15484] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.363258][T15484] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.480732][  T797] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  361.516593][  T797] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  361.521606][T15484] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.603665][T15505] ip6gre1: entered allmulticast mode
[  361.697775][  T797] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  361.716895][  T797] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  361.745263][T15484] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  361.797771][T15484] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  361.978112][T15484] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  362.042769][T15484] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  362.090228][T15519] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap3
[  362.101643][T15519] gretap3: default qdisc (pfifo_fast) fail, fallback to noqueue
[  362.111823][T15519] gretap3: entered promiscuous mode
[  362.118882][T15519] gretap3: entered allmulticast mode
[  362.131861][T15524] team0: Device sit2 is up. Set it down before adding it as a team port
[  362.701337][   T63] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.918680][   T63] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.037371][   T63] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.130172][ T5844] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  363.149440][ T5844] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  363.150722][   T63] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.158358][ T5844] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  363.178401][ T5844] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  363.189200][ T5844] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  363.236850][T15553] vxcan1 speed is unknown, defaulting to 1000
[  363.368260][   T63] bridge_slave_1: left allmulticast mode
[  363.373983][   T63] bridge_slave_1: left promiscuous mode
[  363.396261][   T63] bridge0: port 2(bridge_slave_1) entered disabled state
[  363.410871][   T63] bridge_slave_0: left allmulticast mode
[  363.425896][   T63] bridge_slave_0: left promiscuous mode
[  363.431691][   T63] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.877602][   T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  363.890574][   T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  363.901512][   T63] bond0 (unregistering): Released all slaves
[  364.154505][T15553] chnl_net:caif_netlink_parms(): no params data found
[  364.384638][   T63] hsr_slave_0: left promiscuous mode
[  364.399318][   T63] hsr_slave_1: left promiscuous mode
[  364.405292][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  364.412834][   T63] batman_adv: batadv0: Removing interface: batadv_slave_0
[  364.421015][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  364.428920][   T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[  364.450965][   T63] veth1_macvtap: left promiscuous mode
[  364.456867][   T63] veth0_macvtap: left promiscuous mode
[  364.462464][   T63] veth1_vlan: left promiscuous mode
[  364.468015][   T63] veth0_vlan: left promiscuous mode
[  365.058612][ T5140] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  365.069714][ T5140] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  365.085103][ T5140] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  365.105025][ T5140] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  365.112944][ T5140] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  365.238652][ T5844] Bluetooth: hci2: command tx timeout
[  365.320466][   T63] team0 (unregistering): Port device team_slave_1 removed
[  365.373748][   T63] team0 (unregistering): Port device team_slave_0 removed
[  365.901175][T15553] bridge0: port 1(bridge_slave_0) entered blocking state
[  365.908818][T15553] bridge0: port 1(bridge_slave_0) entered disabled state
[  365.916621][T15553] bridge_slave_0: entered allmulticast mode
[  365.924702][T15553] bridge_slave_0: entered promiscuous mode
[  365.939718][T15553] bridge0: port 2(bridge_slave_1) entered blocking state
[  365.975957][T15553] bridge0: port 2(bridge_slave_1) entered disabled state
[  365.983308][T15553] bridge_slave_1: entered allmulticast mode
[  365.997963][T15553] bridge_slave_1: entered promiscuous mode
[  366.172622][T15553] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  366.211713][T15553] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  366.323285][T15577] vxcan1 speed is unknown, defaulting to 1000
[  366.367943][T15553] team0: Port device team_slave_0 added
[  366.404436][T15553] team0: Port device team_slave_1 added
[  366.643639][T15553] batman_adv: batadv0: Adding interface: batadv_slave_0
[  366.662482][T15553] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  366.717831][T15553] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  366.755989][T15553] batman_adv: batadv0: Adding interface: batadv_slave_1
[  366.773380][T15553] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  366.843927][T15553] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  366.971945][T15618] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  366.989004][T15621] __nla_validate_parse: 8 callbacks suppressed
[  366.989029][T15621] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3333'.
[  367.006263][T15621] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3333'.
[  367.016023][T15621] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3333'.
[  367.042679][T15618] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3331'.
[  367.060280][T15618] xt_addrtype: ipv6 BLACKHOLE matching not supported
[  367.069929][T15553] hsr_slave_0: entered promiscuous mode
[  367.087559][T15553] hsr_slave_1: entered promiscuous mode
[  367.094684][T15553] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  367.106784][T15553] Cannot create hsr debugfs directory
[  367.128508][T15622] netlink: 'syz.2.3332': attribute type 4 has an invalid length.
[  367.225802][ T5844] Bluetooth: hci4: command tx timeout
[  367.308721][ T5844] Bluetooth: hci2: command tx timeout
[  367.394366][T15641] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3337'.
[  367.543779][T15648] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3337'.
[  367.569073][T15641] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3337'.
[  367.587555][T15648] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3337'.
[  367.590742][T15652] x_tables: duplicate underflow at hook 2
[  367.602470][T15648] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3337'.
[  367.631946][T15652] xt_hashlimit: invalid rate
[  367.637056][T15637] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3337'.
