last executing test programs:

1m16.710258511s ago: executing program 0 (id=673):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0x5}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @rand_addr=0x1100}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_LABELS={0x8, 0x16, 0x1, 0x0, [0x40]}]}, 0x6c}}, 0x0)

1m4.179289249s ago: executing program 0 (id=673):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0x5}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @rand_addr=0x1100}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_LABELS={0x8, 0x16, 0x1, 0x0, [0x40]}]}, 0x6c}}, 0x0)

48.034061372s ago: executing program 0 (id=673):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0x5}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @rand_addr=0x1100}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_LABELS={0x8, 0x16, 0x1, 0x0, [0x40]}]}, 0x6c}}, 0x0)

33.359609121s ago: executing program 0 (id=673):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0x5}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @rand_addr=0x1100}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_LABELS={0x8, 0x16, 0x1, 0x0, [0x40]}]}, 0x6c}}, 0x0)

22.089954729s ago: executing program 0 (id=673):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0x5}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @rand_addr=0x1100}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_LABELS={0x8, 0x16, 0x1, 0x0, [0x40]}]}, 0x6c}}, 0x0)

10.846003963s ago: executing program 0 (id=673):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0x5}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @rand_addr=0x1100}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_LABELS={0x8, 0x16, 0x1, 0x0, [0x40]}]}, 0x6c}}, 0x0)

2.731219105s ago: executing program 2 (id=1871):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x90)
syz_emit_ethernet(0x36, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @random="a21428c6c085", @void, {@ipv6={0x86dd, @generic={0x1, 0x6, "bcc1d7", 0x0, 0x6c, 0xff, @loopback, @loopback}}}}, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) (fail_nth: 90)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x380, 0x170, 0x1170, 0x1398, 0x0, 0x1170, 0x2b0, 0x1398, 0x1398, 0x2b0, 0x1398, 0x3, 0x0, {[{{@ipv6={@empty, @mcast1, [], [], 'ip6tnl0\x00', 'veth0_to_hsr\x00', {}, {}, 0x6}, 0x0, 0x108, 0x170, 0x0, {}, [@common=@inet=@ecn={{0x28}, {0x21}}, @common=@unspec=@devgroup={{0x38}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz1\x00'}}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, [], [], 'geneve1\x00', 'veth1_vlan\x00'}, 0x0, 0xf8, 0x140, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x40000)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
sendmsg$NL80211_CMD_NEW_MPATH(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r4, &(0x7f0000000040)={0xa, 0x7, 0x0, @dev={0xfe, 0x80, '\x00', 0xb}, 0x8}, 0x20)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
write$ppp(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000dc0)=""/72, 0x0)
r5 = accept$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmmsg(r5, 0x0, 0x0, 0x200008c0)
syz_emit_ethernet(0x6e, &(0x7f0000000080)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x38, 0x3a, 0x0, @local, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x7d0, {0x0, 0x6, "8cb02b", 0x0, 0x2f, 0x0, @loopback, @local, [@routing={0x1d, 0x0, 0x0, 0x7}]}}}}}}}, 0x0)
r6 = epoll_create1(0x0)
epoll_pwait(r6, 0x0, 0x0, 0xffffffff, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, 0xffffffffffffffff, 0x0)

1.953018647s ago: executing program 2 (id=1875):
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0xd, 0x8c4b815a546582b1, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {}, [{0x54, 0x1, [@m_ife={0x50, 0x1, 0x0, 0x0, {{0x8}, {0x28, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}, @TCA_IFE_METALST={0x8, 0x6, [@IFE_META_PRIO={0x4, 0x2, @void}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000200)='=', 0x1}], 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f0000000240)=""/218, &(0x7f0000000000)=0xda)

1.666416215s ago: executing program 4 (id=1878):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000020000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000880)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.52410643s ago: executing program 2 (id=1880):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @private=0xa010102}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0xd000}}, 0x40)

1.498067674s ago: executing program 4 (id=1881):
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000240)={'ip6_vti0\x00', &(0x7f00000001c0)={'ip6gre0\x00', 0x0, 0x0, 0x3, 0x3, 0x1, 0x21, @private1, @private2, 0x8, 0x10, 0xc5, 0x3}})
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000140)=ANY=[@ANYBLOB="14001c001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000054000000030a01030000000000000000050000000900010073797a30000000000900030073797a32000000002800048008000240000000000800014000000001140003"], 0xb0}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)

1.325143975s ago: executing program 2 (id=1884):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$sock_int(r0, 0x1, 0x28, &(0x7f0000000080)=0x200, 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [], {0x14}}, 0x28}, 0x1, 0x0, 0x0, 0xf5}, 0x0)

1.278043734s ago: executing program 4 (id=1885):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x38, 0x5, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0xc, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x1c0050d4}]}]}], {0x14, 0x11, 0x1, 0x900}}, 0xac}}, 0x0)

1.208030441s ago: executing program 1 (id=1887):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c40)=@newtaction={0x78, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x64, 0x1, [@m_tunnel_key={0x60, 0x1, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xe}, @TCA_TUNNEL_KEY_NO_CSUM={0x5}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}}, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)={0x2c, r2, 0x1, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_4ADDR={0x5, 0x53, 0x2}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x5}, 0x4004080)

1.136789187s ago: executing program 2 (id=1888):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_macvtap\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054) (async)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) (async)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4) (async)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000340)=@gcm_256={{0x304}, '\x00', "376a31a11e8e279cec092f071cc80f218d360356a936a7e3971a8c35c47e5804", '\x00', "fffffffffffffffd"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4) (async)
writev(r3, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)
sendmsg$NFC_CMD_GET_TARGET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0x0) (async)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r2)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r2) (async)
sendmsg$NL802154_CMD_NEW_INTERFACE(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14f5ff00", @ANYRES32=r4, @ANYBLOB="01002abd70b71dbf00000000000f0000004b32ab185fc32df97e331d4276"], 0x14}}, 0x24008000)

1.044465844s ago: executing program 4 (id=1889):
socket$kcm(0x10, 0x2, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f0000001d00)=[{{0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000001d40)=""/4078, 0xfee}, {&(0x7f0000000340)=""/141, 0x8d}, {&(0x7f0000002d40)=""/4116, 0x1005}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/231, 0xe7}], 0x5}}], 0x3ffffbd, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0xa0000004})
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f0000000100)={0x2})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000005, 0x8031, 0xffffffffffffffff, 0x0)
r3 = socket(0x15, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x2713, &(0x7f0000032580)=""/102399, &(0x7f0000000280)=0x18fff)

971.665132ms ago: executing program 3 (id=1890):
r0 = socket$inet6_udp(0xa, 0x2, 0x0) (async)
r1 = epoll_create1(0x0)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)={0x30000011})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES32=r1], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
unshare(0x400) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="120000000100010001010000100000008036040029452dbdf8f52c3214892947222d92fabdea422fdf76b10926579eab51eac881348f627f7153e23d819e28616e0522066491df5cc1d9d5a0652ce9aaec7f38b4b413e12c47d52d8af237954b000000", @ANYRES32, @ANYBLOB="d200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="03000000040000000300"/28], 0x50)
bpf$PROG_LOAD(0x23, &(0x7f0000000700)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x3c1, 0x3, 0x450, 0x0, 0x168, 0x9, 0x278, 0xb, 0x398, 0x250, 0x250, 0x398, 0x250, 0x3, 0x0, {[{{@uncond, 0x6000000, 0x230, 0x278, 0x0, {0x0, 0x28e}, [@common=@inet=@hashlimit3={{0x158}, {'veth1_to_batadv\x00', {0x0, 0x7ff, 0x0, 0x0, 0x0, 0x49, 0x1000, 0x0, 0x0, 0x18}}}, @common=@inet=@ipcomp={{0x30}, {[], 0xb}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'dvmrp0\x00'}}}, {{@uncond, 0x0, 0xd8, 0x108, 0x0, {}, [@common=@inet=@l2tp={{0x30}}]}, @unspec=@CT0={0x0, 'CT\x00', 0x0, {0x0, 0x3, 0x9, 0x2, 'netbios-ns\x00'}}}], {{'\x00', 0x0, 0xa8, 0xb9}, {0x28}}}}, 0xffffffffffffff4c) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r5, 0x0)
r6 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCDELRT(r6, 0x890c, 0x0) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000850000000500000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd8, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0x8, &(0x7f0000003880)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb=0x1, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f00000004c0)=ANY=[@ANYRES32=0x0, @ANYRES32=r4, @ANYBLOB='/\x00'/12, @ANYRES32, @ANYBLOB="e71034aac022f52371933bca0700000081812fb068bae8fccff9b650bac95d5cb271b1bfcc8015e73feca936cb58e52d5a5c5a982dab2a409c395702a18078ddcc87c1eca938a46f808f50d419bd1c0bc737815548a2eed002b31d90cb9dce0e43b363", @ANYRES64=0x0], 0x20) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000600)=ANY=[@ANYRES32=r4, @ANYRES32=r8, @ANYBLOB='/'], 0x20) (async)
r9 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r9, &(0x7f0000000440)='0', 0x1, 0x0, &(0x7f0000000340)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c) (async)
shutdown(r9, 0x1)
getsockopt$bt_hci(r9, 0x84, 0x76, &(0x7f0000003140)=""/4111, &(0x7f0000000000)=0x100f) (async)
r10 = socket$kcm(0x10, 0x2, 0x0)
r11 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IPT_SO_SET_REPLACE(r11, 0x0, 0x40, &(0x7f0000000100)=@filter={'filter\x00', 0xe, 0x4, 0x328, 0xffffffff, 0x1f8, 0x130, 0x130, 0xffffffff, 0xffffffff, 0x290, 0x290, 0x290, 0xffffffff, 0x4, &(0x7f0000000000), {[{{@uncond, 0x0, 0xd0, 0x130, 0x0, {}, [@common=@addrtype={{0x30}, {0x1, 0x2, 0x0, 0x800001}}, @common=@addrtype={{0x30}, {0x80, 0x440, 0x0, 0x1}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @local, 0x3, 0x3, [0x2, 0x28, 0x1d, 0x19, 0x2f, 0xe, 0x27, 0x1c, 0x3, 0x2f, 0x2a, 0x7, 0x18, 0x23, 0x31, 0x3a], 0x0, 0x5375, 0x16}}}, {{@ip={@private=0xa010102, @local, 0xff, 0xffffffff, 'team0\x00', 'macvlan1\x00', {}, {0xff}, 0x32, 0x3, 0x10}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@ah={{0x30}, {[0x80000001, 0xd]}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x5}}}, {{@ip={@broadcast, @loopback, 0xff, 0x0, 'hsr0\x00', 'pim6reg\x00', {}, {0xff}, 0x6, 0x1}, 0x0, 0x70, 0x98}, @common=@unspec=@AUDIT={0x28, 'AUDIT\x00', 0x0, {0x2}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x388) (async)
r12 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$sock_int(r12, 0x1, 0x2f, 0x0, &(0x7f0000000040)) (async)
sendmsg$kcm(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)}, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r11, 0x6, 0x16, &(0x7f0000000080)=[@sack_perm, @mss], 0x2)

970.93435ms ago: executing program 1 (id=1891):
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r0, &(0x7f0000000440)=[{{&(0x7f0000000280)={0x2, 0x4e22, @private=0xa010101}, 0x10, &(0x7f0000000980)=[{&(0x7f0000000200)="9c", 0x1}], 0x1}}, {{&(0x7f0000000080)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000300)="99", 0x1}], 0x1}}], 0x2, 0x48000)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r1, &(0x7f0000000000)={0x1f, @none}, 0x8)
listen(r1, 0x0)
getsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000080), &(0x7f0000001140)=0x4)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={<r2=>0x0}, &(0x7f0000000000)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f0000000240)={r2, 0x2}, 0x8)
bpf$ENABLE_STATS(0x20, 0x0, 0xfffffffffffffcea)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000500000000000000020000040900000000000000020000000600d696b43c571283f70200000000000000482e00c5fdde3cf71dedd3ef71df212a70ad8a8608060552e6adfb901ece0c5e407baa4fca1d77dfad9e61057fc15e8d7b838cd38c9b2413cb132d453ae51629db4cf80e9d48319be7464afe512dd5a27738bda91c7ac3ce3dca66800a68e78484c076b49a71ccb5a7725a819c0e27e7295bc1094dcc6833e8a4350502eb4c154d728b9ac2abe1d357d797f633504ddea8f004a162248d8236bf3e3232c9f0f94a20fa53d80dd4a0db8934c2a25535c4bd6129"], 0x0, 0x41, 0x0, 0x0, 0x400, 0x0, @void, @value}, 0x28)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}}, 0x4000)
recvmmsg(r3, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x7fffffff}, {{0x0, 0x0, 0x0}, 0x10000}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000001a00)=[{&(0x7f0000000380)=""/188, 0xbc}, {&(0x7f0000000580)=""/250, 0xfa}, {&(0x7f00000000c0)=""/35, 0x23}, {&(0x7f0000000440)=""/84, 0x54}, {&(0x7f0000002b80)=""/4104, 0x1008}, {&(0x7f00000017c0)=""/230, 0xe6}, {&(0x7f0000000700)=""/90, 0x5a}, {&(0x7f0000001a80)=""/199, 0xc7}], 0x8}, 0x80000000}], 0x4, 0x20, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r6 = socket(0x2c, 0x803, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x4, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newtfilter={0x54, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r8, {0xc, 0x4}, {}, {0x3}}, [@filter_kind_options=@f_flow={{0x9}, {0x24, 0x2, [@TCA_FLOW_EMATCHES={0x20, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1, 0x0, 0x0, {{0x100}, {0x13b8, 0x300, 0x2}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x40080)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000002000000000000000000000850000003d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x57, @void, @value}, 0x90)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000007110040000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb=0x7758fb4145ff81d4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010400000000000000000100fffc0900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a300000000054000000060a010400000000000000000100000008000b40000000002c00048028000180080001006e6174001c000280080002400000dd0a080001400000000108000340000000000900010073797a30"], 0xc8}}, 0x0)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x3, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000840)=ANY=[@ANYRES32=r11, @ANYRESHEX=r4, @ANYRES8=r10, @ANYRES32, @ANYBLOB="105ea4c2de54f7d44df1109c5ae26696acf6e0fbc058514438379798cefb8c35bdf3800451f7b5e1d02f1ee9383de32b0517cded38d33c2b6de7322f9368dbffc8735174338555f74954d892b6f7cafafbeb89be29c0d87610c1868d9604a7d412392fa0ba7a10b3a6ca44e0501040c5c5912cbde2c558f55467e7e70000000000000000000040000000000000000200738b60c865104d8443d887d12b7865eb996d6699ac553586465c2c8a075f9d660000000000000000", @ANYRES64=0x0], 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000091124200"/32], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r11, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r4}, 0x20)

892.226896ms ago: executing program 3 (id=1892):
socket$netlink(0x10, 0x3, 0xa) (async)
r0 = socket$netlink(0x10, 0x3, 0xa)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6gretap0\x00', <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0x8, &(0x7f0000000880)=ANY=[@ANYBLOB="7a0af8ff7525736cbfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000f700000000b2595285fa97ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5956fc4a33ca263e2b5d47b2b00000000b1a297cfddd73f30f2382f6c2d3ffdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000010000800db583620ce7243d1aebdb638d91dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd843267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc70bb30d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e3841bef895c5a637b0bf2eac3cb07b74a72291a1a2b523dd81b6651b1ee29e999bb004823ebcd8c65743f31f84b263ab9b3426692d01ad194f302d7a658e90000000001000000b6b2f25ddb8c640ab321a402058c92cdfbea882b0b18914781ceb10814cf4ee23ddb79fff5eb156e0a000000000000f2bd164a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8fdf3bc282deb43a03409f8e6972f3f720d045923702cede0f3e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0aa390d0da6972ed719d7e0efb2bb713d1890e317c8de105c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1376eda2b9c66200349e62d4d0ab1a1dc51907c980000cfb215af2c1a3c22243cce23b00000a857d61b0d66c3f6da8aed31027c33204ea0fa0620111920d3f24980e9995a510bd87b06440a0a26130098b901c53a02cfbfd8bcbdec9f34542c3c9652adefde555ecd28ebc88082bab431ee3e1adb5b0ad14c79dd4411ecc96c512f3b72a9b3a0c3e07ec6b427bdc0bf3963e9f802a5feab82a989db62d8d1339f842b3f593d6c24fe015ec63c658ba7c4fae17514f802709ab4fa5caa932d4b65a5ecfc422899513ddde6ec04974f9981a8c155c26e2e3b8f2d0da70e524832ab04dec9ce66a62ceffbb15b1857c93666fe043a266a451f9a1e1f054211b9ae566b58f4f356c7a4"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0xd, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x2800000002000000, 0xe, 0x55, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000380)=""/85, 0x0, 0x4000000}, 0x28)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="280000001d000100000000000400000007000000", @ANYRES32=r2, @ANYBLOB="800002000a0002"], 0x28}, 0x1, 0x0, 0x0, 0x4008084}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="280000001d000100000000000400000007000000", @ANYRES32=r2, @ANYBLOB="800002000a0002"], 0x28}, 0x1, 0x0, 0x0, 0x4008084}, 0x0)

