last executing test programs:

1m35.987910952s ago: executing program 2 (id=918):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000e80)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
write$tun(0xffffffffffffffff, &(0x7f0000000980)=ANY=[@ANYBLOB="00000000000000000000000000000000000060b4870000000000ff020000000000000000000000000001000b000000000000050200000107000000000000000738000000000c0062524851592639e8000800000000000000000000000000000d5914100000000000000000000000000000000000000000000000000000c910ff02000000000000000000000000000100000000000000000000000401907800f52c412336c0b4d1cb291462bf90690c4f94b951b2d4842c3190cacbc0f69a03a3dfb9534d42733ebcd8ea2389409c54308ba1cdb771a86e76d9060ff31db88d7f895942b2d1ef4b4fa752972bfcbcde4d8cbc820a370869602eba642d44d0604e6909e2"], 0xb2)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
sendto$inet6(0xffffffffffffffff, &(0x7f00000003c0)="d9415f2b902dac3e151a71eaf39ca4b8522b7dab5fe2dc9af7a168e5df63ed789ea14ba58bff737631a7f3016340a4938ef67e7eaedc7fcb393bb37b76d24d682759f83850862b545fc783fcb1bb8d9f57", 0x51, 0x40000000, &(0x7f0000000300)={0xa, 0x4e24, 0x2, @remote, 0x2617}, 0x1c)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="3400030007"], 0xd)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800e40000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="540000001000010800000000000000", @ANYRES32=r3, @ANYBLOB="00000000000000002c001280110001006272696467655f736c6176650000000014000580050001000000000008002200", @ANYBLOB="05"], 0x54}}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0xf, 0x0, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'netdevsim0\x00'})
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in6=@local, 0x4e23, 0x2d3b, 0x4e23, 0x0, 0xa, 0x80, 0x0, 0x5c, r3, 0xee00}, {0x6af1, 0x80000001, 0x9, 0x89, 0x0, 0x1f, 0x1, 0x4}, {0x0, 0x20, 0x2, 0xffffffffffff2657}, 0x9d800000, 0x6e6bbe, 0x0, 0x0, 0x3, 0x2}, {{@in=@multicast2, 0x4d5, 0x3c}, 0xa, @in=@broadcast, 0x3502, 0x0, 0x0, 0x40, 0x6, 0x0, 0x6}}, 0xe8)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = socket(0x264ca60608f2d6d5, 0x4, 0x81)
sendmsg$GTP_CMD_DELPDP(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x28}}, 0x0)
getsockname$packet(r11, &(0x7f0000000080)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000000000090", @ANYRES32=r12, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000600)=@newqdisc={0x50, 0x24, 0x300, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xfff1, 0xffff}}, [@TCA_STAB={0x2c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xff, 0x0, 0x2, 0xffffff64, 0x2, 0xed, 0x4497, 0x3}}, {0xa, 0x2, [0x7, 0x7ff, 0x2]}}]}]}, 0x50}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xfff1, 0xffff}}, [@TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x4, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}]}]}, 0x4c}}, 0x0)

1m23.353145348s ago: executing program 2 (id=918):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000e80)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
write$tun(0xffffffffffffffff, &(0x7f0000000980)=ANY=[@ANYBLOB="00000000000000000000000000000000000060b4870000000000ff020000000000000000000000000001000b000000000000050200000107000000000000000738000000000c0062524851592639e8000800000000000000000000000000000d5914100000000000000000000000000000000000000000000000000000c910ff02000000000000000000000000000100000000000000000000000401907800f52c412336c0b4d1cb291462bf90690c4f94b951b2d4842c3190cacbc0f69a03a3dfb9534d42733ebcd8ea2389409c54308ba1cdb771a86e76d9060ff31db88d7f895942b2d1ef4b4fa752972bfcbcde4d8cbc820a370869602eba642d44d0604e6909e2"], 0xb2)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
sendto$inet6(0xffffffffffffffff, &(0x7f00000003c0)="d9415f2b902dac3e151a71eaf39ca4b8522b7dab5fe2dc9af7a168e5df63ed789ea14ba58bff737631a7f3016340a4938ef67e7eaedc7fcb393bb37b76d24d682759f83850862b545fc783fcb1bb8d9f57", 0x51, 0x40000000, &(0x7f0000000300)={0xa, 0x4e24, 0x2, @remote, 0x2617}, 0x1c)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="3400030007"], 0xd)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800e40000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="540000001000010800000000000000", @ANYRES32=r3, @ANYBLOB="00000000000000002c001280110001006272696467655f736c6176650000000014000580050001000000000008002200", @ANYBLOB="05"], 0x54}}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0xf, 0x0, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'netdevsim0\x00'})
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in6=@local, 0x4e23, 0x2d3b, 0x4e23, 0x0, 0xa, 0x80, 0x0, 0x5c, r3, 0xee00}, {0x6af1, 0x80000001, 0x9, 0x89, 0x0, 0x1f, 0x1, 0x4}, {0x0, 0x20, 0x2, 0xffffffffffff2657}, 0x9d800000, 0x6e6bbe, 0x0, 0x0, 0x3, 0x2}, {{@in=@multicast2, 0x4d5, 0x3c}, 0xa, @in=@broadcast, 0x3502, 0x0, 0x0, 0x40, 0x6, 0x0, 0x6}}, 0xe8)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = socket(0x264ca60608f2d6d5, 0x4, 0x81)
sendmsg$GTP_CMD_DELPDP(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x28}}, 0x0)
getsockname$packet(r11, &(0x7f0000000080)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000000000090", @ANYRES32=r12, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000600)=@newqdisc={0x50, 0x24, 0x300, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xfff1, 0xffff}}, [@TCA_STAB={0x2c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xff, 0x0, 0x2, 0xffffff64, 0x2, 0xed, 0x4497, 0x3}}, {0xa, 0x2, [0x7, 0x7ff, 0x2]}}]}]}, 0x50}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xfff1, 0xffff}}, [@TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x4, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}]}]}, 0x4c}}, 0x0)

1m9.021605609s ago: executing program 2 (id=918):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000e80)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
write$tun(0xffffffffffffffff, &(0x7f0000000980)=ANY=[@ANYBLOB="00000000000000000000000000000000000060b4870000000000ff020000000000000000000000000001000b000000000000050200000107000000000000000738000000000c0062524851592639e8000800000000000000000000000000000d5914100000000000000000000000000000000000000000000000000000c910ff02000000000000000000000000000100000000000000000000000401907800f52c412336c0b4d1cb291462bf90690c4f94b951b2d4842c3190cacbc0f69a03a3dfb9534d42733ebcd8ea2389409c54308ba1cdb771a86e76d9060ff31db88d7f895942b2d1ef4b4fa752972bfcbcde4d8cbc820a370869602eba642d44d0604e6909e2"], 0xb2)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
sendto$inet6(0xffffffffffffffff, &(0x7f00000003c0)="d9415f2b902dac3e151a71eaf39ca4b8522b7dab5fe2dc9af7a168e5df63ed789ea14ba58bff737631a7f3016340a4938ef67e7eaedc7fcb393bb37b76d24d682759f83850862b545fc783fcb1bb8d9f57", 0x51, 0x40000000, &(0x7f0000000300)={0xa, 0x4e24, 0x2, @remote, 0x2617}, 0x1c)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="3400030007"], 0xd)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800e40000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="540000001000010800000000000000", @ANYRES32=r3, @ANYBLOB="00000000000000002c001280110001006272696467655f736c6176650000000014000580050001000000000008002200", @ANYBLOB="05"], 0x54}}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0xf, 0x0, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'netdevsim0\x00'})
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in6=@local, 0x4e23, 0x2d3b, 0x4e23, 0x0, 0xa, 0x80, 0x0, 0x5c, r3, 0xee00}, {0x6af1, 0x80000001, 0x9, 0x89, 0x0, 0x1f, 0x1, 0x4}, {0x0, 0x20, 0x2, 0xffffffffffff2657}, 0x9d800000, 0x6e6bbe, 0x0, 0x0, 0x3, 0x2}, {{@in=@multicast2, 0x4d5, 0x3c}, 0xa, @in=@broadcast, 0x3502, 0x0, 0x0, 0x40, 0x6, 0x0, 0x6}}, 0xe8)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = socket(0x264ca60608f2d6d5, 0x4, 0x81)
sendmsg$GTP_CMD_DELPDP(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x28}}, 0x0)
getsockname$packet(r11, &(0x7f0000000080)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000000000090", @ANYRES32=r12, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000600)=@newqdisc={0x50, 0x24, 0x300, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xfff1, 0xffff}}, [@TCA_STAB={0x2c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xff, 0x0, 0x2, 0xffffff64, 0x2, 0xed, 0x4497, 0x3}}, {0xa, 0x2, [0x7, 0x7ff, 0x2]}}]}]}, 0x50}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xfff1, 0xffff}}, [@TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x4, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}]}]}, 0x4c}}, 0x0)