[  367.690613][T15577] chnl_net:caif_netlink_parms(): no params data found
[  367.819659][T15553] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  367.844480][T15553] netdevsim netdevsim3 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  367.948169][T15553] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  367.961910][T15553] netdevsim netdevsim3 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  368.062878][T15553] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  368.082861][T15553] netdevsim netdevsim3 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  368.106858][T15577] bridge0: port 1(bridge_slave_0) entered blocking state
[  368.114141][T15577] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.133088][T15577] bridge_slave_0: entered allmulticast mode
[  368.143801][T15577] bridge_slave_0: entered promiscuous mode
[  368.153778][T15577] bridge0: port 2(bridge_slave_1) entered blocking state
[  368.163445][T15577] bridge0: port 2(bridge_slave_1) entered disabled state
[  368.171664][T15577] bridge_slave_1: entered allmulticast mode
[  368.182095][T15577] bridge_slave_1: entered promiscuous mode
[  368.193690][T15553] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  368.232748][T15553] netdevsim netdevsim3 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  368.314165][T15577] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  368.334240][T15577] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  368.472863][T15680] team0: Device sit2 is up. Set it down before adding it as a team port
[  368.508962][T15577] team0: Port device team_slave_0 added
[  368.541828][T15577] team0: Port device team_slave_1 added
[  368.777063][T15577] batman_adv: batadv0: Adding interface: batadv_slave_0
[  368.803095][T15577] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  368.874688][T15577] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  368.913573][T15577] batman_adv: batadv0: Adding interface: batadv_slave_1
[  368.925582][T15577] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  368.976124][T15577] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  369.008533][T15553] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  369.064117][T15553] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  369.152028][T15553] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  369.189061][T15553] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  369.239999][T15577] hsr_slave_0: entered promiscuous mode
[  369.264987][T15577] hsr_slave_1: entered promiscuous mode
[  369.284899][T15577] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  369.298141][T15577] Cannot create hsr debugfs directory
[  369.306361][ T5844] Bluetooth: hci4: command tx timeout
[  369.385673][ T5844] Bluetooth: hci2: command tx timeout
[  369.460846][T15709] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  369.488377][T15709] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  369.570141][T15709] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  369.581538][T15709] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  369.651257][T15709] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  369.662928][T15709] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  369.725238][T15709] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  369.757605][T15709] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  369.929438][T15709] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  369.938678][T15709] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  369.980152][T15709] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  369.989221][T15709] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  370.013280][T15709] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  370.022139][T15709] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  370.074676][T15709] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  370.085074][T15709] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  370.189444][T15553] 8021q: adding VLAN 0 to HW filter on device bond0
[  370.243735][T15553] 8021q: adding VLAN 0 to HW filter on device team0
[  370.290218][T15731] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check.
[  370.322853][   T63] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.330108][   T63] bridge0: port 1(bridge_slave_0) entered forwarding state
[  370.368012][  T797] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.375217][  T797] bridge0: port 2(bridge_slave_1) entered forwarding state
[  370.543197][T15577] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  370.574352][T15577] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  370.617516][T15577] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  370.644527][T15577] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  370.688710][T15553] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  370.989095][T15577] 8021q: adding VLAN 0 to HW filter on device bond0
[  371.044095][T15577] 8021q: adding VLAN 0 to HW filter on device team0
[  371.098069][ T3065] bridge0: port 1(bridge_slave_0) entered blocking state
[  371.105249][ T3065] bridge0: port 1(bridge_slave_0) entered forwarding state
[  371.126293][T15757] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  371.176055][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  371.183317][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  371.251781][T15553] 8021q: adding VLAN 0 to HW filter on device batadv0
[  371.386264][ T5844] Bluetooth: hci4: command tx timeout
[  371.466940][ T5844] Bluetooth: hci2: command tx timeout
[  371.481312][T15553] veth0_vlan: entered promiscuous mode
[  371.494848][T15553] veth1_vlan: entered promiscuous mode
[  371.560864][T15773] x_tables: duplicate underflow at hook 3
[  371.572849][T15553] veth0_macvtap: entered promiscuous mode
[  371.608458][T15553] veth1_macvtap: entered promiscuous mode
[  371.679610][T15553] batman_adv: batadv0: Interface activated: batadv_slave_0
[  371.761574][T15553] batman_adv: batadv0: Interface activated: batadv_slave_1
[  371.788240][T15779] netlink: 'syz.4.3383': attribute type 1 has an invalid length.
[  371.799653][T15553] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  371.825177][T15553] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  371.838143][T15553] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  371.848654][T15553] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  371.901758][T15779] 8021q: adding VLAN 0 to HW filter on device bond1
[  371.964780][T15784] team0: Device vxcan3 is of different type
[  372.077200][T15779] team_slave_0: entered promiscuous mode
[  372.270914][T15577] 8021q: adding VLAN 0 to HW filter on device batadv0
[  372.314729][T15802] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.347675][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  372.366495][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  372.379421][T15802] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.470756][T15802] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.494567][  T797] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  372.525778][  T797] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  372.560137][T15802] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.606061][T15812] __nla_validate_parse: 99 callbacks suppressed
[  372.606084][T15812] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3394'.
[  372.651016][T15812] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3394'.
[  372.672928][T15577] veth0_vlan: entered promiscuous mode
[  372.687394][T15812] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3394'.
[  372.717890][T15577] veth1_vlan: entered promiscuous mode
[  372.765356][T15802] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  372.812265][T15802] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  372.860880][T15802] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  372.906875][T15802] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  373.000436][T15820] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3397'.
[  373.017415][T15577] veth0_macvtap: entered promiscuous mode
[  373.027266][T15820] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3397'.