857.189594ms ago: executing program 2 (id=1893):
r0 = epoll_create(0x3)
r1 = socket$igmp(0x2, 0x3, 0x2)
r2 = socket$inet6(0xa, 0x6, 0x0)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
write(r3, &(0x7f00000000c0)="240000005f005f03a9f9f4ba0a1f0000000000000000ecffffffffffffff000000000000", 0x24)
listen(r2, 0x400)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000002c0)={0x2})
accept4$inet6(r2, 0x0, 0x0, 0x80800)
shutdown(r2, 0x1)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000180)={0x50002011})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r4, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, 0x7, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x3}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x4}]}, 0x34}}, 0x8a0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$team(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000000)={'team0\x00', <r7=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r5, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000400)={0x47c, r6, 0x1, 0x0, 0x0, {}, [{{0x8}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8}}}]}}, {{0x8, 0x1, r7}, {0xb4, 0x2, 0x0, 0x1, [{0x87, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8}}}, {0x40, 0x7, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}]}}, {{0xfffffdde}, {0x13c, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}]}}, {{0x8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8}, {0x1c4, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}, {0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{}, {}, {}, {}]}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8}}}]}}, {{0x8}, {0x4}}]}, 0x47c}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACSEC_SCB={0x5, 0xb, 0x1}, @IFLA_MACSEC_INC_SCI={0x5, 0x9, 0x1}]}}}]}, 0x44}}, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x44, r11, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0xfffffffe}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @multicast1}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @multicast2}]}, 0x44}}, 0x0)
sendmsg$L2TP_CMD_SESSION_CREATE(r9, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r11, 0x400, 0x70bd28, 0x25dfdbff, {}, [@L2TP_ATTR_MRU={0x6, 0x1d, 0x9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40081}, 0x1)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r8, 0x8982, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, 0x2, 0x1, 0x903, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x1002}, @CTA_ZONE={0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0xcd8}, 0x24000080)
sendmsg$OSF_MSG_REMOVE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x268, 0x1, 0x5, 0x801, 0x0, 0x0, {0x0, 0x0, 0x2}, [{{0x254, 0x1, {{0x0, 0x6}, 0x81, 0x0, 0x7, 0x800, 0x8, 'syz1\x00', "ba34d459039550206fca97d92ad8b1f4fd02ffa5ac236232a2ae9313642c7c52", "2e5153c04c590c82ad14d1472573b1770802887f94dd6a8ce8f4758ba1da3532", [{0x6, 0xf0c6, {0x0, 0x2844}}, {0x1, 0x1, {0x0, 0x4}}, {0x90, 0x7f, {0x2, 0x9}}, {0xffff, 0xff, {0x3, 0xb31}}, {0x0, 0x85ec, {0x1, 0x3000}}, {0x100, 0xcf, {0x2, 0xff}}, {0x8000, 0xbe20, {0x2, 0xd9}}, {0x3, 0x1, {0x3, 0x89a}}, {0x1, 0x6, {0x3, 0x7fff}}, {0x1, 0x4, {0x3, 0x8}}, {0x5, 0x1, {0x0, 0x78cc8ffb}}, {0x6, 0x1, {0x2, 0x2}}, {0x5, 0x3, {0x3, 0xb5c7}}, {0x1, 0x4, {0x2, 0x1}}, {0x7, 0x2, {0x0, 0x7fffffff}}, {0x6, 0x0, {0x1, 0x7}}, {0x8fd, 0x8, {0x0, 0x158}}, {0xfa, 0xd, {0x3, 0x6}}, {0x3, 0x9, {0x3, 0x3ff}}, {0x8, 0x2, {0x3, 0x9}}, {0x0, 0xa, {0x2, 0x3}}, {0x4, 0x5, {0x1, 0xe}}, {0x8, 0xae, {0x3, 0xcdc}}, {0x2, 0x100, {0x3, 0x5}}, {0x95, 0x7, {0x3, 0x10001}}, {0x6, 0x0, {0x3, 0x100}}, {0x81, 0x2, {0x0, 0x3}}, {0x7, 0x9, {0x0, 0x3}}, {0x2, 0x5, {0x1, 0x80000000}}, {0xfa, 0x8, {0x3, 0x2}}, {0x4, 0x800, {0x3, 0x9}}, {0x3, 0x4, {0x2, 0x8000}}, {0xfffd, 0x10, {0x1, 0x5}}, {0x0, 0x1d07, {0x1, 0x6}}, {0x2, 0xe6, {0x0, 0xffffffff}}, {0x7fff, 0xec, {0x0, 0x1}}, {0x7, 0x3, {0x2, 0x2189}}, {0x8, 0x9, {0x1, 0x4}}, {0x401, 0xa, {0x0, 0x3}}, {0x8, 0x1, {0x3, 0x3}}]}}}]}, 0x268}, 0x1, 0x0, 0x0, 0x8040}, 0x40880)
close(0xffffffffffffffff)
syz_init_net_socket$netrom(0x6, 0x5, 0x18)

584.053521ms ago: executing program 3 (id=1894):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @private=0xa010102}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x1a000}}, 0x40)

471.721527ms ago: executing program 1 (id=1895):
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000b00)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=@newtfilter={0x4c, 0x2c, 0x52f, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {}, {}, {0x2, 0x9}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xf1, 0x4, 0x4}]}}, @TCA_BPF_CLASSID={0x8, 0x3, {0x0, 0x5}}]}}]}, 0x4c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x182, 0x182, 0x3, [@datasec={0xb, 0x9, 0x0, 0xf, 0x2, [{0x2, 0x8, 0x5}, {0x8, 0x10001, 0x6}, {0x1, 0x7, 0x1326a337}, {0x2, 0x81, 0x8001}, {0x1, 0x7, 0xfffffe00}, {0x3, 0x4, 0x1}, {0x4, 0x9, 0x7dfed5ce}, {0x4, 0x0, 0x11d}, {0x2, 0xffffffff, 0xffff}], "0bc2"}, @volatile={0x1, 0x0, 0x0, 0x9, 0x1}, @volatile={0x7, 0x0, 0x0, 0x9, 0x3}, @ptr={0x3, 0x0, 0x0, 0x2, 0x5}, @restrict={0x4, 0x0, 0x0, 0xb, 0x4}, @struct={0x9, 0x4, 0x0, 0x4, 0x1, 0x9, [{0x4, 0x0, 0x7}, {0x7, 0x1, 0xffff}, {0x2, 0x5, 0xc}, {0xb, 0x3, 0x1}]}, @enum64={0x8, 0x6, 0x0, 0x13, 0x0, 0x0, [{0xf, 0xd30f, 0x6}, {0x4, 0xfffffffb, 0x80000000}, {0xc, 0xffffffff, 0x1}, {0xf, 0x9, 0x5}, {0x3, 0x5, 0x5}, {0x7, 0x5, 0x88}]}, @ptr={0xb, 0x0, 0x0, 0x2, 0x3}, @struct={0xf, 0x4, 0x0, 0x4, 0x0, 0x9f4, [{0xc, 0x5, 0xe54}, {0x3, 0x2, 0x7f}, {0x0, 0x4, 0x5}, {0x8, 0x1, 0xa90}]}]}, {0x0, [0x0]}}, &(0x7f0000000240)=""/232, 0x19f, 0xe8, 0x0, 0x10001, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000340)=@base={0xe, 0x0, 0x0, 0x202000, 0x841, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

396.554036ms ago: executing program 3 (id=1896):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000340)="07000000010000", 0x7)

347.891577ms ago: executing program 1 (id=1897):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FLUSH_PMKSA(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x1c, r3, 0x1, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r1}, @void}}}, 0x1c}, 0x1, 0x0, 0x7000000, 0x20000080}, 0x0)

254.841794ms ago: executing program 3 (id=1898):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$sock_int(r0, 0x1, 0x28, &(0x7f0000000080)=0x200, 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [], {0x14}}, 0x28}, 0x1, 0x0, 0x0, 0xf5ff}, 0x0)

252.746144ms ago: executing program 4 (id=1899):
syz_extract_tcp_res(&(0x7f0000000080), 0x9, 0x5)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000100)=0x8)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r1, &(0x7f0000000340)="07000000010000", 0x7)

168.049509ms ago: executing program 1 (id=1900):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x10, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="18003543d4b700", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008a0000009500000000000000"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

54.878978ms ago: executing program 3 (id=1901):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
r2 = accept$unix(0xffffffffffffffff, 0x0, &(0x7f00000000c0))
bind$unix(r2, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e)
setsockopt$CAN_RAW_JOIN_FILTERS(0xffffffffffffffff, 0x65, 0x6, &(0x7f0000000080)=0x1, 0x4)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000980)=ANY=[@ANYBLOB="340000001c00070c000000000000000002000000", @ANYRES32=r1, @ANYBLOB="100000000a00010000000000000000000a00020001e6280000030000"], 0x34}}, 0x20024090)

52.432301ms ago: executing program 4 (id=1902):
sendmsg$NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002dbd7000fedbdf2501000000080001000200000008000100010000000c00060003000000000000000800010003000000"], 0x38}, 0x1, 0x0, 0x0, 0x44000}, 0x80)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "00a8bc", 0x14, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001600)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='ext4_es_shrink_scan_exit\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000180)={0x0, <r1=>0x0}, 0x0)
r2 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=r1, 0x4)
bpf$LINK_DETACH(0x22, &(0x7f00000000c0)=r2, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a80000008500000050000000b81ee634b09e4c36"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c9f4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75055df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b556381768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8dc0d472672286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8455029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82a6ef09d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b420e74c6bcdf1ed0b306141a83bf1268e954ad069257fbfaa1a7ea582badc1a7f2a5b0965f3535872d85c0bc3a233a3ea85df6a8ed76f0f803d54b7bef77d8ea71621f8a78dd17c3b58c5c7476ed6191acbb949e77f7cac81c543f7751e5e1000"/4545], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@fallback=r3, r3, 0x2f, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000001d40)=ANY=[@ANYRES32=r3, @ANYRES32=r5, @ANYBLOB="2f0000000000000004040000", @ANYRES32=r3, @ANYBLOB, @ANYRES64=0x0], 0x20)

0s ago: executing program 1 (id=1903):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x40, 0x1}, 0x10)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000240)={0x8, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private0}}}, 0x108)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b29, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10)
socket$inet_icmp(0x2, 0x2, 0x1)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000380)="fe", 0x1}], 0x1)
close(0x3)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan1\x00', <r4=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r3, @ANYRESDEC=r3, @ANYRES32=r4, @ANYBLOB="60003080050002000000000014000400403a050c5bae9c544ef2b6d713459a7a1c00018005000300"], 0x7c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)

kernel console output (not intermixed with test programs):