46.815491955s ago: executing program 2 (id=918):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000e80)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
write$tun(0xffffffffffffffff, &(0x7f0000000980)=ANY=[@ANYBLOB="00000000000000000000000000000000000060b4870000000000ff020000000000000000000000000001000b000000000000050200000107000000000000000738000000000c0062524851592639e8000800000000000000000000000000000d5914100000000000000000000000000000000000000000000000000000c910ff02000000000000000000000000000100000000000000000000000401907800f52c412336c0b4d1cb291462bf90690c4f94b951b2d4842c3190cacbc0f69a03a3dfb9534d42733ebcd8ea2389409c54308ba1cdb771a86e76d9060ff31db88d7f895942b2d1ef4b4fa752972bfcbcde4d8cbc820a370869602eba642d44d0604e6909e2"], 0xb2)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
sendto$inet6(0xffffffffffffffff, &(0x7f00000003c0)="d9415f2b902dac3e151a71eaf39ca4b8522b7dab5fe2dc9af7a168e5df63ed789ea14ba58bff737631a7f3016340a4938ef67e7eaedc7fcb393bb37b76d24d682759f83850862b545fc783fcb1bb8d9f57", 0x51, 0x40000000, &(0x7f0000000300)={0xa, 0x4e24, 0x2, @remote, 0x2617}, 0x1c)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="3400030007"], 0xd)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800e40000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="540000001000010800000000000000", @ANYRES32=r3, @ANYBLOB="00000000000000002c001280110001006272696467655f736c6176650000000014000580050001000000000008002200", @ANYBLOB="05"], 0x54}}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0xf, 0x0, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'netdevsim0\x00'})
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in6=@local, 0x4e23, 0x2d3b, 0x4e23, 0x0, 0xa, 0x80, 0x0, 0x5c, r3, 0xee00}, {0x6af1, 0x80000001, 0x9, 0x89, 0x0, 0x1f, 0x1, 0x4}, {0x0, 0x20, 0x2, 0xffffffffffff2657}, 0x9d800000, 0x6e6bbe, 0x0, 0x0, 0x3, 0x2}, {{@in=@multicast2, 0x4d5, 0x3c}, 0xa, @in=@broadcast, 0x3502, 0x0, 0x0, 0x40, 0x6, 0x0, 0x6}}, 0xe8)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = socket(0x264ca60608f2d6d5, 0x4, 0x81)
sendmsg$GTP_CMD_DELPDP(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x28}}, 0x0)
getsockname$packet(r11, &(0x7f0000000080)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000000000090", @ANYRES32=r12, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000600)=@newqdisc={0x50, 0x24, 0x300, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xfff1, 0xffff}}, [@TCA_STAB={0x2c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xff, 0x0, 0x2, 0xffffff64, 0x2, 0xed, 0x4497, 0x3}}, {0xa, 0x2, [0x7, 0x7ff, 0x2]}}]}]}, 0x50}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xfff1, 0xffff}}, [@TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x4, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}]}]}, 0x4c}}, 0x0)

33.060077944s ago: executing program 2 (id=918):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000e80)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
write$tun(0xffffffffffffffff, &(0x7f0000000980)=ANY=[@ANYBLOB="00000000000000000000000000000000000060b4870000000000ff020000000000000000000000000001000b000000000000050200000107000000000000000738000000000c0062524851592639e8000800000000000000000000000000000d5914100000000000000000000000000000000000000000000000000000c910ff02000000000000000000000000000100000000000000000000000401907800f52c412336c0b4d1cb291462bf90690c4f94b951b2d4842c3190cacbc0f69a03a3dfb9534d42733ebcd8ea2389409c54308ba1cdb771a86e76d9060ff31db88d7f895942b2d1ef4b4fa752972bfcbcde4d8cbc820a370869602eba642d44d0604e6909e2"], 0xb2)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
sendto$inet6(0xffffffffffffffff, &(0x7f00000003c0)="d9415f2b902dac3e151a71eaf39ca4b8522b7dab5fe2dc9af7a168e5df63ed789ea14ba58bff737631a7f3016340a4938ef67e7eaedc7fcb393bb37b76d24d682759f83850862b545fc783fcb1bb8d9f57", 0x51, 0x40000000, &(0x7f0000000300)={0xa, 0x4e24, 0x2, @remote, 0x2617}, 0x1c)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="3400030007"], 0xd)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800e40000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="540000001000010800000000000000", @ANYRES32=r3, @ANYBLOB="00000000000000002c001280110001006272696467655f736c6176650000000014000580050001000000000008002200", @ANYBLOB="05"], 0x54}}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0xf, 0x0, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'netdevsim0\x00'})
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in6=@local, 0x4e23, 0x2d3b, 0x4e23, 0x0, 0xa, 0x80, 0x0, 0x5c, r3, 0xee00}, {0x6af1, 0x80000001, 0x9, 0x89, 0x0, 0x1f, 0x1, 0x4}, {0x0, 0x20, 0x2, 0xffffffffffff2657}, 0x9d800000, 0x6e6bbe, 0x0, 0x0, 0x3, 0x2}, {{@in=@multicast2, 0x4d5, 0x3c}, 0xa, @in=@broadcast, 0x3502, 0x0, 0x0, 0x40, 0x6, 0x0, 0x6}}, 0xe8)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = socket(0x264ca60608f2d6d5, 0x4, 0x81)
sendmsg$GTP_CMD_DELPDP(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x28}}, 0x0)
getsockname$packet(r11, &(0x7f0000000080)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000000000090", @ANYRES32=r12, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000600)=@newqdisc={0x50, 0x24, 0x300, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xfff1, 0xffff}}, [@TCA_STAB={0x2c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xff, 0x0, 0x2, 0xffffff64, 0x2, 0xed, 0x4497, 0x3}}, {0xa, 0x2, [0x7, 0x7ff, 0x2]}}]}]}, 0x50}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xfff1, 0xffff}}, [@TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x4, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}]}]}, 0x4c}}, 0x0)