[  373.049872][T15577] veth1_macvtap: entered promiscuous mode
[  373.228957][T15577] batman_adv: batadv0: Interface activated: batadv_slave_0
[  373.282597][T15834] bridge_slave_0: left allmulticast mode
[  373.290444][T15834] bridge_slave_0: left promiscuous mode
[  373.304435][T15834] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.319844][T15834] bridge_slave_1: left allmulticast mode
[  373.327886][T15834] bridge_slave_1: left promiscuous mode
[  373.334059][T15834] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.349624][T15834] bond0: (slave bond_slave_0): Releasing backup interface
[  373.363614][T15834] bond0: (slave bond_slave_1): Releasing backup interface
[  373.383134][T15834] team0: Port device team_slave_0 removed
[  373.405773][T15834] team0: Port device team_slave_1 removed
[  373.412488][T15834] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  373.422987][T15834] batman_adv: batadv0: Removing interface: batadv_slave_0
[  373.432713][T15834] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  373.446729][T15834] batman_adv: batadv0: Removing interface: batadv_slave_1
[  373.475831][ T5844] Bluetooth: hci4: command tx timeout
[  373.524922][T15577] batman_adv: batadv0: Interface activated: batadv_slave_1
[  373.537386][T15577] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  373.549091][T15577] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  373.562705][T15577] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  373.577390][T15577] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  373.736615][T15846] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3406'.
[  373.756661][T15846] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3406'.
[  373.787675][T15846] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3406'.
[  373.876237][T15850] gre1: entered promiscuous mode
[  373.881671][T15850] gre1: entered allmulticast mode
[  374.005328][ T1108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  374.017289][ T1108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  374.098432][T15855] vxcan1 speed is unknown, defaulting to 1000
[  374.129228][ T1108] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  374.169240][ T1108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  374.297690][T15867] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode
[  374.334849][T15862] mac80211_hwsim hwsim11 wlan1: left allmulticast mode
[  374.916153][T15890] netlink: 'syz.0.3425': attribute type 20 has an invalid length.
[  374.991254][ T1108] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.189697][ T1108] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.483087][ T5140] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  375.512507][ T5140] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  375.517478][ T1108] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.521750][ T5140] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  375.538658][ T5140] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  375.549308][ T5140] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  375.592060][T15892] vxcan1 speed is unknown, defaulting to 1000
[  375.642756][ T1108] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.806152][ T1108] bridge_slave_1: left allmulticast mode
[  375.811890][ T1108] bridge_slave_1: left promiscuous mode
[  375.819140][ T1108] bridge0: port 2(bridge_slave_1) entered disabled state
[  375.830685][ T1108] bridge_slave_0: left allmulticast mode
[  375.836918][ T1108] bridge_slave_0: left promiscuous mode
[  375.842743][ T1108] bridge0: port 1(bridge_slave_0) entered disabled state
[  376.227687][ T1108] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  376.239404][ T1108] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  376.249989][ T1108] bond0 (unregistering): Released all slaves
[  376.541055][T15892] chnl_net:caif_netlink_parms(): no params data found
[  376.772640][ T1108] hsr_slave_0: left promiscuous mode
[  376.781425][ T1108] hsr_slave_1: left promiscuous mode
[  376.788045][ T1108] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  376.795589][ T1108] batman_adv: batadv0: Removing interface: batadv_slave_0
[  376.805889][ T1108] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  376.813426][ T1108] batman_adv: batadv0: Removing interface: batadv_slave_1
[  376.840361][ T1108] veth1_macvtap: left promiscuous mode
[  376.846138][ T1108] veth0_macvtap: left promiscuous mode
[  376.851765][ T1108] veth1_vlan: left promiscuous mode
[  376.857664][ T1108] veth0_vlan: left promiscuous mode
[  377.010247][T15906] netlink: 'syz.0.3426': attribute type 1 has an invalid length.
[  377.388485][ T5140] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  377.410943][ T5140] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  377.427670][ T5140] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  377.436480][ T5140] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  377.444688][ T5140] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  377.623963][ T1108] team0 (unregistering): Port device team_slave_1 removed
[  377.635623][ T5844] Bluetooth: hci1: command tx timeout
[  377.689200][ T1108] team0 (unregistering): Port device team_slave_0 removed
[  378.192609][T15904] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  378.214784][T15906] workqueue: Failed to create a rescuer kthread for wq "bond6": -EINTR
[  378.216249][T15905] C: renamed from lo (while UP)
[  378.279345][T15892] bridge0: port 1(bridge_slave_0) entered blocking state
[  378.289239][T15892] bridge0: port 1(bridge_slave_0) entered disabled state
[  378.298435][T15892] bridge_slave_0: entered allmulticast mode
[  378.307386][T15892] bridge_slave_0: entered promiscuous mode
[  378.336701][T15892] bridge0: port 2(bridge_slave_1) entered blocking state
[  378.343918][T15892] bridge0: port 2(bridge_slave_1) entered disabled state
[  378.368269][T15892] bridge_slave_1: entered allmulticast mode
[  378.386548][T15892] bridge_slave_1: entered promiscuous mode
[  378.542151][T15892] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  378.593560][T15892] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  378.606330][T15909] vxcan1 speed is unknown, defaulting to 1000
[  378.846029][T15932] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3434'.
[  378.864629][T15892] team0: Port device team_slave_0 added
[  378.880607][T15892] team0: Port device team_slave_1 added
[  378.903950][T15932] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3434'.
[  379.007858][T15892] batman_adv: batadv0: Adding interface: batadv_slave_0
[  379.035829][T15892] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  379.095708][T15892] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  379.131218][T15892] batman_adv: batadv0: Adding interface: batadv_slave_1
[  379.144351][T15939] netlink: 'syz.3.3436': attribute type 20 has an invalid length.
[  379.149873][T15892] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  379.198413][T15892] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  379.358378][T15943] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3439'.
[  379.374501][T15943] netlink: 'syz.0.3439': attribute type 30 has an invalid length.
[  379.382953][T15943] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3439'.