netlink: 108 bytes leftover after parsing attributes in process `syz.3.1106'.
[  157.566089][ T9816] batman_adv: batadv0: Adding interface: batadv_slave_1
[  157.573427][ T9816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.632256][ T9816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  157.722551][T10056] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1108'.
[  157.746810][ T5845] Bluetooth: hci1: command tx timeout
[  157.802378][T10059] xt_CT: No such helper "syz1"
[  158.042736][ T9816] hsr_slave_0: entered promiscuous mode
[  158.076581][ T9816] hsr_slave_1: entered promiscuous mode
[  158.105816][ T9816] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  158.142084][ T9816] Cannot create hsr debugfs directory
[  158.545213][T10087] xt_CT: No such helper "syz1"
[  158.941691][T10116] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1123'.
[  159.161454][T10123] af_packet: tpacket_rcv: packet too big, clamped from 39 to 4294967272. macoff=96
[  159.281124][T10130] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1129'.
[  159.795597][T10148] xt_CT: No such helper "syz1"
[  159.825895][ T5845] Bluetooth: hci1: command tx timeout
[  159.965257][ T9816] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  159.990761][ T9816] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  160.063621][ T9816] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  160.098451][ T9816] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  160.206422][T10181] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1142'.
[  160.253510][T10181] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1142'.
[  160.328217][ T9816] 8021q: adding VLAN 0 to HW filter on device bond0
[  160.370698][T10181] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1142'.
[  160.378936][ T9816] 8021q: adding VLAN 0 to HW filter on device team0
[  160.416934][T10190] xt_ecn: cannot match TCP bits for non-tcp packets
[  160.452207][ T9867] bridge0: port 1(bridge_slave_0) entered blocking state
[  160.459389][ T9867] bridge0: port 1(bridge_slave_0) entered forwarding state
[  160.498189][ T9867] bridge0: port 2(bridge_slave_1) entered blocking state
[  160.505401][ T9867] bridge0: port 2(bridge_slave_1) entered forwarding state
[  160.936398][T10210] xt_CT: No such helper "syz1"
[  161.093735][T10222] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  161.182624][ T9816] 8021q: adding VLAN 0 to HW filter on device batadv0
[  161.317473][ T9816] veth0_vlan: entered promiscuous mode
[  161.341939][ T9816] veth1_vlan: entered promiscuous mode
[  161.436892][ T9816] veth0_macvtap: entered promiscuous mode
[  161.456559][ T9816] veth1_macvtap: entered promiscuous mode
[  161.492883][T10237] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  161.493712][ T9816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.513225][T10244] Cannot find add_set index 3 as target
[  161.563143][T10237] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  161.578884][ T9816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.599762][ T9816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.625215][ T9816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.650154][T10246] xt_CT: No such helper "syz1"
[  161.655622][T10237] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  161.680449][ T9816] batman_adv: batadv0: Interface activated: batadv_slave_0
[  161.717259][ T9816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.729117][T10237] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  161.750920][ T9816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.765946][T10256] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1162'.
[  161.780833][ T9816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.800944][ T9816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.816625][T10237] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  161.836490][ T9816] batman_adv: batadv0: Interface activated: batadv_slave_1
[  161.903919][ T9816] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  161.904120][T10237] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  161.930951][T10237] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  161.936463][ T9816] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  161.964245][T10237] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  161.965111][ T9816] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  161.977163][T10237] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  162.016432][ T9816] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  162.193290][T10272] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1165'.
[  162.243696][T10272] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1165'.
[  162.304069][T10280] "syz.4.1165" (10280) uses obsolete ecb(arc4) skcipher
[  162.438637][ T9868] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  162.475945][ T9868] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  162.615658][ T9866] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  162.623529][ T9866] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  163.058679][T10302] netlink: 'syz.4.1173': attribute type 1 has an invalid length.
[  163.420551][T10331] syzkaller0: create flow: hash 3437333571 index 2
[  163.795825][T10359] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1183'.
[  163.811437][T10327] syzkaller0: delete flow: hash 3437333571 index 2
[  163.856631][T10362] "syz.4.1183" (10362) uses obsolete ecb(arc4) skcipher
[  163.954615][  T990] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.024875][T10356] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1183'.
[  164.670294][T10373] netlink: 'syz.4.1187': attribute type 32 has an invalid length.
[  164.690721][T10373] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1187'.
[  164.953380][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  164.963245][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  164.971996][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  164.983222][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  164.993236][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  165.001671][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  165.970690][  T990] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.001599][T10373] (unnamed net_device) (uninitialized): Setting coupled_control to off (0)
[  166.022169][T10373] workqueue: Failed to create a rescuer kthread for wq "bond5": -EINTR
[  166.024519][T10378] workqueue: Failed to create a rescuer kthread for wq "bond7": -EINTR
[  166.207246][  T990] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.237964][T10393] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1189'.
[  166.267332][T10391] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1190'.
[  166.277110][T10396] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1192'.
[  166.291808][T10396] block nbd0: not configured, cannot reconfigure
[  166.349621][T10393] bond3: entered promiscuous mode
[  166.377686][T10393] 8021q: adding VLAN 0 to HW filter on device bond3
[  166.480571][  T990] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.738228][T10419] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  167.106362][ T5845] Bluetooth: hci1: command tx timeout
[  167.151191][T10434] netlink: 6 bytes leftover after parsing attributes in process `syz.3.1197'.
[  167.164565][T10380] chnl_net:caif_netlink_parms(): no params data found
[  167.239150][T10443] net_ratelimit: 27 callbacks suppressed
[  167.239164][T10443] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  167.327776][  T990] bridge_slave_1: left allmulticast mode
[  167.349806][  T990] bridge_slave_1: left promiscuous mode
[  167.361277][  T990] bridge0: port 2(bridge_slave_1) entered disabled state
[  167.396271][  T990] bridge_slave_0: left allmulticast mode
[  167.410213][  T990] bridge_slave_0: left promiscuous mode
[  167.429075][  T990] bridge0: port 1(bridge_slave_0) entered disabled state
[  167.777209][T10465] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1205'.
[  167.810635][T10467] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1206'.
[  168.234259][  T990] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  168.250091][  T990] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  168.261585][  T990] bond0 (unregistering): Released all slaves
[  168.283387][T10465] –eth0_vlan: left allmulticast mode
[  168.292814][T10465] –eth0_vlan: left promiscuous mode
[  168.301513][T10465] bridge0: port 2(–eth0_vlan) entered disabled state
[  168.328996][T10465] bridge_slave_0: left allmulticast mode
[  168.340513][T10465] bridge_slave_0: left promiscuous mode
[  168.346863][T10465] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.563789][T10490] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1214'.
[  168.650085][T10490] bond5: entered promiscuous mode
[  168.660458][T10490] 8021q: adding VLAN 0 to HW filter on device bond5
[  168.681513][T10491] sit1: entered promiscuous mode
[  168.689975][T10491] sit1: entered allmulticast mode
[  168.834252][T10501] netlink: 'syz.3.1218': attribute type 16 has an invalid length.
[  168.851622][T10501] netlink: 'syz.3.1218': attribute type 3 has an invalid length.
[  168.866667][T10501] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1218'.
[  169.151597][T10380] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.160722][T10511] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1222'.
[  169.195171][T10380] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.202443][T10380] bridge_slave_0: entered allmulticast mode
[  169.205113][ T5845] Bluetooth: hci1: command tx timeout
[  169.229013][T10380] bridge_slave_0: entered promiscuous mode
[  169.303688][T10380] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.351437][T10380] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.390398][T10380] bridge_slave_1: entered allmulticast mode
[  169.403584][T10380] bridge_slave_1: entered promiscuous mode
[  169.443760][  T990] hsr_slave_0: left promiscuous mode
[  169.452125][  T990] hsr_slave_1: left promiscuous mode
[  169.467643][  T990] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  169.477582][  T990] batman_adv: batadv0: Removing interface: batadv_slave_0
[  169.488105][  T990] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.496787][  T990] batman_adv: batadv0: Removing interface: batadv_slave_1
[  169.520757][  T990] veth1_macvtap: left promiscuous mode
[  169.526478][  T990] veth0_macvtap: left promiscuous mode
[  169.532099][  T990] veth1_vlan: left promiscuous mode
[  169.538257][  T990] veth0_vlan: left promiscuous mode
[  169.978830][  T990] team0 (unregistering): Port device team_slave_1 removed
[  170.019615][  T990] team0 (unregistering): Port device team_slave_0 removed
[  170.507237][T10537] (unnamed net_device) (uninitialized): down delay (33554432) is not a multiple of miimon (640), value rounded to 33553920 ms
[  170.577645][T10537] __nla_validate_parse: 1 callbacks suppressed
[  170.577662][T10537] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1230'.
[  170.579889][T10380] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  170.708695][T10380] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  170.803943][T10545] bond6: entered promiscuous mode
[  170.828832][T10545] bond6: entered allmulticast mode
[  170.834746][T10545] 8021q: adding VLAN 0 to HW filter on device bond6
[  170.855698][T10556] tipc: Enabling of bearer <eth:ipvlan1> rejected, failed to enable media
[  170.980597][T10554] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1235'.
[  171.009506][T10380] team0: Port device team_slave_0 added
[  171.131578][T10380] team0: Port device team_slave_1 added
[  171.238431][T10380] batman_adv: batadv0: Adding interface: batadv_slave_0
[  171.259878][T10380] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.287878][ T5845] Bluetooth: hci1: command tx timeout
[  171.294972][T10380] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  171.356889][T10380] batman_adv: batadv0: Adding interface: batadv_slave_1
[  171.366681][T10380] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.394374][T10380] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  171.537199][T10380] hsr_slave_0: entered promiscuous mode
[  171.567647][T10380] hsr_slave_1: entered promiscuous mode
[  171.589008][T10380] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  171.606303][T10380] Cannot create hsr debugfs directory
[  171.623758][T10583] netlink: 'syz.3.1245': attribute type 33 has an invalid length.
[  171.632166][T10585] syzkaller0: entered allmulticast mode
[  171.648841][T10583] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1245'.
[  171.670769][T10585] syzkaller0 (unregistering): left allmulticast mode
[  171.773715][T10592] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1248'.
[  171.810399][T10590] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1248'.
[  172.004218][T10600] netlink: 'syz.2.1251': attribute type 14 has an invalid length.
[  172.069010][T10603] net veth1_virt_wifi : renamed from virt_wifi0
[  172.334437][T10609] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1252'.
[  172.359669][T10380] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  172.390354][T10380] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  172.428461][T10380] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  172.465722][T10380] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  172.788081][T10380] 8021q: adding VLAN 0 to HW filter on device bond0
[  172.895818][T10380] 8021q: adding VLAN 0 to HW filter on device team0
[  172.982167][ T9867] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.989372][ T9867] bridge0: port 1(bridge_slave_0) entered forwarding state
[  173.033571][ T9867] bridge0: port 2(bridge_slave_1) entered blocking state
[  173.040777][ T9867] bridge0: port 2(bridge_slave_1) entered forwarding state
[  173.084863][T10627] xt_CT: No such helper "syz1"
[  173.334673][T10642] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  173.341679][T10642] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  173.360135][ T5845] Bluetooth: hci1: command tx timeout
[  173.581392][T10380] 8021q: adding VLAN 0 to HW filter on device batadv0
[  173.643661][T10654] netlink: 16178 bytes leftover after parsing attributes in process `syz.3.1265'.
[  173.837377][T10665] xt_l2tp: wrong L2TP version: 0
[  173.844172][T10652] 8021q: adding VLAN 0 to HW filter on device bond4
[  173.905159][T10652] bond4: entered promiscuous mode
[  173.921021][T10652] bond0: (slave bond4): Enslaving as an active interface with an up link
[  173.992214][T10380] veth0_vlan: entered promiscuous mode
[  174.044711][T10380] veth1_vlan: entered promiscuous mode
[  174.187631][T10380] veth0_macvtap: entered promiscuous mode
[  174.217186][T10380] veth1_macvtap: entered promiscuous mode
[  174.296287][T10380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.322711][T10380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.333438][T10380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.376296][T10380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.425907][T10380] batman_adv: batadv0: Interface activated: batadv_slave_0
[  174.467501][T10380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.520680][T10380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.555046][T10380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.572638][T10380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.608547][T10380] batman_adv: batadv0: Interface activated: batadv_slave_1
[  174.661460][T10380] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  174.695793][T10380] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  174.715371][T10380] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  174.724121][T10380] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  174.731499][T10710] xt_policy: output policy not valid in PREROUTING and INPUT
[  174.799020][T10714] FAULT_INJECTION: forcing a failure.
[  174.799020][T10714] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  174.813942][T10714] CPU: 1 UID: 0 PID: 10714 Comm: syz.4.1283 Not tainted 6.14.0-rc5-syzkaller-00181-g2409fa66e29a #0
[  174.813966][T10714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  174.813977][T10714] Call Trace:
[  174.813984][T10714]  <TASK>
[  174.813991][T10714]  dump_stack_lvl+0x241/0x360
[  174.814017][T10714]  ? __pfx_dump_stack_lvl+0x10/0x10
[  174.814035][T10714]  ? __pfx__printk+0x10/0x10
[  174.814054][T10714]  ? __pfx_lock_release+0x10/0x10
[  174.814085][T10714]  should_fail_ex+0x40a/0x550
[  174.814113][T10714]  _copy_from_iter+0x1df/0x1c40
[  174.814131][T10714]  ? __virt_addr_valid+0x183/0x530
[  174.814148][T10714]  ? __pfx_lock_release+0x10/0x10
[  174.814177][T10714]  ? __alloc_skb+0x28f/0x440
[  174.814200][T10714]  ? __pfx__copy_from_iter+0x10/0x10
[  174.814219][T10714]  ? __virt_addr_valid+0x183/0x530
[  174.814234][T10714]  ? __virt_addr_valid+0x183/0x530
[  174.814248][T10714]  ? __virt_addr_valid+0x45f/0x530
[  174.814264][T10714]  ? __phys_addr_symbol+0x2f/0x70
[  174.814279][T10714]  ? __check_object_size+0x47a/0x730
[  174.814304][T10714]  netlink_sendmsg+0x742/0xcb0
[  174.814334][T10714]  ? __pfx_netlink_sendmsg+0x10/0x10
[  174.814356][T10714]  ? aa_sock_msg_perm+0x91/0x160
[  174.814384][T10714]  ? __pfx_netlink_sendmsg+0x10/0x10
[  174.814400][T10714]  __sock_sendmsg+0x221/0x270
[  174.814423][T10714]  ____sys_sendmsg+0x53a/0x860
[  174.814448][T10714]  ? __pfx_____sys_sendmsg+0x10/0x10
[  174.814462][T10714]  ? __fget_files+0x2a/0x410
[  174.814487][T10714]  ? __fget_files+0x2a/0x410
[  174.814516][T10714]  __sys_sendmsg+0x269/0x350
[  174.814537][T10714]  ? __pfx___sys_sendmsg+0x10/0x10
[  174.814566][T10714]  ? do_sys_openat2+0x17a/0x1d0
[  174.814611][T10714]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  174.814635][T10714]  ? do_syscall_64+0x100/0x230
[  174.814660][T10714]  ? do_syscall_64+0xb6/0x230
[  174.814683][T10714]  do_syscall_64+0xf3/0x230
[  174.814704][T10714]  ? clear_bhb_loop+0x35/0x90
[  174.814728][T10714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.814750][T10714] RIP: 0033:0x7f3a2398d169
[  174.814765][T10714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.814779][T10714] RSP: 002b:00007f3a248c6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  174.814798][T10714] RAX: ffffffffffffffda RBX: 00007f3a23ba5fa0 RCX: 00007f3a2398d169
[  174.814810][T10714] RDX: 0000000000040000 RSI: 0000400000000100 RDI: 0000000000000003
[  174.814821][T10714] RBP: 00007f3a248c6090 R08: 0000000000000000 R09: 0000000000000000
[  174.814832][T10714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  174.814842][T10714] R13: 0000000000000000 R14: 00007f3a23ba5fa0 R15: 00007ffee9d714d8
[  174.814868][T10714]  </TASK>
[  175.222921][T10716] wlan1: mtu less than device minimum
[  175.418026][T10731] netlink: 'syz.2.1287': attribute type 1 has an invalid length.
[  175.524020][ T1166] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  175.556486][ T1166] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.638573][ T9870] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  175.656258][ T9870] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.835902][T10746] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1292'.
[  175.898391][T10751] syzkaller0: entered allmulticast mode
[  175.928569][T10751] syzkaller0 (unregistering): left allmulticast mode
[  176.241394][T10767] xt_hashlimit: size too large, truncated to 1048576
[  176.654970][  T990] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.772919][  T990] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.411641][  T990] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.538916][T10823] syz_tun: entered allmulticast mode
[  177.548658][T10816] syz_tun: left allmulticast mode
[  177.654877][  T990] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.791631][T10830] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1303'.
[  177.995141][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  178.007702][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  178.021963][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  178.030412][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  178.040179][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  178.054665][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  178.136580][T10846] xt_CT: No such helper "syz1"
[  180.134073][T10867] workqueue: name exceeds WQ_NAME_LEN. Truncating to: ¯HcUØîÑË•‚Ž¹+ÕuµJÙÊVú?zlIèƒ
[  180.145662][ T5845] Bluetooth: hci1: command tx timeout
[  180.398474][T10905] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1315'.
[  180.518177][T10905] netlink: 'syz.3.1315': attribute type 4 has an invalid length.