15.841817312s ago: executing program 2 (id=918):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000e80)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
write$tun(0xffffffffffffffff, &(0x7f0000000980)=ANY=[@ANYBLOB="00000000000000000000000000000000000060b4870000000000ff020000000000000000000000000001000b000000000000050200000107000000000000000738000000000c0062524851592639e8000800000000000000000000000000000d5914100000000000000000000000000000000000000000000000000000c910ff02000000000000000000000000000100000000000000000000000401907800f52c412336c0b4d1cb291462bf90690c4f94b951b2d4842c3190cacbc0f69a03a3dfb9534d42733ebcd8ea2389409c54308ba1cdb771a86e76d9060ff31db88d7f895942b2d1ef4b4fa752972bfcbcde4d8cbc820a370869602eba642d44d0604e6909e2"], 0xb2)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
sendto$inet6(0xffffffffffffffff, &(0x7f00000003c0)="d9415f2b902dac3e151a71eaf39ca4b8522b7dab5fe2dc9af7a168e5df63ed789ea14ba58bff737631a7f3016340a4938ef67e7eaedc7fcb393bb37b76d24d682759f83850862b545fc783fcb1bb8d9f57", 0x51, 0x40000000, &(0x7f0000000300)={0xa, 0x4e24, 0x2, @remote, 0x2617}, 0x1c)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="3400030007"], 0xd)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800e40000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="540000001000010800000000000000", @ANYRES32=r3, @ANYBLOB="00000000000000002c001280110001006272696467655f736c6176650000000014000580050001000000000008002200", @ANYBLOB="05"], 0x54}}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0xf, 0x0, 0x7, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'netdevsim0\x00'})
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in6=@local, 0x4e23, 0x2d3b, 0x4e23, 0x0, 0xa, 0x80, 0x0, 0x5c, r3, 0xee00}, {0x6af1, 0x80000001, 0x9, 0x89, 0x0, 0x1f, 0x1, 0x4}, {0x0, 0x20, 0x2, 0xffffffffffff2657}, 0x9d800000, 0x6e6bbe, 0x0, 0x0, 0x3, 0x2}, {{@in=@multicast2, 0x4d5, 0x3c}, 0xa, @in=@broadcast, 0x3502, 0x0, 0x0, 0x40, 0x6, 0x0, 0x6}}, 0xe8)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = socket(0x264ca60608f2d6d5, 0x4, 0x81)
sendmsg$GTP_CMD_DELPDP(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x28}}, 0x0)
getsockname$packet(r11, &(0x7f0000000080)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000000000090", @ANYRES32=r12, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000600)=@newqdisc={0x50, 0x24, 0x300, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xfff1, 0xffff}}, [@TCA_STAB={0x2c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xff, 0x0, 0x2, 0xffffff64, 0x2, 0xed, 0x4497, 0x3}}, {0xa, 0x2, [0x7, 0x7ff, 0x2]}}]}]}, 0x50}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xfff1, 0xffff}}, [@TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x4, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}]}]}, 0x4c}}, 0x0)

2.604287347s ago: executing program 0 (id=1944):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008ffff00b70400000000000085000000330000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc)

2.460318013s ago: executing program 0 (id=1945):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001030000000000000000fc0100000000000000000000000000003ed3000000000000000000000000000000000000000000000200"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="8801000014"], 0x188}}, 0x0)

2.384898412s ago: executing program 0 (id=1946):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0x208e24b)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000180)={0x1042}, 0x10)

2.212776603s ago: executing program 4 (id=1949):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REQ_SET_REG(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'b\x00'}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_SCHED_SCAN(r0, &(0x7f00000005c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000580)={&(0x7f0000000bc0)={0x3ec, r1, 0x1, 0x70bd25, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x2000}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_SCHED_SCAN_MATCH={0xe8, 0x84, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0xc, 0x6, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x8, 0x2, 0x2}]}, @NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0xc, 0x6, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x8}]}, @NL80211_SCHED_SCAN_MATCH_ATTR_RSSI={0x8, 0x2, 0x8001}, @NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0x2c, 0x6, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8, 0x3, 0xa549}, @NL80211_BAND_6GHZ={0x8, 0x3, 0x2cb}, @NL80211_BAND_6GHZ={0x8, 0x3, 0xc44c}, @NL80211_BAND_5GHZ={0x8, 0x1, 0xfffffff9}, @NL80211_BAND_5GHZ={0x8, 0x1, 0x7}]}, @NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0x34, 0x6, 0x0, 0x1, [@NL80211_BAND_LC={0x8, 0x5, 0x7}, @NL80211_BAND_2GHZ={0x8, 0x0, 0x3}, @NL80211_BAND_6GHZ={0x8, 0x3, 0x3ff}, @NL80211_BAND_6GHZ={0x8, 0x3, 0x6}, @NL80211_BAND_2GHZ={0x8, 0x0, 0x20}, @NL80211_BAND_2GHZ={0x8, 0x0, 0xfffffff8}]}, @NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0x4c, 0x6, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8, 0x3, 0x6}, @NL80211_BAND_2GHZ={0x8, 0x0, 0x8}, @NL80211_BAND_2GHZ={0x8, 0x0, 0xcf}, @NL80211_BAND_60GHZ={0x8, 0x2, 0x2}, @NL80211_BAND_60GHZ={0x8, 0x2, 0x2}, @NL80211_BAND_6GHZ={0x8, 0x3, 0x7}, @NL80211_BAND_5GHZ={0x8, 0x1, 0x3}, @NL80211_BAND_LC={0x8, 0x5, 0x81}, @NL80211_BAND_2GHZ={0x8, 0x0, 0x1}]}, @NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0xc, 0x6, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8, 0x3, 0x7}]}, @NL80211_SCHED_SCAN_MATCH_ATTR_BSSID={0xa}]}, @NL80211_ATTR_SCHED_SCAN_MULTI={0x4}, @NL80211_ATTR_SCAN_SSIDS={0x80, 0x2d, 0x0, 0x1, [{0x13, 0x0, @random="008672f864bdbb35922ee2060610dc"}, {0xa, 0x0, @default_ap_ssid}, {0x10, 0x0, @random="b34bced8909691e173a85910"}, {0x11, 0x0, @random="5844c05219498549aefaa96849"}, {0xa, 0x0, @default_ibss_ssid}, {0xa, 0x0, @default_ap_ssid}, {0xa, 0x0, @default_ap_ssid}, {0x8, 0x0, @random="7eec4de6"}, {0xa, 0x0, @default_ibss_ssid}]}, @NL80211_ATTR_SCAN_SUPP_RATES={0x1e0, 0x7d, 0x0, 0x1, [@NL80211_BAND_2GHZ={0xa8, 0x0, "c0d60daf08916df0d53f793868dbc91932f40b66c2bea18ee87881228aeb01d95fee7e740a2af7fe799f7471ceae8830d29647ba34a192c69421b214d21a812708b515a1cb88056917a16ff73613d90ae9002a76f478decdaeb3de52e47dd46f5dd9fd8135c260b3fe36d48cb8fd618419645502257c56a18893f9fb61ef7643fc498b1d1eda6b58c243ded45844dac8198036e6101f33d9901135881361152a5aa6e546"}, @NL80211_BAND_60GHZ={0xcb, 0x2, "63d9d1862749604c309c79467a092fe802b0bb45b135278fe9275f82bef6e7f09c934f851b9dfc39d7ca687e6622666f652b7a561b30cf27820ee09b90795c06436aaabc71c4ad33960cf2297b91d5cfcbeb337b31eb0d7bf72eeb958d7db76242faef3094df8eaa82d33699d4ad9fc1fe1997d617024d5c80376c5848176a332013861d19a7b975e95cb85fa2f558c8b0986503acb03677c7e10eee6d22a0ab225ed037e340ebcc3f57ae6c86bda83311b931fe38920b408a6e6a210457cf7c0c3252e04390b5"}, @NL80211_BAND_60GHZ={0x55, 0x2, "0c523c7b549bca897dcf6e1525b9aa9bd8671ce5c1f7dff7e9aedc247bbf5b408ac910458a47804d1dc59e5d21654c1d62b55be691ce73b9457f91e1ed2f72d63a86be9640ca8420249ad8f32deec48eb5"}, @NL80211_BAND_60GHZ={0xe, 0x2, "607beb4d455563e2a32e"}]}, @NL80211_ATTR_SCAN_SSIDS={0x70, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}, {0xa, 0x0, @default_ibss_ssid}, {0xa, 0x0, @default_ap_ssid}, {0xa, 0x0, @default_ibss_ssid}, {0xa, 0x0, @default_ap_ssid}, {0x9, 0x0, @random="a3202f7fe2"}, {0xa, 0x0, @default_ap_ssid}, {0xa, 0x0, @default_ap_ssid}, {0xa, 0x0, @default_ibss_ssid}]}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x7}, @NL80211_ATTR_SCHED_SCAN_MULTI={0x4}]}, 0x3ec}, 0x1, 0x0, 0x0, 0x4}, 0x40080)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000130000000000000000000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000010"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001030000000000000000fc0100000000000000000000000000003ed300000000000000000000000000000000000000000000020010"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="8801000014"], 0x188}}, 0x0)
sendmsg$kcm(r3, &(0x7f0000000040)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000080)=[{&(0x7f0000001700)="f40000ffffff8800fe8000000000000000721ef69e7ffd0020000000000001000000000000000000", 0x28}], 0x1}, 0x0)