[  379.428272][T15947] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3438'.
[  379.435104][ T1108] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.448049][T15947] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3438'.
[  379.467362][ T5844] Bluetooth: hci4: command tx timeout
[  379.478433][T15892] hsr_slave_0: entered promiscuous mode
[  379.485053][T15892] hsr_slave_1: entered promiscuous mode
[  379.494186][T15892] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  379.504212][T15892] Cannot create hsr debugfs directory
[  379.532825][ T1108] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.620982][ T1108] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.705947][ T5844] Bluetooth: hci1: command tx timeout
[  379.710042][ T1108] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.965908][T15957] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3444'.
[  379.974863][T15957] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3444'.
[  380.069901][T15909] chnl_net:caif_netlink_parms(): no params data found
[  380.160205][T15962] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3445'.
[  380.196243][T15962] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3445'.
[  380.404190][T15973] netlink: 'syz.3.3449': attribute type 20 has an invalid length.
[  381.360152][ T1108] . (unregistering): Released all slaves
[  381.375229][ T1108] bond1 (unregistering): Released all slaves
[  381.505037][ T1108] bond2 (unregistering): Released all slaves
[  381.551680][ T5844] Bluetooth: hci4: command tx timeout
[  381.638849][ T1108] bond0 (unregistering): Released all slaves
[  381.769427][ T1108] bond3 (unregistering): Released all slaves
[  381.791154][ T5844] Bluetooth: hci1: command tx timeout
[  381.900239][ T1108] bond4 (unregistering): Released all slaves
[  382.019824][ T1108] bond5 (unregistering): Released all slaves
[  382.152754][ T1108] bond6 (unregistering): Released all slaves
[  382.274285][ T1108] bond7 (unregistering): Released all slaves
[  382.394382][ T1108] bond8 (unregistering): Released all slaves
[  382.506847][ T1108] bond9 (unregistering): Released all slaves
[  382.625397][ T1108] bond10 (unregistering): Released all slaves
[  382.748877][ T1108] bond11 (unregistering): Released all slaves
[  382.764870][ T1108] bond12 (unregistering): Released all slaves
[  382.780436][ T1108] bond13 (unregistering): Released all slaves
[  382.994517][ T1108] : left promiscuous mode
[  383.131601][T15909] bridge0: port 1(bridge_slave_0) entered blocking state
[  383.170319][T15909] bridge0: port 1(bridge_slave_0) entered disabled state
[  383.179948][T15909] bridge_slave_0: entered allmulticast mode
[  383.207464][T15909] bridge_slave_0: entered promiscuous mode
[  383.263669][ T1108] tipc: Left network mode
[  383.349690][T15909] bridge0: port 2(bridge_slave_1) entered blocking state
[  383.375010][T15909] bridge0: port 2(bridge_slave_1) entered disabled state
[  383.397193][T15909] bridge_slave_1: entered allmulticast mode
[  383.404634][T15909] bridge_slave_1: entered promiscuous mode
[  383.570267][T15909] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  383.602758][T15909] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  383.625814][ T5844] Bluetooth: hci4: command tx timeout
[  383.751535][T15909] team0: Port device team_slave_0 added
[  383.786382][    C0] ==================================================================
[  383.794535][    C0] BUG: KASAN: slab-use-after-free in rose_timer_expiry+0x471/0x4b0
[  383.802479][    C0] Read of size 2 at addr ffff88807f6ddc2a by task syz-executor/15553
[  383.810575][    C0] 
[  383.812932][    C0] CPU: 0 UID: 0 PID: 15553 Comm: syz-executor Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  383.812956][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  383.812970][    C0] Call Trace:
[  383.812982][    C0]  <IRQ>
[  383.812990][    C0]  dump_stack_lvl+0x189/0x250
[  383.813018][    C0]  ? __virt_addr_valid+0x18c/0x540
[  383.813041][    C0]  ? rcu_is_watching+0x15/0xb0
[  383.813056][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  383.813078][    C0]  ? rcu_is_watching+0x15/0xb0
[  383.813093][    C0]  ? lock_release+0x4b/0x3e0
[  383.813118][    C0]  ? __virt_addr_valid+0x18c/0x540
[  383.813139][    C0]  ? __virt_addr_valid+0x469/0x540
[  383.813167][    C0]  print_report+0xb4/0x290
[  383.813187][    C0]  ? rose_timer_expiry+0x471/0x4b0
[  383.813201][    C0]  kasan_report+0x118/0x150
[  383.813224][    C0]  ? rose_timer_expiry+0x471/0x4b0
[  383.813243][    C0]  rose_timer_expiry+0x471/0x4b0
[  383.813259][    C0]  call_timer_fn+0x17b/0x5f0
[  383.813284][    C0]  ? __pfx_rose_timer_expiry+0x10/0x10
[  383.813298][    C0]  ? call_timer_fn+0xbe/0x5f0