[  180.620300][  T990] bridge_slave_1: left allmulticast mode
[  180.644241][  T990] bridge_slave_1: left promiscuous mode
[  180.665756][  T990] bridge0: port 2(bridge_slave_1) entered disabled state
[  180.689287][  T990] bridge_slave_0: left allmulticast mode
[  180.714863][  T990] bridge_slave_0: left promiscuous mode
[  180.743036][  T990] bridge0: port 1(bridge_slave_0) entered disabled state
[  180.768685][T10921] xt_CT: No such helper "syz1"
[  181.209757][  T990] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  181.222073][  T990] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  181.233032][  T990] bond0 (unregistering): Released all slaves
[  181.379111][T10919] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1318'.
[  181.397217][T10919] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  181.458261][T10934] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  181.478286][T10934] team0: Device ipvlan0 is already an upper device of the team interface
[  181.632300][T10944] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1325'.
[  181.681981][T10941] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1325'.
[  181.742653][T10947] "syz.4.1325" (10947) uses obsolete ecb(arc4) skcipher
[  182.054271][T10852] chnl_net:caif_netlink_parms(): no params data found
[  182.221673][T10971] FAULT_INJECTION: forcing a failure.
[  182.221673][T10971] name failslab, interval 1, probability 0, space 0, times 0
[  182.235728][ T5845] Bluetooth: hci1: command tx timeout
[  182.248728][  T990] hsr_slave_0: left promiscuous mode
[  182.275862][T10971] CPU: 1 UID: 0 PID: 10971 Comm: syz.2.1333 Not tainted 6.14.0-rc5-syzkaller-00181-g2409fa66e29a #0
[  182.275886][T10971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  182.275896][T10971] Call Trace:
[  182.275902][T10971]  <TASK>
[  182.275909][T10971]  dump_stack_lvl+0x241/0x360
[  182.275945][T10971]  ? __pfx_dump_stack_lvl+0x10/0x10
[  182.275961][T10971]  ? __pfx__printk+0x10/0x10
[  182.275978][T10971]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  182.276000][T10971]  ? __pfx___might_resched+0x10/0x10
[  182.276023][T10971]  should_fail_ex+0x40a/0x550
[  182.276049][T10971]  should_failslab+0xac/0x100
[  182.276072][T10971]  kmem_cache_alloc_node_noprof+0x77/0x380
[  182.276092][T10971]  ? __alloc_skb+0x1c3/0x440
[  182.276129][T10971]  __alloc_skb+0x1c3/0x440
[  182.276154][T10971]  ? __pfx___alloc_skb+0x10/0x10
[  182.276179][T10971]  ? netlink_autobind+0xd6/0x2f0
[  182.276196][T10971]  ? netlink_autobind+0x2b0/0x2f0
[  182.276217][T10971]  netlink_sendmsg+0x634/0xcb0
[  182.276242][T10971]  ? __pfx_netlink_sendmsg+0x10/0x10
[  182.276261][T10971]  ? aa_sock_msg_perm+0x91/0x160
[  182.276287][T10971]  ? __pfx_netlink_sendmsg+0x10/0x10
[  182.276302][T10971]  __sock_sendmsg+0x221/0x270
[  182.276324][T10971]  ____sys_sendmsg+0x53a/0x860
[  182.276346][T10971]  ? __pfx_____sys_sendmsg+0x10/0x10
[  182.276359][T10971]  ? __fget_files+0x2a/0x410
[  182.276384][T10971]  ? __fget_files+0x2a/0x410
[  182.276411][T10971]  __sys_sendmsg+0x269/0x350
[  182.276431][T10971]  ? __pfx___sys_sendmsg+0x10/0x10
[  182.276457][T10971]  ? do_sys_openat2+0x17a/0x1d0
[  182.276503][T10971]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  182.276526][T10971]  ? do_syscall_64+0x100/0x230
[  182.276549][T10971]  ? do_syscall_64+0xb6/0x230
[  182.276572][T10971]  do_syscall_64+0xf3/0x230
[  182.276592][T10971]  ? clear_bhb_loop+0x35/0x90
[  182.276616][T10971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.276636][T10971] RIP: 0033:0x7fd3cdd8d169
[  182.276658][T10971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.276671][T10971] RSP: 002b:00007fd3ceb75038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  182.276696][T10971] RAX: ffffffffffffffda RBX: 00007fd3cdfa5fa0 RCX: 00007fd3cdd8d169
[  182.276707][T10971] RDX: 0000000000000000 RSI: 000040000000c2c0 RDI: 0000000000000003
[  182.276717][T10971] RBP: 00007fd3ceb75090 R08: 0000000000000000 R09: 0000000000000000
[  182.276727][T10971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.276737][T10971] R13: 0000000000000000 R14: 00007fd3cdfa5fa0 R15: 00007fff86679468
[  182.276761][T10971]  </TASK>
[  182.276894][  T990] hsr_slave_1: left promiscuous mode
[  182.555581][  T990] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  182.563126][  T990] batman_adv: batadv0: Removing interface: batadv_slave_0
[  182.573132][  T990] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  182.580994][  T990] batman_adv: batadv0: Removing interface: batadv_slave_1
[  182.621543][  T990] veth1_macvtap: left promiscuous mode
[  182.627541][  T990] veth0_macvtap: left promiscuous mode
[  182.627976][T10984] FAULT_INJECTION: forcing a failure.
[  182.627976][T10984] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  182.633252][  T990] veth1_vlan: left promiscuous mode
[  182.652826][  T990] veth0_vlan: left promiscuous mode
[  182.664113][T10984] CPU: 0 UID: 0 PID: 10984 Comm: syz.2.1337 Not tainted 6.14.0-rc5-syzkaller-00181-g2409fa66e29a #0
[  182.664138][T10984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  182.664148][T10984] Call Trace:
[  182.664154][T10984]  <TASK>
[  182.664161][T10984]  dump_stack_lvl+0x241/0x360
[  182.664188][T10984]  ? __pfx_dump_stack_lvl+0x10/0x10
[  182.664206][T10984]  ? __pfx__printk+0x10/0x10
[  182.664225][T10984]  ? __pfx_lock_release+0x10/0x10
[  182.664256][T10984]  should_fail_ex+0x40a/0x550
[  182.664284][T10984]  _copy_from_iter+0x1df/0x1c40
[  182.664302][T10984]  ? __virt_addr_valid+0x183/0x530
[  182.664319][T10984]  ? __pfx_lock_release+0x10/0x10
[  182.664354][T10984]  ? __alloc_skb+0x28f/0x440
[  182.664377][T10984]  ? __pfx__copy_from_iter+0x10/0x10
[  182.664397][T10984]  ? __virt_addr_valid+0x183/0x530
[  182.664412][T10984]  ? __virt_addr_valid+0x183/0x530
[  182.664426][T10984]  ? __virt_addr_valid+0x45f/0x530
[  182.664442][T10984]  ? __phys_addr_symbol+0x2f/0x70
[  182.664457][T10984]  ? __check_object_size+0x47a/0x730
[  182.664483][T10984]  netlink_sendmsg+0x742/0xcb0
[  182.664508][T10984]  ? __pfx_netlink_sendmsg+0x10/0x10
[  182.664527][T10984]  ? aa_sock_msg_perm+0x91/0x160
[  182.664555][T10984]  ? __pfx_netlink_sendmsg+0x10/0x10
[  182.664571][T10984]  __sock_sendmsg+0x221/0x270
[  182.664594][T10984]  ____sys_sendmsg+0x53a/0x860
[  182.664618][T10984]  ? __pfx_____sys_sendmsg+0x10/0x10
[  182.664632][T10984]  ? __fget_files+0x2a/0x410
[  182.664657][T10984]  ? __fget_files+0x2a/0x410
[  182.664686][T10984]  __sys_sendmsg+0x269/0x350
[  182.664707][T10984]  ? __pfx___sys_sendmsg+0x10/0x10
[  182.664735][T10984]  ? do_sys_openat2+0x17a/0x1d0
[  182.664781][T10984]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  182.664805][T10984]  ? do_syscall_64+0x100/0x230
[  182.664830][T10984]  ? do_syscall_64+0xb6/0x230
[  182.664854][T10984]  do_syscall_64+0xf3/0x230
[  182.664875][T10984]  ? clear_bhb_loop+0x35/0x90
[  182.664899][T10984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.664920][T10984] RIP: 0033:0x7fd3cdd8d169
[  182.664936][T10984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.664949][T10984] RSP: 002b:00007fd3ceb75038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  182.664971][T10984] RAX: ffffffffffffffda RBX: 00007fd3cdfa5fa0 RCX: 00007fd3cdd8d169
[  182.664982][T10984] RDX: 0000000000000000 RSI: 0000400000000080 RDI: 0000000000000004
[  182.664991][T10984] RBP: 00007fd3ceb75090 R08: 0000000000000000 R09: 0000000000000000
[  182.665000][T10984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.665009][T10984] R13: 0000000000000000 R14: 00007fd3cdfa5fa0 R15: 00007fff86679468
[  182.665033][T10984]  </TASK>
[  183.441169][  T990] team0 (unregistering): Port device team_slave_1 removed
[  183.481015][  T990] team0 (unregistering): Port device team_slave_0 removed
[  183.899635][T10995] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1340'.
[  183.920327][T11006] wg1 speed is unknown, defaulting to 1000
[  184.053072][T11017] xt_nat: multiple ranges no longer supported
[  184.163162][T11020] xt_CT: No such helper "syz1"
[  184.279931][T11027] FAULT_INJECTION: forcing a failure.
[  184.279931][T11027] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  184.293917][T11027] CPU: 0 UID: 0 PID: 11027 Comm: syz.2.1349 Not tainted 6.14.0-rc5-syzkaller-00181-g2409fa66e29a #0
[  184.293940][T11027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  184.293962][T11027] Call Trace:
[  184.293968][T11027]  <TASK>
[  184.293976][T11027]  dump_stack_lvl+0x241/0x360
[  184.294002][T11027]  ? __pfx_dump_stack_lvl+0x10/0x10
[  184.294020][T11027]  ? __pfx__printk+0x10/0x10
[  184.294039][T11027]  ? __pfx_lock_release+0x10/0x10
[  184.294070][T11027]  should_fail_ex+0x40a/0x550
[  184.294097][T11027]  _copy_from_iter+0x1df/0x1c40
[  184.294115][T11027]  ? __virt_addr_valid+0x183/0x530
[  184.294132][T11027]  ? __pfx_lock_release+0x10/0x10
[  184.294160][T11027]  ? __alloc_skb+0x28f/0x440
[  184.294181][T11027]  ? __pfx__copy_from_iter+0x10/0x10
[  184.294200][T11027]  ? __virt_addr_valid+0x183/0x530
[  184.294214][T11027]  ? __virt_addr_valid+0x183/0x530
[  184.294227][T11027]  ? __virt_addr_valid+0x45f/0x530
[  184.294243][T11027]  ? __phys_addr_symbol+0x2f/0x70
[  184.294258][T11027]  ? __check_object_size+0x47a/0x730
[  184.294284][T11027]  netlink_sendmsg+0x742/0xcb0
[  184.294315][T11027]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.294337][T11027]  ? aa_sock_msg_perm+0x91/0x160
[  184.294365][T11027]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.294381][T11027]  __sock_sendmsg+0x221/0x270
[  184.294404][T11027]  ____sys_sendmsg+0x53a/0x860
[  184.294429][T11027]  ? __pfx_____sys_sendmsg+0x10/0x10
[  184.294443][T11027]  ? __fget_files+0x2a/0x410
[  184.294468][T11027]  ? __fget_files+0x2a/0x410
[  184.294498][T11027]  __sys_sendmsg+0x269/0x350
[  184.294519][T11027]  ? __pfx___sys_sendmsg+0x10/0x10
[  184.294548][T11027]  ? do_sys_openat2+0x17a/0x1d0
[  184.294595][T11027]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  184.294619][T11027]  ? do_syscall_64+0x100/0x230
[  184.294644][T11027]  ? do_syscall_64+0xb6/0x230
[  184.294667][T11027]  do_syscall_64+0xf3/0x230
[  184.294688][T11027]  ? clear_bhb_loop+0x35/0x90
[  184.294712][T11027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.294732][T11027] RIP: 0033:0x7fd3cdd8d169
[  184.294747][T11027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.294761][T11027] RSP: 002b:00007fd3ceb54038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  184.294780][T11027] RAX: ffffffffffffffda RBX: 00007fd3cdfa6080 RCX: 00007fd3cdd8d169
[  184.294792][T11027] RDX: 0000000000000800 RSI: 0000400000000280 RDI: 0000000000000005
[  184.294802][T11027] RBP: 00007fd3ceb54090 R08: 0000000000000000 R09: 0000000000000000
[  184.294812][T11027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.294822][T11027] R13: 0000000000000000 R14: 00007fd3cdfa6080 R15: 00007fff86679468
[  184.294853][T11027]  </TASK>
[  184.567381][ T5845] Bluetooth: hci1: command tx timeout
[  184.608370][T11006] wg1 speed is unknown, defaulting to 1000
[  184.615312][T10852] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.623464][T10852] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.676895][T10852] bridge_slave_0: entered allmulticast mode
[  184.683547][T10852] bridge_slave_0: entered promiscuous mode
[  184.742899][T11006] wg1 speed is unknown, defaulting to 1000
[  184.749759][T10852] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.809760][T10852] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.831916][T10852] bridge_slave_1: entered allmulticast mode
[  184.887985][T10852] bridge_slave_1: entered promiscuous mode
[  185.136339][T11045] FAULT_INJECTION: forcing a failure.
[  185.136339][T11045] name failslab, interval 1, probability 0, space 0, times 0
[  185.180145][T10852] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  185.199390][T11045] CPU: 1 UID: 0 PID: 11045 Comm: syz.4.1353 Not tainted 6.14.0-rc5-syzkaller-00181-g2409fa66e29a #0
[  185.199416][T11045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  185.199426][T11045] Call Trace:
[  185.199433][T11045]  <TASK>
[  185.199441][T11045]  dump_stack_lvl+0x241/0x360
[  185.199466][T11045]  ? __pfx_dump_stack_lvl+0x10/0x10
[  185.199483][T11045]  ? __pfx__printk+0x10/0x10
[  185.199502][T11045]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  185.199526][T11045]  ? __pfx___might_resched+0x10/0x10
[  185.199550][T11045]  should_fail_ex+0x40a/0x550
[  185.199577][T11045]  should_failslab+0xac/0x100
[  185.199598][T11045]  kmem_cache_alloc_node_noprof+0x77/0x380
[  185.199619][T11045]  ? __alloc_skb+0x1c3/0x440
[  185.199645][T11045]  __alloc_skb+0x1c3/0x440
[  185.199672][T11045]  ? __pfx___alloc_skb+0x10/0x10
[  185.199696][T11045]  ? netlink_autobind+0xd6/0x2f0
[  185.199713][T11045]  ? netlink_autobind+0x2b0/0x2f0
[  185.199735][T11045]  netlink_sendmsg+0x634/0xcb0
[  185.199764][T11045]  ? __pfx_netlink_sendmsg+0x10/0x10
[  185.199786][T11045]  ? aa_sock_msg_perm+0x91/0x160
[  185.199818][T11045]  ? __pfx_netlink_sendmsg+0x10/0x10
[  185.199832][T11045]  __sock_sendmsg+0x221/0x270
[  185.199854][T11045]  ____sys_sendmsg+0x53a/0x860
[  185.199876][T11045]  ? __pfx_____sys_sendmsg+0x10/0x10
[  185.199889][T11045]  ? __fget_files+0x2a/0x410
[  185.199912][T11045]  ? __fget_files+0x2a/0x410
[  185.199939][T11045]  __sys_sendmsg+0x269/0x350
[  185.199958][T11045]  ? __pfx___sys_sendmsg+0x10/0x10
[  185.199985][T11045]  ? do_sys_openat2+0x17a/0x1d0
[  185.200031][T11045]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  185.200056][T11045]  ? do_syscall_64+0x100/0x230
[  185.200078][T11045]  ? do_syscall_64+0xb6/0x230
[  185.200098][T11045]  do_syscall_64+0xf3/0x230
[  185.200118][T11045]  ? clear_bhb_loop+0x35/0x90
[  185.200143][T11045]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.200161][T11045] RIP: 0033:0x7f3a2398d169
[  185.200176][T11045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.200195][T11045] RSP: 002b:00007f3a248c6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  185.200213][T11045] RAX: ffffffffffffffda RBX: 00007f3a23ba5fa0 RCX: 00007f3a2398d169
[  185.200223][T11045] RDX: 0000000004000000 RSI: 0000400000000780 RDI: 0000000000000003
[  185.200233][T11045] RBP: 00007f3a248c6090 R08: 0000000000000000 R09: 0000000000000000
[  185.200243][T11045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  185.200253][T11045] R13: 0000000000000000 R14: 00007f3a23ba5fa0 R15: 00007ffee9d714d8
[  185.200278][T11045]  </TASK>
[  185.492122][T11048] netlink: 'syz.2.1354': attribute type 3 has an invalid length.
[  185.525893][T10852] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  185.661596][T11006] infiniband syz0: set active
[  185.678345][T11006] infiniband syz0: added wg1
[  185.685788][T11006] syz0: rxe_create_cq: returned err = -12
[  185.692116][T11006] infiniband syz0: Couldn't create ib_mad CQ
[  185.698468][T11006] infiniband syz0: Couldn't open port 1
[  185.720346][T11006] RDS/IB: syz0: added
[  185.725203][T11006] smc: adding ib device syz0 with port count 1
[  185.732362][T11006] smc:    ib device syz0 port 1 has pnetid 
[  185.745731][ T5893] wg1 speed is unknown, defaulting to 1000
[  185.753199][ T5930] wg1 speed is unknown, defaulting to 1000
[  185.798000][T10852] team0: Port device team_slave_0 added
[  185.818254][T10852] team0: Port device team_slave_1 added
[  185.850254][T11006] wg1 speed is unknown, defaulting to 1000
[  185.937126][T10852] batman_adv: batadv0: Adding interface: batadv_slave_0
[  185.961881][T10852] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  185.990783][T11066] FAULT_INJECTION: forcing a failure.
[  185.990783][T11066] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  186.063185][T10852] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  186.063369][T11066] CPU: 1 UID: 0 PID: 11066 Comm: syz.4.1358 Not tainted 6.14.0-rc5-syzkaller-00181-g2409fa66e29a #0
[  186.063390][T11066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  186.063401][T11066] Call Trace:
[  186.063407][T11066]  <TASK>
[  186.063414][T11066]  dump_stack_lvl+0x241/0x360
[  186.063439][T11066]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.063457][T11066]  ? __pfx__printk+0x10/0x10
[  186.063475][T11066]  ? __pfx_lock_release+0x10/0x10
[  186.063505][T11066]  should_fail_ex+0x40a/0x550
[  186.063532][T11066]  _copy_from_iter+0x1df/0x1c40
[  186.063550][T11066]  ? __virt_addr_valid+0x183/0x530
[  186.063566][T11066]  ? __pfx_lock_release+0x10/0x10
[  186.063594][T11066]  ? __alloc_skb+0x28f/0x440
[  186.063616][T11066]  ? __pfx__copy_from_iter+0x10/0x10
[  186.063635][T11066]  ? __virt_addr_valid+0x183/0x530
[  186.063649][T11066]  ? __virt_addr_valid+0x183/0x530
[  186.063662][T11066]  ? __virt_addr_valid+0x45f/0x530
[  186.063677][T11066]  ? __phys_addr_symbol+0x2f/0x70
[  186.063692][T11066]  ? __check_object_size+0x47a/0x730
[  186.063716][T11066]  netlink_sendmsg+0x742/0xcb0
[  186.063744][T11066]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.063765][T11066]  ? aa_sock_msg_perm+0x91/0x160
[  186.063813][T11066]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.063829][T11066]  __sock_sendmsg+0x221/0x270
[  186.063851][T11066]  ____sys_sendmsg+0x53a/0x860
[  186.063873][T11066]  ? __pfx_____sys_sendmsg+0x10/0x10
[  186.063887][T11066]  ? __fget_files+0x2a/0x410
[  186.063910][T11066]  ? __fget_files+0x2a/0x410
[  186.063943][T11066]  __sys_sendmsg+0x269/0x350
[  186.063962][T11066]  ? __pfx___sys_sendmsg+0x10/0x10
[  186.063989][T11066]  ? do_sys_openat2+0x17a/0x1d0
[  186.064033][T11066]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  186.064056][T11066]  ? do_syscall_64+0x100/0x230
[  186.064081][T11066]  ? do_syscall_64+0xb6/0x230
[  186.064108][T11066]  do_syscall_64+0xf3/0x230
[  186.064129][T11066]  ? clear_bhb_loop+0x35/0x90
[  186.064153][T11066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.064173][T11066] RIP: 0033:0x7f3a2398d169
[  186.064188][T11066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.064201][T11066] RSP: 002b:00007f3a248c6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  186.064219][T11066] RAX: ffffffffffffffda RBX: 00007f3a23ba5fa0 RCX: 00007f3a2398d169
[  186.064231][T11066] RDX: 0000000000000000 RSI: 000040000000c2c0 RDI: 0000000000000003
[  186.064241][T11066] RBP: 00007f3a248c6090 R08: 0000000000000000 R09: 0000000000000000
[  186.064251][T11066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.064261][T11066] R13: 0000000000000000 R14: 00007f3a23ba5fa0 R15: 00007ffee9d714d8
[  186.064285][T11066]  </TASK>
[  186.077586][T11068] delete_channel: no stack
[  186.167656][T11070] netlink: 'syz.3.1360': attribute type 3 has an invalid length.
[  186.167680][T11070] netlink: 666 bytes leftover after parsing attributes in process `syz.3.1360'.
[  186.173795][T10852] batman_adv: batadv0: Adding interface: batadv_slave_1
[  186.382114][T10852] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.410986][T10852] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  186.426809][ T5893] hid-generic 0005:07C0:06E6.0001: item fetching failed at offset 0/1
[  186.455557][T11068] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1359'.
[  186.470461][ T5893] hid-generic 0005:07C0:06E6.0001: probe with driver hid-generic failed with error -22
[  186.497734][T11006] wg1 speed is unknown, defaulting to 1000
[  186.627195][ T5147] Bluetooth: hci2: command 0x0406 tx timeout
[  186.634040][ T5834] Bluetooth: hci3: command 0x0406 tx timeout
[  186.634051][ T5836] Bluetooth: hci1: command tx timeout
[  186.689153][T10852] hsr_slave_0: entered promiscuous mode
[  186.696954][T10852] hsr_slave_1: entered promiscuous mode
[  186.703021][T10852] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  186.711793][T10852] Cannot create hsr debugfs directory
[  186.924345][T11006] wg1 speed is unknown, defaulting to 1000
[  187.055991][T11096] netlink: 41 bytes leftover after parsing attributes in process `syz.3.1364'.
[  187.307445][T11006] wg1 speed is unknown, defaulting to 1000
[  187.569826][T11122] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1371'.
[  187.617076][T11119] geneve3: entered promiscuous mode
[  187.622345][T11119] geneve3: entered allmulticast mode
[  187.688339][T11006] wg1 speed is unknown, defaulting to 1000
[  187.879871][T10852] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  187.917572][T11130] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1374'.
[  187.929465][T10852] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  188.015782][T10852] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  188.032802][T10852] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  188.310677][T10852] 8021q: adding VLAN 0 to HW filter on device bond0