2.030161136s ago: executing program 4 (id=1951):
r0 = socket$kcm(0x10, 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r1, 0x40107446, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]})
write$ppp(r1, &(0x7f00000002c0)="1627", 0x2)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1a, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="380700000000000000000000000000001811000030d9778869e6a480080d36ed6dd6fd653b9db9f9f62ebef7c4041eb6e56b0ef80e6fcb1ff131", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000031000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000000000000b7000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$inet(0x2, 0x0, 0x84)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0x504}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r4}, 0x38)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r8=>0x0})
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000203010400000000ff"], 0x28}}, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r11, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'ccm(aes)\x00'}, 0x3a)
bind$alg(r11, 0x0, 0x0)
sendmsg$NFT_BATCH(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f6873720000000050000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000001c000380180003801400010076657468305f746f140000001000010000000000000000400000000a00000000000000000000000000000000d2574a624b8c3483add83f24b607f1c33ffbdb4e184be460c863bff771e27c44ff88bc181ad9a1d44f469a285ba17970effbdd78b211e5fa22820ef85125543e63aa1146ae1f6a03ad0a62aa8121e5f66722004ee9085c50189bed1831426588266d2586e31481ecaec5ea1a5adf53a6dafd869b0e749f9059f3a032eb260b7826fda374c0fe68a9155c5bd924d40849f0a648747fdff76fd2c5da21afc71333d42f89d5ab478f3bf791dfd8a058"], 0xf0}}, 0x0)
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r7, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r8, @ANYBLOB="04008e00080057001b0a000004006c0005001901070000000800"], 0x398}}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000280), 0x4)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040), 0x0)

1.682725242s ago: executing program 3 (id=1954):
r0 = socket(0xa, 0x0, 0x0)
close(r0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b705000008000000850000008b000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000580)={'ip6gre0\x00', 0x0})
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000005c0)=0xffffffffffffffff, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x18, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa10000000000000700000040ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES64=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x4, [@enum={0x0, 0x2, 0x0, 0x6, 0x4, [{0x2}, {0x2}]}]}, {0x0, [0x0, 0x61]}}, 0x0, 0x38, 0x0, 0xb}, 0x20)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @remote}]}, &(0x7f0000002100)=0x10)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x82, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x7ff}, &(0x7f0000003c00)=0x90)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180800000b000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x6, 0x4, 0xfff, 0x9}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x2000000, 0x7, 0x0, &(0x7f0000000200)="63eced8e46dc3f", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x80000, 0x40000)
syz_emit_ethernet(0x4a, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6000ed6a000b2c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa2c"], 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)

1.416219032s ago: executing program 4 (id=1956):
r0 = socket$kcm(0x10, 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r1, 0x40107446, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{}]})
write$ppp(r1, &(0x7f00000002c0)="1627", 0x2)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1a, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="380700000000000000000000000000001811000030d9778869e6a480080d36ed6dd6fd653b9db9f9f62ebef7c4041eb6e56b0ef80e6fcb1ff131", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000031000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000000000000b7000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$inet(0x2, 0x0, 0x84)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x0, 0x6, 0x504}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r4}, 0x38)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r8=>0x0})
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000203010400000000ff"], 0x28}}, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r11, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'ccm(aes)\x00'}, 0x3a)
bind$alg(r11, 0x0, 0x0)
sendmsg$NFT_BATCH(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f6873720000000050000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000001c000380180003801400010076657468305f746f140000001000010000000000000000400000000a00000000000000000000000000000000d2574a624b8c3483add83f24b607f1c33ffbdb4e184be460c863bff771e27c44ff88bc181ad9a1d44f469a285ba17970effbdd78b211e5fa22820ef85125543e63aa1146ae1f6a03ad0a62aa8121e5f66722004ee9085c50189bed1831426588266d2586e31481ecaec5ea1a5adf53a6dafd869b0e749f9059f3a032eb260b7826fda374c0fe68a9155c5bd924d40849f0a648747fdff76fd2c5da21afc71333d42f89d5ab478f3bf791dfd8a058"], 0xf0}}, 0x0)
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r7, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r8, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0d000ffffffffffff080211000001"], 0x398}}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000280), 0x4)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040), 0x0)

1.290819268s ago: executing program 0 (id=1959):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
r2 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, 0x0, 0x18)

1.269675804s ago: executing program 3 (id=1960):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x10, &(0x7f0000000300)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @map_idx_val={0x18, 0x3, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @ldst={0x2, 0x2, 0x6, 0x0, 0x2, 0x8, 0x10}, @call={0x85, 0x0, 0x0, 0xca}, @generic={0x0, 0xd, 0x3, 0x3, 0x7}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x4}], 0x0}, 0x90)
socket$rxrpc(0x21, 0x2, 0xa)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_mreqsrc(r0, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000240)=0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NOTIFY_RADAR(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000580)={0x1c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0xe, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000017000000bca30000000000002403000040feffff6b0af0ff0000000071a4f0ff000000001f030000000000002e0a0200000000002604fdffffff000061141000000000001d430000000000007a0a00fe0000001f6114100000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff6194732827a58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f37382000000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf799b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac987fd637c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fd52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812fc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a2271d96c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795d35f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7eddd12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b0200780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca78fa04d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b78825d5ed789711b77d40dc31e0b8fc651b45559da463f00000000000000005bae7859839f856e7a397913eec7977f6231c5f11849b3deabc60c5ccf240d16924eb760a969813be02a229c674045b88915518a17b683268f10358e1c0b20cfc2bd105e5e1db7fed951b8faf126267bb38b8d356f63d3433d3dee643503a8ba4968adf6673f720c474ecf324d989235f1b52aacfe52e4519af87b7e1594728d6d6fff1248e72d5b1b1b692b2b732f0f2ac0714079fd7bf97bf2b5687d1db91daa5210d09ebe66d00ff4f35143be01585e629d408f2d00a0a290db76adc5f57e160b2c188bb1ecc4e7d2948788e4f9c1bcaf91dac53a2f525f7385d5d82728b5217908748f4c22b6d797b5bbeb61411f88ee1554a78306fe"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x5, &(0x7f00000000c0), 0xffffffffffffffc2}, 0x48)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0xc}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000ba958cf94f86a0b200009500400000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_int(r5, &(0x7f0000000080)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000140)=ANY=[@ANYRESDEC], 0x6a)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180))
socket(0x22, 0x5, 0x8000)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f00000011c0)={'vxcan0\x00', <r8=>0x0})
bind$can_j1939(r7, &(0x7f0000001200)={0x1d, r8, 0x0, {0x0, 0x1, 0x3}}, 0x18)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r9, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000f80)={0x38, 0x0, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x4}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x38}}, 0x0)
connect$can_j1939(r7, &(0x7f0000000080)={0x1d, r8}, 0x18)

1.129175904s ago: executing program 1 (id=1961):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, 0x0, 0x0)

1.072119724s ago: executing program 4 (id=1962):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000400)={0x20, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={0x28, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x40}]}, 0x28}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={0x20, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)

995.345606ms ago: executing program 1 (id=1963):
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104a5270b73570000", @ANYRES32, @ANYBLOB="0dfa130016000000240012000c00010000000000000000000c0002f60800000001180000080001"], 0x44}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r1], 0x48}}, 0x0)

952.312105ms ago: executing program 3 (id=1964):
r0 = socket(0xa, 0x3, 0x87)
sendmmsg$unix(r0, &(0x7f0000002180)=[{{&(0x7f0000000a80)=@abs, 0x6e, &(0x7f0000000cc0)=[{&(0x7f0000000ec0)="98732eb5", 0x4}, {0x0}], 0x2, &(0x7f0000001ec0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x68}}], 0x1, 0x0)