[  383.813319][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  383.813346][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  383.813365][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  383.813383][    C0]  ? __pfx_rose_timer_expiry+0x10/0x10
[  383.813400][    C0]  __run_timer_base+0x61a/0x860
[  383.813420][    C0]  ? ktime_get+0x3e/0x1f0
[  383.813444][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  383.813462][    C0]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[  383.813489][    C0]  run_timer_softirq+0xb7/0x180
[  383.813510][    C0]  handle_softirqs+0x286/0x870
[  383.813528][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  383.813546][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  383.813564][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  383.813587][    C0]  __irq_exit_rcu+0xca/0x1f0
[  383.813603][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  383.813623][    C0]  irq_exit_rcu+0x9/0x30
[  383.813637][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  383.813657][    C0]  </IRQ>
[  383.813664][    C0]  <TASK>
[  383.813670][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  383.813689][    C0] RIP: 0010:rcu_is_watching+0x5a/0xb0
[  383.813706][    C0] Code: f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 4c d3 7a 00 48 c7 c3 58 0b 77 92 49 03 1e 48 89 d8 48 c1 e8 03 42 0f b6 04 38 <84> c0 75 34 8b 03 65 ff 0d 69 c6 ce 10 74 11 83 e0 04 c1 e8 02 5b
[  383.813721][    C0] RSP: 0018:ffffc90004be6f00 EFLAGS: 00000a02
[  383.813737][    C0] RAX: 0000000000000000 RBX: ffff8880b8832b58 RCX: b337bf0e54a01200
[  383.813750][    C0] RDX: 0000000000000000 RSI: ffffffff8bc1f3a0 RDI: ffffffff8bc1f360
[  383.813763][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  383.813773][    C0] R10: 0000000000000000 R11: ffffffff81ab5cdd R12: ffff888057f69e00
[  383.813785][    C0] R13: ffff8880292396c0 R14: ffffffff8d970c20 R15: dffffc0000000000
[  383.813801][    C0]  ? is_module_text_address+0x1d/0x1e0
[  383.813828][    C0]  ? is_module_text_address+0x1d/0x1e0
[  383.813847][    C0]  is_module_text_address+0x147/0x1e0
[  383.813869][    C0]  kernel_text_address+0x94/0xe0
[  383.813893][    C0]  __kernel_text_address+0xd/0x40
[  383.813916][    C0]  unwind_get_return_address+0x4d/0x90
[  383.813937][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  383.813957][    C0]  arch_stack_walk+0xfc/0x150
[  383.813985][    C0]  stack_trace_save+0x9c/0xe0
[  383.814003][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  383.814027][    C0]  kasan_save_track+0x3e/0x80
[  383.814045][    C0]  ? kasan_save_track+0x3e/0x80
[  383.814062][    C0]  ? __kasan_slab_alloc+0x6c/0x80
[  383.814081][    C0]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  383.814103][    C0]  ? ptlock_alloc+0x20/0x70
[  383.814123][    C0]  ? pte_alloc_one+0x6d/0x160
[  383.814148][    C0]  ? __pte_alloc+0x25/0x160
[  383.814172][    C0]  ? copy_pmd_range+0x6903/0x7000
[  383.814193][    C0]  ? copy_page_range+0x95c/0xd40
[  383.814207][    C0]  ? copy_mm+0x126a/0x2160
[  383.814223][    C0]  ? copy_process+0x16d3/0x3b80
[  383.814240][    C0]  ? kernel_clone+0x21e/0x870
[  383.814257][    C0]  ? __x64_sys_clone+0x18b/0x1e0
[  383.814275][    C0]  ? do_syscall_64+0xf6/0x210
[  383.814295][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.814334][    C0]  __kasan_slab_alloc+0x6c/0x80
[  383.814355][    C0]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  383.814376][    C0]  ? ptlock_alloc+0x20/0x70
[  383.814401][    C0]  ptlock_alloc+0x20/0x70
[  383.814421][    C0]  pte_alloc_one+0x6d/0x160
[  383.814441][    C0]  __pte_alloc+0x25/0x160
[  383.814468][    C0]  copy_pmd_range+0x6903/0x7000
[  383.814499][    C0]  ? __pfx_mas_destroy+0x10/0x10
[  383.814523][    C0]  ? __pfx_copy_pmd_range+0x10/0x10
[  383.814557][    C0]  copy_page_range+0x95c/0xd40
[  383.814581][    C0]  ? __pfx_copy_page_range+0x10/0x10
[  383.814599][    C0]  ? copy_mm+0x1221/0x2160
[  383.814618][    C0]  ? up_write+0x1c4/0x420
[  383.814634][    C0]  ? __pfx_vma_interval_tree_augment_rotate+0x10/0x10
[  383.814654][    C0]  copy_mm+0x126a/0x2160
[  383.814680][    C0]  ? __pfx_copy_mm+0x10/0x10
[  383.814696][    C0]  ? do_raw_spin_lock+0x121/0x290
[  383.814722][    C0]  ? __init_rwsem+0x122/0x160
[  383.814740][    C0]  ? copy_signal+0x50b/0x630
[  383.814757][    C0]  ? copy_process+0x978/0x3b80
[  383.814773][    C0]  copy_process+0x16d3/0x3b80
[  383.814794][    C0]  ? copy_process+0x978/0x3b80
[  383.814820][    C0]  ? __pfx_copy_process+0x10/0x10
[  383.814843][    C0]  kernel_clone+0x21e/0x870
[  383.814865][    C0]  ? __pfx_kernel_clone+0x10/0x10
[  383.814887][    C0]  ? count_memcg_event_mm+0x35b/0x3b0
[  383.814906][    C0]  ? count_memcg_event_mm+0x92/0x3b0
[  383.814928][    C0]  __x64_sys_clone+0x18b/0x1e0
[  383.814949][    C0]  ? __pfx___x64_sys_clone+0x10/0x10
[  383.814976][    C0]  ? do_user_addr_fault+0xc8a/0x1390
[  383.814996][    C0]  ? do_syscall_64+0xba/0x210