[  188.381325][T11145] netlink: 'syz.1.1378': attribute type 3 has an invalid length.
[  188.415105][T11145] netlink: 666 bytes leftover after parsing attributes in process `syz.1.1378'.
[  188.424616][T11149] openvswitch: netlink: EtherType 50a is less than min 600
[  188.462826][T10852] 8021q: adding VLAN 0 to HW filter on device team0
[  188.513506][ T9867] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.520734][ T9867] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.576195][ T9868] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.583340][ T9868] bridge0: port 2(bridge_slave_1) entered forwarding state
[  188.603232][T11157] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1380'.
[  188.725944][T11160] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1382'.
[  188.736284][T11160] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1382'.
[  188.749725][T11165] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1383'.
[  188.783114][T11165] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1383'.
[  189.327583][T10852] 8021q: adding VLAN 0 to HW filter on device batadv0
[  189.417099][T11201] 8021q: adding VLAN 0 to HW filter on device bond7
[  189.450129][T11200] netlink: 'syz.2.1392': attribute type 3 has an invalid length.
[  189.474256][T11206] vxcan1: entered promiscuous mode
[  189.541199][T11206] 8021q: adding VLAN 0 to HW filter on device bond7
[  189.574210][T11206] bond7: (slave vxcan1): The slave device specified does not support setting the MAC address
[  189.594818][T11206] bond7: (slave vxcan1): Error -95 calling set_mac_address
[  189.652603][T11217] RDS: rds_bind could not find a transport for ::ffff:172.30.0.3, load rds_tcp or rds_rdma?
[  189.696445][T11222] openvswitch: netlink: Duplicate key (type 32).
[  189.863300][T10852] veth0_vlan: entered promiscuous mode
[  189.900887][T10852] veth1_vlan: entered promiscuous mode
[  189.960045][T10852] veth0_macvtap: entered promiscuous mode
[  190.003284][T10852] veth1_macvtap: entered promiscuous mode
[  190.052217][T11236] tc_dump_action: action bad kind
[  190.103736][T10852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.139607][T10852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.184356][T10852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.221669][T10852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.264895][T10852] batman_adv: batadv0: Interface activated: batadv_slave_0
[  190.299927][T11248] netlink: 'syz.2.1402': attribute type 13 has an invalid length.
[  190.313607][T10852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.356465][T10852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.365575][T11248] netlink: 'syz.2.1402': attribute type 58 has an invalid length.
[  190.381221][T10852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.412564][T10852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.446294][T10852] batman_adv: batadv0: Interface activated: batadv_slave_1
[  190.474818][T11250] netlink: 'syz.4.1405': attribute type 3 has an invalid length.
[  190.513141][T10852] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.530849][T10852] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.550353][T10852] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.564058][T11261] netlink: 'syz.3.1408': attribute type 1 has an invalid length.
[  190.572329][T10852] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  190.574024][T11258] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address.
[  190.599256][T11258] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (1)
[  190.642867][T11261] 8021q: adding VLAN 0 to HW filter on device bond7
[  190.693050][T11261] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  190.743002][  T990] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  190.796289][  T990] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  190.969716][T11277] xt_CT: No such helper "syz1"
[  191.071632][T11294] netlink: 'syz.3.1411': attribute type 30 has an invalid length.
[  191.270568][T11294] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  191.279483][T11294] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  191.288275][T11294] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  191.297132][T11294] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  191.300574][T11299] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  191.323374][T11300] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  191.339174][ T9870] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  191.371167][ T9870] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  191.594830][T11308] sock: sock_timestamping_bind_phc: sock not bind to device
[  191.635767][T11313] FAULT_INJECTION: forcing a failure.
[  191.635767][T11313] name failslab, interval 1, probability 0, space 0, times 0
[  191.695458][T11313] CPU: 1 UID: 0 PID: 11313 Comm: syz.1.1416 Not tainted 6.14.0-rc5-syzkaller-00181-g2409fa66e29a #0
[  191.695484][T11313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  191.695493][T11313] Call Trace:
[  191.695499][T11313]  <TASK>
[  191.695506][T11313]  dump_stack_lvl+0x241/0x360
[  191.695532][T11313]  ? __pfx_dump_stack_lvl+0x10/0x10
[  191.695549][T11313]  ? __pfx__printk+0x10/0x10
[  191.695566][T11313]  ? __kmalloc_noprof+0xb5/0x4c0
[  191.695587][T11313]  ? __pfx___might_resched+0x10/0x10
[  191.695612][T11313]  should_fail_ex+0x40a/0x550
[  191.695639][T11313]  should_failslab+0xac/0x100
[  191.695668][T11313]  __kmalloc_noprof+0xdd/0x4c0
[  191.695687][T11313]  ? nla_strdup+0x9c/0x140
[  191.695701][T11313]  ? __kasan_kmalloc+0x98/0xb0
[  191.695721][T11313]  nla_strdup+0x9c/0x140
[  191.695739][T11313]  nf_tables_newtable+0x59b/0x1e10
[  191.695760][T11313]  ? nfnl_pernet+0x23/0x240
[  191.695784][T11313]  ? __pfx_nf_tables_newtable+0x10/0x10
[  191.695809][T11313]  ? __nla_parse+0x40/0x60
[  191.695829][T11313]  nfnetlink_rcv+0x14e3/0x2ab0
[  191.695879][T11313]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  191.695945][T11313]  ? netlink_deliver_tap+0x2e/0x1b0
[  191.695962][T11313]  ? skb_clone+0x240/0x390
[  191.695978][T11313]  ? __pfx_lock_release+0x10/0x10
[  191.696016][T11313]  ? netlink_deliver_tap+0x2e/0x1b0
[  191.696035][T11313]  netlink_unicast+0x7f6/0x990
[  191.696067][T11313]  ? __pfx_netlink_unicast+0x10/0x10
[  191.696088][T11313]  ? __virt_addr_valid+0x45f/0x530
[  191.696105][T11313]  ? __phys_addr_symbol+0x2f/0x70
[  191.696119][T11313]  ? __check_object_size+0x47a/0x730
[  191.696144][T11313]  netlink_sendmsg+0x8de/0xcb0
[  191.696174][T11313]  ? __pfx_netlink_sendmsg+0x10/0x10
[  191.696196][T11313]  ? aa_sock_msg_perm+0x91/0x160
[  191.696225][T11313]  ? __pfx_netlink_sendmsg+0x10/0x10
[  191.696240][T11313]  __sock_sendmsg+0x221/0x270
[  191.696263][T11313]  ____sys_sendmsg+0x53a/0x860
[  191.696288][T11313]  ? __pfx_____sys_sendmsg+0x10/0x10
[  191.696302][T11313]  ? __fget_files+0x2a/0x410
[  191.696325][T11313]  ? __fget_files+0x2a/0x410
[  191.696355][T11313]  __sys_sendmsg+0x269/0x350
[  191.696376][T11313]  ? __pfx___sys_sendmsg+0x10/0x10
[  191.696403][T11313]  ? do_sys_openat2+0x17a/0x1d0
[  191.696449][T11313]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  191.696474][T11313]  ? do_syscall_64+0x100/0x230
[  191.696503][T11313]  ? do_syscall_64+0xb6/0x230
[  191.696526][T11313]  do_syscall_64+0xf3/0x230
[  191.696547][T11313]  ? clear_bhb_loop+0x35/0x90
[  191.696571][T11313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.696592][T11313] RIP: 0033:0x7f30c2d8d169
[  191.696607][T11313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.696620][T11313] RSP: 002b:00007f30c3b6c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  191.696638][T11313] RAX: ffffffffffffffda RBX: 00007f30c2fa5fa0 RCX: 00007f30c2d8d169
[  191.696659][T11313] RDX: 0000000000000000 RSI: 000040000000c2c0 RDI: 0000000000000003
[  191.696668][T11313] RBP: 00007f30c3b6c090 R08: 0000000000000000 R09: 0000000000000000
[  191.696677][T11313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.696686][T11313] R13: 0000000000000000 R14: 00007f30c2fa5fa0 R15: 00007ffe489c6db8
[  191.696713][T11313]  </TASK>
[  191.714584][T11315] 8021q: VLANs not supported on gre0
[  192.136851][ T5886] hid-generic 0005:07C0:06E6.0002: item fetching failed at offset 0/1
[  192.150082][ T5886] hid-generic 0005:07C0:06E6.0002: probe with driver hid-generic failed with error -22
[  192.170568][T11320] __nla_validate_parse: 11 callbacks suppressed
[  192.170586][T11320] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1418'.
[  192.331311][T11333] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  192.482298][ T9867] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.739383][ T9867] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.832174][ T9867] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.919779][ T9867] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.076847][ T9867] bridge_slave_1: left allmulticast mode
[  193.093818][ T9867] bridge_slave_1: left promiscuous mode
[  193.101841][ T9867] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.120296][ T9867] bridge_slave_0: left allmulticast mode
[  193.130415][ T9867] bridge_slave_0: left promiscuous mode
[  193.141479][ T9867] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.624960][ T9867] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  193.681955][ T9867] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  193.701014][ T9867] bond0 (unregistering): Released all slaves
[  193.747098][T11375] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1428'.
[  193.848933][T11373] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1424'.
[  194.222255][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  194.237575][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  194.246494][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  194.275048][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  194.284740][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  194.294936][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  194.376668][T11394] wg1 speed is unknown, defaulting to 1000
[  194.381337][T11405] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1434'.
[  194.444817][T11407] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1434'.
[  194.551661][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  195.152688][T11442] netlink: 'syz.3.1441': attribute type 1 has an invalid length.
[  195.163282][T11442] netlink: 209800 bytes leftover after parsing attributes in process `syz.3.1441'.
[  195.173501][T11448] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1442'.
[  195.184194][ T9867] hsr_slave_0: left promiscuous mode
[  195.216651][ T9867] hsr_slave_1: left promiscuous mode
[  195.233666][T11450] "syz.4.1442" (11450) uses obsolete ecb(arc4) skcipher
[  195.241965][ T9867] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  195.255920][ T9867] batman_adv: batadv0: Removing interface: batadv_slave_0
[  195.294295][ T9867] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  195.307681][ T9867] batman_adv: batadv0: Removing interface: batadv_slave_1
[  195.385908][ T9867] veth1_macvtap: left promiscuous mode
[  195.397952][ T9867] veth0_macvtap: left promiscuous mode
[  195.417896][ T9867] veth1_vlan: left promiscuous mode
[  195.423275][ T9867] veth0_vlan: left promiscuous mode
[  195.534001][T11461] FAULT_INJECTION: forcing a failure.
[  195.534001][T11461] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  195.549880][T11461] CPU: 0 UID: 0 PID: 11461 Comm: syz.4.1446 Not tainted 6.14.0-rc5-syzkaller-00181-g2409fa66e29a #0
[  195.549905][T11461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  195.549915][T11461] Call Trace:
[  195.549921][T11461]  <TASK>
[  195.549929][T11461]  dump_stack_lvl+0x241/0x360
[  195.549955][T11461]  ? __pfx_dump_stack_lvl+0x10/0x10
[  195.549974][T11461]  ? __pfx__printk+0x10/0x10
[  195.549996][T11461]  ? snprintf+0xda/0x120
[  195.550016][T11461]  should_fail_ex+0x40a/0x550
[  195.550043][T11461]  _copy_to_user+0x31/0xb0
[  195.550065][T11461]  simple_read_from_buffer+0xca/0x150
[  195.550090][T11461]  proc_fail_nth_read+0x1e9/0x250
[  195.550115][T11461]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  195.550139][T11461]  ? rw_verify_area+0x243/0x630
[  195.550155][T11461]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  195.550178][T11461]  vfs_read+0x1f8/0xb40
[  195.550205][T11461]  ? fdget_pos+0x254/0x320
[  195.550229][T11461]  ? __pfx___mutex_lock+0x10/0x10
[  195.550250][T11461]  ? __pfx_vfs_read+0x10/0x10
[  195.550270][T11461]  ? __fget_files+0x2a/0x410
[  195.550293][T11461]  ? __fget_files+0x395/0x410
[  195.550313][T11461]  ? __fget_files+0x2a/0x410
[  195.550344][T11461]  ksys_read+0x18f/0x2b0
[  195.550363][T11461]  ? __pfx_ksys_read+0x10/0x10
[  195.550380][T11461]  ? do_syscall_64+0x100/0x230
[  195.550404][T11461]  ? do_syscall_64+0xb6/0x230
[  195.550428][T11461]  do_syscall_64+0xf3/0x230
[  195.550448][T11461]  ? clear_bhb_loop+0x35/0x90
[  195.550474][T11461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.550494][T11461] RIP: 0033:0x7f3a2398bb7c
[  195.550509][T11461] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  195.550526][T11461] RSP: 002b:00007f3a248c6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  195.550545][T11461] RAX: ffffffffffffffda RBX: 00007f3a23ba5fa0 RCX: 00007f3a2398bb7c
[  195.550557][T11461] RDX: 000000000000000f RSI: 00007f3a248c60a0 RDI: 0000000000000003
[  195.550568][T11461] RBP: 00007f3a248c6090 R08: 0000000000000000 R09: 0000000000000000
[  195.550579][T11461] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  195.550589][T11461] R13: 0000000000000000 R14: 00007f3a23ba5fa0 R15: 00007ffee9d714d8
[  195.550616][T11461]  </TASK>
[  195.970089][T11469] ieee802154 phy0 wpan0: encryption failed: -90
[  196.302885][ T9867] team0 (unregistering): Port device team_slave_1 removed
[  196.385862][ T9867] team0 (unregistering): Port device team_slave_0 removed
[  196.386715][ T5845] Bluetooth: hci1: command tx timeout
[  196.823565][T11479] syzkaller0: entered promiscuous mode
[  196.829275][T11479] syzkaller0: entered allmulticast mode
[  197.261448][T11504] netlink: 'syz.4.1456': attribute type 9 has an invalid length.
[  198.468183][ T5845] Bluetooth: hci1: command tx timeout
[  199.477511][T11394] chnl_net:caif_netlink_parms(): no params data found
[  199.658061][T11550] netlink: 248 bytes leftover after parsing attributes in process `syz.4.1464'.
[  199.712353][T11550] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1464'.
[  199.976142][T11394] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.999481][T11394] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.016658][T11394] bridge_slave_0: entered allmulticast mode
[  200.031795][T11394] bridge_slave_0: entered promiscuous mode
[  200.058449][T11394] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.081215][T11394] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.100267][T11394] bridge_slave_1: entered allmulticast mode
[  200.118498][T11394] bridge_slave_1: entered promiscuous mode
[  200.245893][T11394] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  200.258173][T11583] Cannot find add_set index 3 as target
[  200.296433][T11394] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  200.436411][T11394] team0: Port device team_slave_0 added
[  200.479784][T11394] team0: Port device team_slave_1 added
[  200.546544][ T5845] Bluetooth: hci1: command tx timeout
[  200.554447][T11591] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1472'.
[  200.591112][T11394] batman_adv: batadv0: Adding interface: batadv_slave_0
[  200.612111][T11591] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1472'.
[  200.629790][T11394] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  200.679475][T11394] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  200.710432][T11592] tls_set_device_offload: netdev not found
[  200.713088][T11394] batman_adv: batadv0: Adding interface: batadv_slave_1
[  200.733869][T11394] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  200.884583][T11394] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  200.992718][T11394] hsr_slave_0: entered promiscuous mode
[  201.002701][T11394] hsr_slave_1: entered promiscuous mode
[  201.010183][T11394] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  201.019012][T11605] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1478'.
[  201.031500][T11394] Cannot create hsr debugfs directory
[  201.245812][T11616] .: (slave batadv0): Releasing backup interface
[  201.270974][T11616] bridge_slave_0: left allmulticast mode
[  201.285840][T11616] bridge_slave_0: left promiscuous mode
[  201.312923][T11616] bridge0: port 1(bridge_slave_0) entered disabled state
[  201.333955][T11616] bridge_slave_1: left allmulticast mode
[  201.341577][T11616] bridge_slave_1: left promiscuous mode
[  201.348943][T11616] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.361419][T11616] .: (slave bond_slave_0): Releasing backup interface
[  201.373813][T11616] .: (slave bond_slave_1): Releasing backup interface
[  201.411277][T11616] team0: Port device team_slave_0 removed
[  201.423938][T11616] team0: Port device team_slave_1 removed
[  201.438477][T11616] batman_adv: batadv0: Removing interface: batadv_slave_0
[  201.449126][T11616] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  201.456918][T11616] batman_adv: batadv0: Removing interface: batadv_slave_1
[  201.471254][T11616] bond1: (slave gretap1): Releasing active interface
[  202.257628][T11651] netlink: 'syz.4.1489': attribute type 1 has an invalid length.
[  202.312976][T11651] bond8: entered promiscuous mode
[  202.319450][T11651] 8021q: adding VLAN 0 to HW filter on device bond8
[  202.338225][T11651] lo: entered allmulticast mode
[  202.343550][T11651] lo: left allmulticast mode
[  202.441987][T11661] bridge10: entered promiscuous mode
[  202.490053][T11663] netlink: 240 bytes leftover after parsing attributes in process `syz.1.1491'.
[  202.627479][ T5845] Bluetooth: hci1: command tx timeout
[  202.763449][T11682] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1495'.
[  203.008808][T11695] xt_CT: No such helper "syz1"
[  203.091424][T11394] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  203.109826][T11394] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  203.142068][T11394] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  203.183394][T11394] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  203.203057][T11703] netlink: 'syz.4.1500': attribute type 1 has an invalid length.
[  203.223160][T11703] netlink: 'syz.4.1500': attribute type 3 has an invalid length.
[  203.233613][T11703] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1500'.
[  203.411765][T11709] Bluetooth: MGMT ver 1.23
[  203.454224][T11394] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.530177][T11394] 8021q: adding VLAN 0 to HW filter on device team0
[  203.573600][ T9866] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.580802][ T9866] bridge0: port 1(bridge_slave_0) entered forwarding state
[  203.658392][ T9866] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.665562][ T9866] bridge0: port 2(bridge_slave_1) entered forwarding state
[  203.714098][T11394] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  204.061896][T11394] 8021q: adding VLAN 0 to HW filter on device batadv0
[  204.108376][T11745] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1508'.
[  204.196325][T11394] veth0_vlan: entered promiscuous mode
[  204.237163][T11394] veth1_vlan: entered promiscuous mode
[  204.343098][T11394] veth0_macvtap: entered promiscuous mode
[  204.350169][T11758] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1514'.
[  204.363698][T11394] veth1_macvtap: entered promiscuous mode
[  204.464343][T11394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.515116][T11394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.539327][T11394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.551276][T11394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.563370][T11394] batman_adv: batadv0: Interface activated: batadv_slave_0
[  204.588749][T11394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  204.611293][T11394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.644598][T11394] batman_adv: batadv0: Interface activated: batadv_slave_1
[  204.682876][T11394] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  204.720071][T11394] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  204.747178][T11394] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  204.770911][T11394] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  205.082521][ T9866] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  205.117366][ T9866] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  205.127696][T11791] tipc: Failed to remove unknown binding: 66,1,1/0:1748477569/1748477571