924.498604ms ago: executing program 1 (id=1965):
socket$inet6(0xa, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000e8ffffff00000000000000008500000036000000850000000700000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r2, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000240)={&(0x7f00000004c0)=ANY=[@ANYBLOB="680200000005010100000000000000000a00000754020100030000007f00000005d703000500000073797a3100000000000000000000000000000000000000000000000000000000b903a3f70d9c62078e8da41d52cdb1727948e262fa4dd89e17251286e1d836ec976cbeadf272d2c97cd512733451eb8713536fffcf9622feadd1fe92a801a956e500020003000000010000800400020003000000ff0f00004000010003000000fbffffff0000200002000000070000000500030001000000040000000000001000000000080000000700090000000000ceeb000009000600020000000180000008000900010000000100070003000000080000000300000202000000ffffffff06000000000000000700000005002d0003000000080000000900000000000000ffff0000080009000200000070000000050000000300000001010000020092020300000004000000000003000200000001040000070009000200000028f481520200090001000000040000000700060003000000000000400300030003000000060000000300e90d03000000070000000000020001000000010000004000040002000000030000000104000002000000090000002000080001000000ff010000050033000300000036000000830a03000200000001000100030000000300000007000000020000100000000004000000ff0ff90401000000ff01000001800100030000000c13ffff00000700000000007f0000000300018002000000000000000200ce0002000000000400000104080003000000030000009d000767010000000400000003007e0a02000000f9ffffff"], 0x268}, 0x1, 0x0, 0x0, 0x40}, 0x40)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r1, 0x27, 0x0, 0x0, 0x0, 0x0, 0x23, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000100)=ANY=[@ANYBLOB="12183314", @ANYRES16=r3, @ANYBLOB="010800000000000000000c00000008000300", @ANYRES32=r5, @ANYBLOB="0c0050800400050004000600"], 0x28}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5000000000010000000000000000000000000000180001801400018008000100ac1414bb08000200ac0314bb240002801400018008b2a6eb93c60a14bd000100ac1414aa080002"], 0x50}}, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
r6 = socket$packet(0x11, 0x3, 0x300)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, 0xffffffffffffffff, 0x0)
setsockopt$packet_add_memb(r6, 0x107, 0x1, &(0x7f0000000000)={0x0, 0x1, 0x6, @link_local}, 0x10)

921.867317ms ago: executing program 3 (id=1966):
r0 = socket$kcm(0x10, 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r1, 0x40107446, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]})
write$ppp(r1, &(0x7f00000002c0)="1627", 0x2)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1a, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="380700000000000000000000000000001811000030d9778869e6a480080d36ed6dd6fd653b9db9f9f62ebef7c4041eb6e56b0ef80e6fcb1ff131", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000031000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000000000000b7000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$inet(0x2, 0x0, 0x84)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0x504}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r4}, 0x38)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r8=>0x0})
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000203010400000000ff"], 0x28}}, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r11, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'ccm(aes)\x00'}, 0x3a)
bind$alg(r11, 0x0, 0x0)
sendmsg$NFT_BATCH(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f6873720000000050000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000001c000380180003801400010076657468305f746f140000001000010000000000000000400000000a00000000000000000000000000000000d2574a624b8c3483add83f24b607f1c33ffbdb4e184be460c863bff771e27c44ff88bc181ad9a1d44f469a285ba17970effbdd78b211e5fa22820ef85125543e63aa1146ae1f6a03ad0a62aa8121e5f66722004ee9085c50189bed1831426588266d2586e31481ecaec5ea1a5adf53a6dafd869b0e749f9059f3a032eb260b7826fda374c0fe68a9155c5bd924d40849f0a648747fdff76fd2c5da21afc71333d42f89d5ab478f3bf791dfd8a058"], 0xf0}}, 0x0)
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r7, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r8, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0d0"], 0x398}}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000280), 0x4)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040), 0x0)

798.206843ms ago: executing program 4 (id=1967):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008ffff00b7040000000000008500000033000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc)

755.669786ms ago: executing program 0 (id=1968):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha384\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
setsockopt$ALG_SET_AEAD_AUTHSIZE(0xffffffffffffffff, 0x117, 0x6, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
sendto$inet(r1, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvfrom(r1, &(0x7f0000000480)=""/110, 0xfffffe32, 0x734, 0x0, 0xfffffffffffffecb)
socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge0\x00'})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a70000000060a090400000000000000000200000044000480400001800c00010062697477697365003000028008000340000000020800024000000047522e2a29bb1ccf05c95b73d31008000140000000160c000780080001001800000008000640000000020900010073797a3000000073797a320000000014000000110001000000ecc59ead00000000000a0000000000"], 0x98}}, 0x0)

556.375967ms ago: executing program 4 (id=1969):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0x208e24b)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000180)={0x1042}, 0x10)

532.923578ms ago: executing program 1 (id=1970):
r0 = socket(0xa, 0x0, 0x0)
close(r0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b705000008000000850000008b000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000580)={'ip6gre0\x00', 0x0})
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000005c0)=0xffffffffffffffff, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x18, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa10000000000000700000040ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES64=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x4, [@enum={0x0, 0x2, 0x0, 0x6, 0x4, [{0x2}, {0x2}]}]}, {0x0, [0x0, 0x61]}}, 0x0, 0x38, 0x0, 0xb}, 0x20)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @remote}]}, &(0x7f0000002100)=0x10)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x82, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x7ff}, &(0x7f0000003c00)=0x90)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180800000b000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x6, 0x4, 0xfff, 0x9}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x2000000, 0x7, 0x0, &(0x7f0000000200)="63eced8e46dc3f", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x80000, 0x40000)
syz_emit_ethernet(0x4a, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6000ed6a000b2c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa2c"], 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)

471.976237ms ago: executing program 3 (id=1971):
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000100)=ANY=[@ANYBLOB="12183314", @ANYRES16, @ANYBLOB="0108"], 0x28}}, 0x0)
r0 = socket$packet(0x11, 0x0, 0x300)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001380)='cpuset.effective_cpus\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={0x0, 0x1, 0x6, @link_local}, 0x10)

304.270213ms ago: executing program 3 (id=1972):
r0 = socket$kcm(0x10, 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r1, 0x40107446, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]})
write$ppp(0xffffffffffffffff, &(0x7f00000002c0)="1627", 0x2)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1a, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="380700000000000000000000000000001811000030d9778869e6a480080d36ed6dd6fd653b9db9f9f62ebef7c4041eb6e56b0ef80e6fcb1ff131", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000031000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000000000000b7000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$inet(0x2, 0x0, 0x84)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x0, 0x6, 0x504}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r4}, 0x38)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r8=>0x0})
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x40087602, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000203010400000000ff"], 0x28}}, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r11, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'ccm(aes)\x00'}, 0x3a)
bind$alg(r11, 0x0, 0x0)
sendmsg$NFT_BATCH(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f6873720000000050000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000001c000380180003801400010076657468305f746f140000001000010000000000000000400000000a00000000000000000000000000000000d2574a624b8c3483add83f24b607f1c33ffbdb4e184be460c863bff771e27c44ff88bc181ad9a1d44f469a285ba17970effbdd78b211e5fa22820ef85125543e63aa1146ae1f6a03ad0a62aa8121e5f66722004ee9085c50189bed1831426588266d2586e31481ecaec5ea1a5adf53a6dafd869b0e749f9059f3a032eb260b7826fda374c0fe68a9155c5bd924d40849f0a648747fdff76fd2c5da21afc71333d42f89d5ab478f3bf791dfd8a058"], 0xf0}}, 0x0)
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r7, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r8, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0d000ffffffffffff080211000001"], 0x398}}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000280), 0x4)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040), 0x0)

226.718311ms ago: executing program 1 (id=1973):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, 0x0, 0x0)

160.231733ms ago: executing program 0 (id=1974):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000b80)={{0x14}, [@NFT_MSG_DELCHAIN={0x2c, 0x5, 0xa, 0x301, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}], {0x14}}, 0x54}}, 0x0)