[  383.815019][    C0]  do_syscall_64+0xf6/0x210
[  383.815040][    C0]  ? clear_bhb_loop+0x60/0xb0
[  383.815059][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.815076][    C0] RIP: 0033:0x7fe2d2f851d3
[  383.815092][    C0] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[  383.815106][    C0] RSP: 002b:00007ffc0751cb38 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  383.815123][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe2d2f851d3
[  383.815135][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  383.815150][    C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
[  383.815160][    C0] R10: 000055555b3967d0 R11: 0000000000000246 R12: 0000000000000000
[  383.815171][    C0] R13: 00000000000927c0 R14: 000000000005da8c R15: 00007ffc0751ccd0
[  383.815192][    C0]  </TASK>
[  383.815198][    C0] 
[  384.460101][    C0] Allocated by task 15553:
[  384.464534][    C0]  kasan_save_track+0x3e/0x80
[  384.469238][    C0]  __kasan_kmalloc+0x93/0xb0
[  384.473841][    C0]  __kmalloc_noprof+0x27a/0x4f0
[  384.478998][    C0]  fib6_info_alloc+0x30/0xf0
[  384.483636][    C0]  ip6_route_info_create+0x4b3/0x1360
[  384.489024][    C0]  ip6_route_add+0x28/0x160
[  384.493547][    C0]  inet6_addr_add+0x6b2/0xc00
[  384.498229][    C0]  inet6_rtm_newaddr+0x93d/0xd20
[  384.503176][    C0]  rtnetlink_rcv_msg+0x7cc/0xb70
[  384.508157][    C0]  netlink_rcv_skb+0x219/0x490
[  384.512935][    C0]  netlink_unicast+0x75b/0x8d0
[  384.517714][    C0]  netlink_sendmsg+0x805/0xb30
[  384.522493][    C0]  __sock_sendmsg+0x21c/0x270
[  384.527178][    C0]  __sys_sendto+0x3bd/0x520
[  384.531694][    C0]  __x64_sys_sendto+0xde/0x100
[  384.536557][    C0]  do_syscall_64+0xf6/0x210
[  384.541071][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.546971][    C0] 
[  384.549300][    C0] Freed by task 23:
[  384.553104][    C0]  kasan_save_track+0x3e/0x80
[  384.557792][    C0]  kasan_save_free_info+0x46/0x50
[  384.562825][    C0]  __kasan_slab_free+0x62/0x70
[  384.567597][    C0]  kfree+0x193/0x440
[  384.571503][    C0]  rcu_core+0xca8/0x1710
[  384.575759][    C0]  handle_softirqs+0x286/0x870
[  384.580576][    C0]  run_ksoftirqd+0x9b/0x100
[  384.585093][    C0]  smpboot_thread_fn+0x542/0xa60
[  384.590045][    C0]  kthread+0x70e/0x8a0
[  384.594202][    C0]  ret_from_fork+0x4b/0x80
[  384.598628][    C0]  ret_from_fork_asm+0x1a/0x30
[  384.603575][    C0] 
[  384.605905][    C0] Last potentially related work creation:
[  384.611630][    C0]  kasan_save_stack+0x3e/0x60
[  384.616329][    C0]  kasan_record_aux_stack+0xbc/0xd0
[  384.621537][    C0]  call_rcu+0x142/0x990
[  384.625731][    C0]  ip6_route_info_create+0xab1/0x1360
[  384.631117][    C0]  ip6_route_add+0x28/0x160
[  384.635632][    C0]  inet6_addr_add+0x6b2/0xc00
[  384.640319][    C0]  inet6_rtm_newaddr+0x93d/0xd20
[  384.645279][    C0]  rtnetlink_rcv_msg+0x7cc/0xb70
[  384.650318][    C0]  netlink_rcv_skb+0x219/0x490
[  384.655189][    C0]  netlink_unicast+0x75b/0x8d0
[  384.660091][    C0]  netlink_sendmsg+0x805/0xb30
[  384.664875][    C0]  __sock_sendmsg+0x21c/0x270
[  384.669560][    C0]  __sys_sendto+0x3bd/0x520
[  384.674081][    C0]  __x64_sys_sendto+0xde/0x100
[  384.678857][    C0]  do_syscall_64+0xf6/0x210
[  384.683370][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.689278][    C0] 
[  384.691607][    C0] The buggy address belongs to the object at ffff88807f6ddc00
[  384.691607][    C0]  which belongs to the cache kmalloc-512 of size 512
[  384.705667][    C0] The buggy address is located 42 bytes inside of
[  384.705667][    C0]  freed 512-byte region [ffff88807f6ddc00, ffff88807f6dde00)
[  384.719485][    C0] 
[  384.721816][    C0] The buggy address belongs to the physical page:
[  384.728328][    C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807f6dd400 pfn:0x7f6dc
[  384.738426][    C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  384.746945][    C0] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  384.755480][    C0] page_type: f5(slab)
[  384.759473][    C0] raw: 00fff00000000240 ffff88801a041c80 ffffea0000ccae10 ffffea0001fb9b10
[  384.768063][    C0] raw: ffff88807f6dd400 000000000010000f 00000000f5000000 0000000000000000
[  384.776656][    C0] head: 00fff00000000240 ffff88801a041c80 ffffea0000ccae10 ffffea0001fb9b10
[  384.785333][    C0] head: ffff88807f6dd400 000000000010000f 00000000f5000000 0000000000000000
[  384.794039][    C0] head: 00fff00000000002 ffffea0001fdb701 00000000ffffffff 00000000ffffffff
[  384.802723][    C0] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  384.811397][    C0] page dumped because: kasan: bad access detected
[  384.817823][    C0] page_owner tracks the page as allocated
[  384.823540][    C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 12, tgid 12 (kworker/u8:0), ts 93387443566, free_ts 93321711948