[  205.210805][T11792] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1518'.
[  205.241553][ T9869] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  205.261976][ T9869] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  205.357381][T11806] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1523'.
[  205.427628][T11810] netlink: 'syz.4.1524': attribute type 1 has an invalid length.
[  205.474432][T11810] 8021q: adding VLAN 0 to HW filter on device bond9
[  205.712164][T11821] netlink: 200 bytes leftover after parsing attributes in process `syz.4.1527'.
[  205.723395][T11821] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1527'.
[  205.916936][T11833] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1529'.
[  206.225760][T11853] netlink: 'syz.3.1536': attribute type 32 has an invalid length.
[  206.239198][T11853] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1536'.
[  206.249963][T11853] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1536'.
[  206.505173][T11862] IPVS: length: 80 != 8
[  206.591281][T11877] netlink: 'syz.3.1541': attribute type 75 has an invalid length.
[  206.603339][T11877] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1541'.
[  206.616577][T11878] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1539'.
[  206.631482][T11878] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1539'.
[  206.643493][T11877] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.650697][T11877] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.660989][T11878] netlink: 'syz.4.1539': attribute type 1 has an invalid length.
[  207.180594][ T9868] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.352569][ T9868] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.514101][ T9868] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.575798][ T9868] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.710151][ T9868] bridge_slave_1: left allmulticast mode
[  207.719625][ T9868] bridge_slave_1: left promiscuous mode
[  207.730307][ T9868] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.742286][ T9868] bridge_slave_0: left allmulticast mode
[  207.764295][ T9868] bridge_slave_0: left promiscuous mode
[  207.771017][ T9868] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.188040][ T9868] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  208.201602][ T9868] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  208.211813][ T9868] bond0 (unregistering): Released all slaves
[  208.673189][ T5893] IPVS: starting estimator thread 0...
[  208.786440][T11951] IPVS: using max 26 ests per chain, 62400 per kthread
[  208.951775][T11961] vlan0: entered allmulticast mode
[  208.972017][T11961] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[  209.093286][T11961] mac80211_hwsim hwsim2 wlan0: left allmulticast mode
[  209.202536][ T5836] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  209.213680][ T5836] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  209.229473][ T5836] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  209.241375][ T5836] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  209.263535][ T5836] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  209.273881][ T5836] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  209.337803][ T9868] hsr_slave_0: left promiscuous mode
[  209.374402][ T9868] hsr_slave_1: left promiscuous mode
[  209.422547][ T9868] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  209.448178][ T9868] batman_adv: batadv0: Removing interface: batadv_slave_0
[  209.466214][ T9868] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  209.485513][ T9868] batman_adv: batadv0: Removing interface: batadv_slave_1
[  209.566215][ T9868] veth1_macvtap: left promiscuous mode
[  209.577127][ T9868] veth0_macvtap: left promiscuous mode
[  209.582778][ T9868] veth1_vlan: left promiscuous mode
[  209.622200][ T9868] veth0_vlan: left promiscuous mode
[  210.327442][ T9868] team0 (unregistering): Port device team_slave_1 removed
[  210.372047][ T9868] team0 (unregistering): Port device team_slave_0 removed
[  210.759441][T11979] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  210.912286][T11973] wg1 speed is unknown, defaulting to 1000
[  211.346820][ T5836] Bluetooth: hci1: command tx timeout
[  211.446810][T12032] ieee802154 phy0 wpan0: encryption failed: -22
[  211.506826][T12032] ieee802154 phy0 wpan0: encryption failed: -22
[  211.581108][T11973] chnl_net:caif_netlink_parms(): no params data found
[  211.853441][T12066] sctp: [Deprecated]: syz.2.1582 (pid 12066) Use of int in maxseg socket option.
[  211.853441][T12066] Use struct sctp_assoc_value instead
[  211.904722][T11973] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.936774][T11973] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.944041][T11973] bridge_slave_0: entered allmulticast mode
[  211.997828][T11973] bridge_slave_0: entered promiscuous mode
[  212.008673][T11973] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.023089][T11973] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.033268][T11973] bridge_slave_1: entered allmulticast mode
[  212.047187][T11973] bridge_slave_1: entered promiscuous mode
[  212.116188][T12080] xt_l2tp: unknown flags: 18
[  212.196765][T11973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  212.229335][T11973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  212.346831][T12089] Cannot find add_set index 3 as target
[  212.389024][T11973] team0: Port device team_slave_0 added
[  212.421320][T11973] team0: Port device team_slave_1 added
[  212.556736][T11973] batman_adv: batadv0: Adding interface: batadv_slave_0
[  212.572131][T11973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.622728][T11973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  212.644658][T11973] batman_adv: batadv0: Adding interface: batadv_slave_1
[  212.664816][T12113] __nla_validate_parse: 3 callbacks suppressed
[  212.664834][T12113] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1597'.
[  212.682288][T11973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.751426][T11973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  212.991338][T12125] Cannot find add_set index 3 as target
[  213.033247][T11973] hsr_slave_0: entered promiscuous mode
[  213.045997][T11973] hsr_slave_1: entered promiscuous mode
[  213.076466][T11973] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  213.115358][T11973] Cannot create hsr debugfs directory
[  213.368828][T12149] FAULT_INJECTION: forcing a failure.
[  213.368828][T12149] name failslab, interval 1, probability 0, space 0, times 0
[  213.383810][T12149] CPU: 0 UID: 0 PID: 12149 Comm: syz.4.1608 Not tainted 6.14.0-rc5-syzkaller-00181-g2409fa66e29a #0
[  213.383834][T12149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  213.383843][T12149] Call Trace:
[  213.383849][T12149]  <TASK>
[  213.383855][T12149]  dump_stack_lvl+0x241/0x360
[  213.383880][T12149]  ? __pfx_dump_stack_lvl+0x10/0x10
[  213.383897][T12149]  ? __pfx__printk+0x10/0x10
[  213.383914][T12149]  ? __kmalloc_noprof+0xb5/0x4c0
[  213.383936][T12149]  ? __pfx___might_resched+0x10/0x10
[  213.383959][T12149]  should_fail_ex+0x40a/0x550
[  213.383985][T12149]  should_failslab+0xac/0x100
[  213.384007][T12149]  __kmalloc_noprof+0xdd/0x4c0
[  213.384026][T12149]  ? ioctl_standard_iw_point+0x4af/0xcb0
[  213.384048][T12149]  ioctl_standard_iw_point+0x4af/0xcb0
[  213.384075][T12149]  ? __pfx_cfg80211_wext_siwscan+0x10/0x10
[  213.384095][T12149]  ? __pfx_ioctl_standard_iw_point+0x10/0x10
[  213.384112][T12149]  ? __pfx___mutex_lock+0x10/0x10
[  213.384134][T12149]  ? rcu_is_watching+0x15/0xb0
[  213.384155][T12149]  ? full_name_hash+0x93/0xe0
[  213.384180][T12149]  ioctl_standard_call+0xbd/0x190
[  213.384203][T12149]  ? __pfx_cfg80211_wext_siwscan+0x10/0x10
[  213.384230][T12149]  ? __pfx_cfg80211_wext_siwscan+0x10/0x10
[  213.384249][T12149]  wext_ioctl_dispatch+0xe4/0x410
[  213.384270][T12149]  ? __pfx_ioctl_standard_call+0x10/0x10
[  213.384293][T12149]  wext_handle_ioctl+0x166/0x280
[  213.384316][T12149]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  213.384351][T12149]  sock_ioctl+0x17c/0x8e0
[  213.384370][T12149]  ? __pfx_sock_ioctl+0x10/0x10
[  213.384386][T12149]  ? __fget_files+0x2a/0x410
[  213.384408][T12149]  ? __fget_files+0x2a/0x410
[  213.384432][T12149]  ? __pfx_sock_ioctl+0x10/0x10
[  213.384449][T12149]  __se_sys_ioctl+0xf5/0x170
[  213.384467][T12149]  do_syscall_64+0xf3/0x230
[  213.384485][T12149]  ? clear_bhb_loop+0x35/0x90
[  213.384509][T12149]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.384530][T12149] RIP: 0033:0x7f3a2398d169
[  213.384545][T12149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.384558][T12149] RSP: 002b:00007f3a248c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  213.384575][T12149] RAX: ffffffffffffffda RBX: 00007f3a23ba5fa0 RCX: 00007f3a2398d169
[  213.384586][T12149] RDX: 0000400000000000 RSI: 0000000000008b18 RDI: 0000000000000004
[  213.384595][T12149] RBP: 00007f3a248c6090 R08: 0000000000000000 R09: 0000000000000000
[  213.384605][T12149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.384614][T12149] R13: 0000000000000000 R14: 00007f3a23ba5fa0 R15: 00007ffee9d714d8
[  213.384638][T12149]  </TASK>
[  213.646816][ T5836] Bluetooth: hci1: command tx timeout
[  213.831969][T12157] SET target dimension over the limit!
[  213.838280][T12159] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1611'.
[  214.046288][T12171] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  214.068818][T12175] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  214.339551][ T5915] IPVS: starting estimator thread 0...
[  214.445396][T12187] IPVS: using max 24 ests per chain, 57600 per kthread
[  214.495409][T12193] netlink: 'syz.1.1623': attribute type 1 has an invalid length.
[  214.540347][T11973] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  214.594263][T11973] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  214.614661][T11973] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  214.646228][T11973] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  214.827774][T11973] 8021q: adding VLAN 0 to HW filter on device bond0
[  214.866337][T11973] 8021q: adding VLAN 0 to HW filter on device team0
[  214.890145][ T9868] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.897357][ T9868] bridge0: port 1(bridge_slave_0) entered forwarding state
[  214.936093][ T1166] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.943189][ T1166] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.017238][T12212] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1631'.
[  215.045837][T12212] netlink: 'syz.2.1631': attribute type 1 has an invalid length.
[  215.054924][T11973] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  215.065565][T11973] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  215.086997][T12212] netlink: 'syz.2.1631': attribute type 2 has an invalid length.
[  215.167499][T12218] bridge11: entered promiscuous mode
[  215.172858][T12218] bridge11: entered allmulticast mode
[  215.353765][T11973] 8021q: adding VLAN 0 to HW filter on device batadv0
[  215.441184][T11973] veth0_vlan: entered promiscuous mode
[  215.476886][T11973] veth1_vlan: entered promiscuous mode
[  215.551782][T11973] veth0_macvtap: entered promiscuous mode
[  215.561591][T11973] veth1_macvtap: entered promiscuous mode
[  215.593970][T11973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.612293][T11973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.624676][T11973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.643185][T11973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.654797][T11973] batman_adv: batadv0: Interface activated: batadv_slave_0
[  215.665654][ T5836] Bluetooth: hci1: command tx timeout
[  215.711428][T11973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.781386][T11973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.811293][T11973] batman_adv: batadv0: Interface activated: batadv_slave_1
[  215.854824][T11973] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  215.882201][T11973] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  215.901011][T11973] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  215.912311][T11973] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.098742][ T9867] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.119901][ T9867] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.207858][ T9868] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.233955][T12266] bridge5: entered promiscuous mode
[  216.234204][ T9868] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.296770][T12268] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1647'.
[  216.371652][T12271] (unnamed net_device) (uninitialized): option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  216.440872][T12274] (unnamed net_device) (uninitialized): option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  216.476464][T12277] FAULT_INJECTION: forcing a failure.
[  216.476464][T12277] name failslab, interval 1, probability 0, space 0, times 0
[  216.498425][T12277] CPU: 0 UID: 0 PID: 12277 Comm: syz.3.1650 Not tainted 6.14.0-rc5-syzkaller-00181-g2409fa66e29a #0
[  216.498449][T12277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  216.498459][T12277] Call Trace:
[  216.498465][T12277]  <TASK>
[  216.498473][T12277]  dump_stack_lvl+0x241/0x360
[  216.498498][T12277]  ? __pfx_dump_stack_lvl+0x10/0x10
[  216.498515][T12277]  ? __pfx__printk+0x10/0x10
[  216.498533][T12277]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  216.498557][T12277]  ? __pfx___might_resched+0x10/0x10
[  216.498590][T12277]  should_fail_ex+0x40a/0x550
[  216.498619][T12277]  should_failslab+0xac/0x100
[  216.498639][T12277]  kmem_cache_alloc_node_noprof+0x77/0x380
[  216.498660][T12277]  ? __alloc_skb+0x1c3/0x440
[  216.498687][T12277]  __alloc_skb+0x1c3/0x440
[  216.498713][T12277]  ? __pfx___alloc_skb+0x10/0x10
[  216.498739][T12277]  ? rcu_is_watching+0x15/0xb0
[  216.498761][T12277]  nl80211_send_scan_start+0x2f/0x170
[  216.498787][T12277]  cfg80211_wext_siwscan+0xe62/0x1230
[  216.498827][T12277]  ioctl_standard_iw_point+0x789/0xcb0
[  216.498857][T12277]  ? __pfx_cfg80211_wext_siwscan+0x10/0x10
[  216.498885][T12277]  ? __pfx_ioctl_standard_iw_point+0x10/0x10
[  216.498903][T12277]  ? __pfx___mutex_lock+0x10/0x10
[  216.498925][T12277]  ? rcu_is_watching+0x15/0xb0
[  216.498944][T12277]  ? full_name_hash+0x93/0xe0
[  216.498968][T12277]  ioctl_standard_call+0xbd/0x190
[  216.498992][T12277]  ? __pfx_cfg80211_wext_siwscan+0x10/0x10
[  216.499010][T12277]  ? __pfx_cfg80211_wext_siwscan+0x10/0x10
[  216.499033][T12277]  wext_ioctl_dispatch+0xe4/0x410
[  216.499055][T12277]  ? __pfx_ioctl_standard_call+0x10/0x10
[  216.499081][T12277]  wext_handle_ioctl+0x166/0x280
[  216.499109][T12277]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  216.499146][T12277]  sock_ioctl+0x17c/0x8e0
[  216.499166][T12277]  ? __pfx_sock_ioctl+0x10/0x10
[  216.499183][T12277]  ? __fget_files+0x2a/0x410
[  216.499208][T12277]  ? __fget_files+0x2a/0x410
[  216.499232][T12277]  ? __pfx_sock_ioctl+0x10/0x10
[  216.499251][T12277]  __se_sys_ioctl+0xf5/0x170
[  216.499271][T12277]  do_syscall_64+0xf3/0x230
[  216.499293][T12277]  ? clear_bhb_loop+0x35/0x90
[  216.499318][T12277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.499339][T12277] RIP: 0033:0x7f222c58d169
[  216.499354][T12277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.499368][T12277] RSP: 002b:00007f222d3b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  216.499387][T12277] RAX: ffffffffffffffda RBX: 00007f222c7a5fa0 RCX: 00007f222c58d169
[  216.499399][T12277] RDX: 0000400000000000 RSI: 0000000000008b18 RDI: 0000000000000004
[  216.499410][T12277] RBP: 00007f222d3b1090 R08: 0000000000000000 R09: 0000000000000000
[  216.499420][T12277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.499430][T12277] R13: 0000000000000000 R14: 00007f222c7a5fa0 R15: 00007ffe5ca4d8d8
[  216.499458][T12277]  </TASK>
[  217.177975][T12292] wg1 speed is unknown, defaulting to 1000
[  217.371149][T12307] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1662'.
[  217.427820][T12308] netlink: 'syz.1.1660': attribute type 2 has an invalid length.
[  217.440455][T12310] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1663'.
[  217.613977][T12317] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  217.699185][T12317] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  218.000215][T12335] FAULT_INJECTION: forcing a failure.
[  218.000215][T12335] name failslab, interval 1, probability 0, space 0, times 0
[  218.012978][T12335] CPU: 1 UID: 0 PID: 12335 Comm: syz.3.1671 Not tainted 6.14.0-rc5-syzkaller-00181-g2409fa66e29a #0
[  218.013000][T12335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  218.013010][T12335] Call Trace:
[  218.013017][T12335]  <TASK>
[  218.013024][T12335]  dump_stack_lvl+0x241/0x360
[  218.013049][T12335]  ? __pfx_dump_stack_lvl+0x10/0x10
[  218.013066][T12335]  ? __pfx__printk+0x10/0x10
[  218.013090][T12335]  ? __pfx_lock_acquire+0x10/0x10
[  218.013115][T12335]  should_fail_ex+0x40a/0x550
[  218.013142][T12335]  should_failslab+0xac/0x100
[  218.013164][T12335]  kmem_cache_alloc_bulk_noprof+0x7d/0x7c0
[  218.013192][T12335]  ? pfn_valid+0xf6/0x450
[  218.013209][T12335]  ? pfn_valid+0xf6/0x450
[  218.013228][T12335]  bpf_test_run_xdp_live+0x1a05/0x2220
[  218.013246][T12335]  ? __pfx_lock_release+0x10/0x10
[  218.013289][T12335]  ? bpf_test_run_xdp_live+0x5d6/0x2220
[  218.013310][T12335]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  218.013326][T12335]  ? synchronize_rcu+0x11b/0x360
[  218.013345][T12335]  ? __pfx_synchronize_rcu+0x10/0x10
[  218.013385][T12335]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  218.013429][T12335]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  218.013464][T12335]  ? _copy_from_user+0x95/0xb0
[  218.013486][T12335]  ? bpf_test_init+0x137/0x160
[  218.013501][T12335]  ? xdp_convert_md_to_buff+0x5b/0x330
[  218.013521][T12335]  bpf_prog_test_run_xdp+0x805/0x11e0
[  218.013546][T12335]  ? __pfx_lock_release+0x10/0x10
[  218.013589][T12335]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  218.013609][T12335]  ? __fget_files+0x2a/0x410
[  218.013635][T12335]  ? __fget_files+0x2a/0x410
[  218.013660][T12335]  ? fput+0x21b/0x290
[  218.013680][T12335]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  218.013700][T12335]  bpf_prog_test_run+0x2e4/0x360
[  218.013726][T12335]  __sys_bpf+0x487/0x820
[  218.013750][T12335]  ? __pfx___sys_bpf+0x10/0x10
[  218.013785][T12335]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  218.013811][T12335]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  218.013834][T12335]  ? do_syscall_64+0x100/0x230
[  218.013861][T12335]  __x64_sys_bpf+0x7c/0x90
[  218.013882][T12335]  do_syscall_64+0xf3/0x230
[  218.013903][T12335]  ? clear_bhb_loop+0x35/0x90
[  218.013928][T12335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.013948][T12335] RIP: 0033:0x7f222c58d169
[  218.013964][T12335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.013977][T12335] RSP: 002b:00007f222d3b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  218.013996][T12335] RAX: ffffffffffffffda RBX: 00007f222c7a5fa0 RCX: 00007f222c58d169
[  218.014008][T12335] RDX: 0000000000000048 RSI: 0000400000000600 RDI: 000000000000000a
[  218.014019][T12335] RBP: 00007f222d3b1090 R08: 0000000000000000 R09: 0000000000000000
[  218.014029][T12335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  218.014039][T12335] R13: 0000000000000000 R14: 00007f222c7a5fa0 R15: 00007ffe5ca4d8d8
[  218.014067][T12335]  </TASK>
[  218.320245][T12341] Cannot find add_set index 3 as target
[  218.343858][T12337] xt_CT: No such helper "syz1"
[  218.667715][ T9869] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.584909][T12360] FAULT_INJECTION: forcing a failure.
[  219.584909][T12360] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  219.627607][ T9869] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.656325][T12360] CPU: 1 UID: 0 PID: 12360 Comm: syz.1.1676 Not tainted 6.14.0-rc5-syzkaller-00181-g2409fa66e29a #0
[  219.656352][T12360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  219.656362][T12360] Call Trace:
[  219.656368][T12360]  <TASK>
[  219.656376][T12360]  dump_stack_lvl+0x241/0x360
[  219.656402][T12360]  ? __pfx_dump_stack_lvl+0x10/0x10
[  219.656420][T12360]  ? __pfx__printk+0x10/0x10
[  219.656438][T12360]  ? __pfx_lock_release+0x10/0x10
[  219.656479][T12360]  should_fail_ex+0x40a/0x550
[  219.656507][T12360]  _copy_from_user+0x2d/0xb0