0s ago: executing program 1 (id=1975):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x10, &(0x7f0000000580)=@framed={{}, [@snprintf={{}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x8c}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x38, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IE={0x11, 0x2a, [@random={0xdd, 0xb, 'abcdefghijk'}]}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x3f}]}, 0x38}}, 0x0)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000040)=@mgmt_frame=@beacon={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}, 0x36)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0xd21, 0x5b, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x19, 0x4, 0x8, 0x3}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='scsi_dispatch_cmd_start\x00', r7}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r6}, &(0x7f0000000a00), &(0x7f0000000a40)=r4}, 0x20)
write$cgroup_type(r5, &(0x7f0000000140), 0x9)
nanosleep(&(0x7f0000000080)={0x0, 0x4c4b40}, &(0x7f00000000c0))
syz_80211_inject_frame(&(0x7f0000000300), &(0x7f0000001000)=@mgmt_frame=@action={{{0x0, 0x0, 0xd, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x3}, @device_b, @device_b, @from_mac=@device_b, {0x3, 0x9}, @value=@ver_80211n={0x0, 0xff, 0x2, 0x3, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1}}, @tdls_chsw_req={0xc, 0x5, {0xb, 0x6, @val={0x3e, 0x1, 0x1}, {0x65, 0x12, {@random="dacba0c0220a", @device_b, @device_b}}, {0x68, 0x4, {0x1, 0x5}}}}}, 0x3d)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0xe, 0x4, 0x8, 0xb}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
getsockopt$ARPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x63, &(0x7f0000000100)={'TPROXY\x00'}, &(0x7f0000000140)=0x1e)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000000)='hybla\x00', 0x6)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r12=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)={0x84, r11, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r12}, @void}}, [@NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5}, @NL80211_ATTR_SCAN_SSIDS={0x60, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}, {0xa, 0x0, @default_ap_ssid}, {0x1a, 0x0, @random="a960ed64a3f70df07c61e15176d68a67d015cd4ab6d6"}, {0xa, 0x0, @default_ibss_ssid}, {0xf, 0x0, @random="c7401bbc95130da0f6680b"}, {0x7f, 0x0, @default_ap_ssid}]}]}, 0x84}}, 0x0)

kernel console output (not intermixed with test programs):

] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  176.001687][ T5096] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  176.012367][ T5096] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  176.178730][   T35] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.295701][ T8756] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1045'.
[  176.324965][ T8756] veth1_macvtap: left promiscuous mode
[  176.349673][ T8756] macsec0: entered allmulticast mode
[  176.767495][ T8772] sch_fq: defrate 0 ignored.
[  176.839762][   T35] bridge_slave_1: left allmulticast mode
[  176.874121][   T35] bridge_slave_1: left promiscuous mode
[  176.900435][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.963468][   T35] bridge_slave_0: left allmulticast mode
[  176.969221][   T35] bridge_slave_0: left promiscuous mode
[  176.976972][ T8792] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  177.012239][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.714638][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  177.727323][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  177.739227][   T35] bond0 (unregistering): Released all slaves
[  178.010289][ T8816] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2920
[  178.101150][ T4491] Bluetooth: hci1: command tx timeout
[  178.118190][ T8816] __nla_validate_parse: 3 callbacks suppressed
[  178.118210][ T8816] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1060'.
[  178.158293][ T8816] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1060'.
[  178.168283][ T8816] (unnamed net_device) (uninitialized): up delay (83) is not a multiple of miimon (100), value rounded to 0 ms
[  178.274613][ T8829] macsec0: entered promiscuous mode
[  178.525885][ T8751] chnl_net:caif_netlink_parms(): no params data found
[  178.656335][   T35] hsr_slave_0: left promiscuous mode
[  178.668064][   T35] hsr_slave_1: left promiscuous mode
[  178.693125][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  178.705682][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  178.717511][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  178.727357][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  178.776272][   T35] veth1_macvtap: left promiscuous mode
[  178.782217][   T35] veth0_macvtap: left promiscuous mode
[  178.788327][   T35] veth1_vlan: left promiscuous mode
[  178.794090][   T35] veth0_vlan: left promiscuous mode
[  179.151929][ T8873] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  179.251673][ T8877] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  179.285351][ T8877] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  179.582582][   T35] team0 (unregistering): Port device team_slave_1 removed
[  179.621216][   T35] team0 (unregistering): Port device team_slave_0 removed
[  180.180529][ T4491] Bluetooth: hci1: command tx timeout
[  180.211811][ T8751] bridge0: port 1(bridge_slave_0) entered blocking state
[  180.219007][ T8751] bridge0: port 1(bridge_slave_0) entered disabled state
[  180.255265][ T8751] bridge_slave_0: entered allmulticast mode
[  180.280602][ T8751] bridge_slave_0: entered promiscuous mode
[  180.314857][ T8751] bridge0: port 2(bridge_slave_1) entered blocking state
[  180.322367][ T8751] bridge0: port 2(bridge_slave_1) entered disabled state
[  180.329702][ T8751] bridge_slave_1: entered allmulticast mode
[  180.362512][ T8751] bridge_slave_1: entered promiscuous mode
[  180.449504][ T8751] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  180.457342][ T8892] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  180.485833][ T8751] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  180.538855][ T8894] netlink: 'syz.4.1077': attribute type 4 has an invalid length.
[  180.546356][ T8892] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  180.697571][ T8895] netlink: 'syz.4.1077': attribute type 4 has an invalid length.
[  180.787019][ T8751] team0: Port device team_slave_0 added
[  180.827303][ T8751] team0: Port device team_slave_1 added
[  180.965197][ T8915] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  180.987823][ T8751] batman_adv: batadv0: Adding interface: batadv_slave_0
[  181.018087][ T8751] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  181.108396][ T8751] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  181.122769][ T8751] batman_adv: batadv0: Adding interface: batadv_slave_1
[  181.136391][ T8751] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  181.204839][ T8751] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  181.370588][ T8936] netlink: 'syz.4.1083': attribute type 1 has an invalid length.
[  181.405398][ T8936] netlink: 9352 bytes leftover after parsing attributes in process `syz.4.1083'.
[  181.449508][ T8936] netlink: 'syz.4.1083': attribute type 1 has an invalid length.
[  181.473951][ T8938] veth1_macvtap: left promiscuous mode
[  181.493376][ T8936] netlink: 'syz.4.1083': attribute type 2 has an invalid length.
[  181.497248][ T8938] macsec0: entered promiscuous mode
[  181.510106][ T8938] macsec0: entered allmulticast mode
[  181.520548][ T8936] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1083'.
[  181.574035][ T8751] hsr_slave_0: entered promiscuous mode
[  181.591929][ T8751] hsr_slave_1: entered promiscuous mode
[  181.614647][ T8751] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  181.637034][ T8751] Cannot create hsr debugfs directory
[  182.056942][ T8963] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  182.104907][ T8963] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  182.260866][ T4491] Bluetooth: hci1: command tx timeout
[  182.460002][ T8979] netlink: 'syz.1.1092': attribute type 3 has an invalid length.
[  182.468133][ T8979] netlink: 'syz.1.1092': attribute type 1 has an invalid length.
[  182.499597][ T8979] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.1092'.
[  182.617540][ T8975] can: request_module (can-proto-0) failed.
[  183.098556][ T8751] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  183.122491][ T8751] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  183.142161][ T8751] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  183.157597][ T9004] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1098'.
[  183.174424][ T8751] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  183.205245][ T9005] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1097'.
[  183.215058][ T9005] netlink: 'syz.3.1097': attribute type 25 has an invalid length.
[  183.321103][ T9008] veth0_macvtap: left promiscuous mode
[  183.437016][ T9017] netlink: 'syz.4.1102': attribute type 4 has an invalid length.
[  183.445963][ T9017] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.1102'.
[  183.652706][ T8751] 8021q: adding VLAN 0 to HW filter on device bond0
[  183.712402][ T8751] 8021q: adding VLAN 0 to HW filter on device team0
[  183.757828][ T9028] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  183.764053][ T5235] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.774839][ T5235] bridge0: port 1(bridge_slave_0) entered forwarding state
[  183.782815][ T9028] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  183.808226][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.815594][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  184.041047][ T9036] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1107'.
[  184.341941][ T4491] Bluetooth: hci1: command tx timeout
[  184.415336][ T9054] netlink: 'syz.3.1108': attribute type 3 has an invalid length.
[  184.554071][ T8751] 8021q: adding VLAN 0 to HW filter on device batadv0
[  184.817654][ T9071] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  184.893745][ T9074] netlink: 9352 bytes leftover after parsing attributes in process `syz.0.1113'.
[  184.932448][ T9081] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1109'.
[  184.936225][ T9074] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1113'.
[  185.025040][ T8751] veth0_vlan: entered promiscuous mode
[  185.104543][ T8751] veth1_vlan: entered promiscuous mode
[  185.213256][ T9089] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1115'.
[  185.288754][ T9089] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1115'.
[  185.299242][ T8751] veth0_macvtap: entered promiscuous mode
[  185.336470][ T9100] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1117'.
[  185.455595][ T8751] veth1_macvtap: entered promiscuous mode
[  185.534935][ T8751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  185.580236][ T8751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.610173][ T8751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  185.640639][ T8751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.659585][ T9114] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  185.669603][ T8751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  185.684053][ T8751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.696346][ T9114] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  185.709550][ T8751] batman_adv: batadv0: Interface activated: batadv_slave_0
[  185.749902][ T8751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  185.766564][ T8751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.805819][ T8751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  185.820736][ T8751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.839024][ T8751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  185.856472][ T8751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.866830][ T8751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  185.878906][ T8751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.896323][ T8751] batman_adv: batadv0: Interface activated: batadv_slave_1
[  185.926976][ T8751] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  185.955340][ T8751] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  185.978066][ T8751] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  186.004216][ T8751] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  186.259858][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  186.286988][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  186.371023][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  186.399377][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  186.675944][ T9143] validate_nla: 9 callbacks suppressed
[  186.675965][ T9143] netlink: 'syz.3.1128': attribute type 1 has an invalid length.
[  186.721016][ T9143] netlink: 'syz.3.1128': attribute type 1 has an invalid length.
[  186.740579][ T9143] netlink: 'syz.3.1128': attribute type 2 has an invalid length.
[  187.078578][ T9160] netlink: 'syz.1.1132': attribute type 4 has an invalid length.
[  187.370465][ T9171] netlink: 'syz.3.1136': attribute type 4 has an invalid length.
[  187.452078][ T9174] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  187.496782][ T9174] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  187.968732][ T9193] netlink: 'syz.4.1143': attribute type 4 has an invalid length.
[  188.168865][ T9195] __nla_validate_parse: 11 callbacks suppressed
[  188.168881][ T9195] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1144'.
[  188.223997][ T9195] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1144'.
[  188.344381][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.489290][ T9209] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1146'.
[  188.549011][ T9209] netlink: 27 bytes leftover after parsing attributes in process `syz.1.1146'.
[  188.902706][ T5096] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  188.913677][ T5096] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  188.922349][ T5096] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  188.930988][ T5096] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  188.949145][ T5096] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  188.960448][ T5096] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  189.159573][ T9232] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1152'.
[  189.184309][ T9232] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1152'.
[  189.254098][ T9236] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1152'.
[  189.351245][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.519578][ T9245] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  189.592282][ T9245] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  189.619331][ T9247] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  189.626459][ T9245] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  189.684610][ T9247] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  189.714709][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.873884][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.916932][ T9223] chnl_net:caif_netlink_parms(): no params data found
[  190.055466][ T9265] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1158'.
[  190.077309][ T9260] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1158'.
[  190.079995][ T9223] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.093794][ T9223] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.101641][ T9223] bridge_slave_0: entered allmulticast mode
[  190.108801][ T9223] bridge_slave_0: entered promiscuous mode
[  190.137481][ T9223] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.145319][ T9223] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.152965][ T9223] bridge_slave_1: entered allmulticast mode
[  190.161295][ T9223] bridge_slave_1: entered promiscuous mode
[  190.261325][ T9223] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  190.291714][   T12] bridge_slave_1: left allmulticast mode
[  190.302304][   T12] bridge_slave_1: left promiscuous mode
[  190.308492][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.319797][   T12] bridge_slave_0: left allmulticast mode
[  190.338882][   T12] bridge_slave_0: left promiscuous mode
[  190.353368][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.445594][ T9270] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1160'.
[  190.567371][ T9275] netlink: 'syz.3.1162': attribute type 4 has an invalid length.
[  190.914362][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  190.928687][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  190.942671][   T12] bond0 (unregistering): Released all slaves
[  190.958037][ T9223] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  191.063806][   T53] Bluetooth: hci1: command tx timeout
[  191.234825][ T9223] team0: Port device team_slave_0 added
[  191.274469][ T9223] team0: Port device team_slave_1 added
[  191.547089][   T53] Bluetooth: hci3: command 0x0406 tx timeout
[  191.553396][   T53] Bluetooth: hci2: command 0x0406 tx timeout
[  191.559450][   T53] Bluetooth: hci0: command 0x0406 tx timeout
[  191.618657][ T9223] batman_adv: batadv0: Adding interface: batadv_slave_0
[  191.645484][ T9223] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.672539][ T9223] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  191.686535][ T9223] batman_adv: batadv0: Adding interface: batadv_slave_1
[  191.696000][ T9223] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.723362][ T9223] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  191.831108][   T12] hsr_slave_0: left promiscuous mode
[  191.853383][   T12] hsr_slave_1: left promiscuous mode