[  384.842487][    C0]  post_alloc_hook+0x1d8/0x230
[  384.847281][    C0]  get_page_from_freelist+0x21ce/0x22b0
[  384.852875][    C0]  __alloc_frozen_pages_noprof+0x181/0x370
[  384.858688][    C0]  alloc_pages_mpol+0x232/0x4a0
[  384.863548][    C0]  allocate_slab+0x8a/0x3b0
[  384.868059][    C0]  ___slab_alloc+0xbfc/0x1480
[  384.872748][    C0]  __kmalloc_cache_noprof+0x296/0x3d0
[  384.878129][    C0]  batadv_forw_packet_alloc+0x1e9/0x390
[  384.883690][    C0]  batadv_iv_ogm_queue_add+0x85f/0xd30
[  384.889161][    C0]  batadv_iv_ogm_schedule+0x81c/0xea0
[  384.894578][    C0]  batadv_iv_send_outstanding_bat_ogm_packet+0x6c6/0x7e0
[  384.901635][    C0]  process_scheduled_works+0xadb/0x17a0
[  384.907205][    C0]  worker_thread+0x8a0/0xda0
[  384.911810][    C0]  kthread+0x70e/0x8a0
[  384.915894][    C0]  ret_from_fork+0x4b/0x80
[  384.920319][    C0]  ret_from_fork_asm+0x1a/0x30
[  384.925091][    C0] page last free pid 5827 tgid 5827 stack trace:
[  384.931512][    C0]  __free_frozen_pages+0xb0e/0xcd0
[  384.936643][    C0]  __slab_free+0x326/0x400
[  384.941152][    C0]  qlist_free_all+0x9a/0x140
[  384.945758][    C0]  kasan_quarantine_reduce+0x148/0x160
[  384.951225][    C0]  __kasan_slab_alloc+0x22/0x80
[  384.956090][    C0]  kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  384.961993][    C0]  __alloc_skb+0x112/0x2d0
[  384.966419][    C0]  netlink_sendmsg+0x5c6/0xb30
[  384.971194][    C0]  __sock_sendmsg+0x21c/0x270
[  384.975880][    C0]  __sys_sendto+0x3bd/0x520
[  384.980416][    C0]  __x64_sys_sendto+0xde/0x100
[  384.985197][    C0]  do_syscall_64+0xf6/0x210
[  384.989719][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.995628][    C0] 
[  384.997955][    C0] Memory state around the buggy address:
[  385.003674][    C0]  ffff88807f6ddb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  385.011736][    C0]  ffff88807f6ddb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  385.019802][    C0] >ffff88807f6ddc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  385.027871][    C0]                                   ^
[  385.033256][    C0]  ffff88807f6ddc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  385.041323][    C0]  ffff88807f6ddd00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  385.049421][    C0] ==================================================================
[  385.057732][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  385.064965][    C0] CPU: 0 UID: 0 PID: 15553 Comm: syz-executor Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  385.077251][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  385.087345][    C0] Call Trace:
[  385.090653][    C0]  <IRQ>
[  385.093520][    C0]  dump_stack_lvl+0x99/0x250
[  385.098159][    C0]  ? __asan_memcpy+0x40/0x70
[  385.102789][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  385.108041][    C0]  ? __pfx__printk+0x10/0x10
[  385.112670][    C0]  panic+0x2db/0x790
[  385.116609][    C0]  ? __pfx_panic+0x10/0x10
[  385.121071][    C0]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  385.127012][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  385.132943][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  385.139310][    C0]  ? print_memory_metadata+0x314/0x400
[  385.144834][    C0]  ? rose_timer_expiry+0x471/0x4b0
[  385.149997][    C0]  check_panic_on_warn+0x89/0xb0
[  385.154985][    C0]  ? rose_timer_expiry+0x471/0x4b0
[  385.160132][    C0]  end_report+0x78/0x160
[  385.164415][    C0]  kasan_report+0x129/0x150
[  385.168961][    C0]  ? rose_timer_expiry+0x471/0x4b0
[  385.174109][    C0]  rose_timer_expiry+0x471/0x4b0
[  385.179079][    C0]  call_timer_fn+0x17b/0x5f0
[  385.183706][    C0]  ? __pfx_rose_timer_expiry+0x10/0x10
[  385.189194][    C0]  ? call_timer_fn+0xbe/0x5f0
[  385.193913][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  385.199068][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  385.204301][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  385.209532][    C0]  ? __pfx_rose_timer_expiry+0x10/0x10
[  385.215020][    C0]  __run_timer_base+0x61a/0x860
[  385.219920][    C0]  ? ktime_get+0x3e/0x1f0
[  385.224290][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  385.229700][    C0]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[  385.235990][    C0]  run_timer_softirq+0xb7/0x180
[  385.240883][    C0]  handle_softirqs+0x286/0x870
[  385.245685][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  385.250479][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  385.255796][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  385.261033][    C0]  __irq_exit_rcu+0xca/0x1f0
[  385.265654][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  385.270884][    C0]  irq_exit_rcu+0x9/0x30
[  385.275157][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  385.280833][    C0]  </IRQ>