[  219.656529][T12360]  copy_msghdr_from_user+0xae/0x680
[  219.656556][T12360]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  219.656574][T12360]  ? __fget_files+0x2a/0x410
[  219.656599][T12360]  ? __fget_files+0x2a/0x410
[  219.656629][T12360]  __sys_sendmsg+0x209/0x350
[  219.656651][T12360]  ? __pfx___sys_sendmsg+0x10/0x10
[  219.656679][T12360]  ? do_sys_openat2+0x17a/0x1d0
[  219.656720][T12360]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  219.656745][T12360]  ? do_syscall_64+0x100/0x230
[  219.656770][T12360]  ? do_syscall_64+0xb6/0x230
[  219.656794][T12360]  do_syscall_64+0xf3/0x230
[  219.656815][T12360]  ? clear_bhb_loop+0x35/0x90
[  219.656840][T12360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.656861][T12360] RIP: 0033:0x7f30c2d8d169
[  219.656876][T12360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.656890][T12360] RSP: 002b:00007f30c3b6c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  219.656909][T12360] RAX: ffffffffffffffda RBX: 00007f30c2fa5fa0 RCX: 00007f30c2d8d169
[  219.656921][T12360] RDX: 0000000000000040 RSI: 00004000000001c0 RDI: 0000000000000003
[  219.656937][T12360] RBP: 00007f30c3b6c090 R08: 0000000000000000 R09: 0000000000000000
[  219.656948][T12360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.656958][T12360] R13: 0000000000000000 R14: 00007f30c2fa5fa0 R15: 00007ffe489c6db8
[  219.656984][T12360]  </TASK>
[  219.975609][T12359] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  220.077717][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  220.106086][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  220.114571][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  220.125450][T12372] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1681'.
[  220.125517][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  220.157085][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  220.164463][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  220.193629][ T9869] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.240580][T12369] wg1 speed is unknown, defaulting to 1000
[  220.243121][T12375] netlink: 'syz.4.1684': attribute type 2 has an invalid length.
[  220.264185][T12376] netlink: 'syz.1.1682': attribute type 2 has an invalid length.
[  220.279339][T12377] netlink: 'syz.4.1684': attribute type 2 has an invalid length.
[  220.300099][T12376] netlink: 'syz.1.1682': attribute type 8 has an invalid length.
[  220.300706][ T9869] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.336185][T12376] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1682'.
[  220.492212][T12384] xt_CT: No such helper "syz1"
[  220.664685][T12387] wg2: entered promiscuous mode
[  220.675197][T12387] wg2: entered allmulticast mode
[  220.857202][T12398] FAULT_INJECTION: forcing a failure.
[  220.857202][T12398] name failslab, interval 1, probability 0, space 0, times 0
[  220.892347][T12396] netlink: 'syz.2.1687': attribute type 10 has an invalid length.
[  220.911480][T12396] team0: Cannot enslave team device to itself
[  220.925570][T12398] CPU: 1 UID: 0 PID: 12398 Comm: syz.3.1690 Not tainted 6.14.0-rc5-syzkaller-00181-g2409fa66e29a #0
[  220.925596][T12398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  220.925606][T12398] Call Trace:
[  220.925612][T12398]  <TASK>
[  220.925629][T12398]  dump_stack_lvl+0x241/0x360
[  220.925656][T12398]  ? __pfx_dump_stack_lvl+0x10/0x10
[  220.925673][T12398]  ? __pfx__printk+0x10/0x10
[  220.925692][T12398]  ? __kmalloc_noprof+0xb5/0x4c0
[  220.925715][T12398]  ? __pfx___might_resched+0x10/0x10
[  220.925739][T12398]  should_fail_ex+0x40a/0x550
[  220.925767][T12398]  should_failslab+0xac/0x100
[  220.925789][T12398]  __kmalloc_noprof+0xdd/0x4c0
[  220.925809][T12398]  ? rds_message_alloc+0x45/0x1f0
[  220.925835][T12398]  rds_message_alloc+0x45/0x1f0
[  220.925856][T12398]  rds_sendmsg+0xecc/0x2340
[  220.925892][T12398]  ? __pfx_rds_sendmsg+0x10/0x10
[  220.925915][T12398]  ? aa_sk_perm+0x96d/0xab0
[  220.925943][T12398]  ? __pfx_aa_sk_perm+0x10/0x10
[  220.925964][T12398]  ? __import_iovec+0x582/0x830
[  220.925985][T12398]  ? aa_sock_msg_perm+0x91/0x160
[  220.926012][T12398]  ? __pfx_rds_sendmsg+0x10/0x10
[  220.926032][T12398]  __sock_sendmsg+0x221/0x270
[  220.926055][T12398]  ____sys_sendmsg+0x53a/0x860
[  220.926079][T12398]  ? __pfx_____sys_sendmsg+0x10/0x10
[  220.926093][T12398]  ? __fget_files+0x2a/0x410
[  220.926117][T12398]  ? __fget_files+0x2a/0x410
[  220.926146][T12398]  __sys_sendmsg+0x269/0x350
[  220.926166][T12398]  ? __pfx___sys_sendmsg+0x10/0x10
[  220.926193][T12398]  ? do_sys_openat2+0x17a/0x1d0
[  220.926239][T12398]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  220.926263][T12398]  ? do_syscall_64+0x100/0x230
[  220.926287][T12398]  ? do_syscall_64+0xb6/0x230
[  220.926310][T12398]  do_syscall_64+0xf3/0x230
[  220.926330][T12398]  ? clear_bhb_loop+0x35/0x90
[  220.926353][T12398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.926373][T12398] RIP: 0033:0x7f222c58d169
[  220.926388][T12398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.926401][T12398] RSP: 002b:00007f222d3b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  220.926420][T12398] RAX: ffffffffffffffda RBX: 00007f222c7a5fa0 RCX: 00007f222c58d169
[  220.926432][T12398] RDX: 0000000000000040 RSI: 00004000000001c0 RDI: 0000000000000003
[  220.926442][T12398] RBP: 00007f222d3b1090 R08: 0000000000000000 R09: 0000000000000000
[  220.926453][T12398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.926463][T12398] R13: 0000000000000000 R14: 00007f222c7a5fa0 R15: 00007ffe5ca4d8d8
[  220.926489][T12398]  </TASK>
[  221.223018][T12403] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1691'.
[  221.232087][ T9869] bridge_slave_1: left allmulticast mode
[  221.247478][ T9869] bridge_slave_1: left promiscuous mode
[  221.257091][ T9869] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.268271][ T9869] bridge_slave_0: left allmulticast mode
[  221.274099][ T9869] bridge_slave_0: left promiscuous mode
[  221.280491][ T9869] bridge0: port 1(bridge_slave_0) entered disabled state
[  221.762828][ T9869] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  221.774391][ T9869] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  221.785213][ T9869] bond0 (unregistering): Released all slaves
[  222.008191][T12423] xt_CT: No such helper "syz1"
[  222.226251][   T54] Bluetooth: hci1: command tx timeout
[  222.280730][T12369] chnl_net:caif_netlink_parms(): no params data found
[  222.386905][T12437] netlink: 576 bytes leftover after parsing attributes in process `syz.3.1700'.
[  222.529209][T12437] netlink: 'syz.3.1700': attribute type 1 has an invalid length.
[  222.571567][T12437] netlink: 228 bytes leftover after parsing attributes in process `syz.3.1700'.
[  222.598272][T12437] netlink: 11 bytes leftover after parsing attributes in process `syz.3.1700'.
[  222.694720][T12451] netlink: 1264 bytes leftover after parsing attributes in process `syz.3.1705'.
[  222.723022][ T9869] hsr_slave_0: left promiscuous mode
[  222.740781][ T9869] hsr_slave_1: left promiscuous mode
[  222.768744][ T9869] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  222.777184][ T9869] batman_adv: batadv0: Removing interface: batadv_slave_0
[  222.810089][ T9869] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  222.829447][ T9869] batman_adv: batadv0: Removing interface: batadv_slave_1
[  222.861729][ T9869] veth1_macvtap: left promiscuous mode
[  222.867845][ T9869] veth0_macvtap: left promiscuous mode
[  222.873540][ T9869] veth1_vlan: left promiscuous mode
[  222.881022][ T9869] veth0_vlan: left promiscuous mode
[  223.392147][ T9869] team0 (unregistering): Port device team_slave_1 removed
[  223.435625][ T9869] team0 (unregistering): Port device team_slave_0 removed
[  223.852709][T12456] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1705'.
[  223.917014][T12463] veth0_macvtap: Device is already in use.
[  223.945672][T12468] netlink: 'syz.2.1708': attribute type 6 has an invalid length.
[  224.013197][T12369] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.030476][T12369] bridge0: port 1(bridge_slave_0) entered disabled state
[  224.055784][T12369] bridge_slave_0: entered allmulticast mode
[  224.073608][T12369] bridge_slave_0: entered promiscuous mode
[  224.082312][T12473] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  224.093858][T12369] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.112701][T12369] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.120889][T12369] bridge_slave_1: entered allmulticast mode
[  224.128956][T12369] bridge_slave_1: entered promiscuous mode
[  224.239212][T12369] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  224.289964][T12484] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1714'.
[  224.297006][T12369] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  224.308148][   T54] Bluetooth: hci1: command tx timeout
[  224.448442][T12369] team0: Port device team_slave_0 added
[  224.462901][T12369] team0: Port device team_slave_1 added
[  224.580888][T12496] tipc: Started in network mode
[  224.610348][T12496] tipc: Node identity ac14140f, cluster identity 4711
[  224.628327][T12496] tipc: New replicast peer: 255.255.255.255
[  224.684730][T12496] tipc: Enabled bearer <udp:syz2>, priority 10
[  224.722709][T12506] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  224.758677][T12369] batman_adv: batadv0: Adding interface: batadv_slave_0
[  224.776028][T12369] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  224.836227][T12369] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  224.885637][T12369] batman_adv: batadv0: Adding interface: batadv_slave_1
[  224.892644][T12369] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  224.933074][T12369] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  224.957250][T12514] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1723'.
[  225.113343][T12369] hsr_slave_0: entered promiscuous mode
[  225.133555][T12369] hsr_slave_1: entered promiscuous mode
[  225.152888][T12369] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  225.171145][T12369] Cannot create hsr debugfs directory
[  225.231848][T12528] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1729'.
[  225.311150][T12534] netlink: 'syz.4.1728': attribute type 33 has an invalid length.
[  225.328987][T12534] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1728'.
[  225.713317][T12547] netdevsim netdevsim1: Firmware load for './file0/../file0' refused, path contains '..' component
[  225.757835][ T5915] tipc: Node number set to 2886997007
[  225.891244][T12555] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1739'.
[  226.240032][T12369] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  226.258824][T12369] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  226.269141][T12369] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  226.298118][T12369] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  226.345901][T12570] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1743'.
[  226.386640][   T54] Bluetooth: hci1: command tx timeout
[  226.406988][T12570] syz_tun: entered promiscuous mode
[  226.413878][T12570] macvtap1: entered promiscuous mode
[  226.434376][T12570] macvtap1: entered allmulticast mode
[  226.444101][T12570] syz_tun: entered allmulticast mode
[  226.454327][T12574] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1744'.
[  226.476116][T12571] netlink: 1280 bytes leftover after parsing attributes in process `syz.4.1744'.
[  226.486563][T12571] openvswitch: netlink: Flow actions attr not present in new flow.
[  226.493653][T12369] 8021q: adding VLAN 0 to HW filter on device bond0
[  226.548104][T12369] 8021q: adding VLAN 0 to HW filter on device team0
[  226.580282][ T9869] bridge0: port 1(bridge_slave_0) entered blocking state
[  226.587522][ T9869] bridge0: port 1(bridge_slave_0) entered forwarding state
[  226.639331][ T9869] bridge0: port 2(bridge_slave_1) entered blocking state
[  226.646514][ T9869] bridge0: port 2(bridge_slave_1) entered forwarding state
[  226.767922][T12584] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1749'.
[  226.799919][T12584] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1749'.
[  226.815415][T12587] FAULT_INJECTION: forcing a failure.
[  226.815415][T12587] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.858013][T12587] CPU: 1 UID: 0 PID: 12587 Comm: syz.1.1750 Not tainted 6.14.0-rc5-syzkaller-00181-g2409fa66e29a #0
[  226.858038][T12587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  226.858048][T12587] Call Trace:
[  226.858054][T12587]  <TASK>
[  226.858062][T12587]  dump_stack_lvl+0x241/0x360
[  226.858087][T12587]  ? __pfx_dump_stack_lvl+0x10/0x10
[  226.858106][T12587]  ? __pfx__printk+0x10/0x10
[  226.858125][T12587]  ? __pfx_lock_release+0x10/0x10
[  226.858148][T12587]  ? __lock_acquire+0x1397/0x2100
[  226.858183][T12587]  should_fail_ex+0x40a/0x550
[  226.858212][T12587]  _copy_from_user+0x2d/0xb0
[  226.858233][T12587]  kstrtouint_from_user+0xc6/0x190
[  226.858254][T12587]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  226.858275][T12587]  ? __pfx_lock_acquire+0x10/0x10
[  226.858308][T12587]  proc_fail_nth_write+0xaa/0x2d0
[  226.858330][T12587]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  226.858351][T12587]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  226.858378][T12587]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  226.858402][T12587]  vfs_write+0x29f/0xd10
[  226.858421][T12587]  ? fdget_pos+0x254/0x320
[  226.858442][T12587]  ? __mutex_unlock_slowpath+0x227/0x800
[  226.858467][T12587]  ? __pfx_vfs_write+0x10/0x10
[  226.858482][T12587]  ? do_sys_openat2+0x17a/0x1d0
[  226.858507][T12587]  ? __fget_files+0x2a/0x410
[  226.858530][T12587]  ? __fget_files+0x395/0x410
[  226.858550][T12587]  ? __fget_files+0x2a/0x410
[  226.858581][T12587]  ksys_write+0x18f/0x2b0
[  226.858600][T12587]  ? __pfx_ksys_write+0x10/0x10
[  226.858618][T12587]  ? do_syscall_64+0x100/0x230
[  226.858643][T12587]  ? do_syscall_64+0xb6/0x230
[  226.858667][T12587]  do_syscall_64+0xf3/0x230
[  226.858688][T12587]  ? clear_bhb_loop+0x35/0x90
[  226.858712][T12587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.858733][T12587] RIP: 0033:0x7f30c2d8bc1f
[  226.858748][T12587] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  226.858762][T12587] RSP: 002b:00007f30c3b6c030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  226.858780][T12587] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f30c2d8bc1f
[  226.858791][T12587] RDX: 0000000000000001 RSI: 00007f30c3b6c0a0 RDI: 0000000000000004
[  226.858801][T12587] RBP: 00007f30c3b6c090 R08: 0000000000000000 R09: 0000000000000000
[  226.858811][T12587] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  226.858821][T12587] R13: 0000000000000000 R14: 00007f30c2fa5fa0 R15: 00007ffe489c6db8
[  226.858849][T12587]  </TASK>
[  227.223639][T12369] 8021q: adding VLAN 0 to HW filter on device batadv0
[  227.231611][T12595] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1751'.
[  227.270722][T12369] veth0_vlan: entered promiscuous mode
[  227.281552][T12369] veth1_vlan: entered promiscuous mode
[  227.328458][T12369] veth0_macvtap: entered promiscuous mode
[  227.353284][T12369] veth1_macvtap: entered promiscuous mode
[  227.396695][T12369] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  227.437161][T12369] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.453913][T12369] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  227.471274][T12369] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.487306][T12369] batman_adv: batadv0: Interface activated: batadv_slave_0
[  227.500792][T12369] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  227.533159][T12369] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.544923][T12369] batman_adv: batadv0: Interface activated: batadv_slave_1
[  227.556881][T12597] bond0: option ad_select: unable to set because the bond device is up
[  227.589205][T12369] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  227.626724][T12609] openvswitch: netlink: Actions may not be safe on all matching packets
[  227.655096][T12369] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  227.693927][T12369] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  227.715268][T12369] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  227.791395][T12613] bridge6: entered allmulticast mode
[  228.023248][ T9868] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.053723][ T9868] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  228.151069][ T9868] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.166018][ T9868] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  228.399238][T12651] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1769'.
[  228.465761][   T54] Bluetooth: hci1: command tx timeout
[  228.533293][T12655] dccp_v4_rcv: dropped packet with invalid checksum
[  228.594200][T12657] ip6_tunnel: non-ECT from fe80:0000:0000:0000:0000:0000:0000:0000 with DS=0x2
[  228.619614][T12657] netdevsim netdevsim1 netdevsim0: left promiscuous mode
[  228.644067][T12657] netlink: zone id is out of range
[  228.655146][T12657] netlink: zone id is out of range
[  228.663062][T12657] netlink: zone id is out of range
[  228.671661][T12657] netlink: zone id is out of range
[  228.809929][ T5893] IPVS: starting estimator thread 0...
[  228.925708][T12665] IPVS: using max 25 ests per chain, 60000 per kthread
[  229.170053][T12682] netlink: 'syz.3.1781': attribute type 10 has an invalid length.
[  229.183254][T12682] mac80211_hwsim hwsim10 wlan1: left allmulticast mode
[  229.207675][T12682] bond0: (slave wlan1): Enslaving as an active interface with a down link
[  229.228103][T12683] sctp: [Deprecated]: syz.3.1781 (pid 12683) Use of struct sctp_assoc_value in delayed_ack socket option.
[  229.228103][T12683] Use struct sctp_sack_info instead
[  229.512176][T12695] xt_CT: No such helper "syz1"
[  229.729532][ T9869] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.655490][ T9869] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.722596][ T9869] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.782132][ T9869] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.035608][ T9869] bridge_slave_1: left allmulticast mode
[  231.041330][ T9869] bridge_slave_1: left promiscuous mode
[  231.060152][ T9869] bridge0: port 2(bridge_slave_1) entered disabled state
[  231.127417][ T9869] bridge_slave_0: left allmulticast mode
[  231.133128][ T9869] bridge_slave_0: left promiscuous mode
[  231.167648][ T9869] bridge0: port 1(bridge_slave_0) entered disabled state
[  231.219092][T12730] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1797'.
[  231.299339][T12733] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1797'.
[  231.334004][T12733] netlink: 43 bytes leftover after parsing attributes in process `syz.1.1797'.
[  231.369518][T12733] netlink: 'syz.1.1797': attribute type 6 has an invalid length.
[  231.382166][T12733] netlink: 'syz.1.1797': attribute type 5 has an invalid length.
[  231.398900][T12733] netlink: 43 bytes leftover after parsing attributes in process `syz.1.1797'.
[  231.511943][T12741] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1797'.
[  231.543689][ T5836] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  231.544731][T12741] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1797'.
[  231.567651][ T5836] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  231.574505][T12741] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1797'.
[  231.586506][ T5836] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  231.596592][ T5836] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  231.611060][ T5836] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  231.619657][ T5836] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  231.843337][T12748] xt_CT: No such helper "syz1"
[  231.945930][T12752] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1801'.
[  232.011843][ T9869] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  232.023507][ T9869] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  232.034600][ T9869] bond0 (unregistering): Released all slaves
[  232.252097][T12755] xt_CT: No such helper "syz1"
[  232.259084][T12757] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  232.373809][T12742] wg1 speed is unknown, defaulting to 1000
[  232.567630][T12769] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1805'.
[  233.071183][T12791] xt_CT: No such helper "syz1"
[  233.160525][ T9869] hsr_slave_0: left promiscuous mode
[  233.177477][ T9869] hsr_slave_1: left promiscuous mode
[  233.183616][ T9869] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  233.215328][ T9869] batman_adv: batadv0: Removing interface: batadv_slave_0
[  233.240613][ T9869] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  233.260085][ T9869] batman_adv: batadv0: Removing interface: batadv_slave_1
[  233.320617][ T9869] veth1_macvtap: left promiscuous mode
[  233.336551][ T9869] veth0_macvtap: left promiscuous mode
[  233.351061][ T9869] veth1_vlan: left promiscuous mode
[  233.369987][ T9869] veth0_vlan: left promiscuous mode
[  233.564808][T12804] xt_CT: No such helper "syz1"
[  233.665260][   T54] Bluetooth: hci1: command tx timeout
[  234.023546][ T9869] team0 (unregistering): Port device team_slave_1 removed
[  234.093813][ T9869] team0 (unregistering): Port device team_slave_0 removed
[  234.561719][T12795] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1813'.
[  234.938079][T12742] chnl_net:caif_netlink_parms(): no params data found
[  235.256668][T12742] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.295382][T12742] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.335302][T12742] bridge_slave_0: entered allmulticast mode
[  235.371505][T12742] bridge_slave_0: entered promiscuous mode
[  235.396706][T12742] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.404003][T12742] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.412247][T12742] bridge_slave_1: entered allmulticast mode
[  235.460731][T12742] bridge_slave_1: entered promiscuous mode
[  235.490468][T12877] netlink: 'syz.4.1834': attribute type 10 has an invalid length.
[  235.526250][T12872] netlink: 'syz.2.1835': attribute type 11 has an invalid length.
[  235.534279][T12876] netlink: 'syz.2.1835': attribute type 11 has an invalid length.
[  235.607653][T12877] team0: Failed to send port change of device geneve0 via netlink (err -105)
[  235.625853][T12877] team0: Failed to send options change via netlink (err -105)
[  235.633378][T12877] team0: Port device geneve0 added
[  235.684715][T12742] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  235.711463][T12881] bridge13: entered promiscuous mode
[  235.726490][T12881] bridge13: entered allmulticast mode
[  235.756103][   T54] Bluetooth: hci1: command tx timeout
[  235.764018][T12742] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  235.957387][T12742] team0: Port device team_slave_0 added
[  235.974118][T12742] team0: Port device team_slave_1 added
[  236.180083][T12742] batman_adv: batadv0: Adding interface: batadv_slave_0
[  236.204485][T12742] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  236.275960][T12742] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  236.313016][T12901] trusted_key: syz.4.1848 sent an empty control message without MSG_MORE.
[  236.316408][T12742] batman_adv: batadv0: Adding interface: batadv_slave_1
[  236.355740][T12742] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  236.390582][T12742] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  236.536858][T12742] hsr_slave_0: entered promiscuous mode
[  236.553258][T12742] hsr_slave_1: entered promiscuous mode
[  236.571207][T12742] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  236.603576][T12742] Cannot create hsr debugfs directory
[  236.627045][T12925] bridge8: entered promiscuous mode
[  236.632715][T12925] bridge8: entered allmulticast mode
[  237.075581][T12950] __nla_validate_parse: 4 callbacks suppressed
[  237.075600][T12950] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1861'.
[  237.113173][T12952] Cannot find add_set index 3 as target
[  237.501886][T12965] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1866'.
[  237.504604][T12742] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  237.536759][T12742] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  237.554080][T12967] "syz.2.1866" (12967) uses obsolete ecb(arc4) skcipher
[  237.578677][T12742] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  237.622578][T12742] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  237.814095][T12742] 8021q: adding VLAN 0 to HW filter on device bond0
[  237.830549][   T54] Bluetooth: hci1: command tx timeout
[  237.881900][T12977] FAULT_INJECTION: forcing a failure.
[  237.881900][T12977] name failslab, interval 1, probability 0, space 0, times 0
[  237.894639][T12977] CPU: 0 UID: 0 PID: 12977 Comm: syz.2.1871 Not tainted 6.14.0-rc5-syzkaller-00181-g2409fa66e29a #0
[  237.894662][T12977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  237.894672][T12977] Call Trace:
[  237.894678][T12977]  <TASK>
[  237.894686][T12977]  dump_stack_lvl+0x241/0x360
[  237.894712][T12977]  ? __pfx_dump_stack_lvl+0x10/0x10
[  237.894731][T12977]  ? __pfx__printk+0x10/0x10
[  237.894751][T12977]  ? __pfx_lock_acquire+0x10/0x10
[  237.894775][T12977]  ? nf_ct_pernet+0x45/0x270
[  237.894793][T12977]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  237.894819][T12977]  should_fail_ex+0x40a/0x550
[  237.894848][T12977]  should_failslab+0xac/0x100
[  237.894871][T12977]  ? __nf_conntrack_alloc+0x8f/0x380
[  237.894888][T12977]  kmem_cache_alloc_noprof+0x70/0x380
[  237.894917][T12977]  __nf_conntrack_alloc+0x8f/0x380
[  237.894946][T12977]  init_conntrack+0x18f/0xfa0
[  237.894971][T12977]  ? __pfx_init_conntrack+0x10/0x10
[  237.894993][T12977]  ? __pfx___nf_conntrack_find_get+0x10/0x10
[  237.895010][T12977]  ? __local_bh_enable_ip+0x168/0x200
[  237.895035][T12977]  nf_conntrack_in+0xd5c/0x18b0
[  237.895075][T12977]  ? __pfx_nf_conntrack_in+0x10/0x10
[  237.895120][T12977]  ? __pfx_ipv6_conntrack_in+0x10/0x10
[  237.895134][T12977]  nf_hook_slow+0xc3/0x220
[  237.895153][T12977]  nf_hook_slow_list+0x1f8/0x460
[  237.895176][T12977]  ? __pfx_nf_hook_slow_list+0x10/0x10
[  237.895196][T12977]  ? ip6_sublist_rcv+0xbd6/0xec0
[  237.895212][T12977]  ip6_sublist_rcv+0xdbd/0xec0
[  237.895240][T12977]  ? __pfx_ip6_sublist_rcv+0x10/0x10
[  237.895255][T12977]  ? skb_orphan+0xae/0xd0
[  237.895277][T12977]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  237.895297][T12977]  ? ip6_rcv_core+0x9d/0x15f0
[  237.895321][T12977]  ipv6_list_rcv+0x42d/0x480
[  237.895349][T12977]  ? __pfx_ipv6_list_rcv+0x10/0x10
[  237.895373][T12977]  ? __pfx_ipv6_list_rcv+0x10/0x10
[  237.895392][T12977]  __netif_receive_skb_list_core+0x755/0x980
[  237.895428][T12977]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  237.895463][T12977]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  237.895489][T12977]  netif_receive_skb_list_internal+0xa51/0xe30
[  237.895513][T12977]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  237.895534][T12977]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  237.895555][T12977]  ? __pfx_eth_type_trans+0x10/0x10
[  237.895577][T12977]  ? __phys_addr+0xba/0x170
[  237.895593][T12977]  ? build_skb_around+0x111/0x260
[  237.895620][T12977]  ? __xdp_build_skb_from_frame+0x340/0x720
[  237.895648][T12977]  netif_receive_skb_list+0x55/0x4b0
[  237.895671][T12977]  bpf_test_run_xdp_live+0x1bd4/0x2220
[  237.895690][T12977]  ? __pfx_lock_release+0x10/0x10
[  237.895736][T12977]  ? bpf_test_run_xdp_live+0x5d6/0x2220
[  237.895759][T12977]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  237.895775][T12977]  ? synchronize_rcu+0x11b/0x360
[  237.895793][T12977]  ? __pfx_synchronize_rcu+0x10/0x10
[  237.895836][T12977]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  237.895883][T12977]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  237.895919][T12977]  ? _copy_from_user+0x95/0xb0
[  237.895941][T12977]  ? bpf_test_init+0x137/0x160
[  237.895956][T12977]  ? xdp_convert_md_to_buff+0x5b/0x330
[  237.895977][T12977]  bpf_prog_test_run_xdp+0x805/0x11e0
[  237.896002][T12977]  ? __pfx_lock_release+0x10/0x10
[  237.896035][T12977]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  237.896054][T12977]  ? __fget_files+0x2a/0x410
[  237.896080][T12977]  ? __fget_files+0x2a/0x410
[  237.896105][T12977]  ? fput+0x21b/0x290
[  237.896124][T12977]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  237.896144][T12977]  bpf_prog_test_run+0x2e4/0x360
[  237.896172][T12977]  __sys_bpf+0x487/0x820
[  237.896196][T12977]  ? __pfx___sys_bpf+0x10/0x10
[  237.896230][T12977]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  237.896257][T12977]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  237.896281][T12977]  ? do_syscall_64+0x100/0x230
[  237.896308][T12977]  __x64_sys_bpf+0x7c/0x90
[  237.896330][T12977]  do_syscall_64+0xf3/0x230
[  237.896352][T12977]  ? clear_bhb_loop+0x35/0x90
[  237.896377][T12977]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.896398][T12977] RIP: 0033:0x7fd3cdd8d169
[  237.896414][T12977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.896428][T12977] RSP: 002b:00007fd3ceb75038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  237.896446][T12977] RAX: ffffffffffffffda RBX: 00007fd3cdfa5fa0 RCX: 00007fd3cdd8d169
[  237.896459][T12977] RDX: 0000000000000048 RSI: 0000400000000600 RDI: 000000000000000a
[  237.896476][T12977] RBP: 00007fd3ceb75090 R08: 0000000000000000 R09: 0000000000000000
[  237.896486][T12977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  237.896496][T12977] R13: 0000000000000000 R14: 00007fd3cdfa5fa0 R15: 00007fff86679468
[  237.896524][T12977]  </TASK>
[  238.010455][T12742] 8021q: adding VLAN 0 to HW filter on device team0
[  238.240194][T12979] xt_CT: No such helper "syz1"
[  238.277635][ T9869] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.384006][ T9869] bridge0: port 1(bridge_slave_0) entered forwarding state
[  238.420477][ T9866] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.427647][ T9866] bridge0: port 2(bridge_slave_1) entered forwarding state
[  238.458728][T12990] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1873'.
[  239.097603][T12742] 8021q: adding VLAN 0 to HW filter on device batadv0
[  239.218251][T12742] veth0_vlan: entered promiscuous mode
[  239.240813][T12742] veth1_vlan: entered promiscuous mode
[  239.248576][T13022] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1886'.
[  239.303695][T13022] netlink: 'syz.3.1886': attribute type 21 has an invalid length.
[  239.323461][T12742] veth0_macvtap: entered promiscuous mode
[  239.336681][T12742] veth1_macvtap: entered promiscuous mode
[  239.373351][T12742] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.411834][T12742] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.435594][T12742] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.453130][T12742] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.480489][T12742] batman_adv: batadv0: Interface activated: batadv_slave_0
[  239.510185][T13028] veth0_macvtap: Device is already in use.
[  239.531338][T12742] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.558111][T12742] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.598417][T12742] batman_adv: batadv0: Interface activated: batadv_slave_1
[  239.614361][T12742] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  239.650483][T12742] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  239.673357][T12742] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  239.694309][T12742] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  239.800810][T13048] netlink: 'syz.2.1893': attribute type 7 has an invalid length.
[  239.840786][T13048] netlink: 15 bytes leftover after parsing attributes in process `syz.2.1893'.
[  239.888038][T13048] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1893'.
[  239.931781][   T54] Bluetooth: hci1: command tx timeout
[  239.953769][T13048] netlink: 872 bytes leftover after parsing attributes in process `syz.2.1893'.
[  240.015919][T13048] netlink: 'syz.2.1893': attribute type 7 has an invalid length.
[  240.024089][T13048] netlink: 15 bytes leftover after parsing attributes in process `syz.2.1893'.
[  240.129359][ T1166] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.164280][ T1166] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.243086][ T9867] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.264106][ T9867] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.473913][T12753] ------------[ cut here ]------------
[  240.479782][T12753] refcount_t: underflow; use-after-free.
[  240.485683][T12753] WARNING: CPU: 1 PID: 12753 at lib/refcount.c:28 refcount_warn_saturate+0x15a/0x1d0
[  240.495162][T12753] Modules linked in:
[  240.499274][T12753] CPU: 1 UID: 0 PID: 12753 Comm: kbnepd bnep0 Not tainted 6.14.0-rc5-syzkaller-00181-g2409fa66e29a #0
[  240.510453][T12753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  240.520658][T12753] RIP: 0010:refcount_warn_saturate+0x15a/0x1d0
[  240.526828][T12753] Code: 80 b3 80 8c e8 d7 2a 8c fc 90 0f 0b 90 90 eb 99 e8 db 6d cc fc c6 05 0e b1 31 0b 01 90 48 c7 c7 e0 b3 80 8c e8 b7 2a 8c fc 90 <0f> 0b 90 90 e9 76 ff ff ff e8 b8 6d cc fc c6 05 e8 b0 31 0b 01 90
[  240.546450][T12753] RSP: 0000:ffffc90002e87720 EFLAGS: 00010246
[  240.552505][T12753] RAX: d700a99ae2911000 RBX: ffff88805a1f8c78 RCX: ffff88802835da00
[  240.560484][T12753] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  240.568467][T12753] RBP: 0000000000000003 R08: ffffffff81818e32 R09: fffffbfff1d3a67c
[  240.576719][T12753] R10: dffffc0000000000 R11: fffffbfff1d3a67c R12: ffff88805a1f8c60
[  240.584680][T12753] R13: 1ffff1100b43f18c R14: ffff88805a1f8c60 R15: ffffffff8638a1d0
[  240.592666][T12753] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  240.601796][T12753] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  240.608564][T12753] CR2: 00007f30c2f7cca0 CR3: 0000000022ff6000 CR4: 00000000003526f0
[  240.616543][T12753] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  240.624500][T12753] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  240.633376][T12753] Call Trace:
[  240.636710][T12753]  <TASK>
[  240.639626][T12753]  ? __warn+0x165/0x4d0
[  240.643775][T12753]  ? refcount_warn_saturate+0x15a/0x1d0
[  240.649327][T12753]  ? report_bug+0x2b3/0x500
[  240.653818][T12753]  ? refcount_warn_saturate+0x15a/0x1d0
[  240.659385][T12753]  ? handle_bug+0x60/0x90
[  240.663724][T12753]  ? exc_invalid_op+0x1a/0x50
[  240.668408][T12753]  ? asm_exc_invalid_op+0x1a/0x20
[  240.673421][T12753]  ? __pfx_klist_children_put+0x10/0x10
[  240.679035][T12753]  ? __warn_printk+0x292/0x360
[  240.683792][T12753]  ? refcount_warn_saturate+0x15a/0x1d0
[  240.689351][T12753]  klist_dec_and_del+0x3ec/0x3f0
[  240.694280][T12753]  ? __pfx_klist_children_put+0x10/0x10
[  240.699848][T12753]  klist_del+0xa7/0x110
[  240.704207][T12753]  device_del+0x2c9/0x9b0
[  240.708732][T12753]  ? __pfx_device_del+0x10/0x10
[  240.713580][T12753]  ? netdev_unregister_kobject+0x178/0x250
[  240.719405][T12753]  unregister_netdevice_many_notify+0x19b4/0x1f10
[  240.725940][T12753]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  240.732691][T12753]  ? trace_contention_end+0x3c/0x120
[  240.737987][T12753]  ? __mutex_lock+0x397/0x1010
[  240.742743][T12753]  ? rtnl_net_dev_lock+0x271/0x320
[  240.747865][T12753]  ? __pfx___mutex_lock+0x10/0x10
[  240.752876][T12753]  ? __pfx_lock_release+0x10/0x10
[  240.757906][T12753]  unregister_netdevice_queue+0x303/0x370
[  240.763613][T12753]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  240.769882][T12753]  ? rtnl_net_dev_lock+0x37/0x320
[  240.774900][T12753]  ? rtnl_net_dev_lock+0x302/0x320
[  240.780104][T12753]  ? rtnl_net_dev_lock+0x37/0x320
[  240.785157][T12753]  unregister_netdev+0x1f/0x60
[  240.789907][T12753]  bnep_session+0x2e4e/0x3040
[  240.794598][T12753]  ? __pfx_bnep_session+0x10/0x10
[  240.799640][T12753]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  240.805738][T12753]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  240.812057][T12753]  ? __pfx_woken_wake_function+0x10/0x10
[  240.817880][T12753]  ? __kthread_parkme+0x169/0x1d0
[  240.822905][T12753]  ? __pfx_bnep_session+0x10/0x10
[  240.828022][T12753]  kthread+0x7a9/0x920
[  240.832079][T12753]  ? __pfx_kthread+0x10/0x10
[  240.836676][T12753]  ? __pfx_bnep_session+0x10/0x10
[  240.841687][T12753]  ? __pfx_kthread+0x10/0x10
[  240.846283][T12753]  ? __pfx_kthread+0x10/0x10
[  240.850862][T12753]  ? __pfx_kthread+0x10/0x10
[  240.855497][T12753]  ? _raw_spin_unlock_irq+0x23/0x50
[  240.860681][T12753]  ? lockdep_hardirqs_on+0x99/0x150
[  240.865890][T12753]  ? __pfx_kthread+0x10/0x10
[  240.870494][T12753]  ret_from_fork+0x4b/0x80
[  240.874898][T12753]  ? __pfx_kthread+0x10/0x10
[  240.879599][T12753]  ret_from_fork_asm+0x1a/0x30
[  240.884357][T12753]  </TASK>
[  240.887391][T12753] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  240.894652][T12753] CPU: 1 UID: 0 PID: 12753 Comm: kbnepd bnep0 Not tainted 6.14.0-rc5-syzkaller-00181-g2409fa66e29a #0
[  240.905562][T12753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  240.915600][T12753] Call Trace:
[  240.918861][T12753]  <TASK>
[  240.921771][T12753]  dump_stack_lvl+0x241/0x360
[  240.926433][T12753]  ? __pfx_dump_stack_lvl+0x10/0x10
[  240.931613][T12753]  ? __pfx__printk+0x10/0x10
[  240.936183][T12753]  ? _printk+0xd5/0x120
[  240.940319][T12753]  ? __init_begin+0x41000/0x41000
[  240.945327][T12753]  ? vscnprintf+0x5d/0x90
[  240.949662][T12753]  panic+0x349/0x880
[  240.953538][T12753]  ? __warn+0x174/0x4d0
[  240.957678][T12753]  ? __pfx_panic+0x10/0x10
[  240.962082][T12753]  ? ret_from_fork_asm+0x1a/0x30
[  240.967005][T12753]  __warn+0x344/0x4d0
[  240.970972][T12753]  ? refcount_warn_saturate+0x15a/0x1d0
[  240.976503][T12753]  report_bug+0x2b3/0x500
[  240.980816][T12753]  ? refcount_warn_saturate+0x15a/0x1d0
[  240.986347][T12753]  handle_bug+0x60/0x90
[  240.990492][T12753]  exc_invalid_op+0x1a/0x50
[  240.994981][T12753]  asm_exc_invalid_op+0x1a/0x20
[  240.999815][T12753] RIP: 0010:refcount_warn_saturate+0x15a/0x1d0
[  241.005952][T12753] Code: 80 b3 80 8c e8 d7 2a 8c fc 90 0f 0b 90 90 eb 99 e8 db 6d cc fc c6 05 0e b1 31 0b 01 90 48 c7 c7 e0 b3 80 8c e8 b7 2a 8c fc 90 <0f> 0b 90 90 e9 76 ff ff ff e8 b8 6d cc fc c6 05 e8 b0 31 0b 01 90
[  241.025544][T12753] RSP: 0000:ffffc90002e87720 EFLAGS: 00010246
[  241.031598][T12753] RAX: d700a99ae2911000 RBX: ffff88805a1f8c78 RCX: ffff88802835da00
[  241.039551][T12753] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  241.047503][T12753] RBP: 0000000000000003 R08: ffffffff81818e32 R09: fffffbfff1d3a67c
[  241.055463][T12753] R10: dffffc0000000000 R11: fffffbfff1d3a67c R12: ffff88805a1f8c60
[  241.063420][T12753] R13: 1ffff1100b43f18c R14: ffff88805a1f8c60 R15: ffffffff8638a1d0
[  241.071387][T12753]  ? __pfx_klist_children_put+0x10/0x10
[  241.076923][T12753]  ? __warn_printk+0x292/0x360
[  241.081685][T12753]  klist_dec_and_del+0x3ec/0x3f0
[  241.086610][T12753]  ? __pfx_klist_children_put+0x10/0x10
[  241.092138][T12753]  klist_del+0xa7/0x110
[  241.096277][T12753]  device_del+0x2c9/0x9b0
[  241.100596][T12753]  ? __pfx_device_del+0x10/0x10
[  241.105432][T12753]  ? netdev_unregister_kobject+0x178/0x250
[  241.111223][T12753]  unregister_netdevice_many_notify+0x19b4/0x1f10
[  241.117631][T12753]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  241.124376][T12753]  ? trace_contention_end+0x3c/0x120
[  241.129644][T12753]  ? __mutex_lock+0x397/0x1010
[  241.134398][T12753]  ? rtnl_net_dev_lock+0x271/0x320
[  241.139495][T12753]  ? __pfx___mutex_lock+0x10/0x10
[  241.144505][T12753]  ? __pfx_lock_release+0x10/0x10
[  241.149515][T12753]  unregister_netdevice_queue+0x303/0x370
[  241.155217][T12753]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  241.161440][T12753]  ? rtnl_net_dev_lock+0x37/0x320
[  241.166447][T12753]  ? rtnl_net_dev_lock+0x302/0x320
[  241.171538][T12753]  ? rtnl_net_dev_lock+0x37/0x320
[  241.176546][T12753]  unregister_netdev+0x1f/0x60
[  241.181314][T12753]  bnep_session+0x2e4e/0x3040
[  241.185993][T12753]  ? __pfx_bnep_session+0x10/0x10
[  241.191002][T12753]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  241.196877][T12753]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  241.203193][T12753]  ? __pfx_woken_wake_function+0x10/0x10
[  241.208814][T12753]  ? __kthread_parkme+0x169/0x1d0
[  241.213823][T12753]  ? __pfx_bnep_session+0x10/0x10
[  241.218829][T12753]  kthread+0x7a9/0x920
[  241.222886][T12753]  ? __pfx_kthread+0x10/0x10
[  241.227463][T12753]  ? __pfx_bnep_session+0x10/0x10
[  241.232472][T12753]  ? __pfx_kthread+0x10/0x10
[  241.237046][T12753]  ? __pfx_kthread+0x10/0x10
[  241.241624][T12753]  ? __pfx_kthread+0x10/0x10
[  241.246198][T12753]  ? _raw_spin_unlock_irq+0x23/0x50
[  241.251380][T12753]  ? lockdep_hardirqs_on+0x99/0x150
[  241.256560][T12753]  ? __pfx_kthread+0x10/0x10
[  241.261133][T12753]  ret_from_fork+0x4b/0x80
[  241.265535][T12753]  ? __pfx_kthread+0x10/0x10
[  241.270109][T12753]  ret_from_fork_asm+0x1a/0x30
[  241.274864][T12753]  </TASK>
[  242.347251][T12753] Shutting down cpus with NMI
[  242.352268][T12753] Kernel Offset: disabled
[  242.356732][T12753] Rebooting in 86400 seconds..