[  385.283804][    C0]  <TASK>
[  385.286758][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  385.292947][    C0] RIP: 0010:rcu_is_watching+0x5a/0xb0
[  385.298355][    C0] Code: f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 4c d3 7a 00 48 c7 c3 58 0b 77 92 49 03 1e 48 89 d8 48 c1 e8 03 42 0f b6 04 38 <84> c0 75 34 8b 03 65 ff 0d 69 c6 ce 10 74 11 83 e0 04 c1 e8 02 5b
[  385.318002][    C0] RSP: 0018:ffffc90004be6f00 EFLAGS: 00000a02
[  385.324107][    C0] RAX: 0000000000000000 RBX: ffff8880b8832b58 RCX: b337bf0e54a01200
[  385.332116][    C0] RDX: 0000000000000000 RSI: ffffffff8bc1f3a0 RDI: ffffffff8bc1f360
[  385.340121][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  385.348123][    C0] R10: 0000000000000000 R11: ffffffff81ab5cdd R12: ffff888057f69e00
[  385.356122][    C0] R13: ffff8880292396c0 R14: ffffffff8d970c20 R15: dffffc0000000000
[  385.364132][    C0]  ? is_module_text_address+0x1d/0x1e0
[  385.369649][    C0]  ? is_module_text_address+0x1d/0x1e0
[  385.375141][    C0]  is_module_text_address+0x147/0x1e0
[  385.380561][    C0]  kernel_text_address+0x94/0xe0
[  385.385566][    C0]  __kernel_text_address+0xd/0x40
[  385.390631][    C0]  unwind_get_return_address+0x4d/0x90
[  385.396128][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  385.402320][    C0]  arch_stack_walk+0xfc/0x150
[  385.407042][    C0]  stack_trace_save+0x9c/0xe0
[  385.411753][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  385.417166][    C0]  kasan_save_track+0x3e/0x80
[  385.421885][    C0]  ? kasan_save_track+0x3e/0x80
[  385.426773][    C0]  ? __kasan_slab_alloc+0x6c/0x80
[  385.431836][    C0]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  385.437514][    C0]  ? ptlock_alloc+0x20/0x70
[  385.442087][    C0]  ? pte_alloc_one+0x6d/0x160
[  385.446797][    C0]  ? __pte_alloc+0x25/0x160
[  385.451356][    C0]  ? copy_pmd_range+0x6903/0x7000
[  385.456422][    C0]  ? copy_page_range+0x95c/0xd40
[  385.461391][    C0]  ? copy_mm+0x126a/0x2160
[  385.465843][    C0]  ? copy_process+0x16d3/0x3b80
[  385.470723][    C0]  ? kernel_clone+0x21e/0x870
[  385.475522][    C0]  ? __x64_sys_clone+0x18b/0x1e0
[  385.480495][    C0]  ? do_syscall_64+0xf6/0x210
[  385.485211][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.491340][    C0]  __kasan_slab_alloc+0x6c/0x80
[  385.496229][    C0]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  385.501723][    C0]  ? ptlock_alloc+0x20/0x70
[  385.506266][    C0]  ptlock_alloc+0x20/0x70
[  385.510634][    C0]  pte_alloc_one+0x6d/0x160
[  385.515168][    C0]  __pte_alloc+0x25/0x160
[  385.519546][    C0]  copy_pmd_range+0x6903/0x7000
[  385.524449][    C0]  ? __pfx_mas_destroy+0x10/0x10
[  385.529428][    C0]  ? __pfx_copy_pmd_range+0x10/0x10
[  385.534678][    C0]  copy_page_range+0x95c/0xd40
[  385.539493][    C0]  ? __pfx_copy_page_range+0x10/0x10
[  385.544812][    C0]  ? copy_mm+0x1221/0x2160
[  385.549290][    C0]  ? up_write+0x1c4/0x420
[  385.553647][    C0]  ? __pfx_vma_interval_tree_augment_rotate+0x10/0x10
[  385.560455][    C0]  copy_mm+0x126a/0x2160
[  385.564752][    C0]  ? __pfx_copy_mm+0x10/0x10
[  385.569372][    C0]  ? do_raw_spin_lock+0x121/0x290
[  385.574438][    C0]  ? __init_rwsem+0x122/0x160
[  385.579147][    C0]  ? copy_signal+0x50b/0x630
[  385.583770][    C0]  ? copy_process+0x978/0x3b80
[  385.588565][    C0]  copy_process+0x16d3/0x3b80
[  385.593276][    C0]  ? copy_process+0x978/0x3b80
[  385.598081][    C0]  ? __pfx_copy_process+0x10/0x10
[  385.603143][    C0]  kernel_clone+0x21e/0x870
[  385.607689][    C0]  ? __pfx_kernel_clone+0x10/0x10
[  385.612749][    C0]  ? count_memcg_event_mm+0x35b/0x3b0
[  385.618156][    C0]  ? count_memcg_event_mm+0x92/0x3b0
[  385.623484][    C0]  __x64_sys_clone+0x18b/0x1e0
[  385.628287][    C0]  ? __pfx___x64_sys_clone+0x10/0x10
[  385.633617][    C0]  ? do_user_addr_fault+0xc8a/0x1390
[  385.638937][    C0]  ? do_syscall_64+0xba/0x210
[  385.643658][    C0]  do_syscall_64+0xf6/0x210
[  385.648208][    C0]  ? clear_bhb_loop+0x60/0xb0
[  385.652917][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.658856][    C0] RIP: 0033:0x7fe2d2f851d3
[  385.663300][    C0] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[  385.682940][    C0] RSP: 002b:00007ffc0751cb38 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  385.691395][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe2d2f851d3
[  385.699399][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  385.707400][    C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
[  385.715409][    C0] R10: 000055555b3967d0 R11: 0000000000000246 R12: 0000000000000000
[  385.723500][    C0] R13: 00000000000927c0 R14: 000000000005da8c R15: 00007ffc0751ccd0
[  385.731513][    C0]  </TASK>
[  385.734890][    C0] Kernel Offset: disabled
[  385.739225][    C0] Rebooting in 86400 seconds..