[  191.879685][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  191.903753][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  191.925802][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  191.946046][ T9316] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  191.949445][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  192.009284][ T9316] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  192.011558][   T12] veth1_macvtap: left promiscuous mode
[  192.027108][   T12] veth0_macvtap: left promiscuous mode
[  192.034932][   T12] veth1_vlan: left promiscuous mode
[  192.048749][   T12] veth0_vlan: left promiscuous mode
[  192.206766][ T9331] xt_hashlimit: max too large, truncated to 1048576
[  192.965465][   T12] team0 (unregistering): Port device team_slave_1 removed
[  193.006770][   T12] team0 (unregistering): Port device team_slave_0 removed
[  193.141027][ T9304] Bluetooth: hci1: command tx timeout
[  193.551650][ T9223] hsr_slave_0: entered promiscuous mode
[  193.563285][ T9223] hsr_slave_1: entered promiscuous mode
[  193.607422][ T9223] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  193.635841][ T9223] Cannot create hsr debugfs directory
[  193.762941][ T9363] netlink: 'syz.3.1178': attribute type 4 has an invalid length.
[  193.812428][ T9363] __nla_validate_parse: 12 callbacks suppressed
[  193.812449][ T9363] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1178'.
[  194.022077][ T9374] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1180'.
[  194.073698][ T9374] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1180'.
[  194.110948][ T9374] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1180'.
[  194.592300][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[  194.598693][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  194.896666][ T9396] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1183'.
[  194.971751][ T9405] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1185'.
[  194.979767][ T9403] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  195.018329][ T9405] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1185'.
[  195.037958][ T9406] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1183'.
[  195.062903][ T9405] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1185'.
[  195.112681][ T9403] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  195.159190][ T9223] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  195.183821][ T9407] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  195.222937][ T9304] Bluetooth: hci1: command tx timeout
[  195.291220][ T9223] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  195.304910][ T9223] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  195.356669][ T9223] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  195.423149][ T9420] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1189'.
[  195.766863][ T9223] 8021q: adding VLAN 0 to HW filter on device bond0
[  195.863122][ T9223] 8021q: adding VLAN 0 to HW filter on device team0
[  195.952352][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  195.959542][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  195.982968][ T9441] netlink: 'syz.0.1193': attribute type 4 has an invalid length.
[  195.993540][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.000791][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  196.212428][ T5139] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.273136][ T9223] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  196.846045][ T9223] 8021q: adding VLAN 0 to HW filter on device batadv0
[  197.093924][ T9223] veth0_vlan: entered promiscuous mode
[  197.101702][ T9485] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  197.136752][ T9223] veth1_vlan: entered promiscuous mode
[  197.156105][ T9485] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  197.285188][ T9223] veth0_macvtap: entered promiscuous mode
[  197.316052][ T9304] Bluetooth: hci1: command tx timeout
[  197.355224][ T9223] veth1_macvtap: entered promiscuous mode
[  197.386721][ T9223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.397385][ T9223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.407885][ T9223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.419881][ T9223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.430364][ T9223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.455143][ T9223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.483526][ T9223] batman_adv: batadv0: Interface activated: batadv_slave_0
[  197.491426][ T9498] netlink: 'syz.4.1207': attribute type 4 has an invalid length.
[  197.556671][ T9223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  197.614411][ T9223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.656072][ T9223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  197.676856][ T9223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.697049][ T9223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  197.718173][ T9223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.739993][ T9223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  197.780872][ T9223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.806033][ T5105] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  197.827295][ T5105] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  197.836074][ T5105] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  197.870834][ T9223] batman_adv: batadv0: Interface activated: batadv_slave_1
[  197.878417][ T5105] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  197.901326][ T5105] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  197.913576][ T5105] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  197.938371][ T9223] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  197.958187][ T9223] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.978434][ T9223] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.990820][ T9223] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  198.408442][ T2464] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.439166][ T2464] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.691839][ T1043] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.698984][ T9538] vlan2: entered promiscuous mode
[  198.710408][ T1043] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.722981][ T9538] bond0: entered promiscuous mode
[  198.728602][ T9538] bond_slave_0: entered promiscuous mode
[  198.738333][ T9538] bond_slave_1: entered promiscuous mode
[  198.750435][ T9538] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  198.788509][ T9538] bond0: left promiscuous mode
[  198.796470][ T9538] bond_slave_0: left promiscuous mode
[  198.808068][ T9538] bond_slave_1: left promiscuous mode
[  198.822604][ T9538] netdevsim netdevsim1 netdevsim0: left promiscuous mode
[  199.082568][ T9552] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2920
[  199.184015][ T9552] __nla_validate_parse: 23 callbacks suppressed
[  199.184038][ T9552] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1219'.
[  199.212468][ T9552] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1219'.
[  199.225483][ T9552] (unnamed net_device) (uninitialized): up delay (83) is not a multiple of miimon (100), value rounded to 0 ms
[  199.275368][ T9557] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1220'.
[  199.354185][ T9564] netlink: 'syz.1.1222': attribute type 4 has an invalid length.
[  199.364236][ T9564] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1222'.
[  199.661391][ T9569] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1223'.
[  199.699797][ T9508] chnl_net:caif_netlink_parms(): no params data found
[  199.728636][ T9579] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1223'.
[  199.922521][ T9587] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1227'.
[  200.021095][ T5105] Bluetooth: hci5: command tx timeout
[  200.078937][ T9587] netlink: 27 bytes leftover after parsing attributes in process `syz.4.1227'.
[  200.126248][ T9508] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.151052][ T9508] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.182235][ T9508] bridge_slave_0: entered allmulticast mode
[  200.210810][ T9508] bridge_slave_0: entered promiscuous mode
[  200.247808][ T9508] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.290449][ T9508] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.297858][ T9508] bridge_slave_1: entered allmulticast mode
[  200.316964][ T9508] bridge_slave_1: entered promiscuous mode
[  200.429382][ T9508] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  200.476237][ T9508] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  200.637906][ T9508] team0: Port device team_slave_0 added
[  200.664489][ T9617] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1233'.
[  200.678861][ T9508] team0: Port device team_slave_1 added
[  200.762034][ T9508] batman_adv: batadv0: Adding interface: batadv_slave_0
[  200.787336][ T9508] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  200.846245][ T9508] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  200.872193][ T9508] batman_adv: batadv0: Adding interface: batadv_slave_1
[  200.879234][ T9508] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  200.948242][ T9508] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  201.086490][ T1043] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.159823][ T9508] hsr_slave_0: entered promiscuous mode
[  201.168103][ T9508] hsr_slave_1: entered promiscuous mode
[  201.175640][ T9508] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  201.183441][ T9508] Cannot create hsr debugfs directory
[  201.334465][ T9508] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  201.345532][ T9508] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.469806][ T9508] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  201.480753][ T9508] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.603175][ T9630] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1239'.
[  201.647752][ T9508] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  201.677883][ T9508] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.821321][ T1043] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.894832][ T9643] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  201.946462][ T9643] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  201.974263][ T9508] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  201.998058][ T9508] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.073853][ T1043] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.102692][ T5105] Bluetooth: hci5: command tx timeout
[  202.112416][ T5096] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  202.123930][ T5096] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  202.138071][ T5096] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  202.159831][ T5096] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  202.169409][ T5096] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  202.177463][ T5096] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  202.226805][ T1043] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.626538][ T9508] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  202.645533][ T9508] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  202.774145][ T9508] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  202.799976][ T1043] bridge_slave_1: left allmulticast mode
[  202.805937][ T1043] bridge_slave_1: left promiscuous mode
[  202.827083][ T1043] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.846849][ T1043] bridge_slave_0: left allmulticast mode
[  202.872962][ T1043] bridge_slave_0: left promiscuous mode
[  202.878825][ T1043] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.015731][ T9674] netlink: 'syz.0.1251': attribute type 1 has an invalid length.
[  203.034511][ T9674] netlink: 'syz.0.1251': attribute type 1 has an invalid length.
[  203.058212][ T9674] netlink: 'syz.0.1251': attribute type 2 has an invalid length.
[  203.423733][ T1043] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  203.435456][ T1043] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  203.446944][ T1043] bond0 (unregistering): Released all slaves
[  203.469530][ T9508] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  203.979404][ T9709] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  204.023424][ T9709] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  204.174898][ T9713] netlink: 'syz.1.1260': attribute type 30 has an invalid length.
[  204.180685][ T5096] Bluetooth: hci5: command tx timeout
[  204.270292][ T5096] Bluetooth: hci0: command tx timeout
[  204.337158][ T1043] hsr_slave_0: left promiscuous mode
[  204.401794][ T1043] hsr_slave_1: left promiscuous mode
[  204.460453][ T1043] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  204.467941][ T1043] batman_adv: batadv0: Removing interface: batadv_slave_0
[  204.502503][ T1043] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  204.509984][ T1043] batman_adv: batadv0: Removing interface: batadv_slave_1
[  204.526285][ T9730] netlink: 'syz.1.1264': attribute type 1 has an invalid length.
[  204.541157][ T9730] __nla_validate_parse: 10 callbacks suppressed
[  204.541195][ T9730] netlink: 9352 bytes leftover after parsing attributes in process `syz.1.1264'.
[  204.557969][ T9730] netlink: 'syz.1.1264': attribute type 1 has an invalid length.
[  204.566987][ T9730] netlink: 'syz.1.1264': attribute type 2 has an invalid length.
[  204.577346][ T9730] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1264'.
[  204.614706][ T1043] veth1_macvtap: left promiscuous mode
[  204.625124][ T1043] veth0_macvtap: left promiscuous mode
[  204.632930][ T1043] veth1_vlan: left promiscuous mode
[  204.638471][ T1043] veth0_vlan: left promiscuous mode
[  205.141618][ T9740] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1266'.
[  205.484341][ T1043] team0 (unregistering): Port device team_slave_1 removed
[  205.546734][ T1043] team0 (unregistering): Port device team_slave_0 removed
[  205.935359][ T9651] chnl_net:caif_netlink_parms(): no params data found
[  206.085054][ T9748] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1268'.
[  206.261780][ T5096] Bluetooth: hci5: command tx timeout
[  206.343140][ T5096] Bluetooth: hci0: command tx timeout
[  206.442973][ T9766] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1271'.
[  206.594443][ T9651] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.633817][ T9651] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.670403][ T9651] bridge_slave_0: entered allmulticast mode
[  206.691729][ T9651] bridge_slave_0: entered promiscuous mode
[  206.728736][ T9651] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.754283][ T9651] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.765162][ T9651] bridge_slave_1: entered allmulticast mode
[  206.776880][ T9651] bridge_slave_1: entered promiscuous mode
[  206.806169][ T9508] 8021q: adding VLAN 0 to HW filter on device bond0
[  207.003759][ T9651] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  207.024512][ T9508] 8021q: adding VLAN 0 to HW filter on device team0
[  207.059571][ T9651] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  207.085559][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.092798][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[  207.181918][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.189126][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  207.276266][ T9651] team0: Port device team_slave_0 added
[  207.333968][ T9651] team0: Port device team_slave_1 added
[  207.402166][ T9797] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1280'.
[  207.481193][ T9651] batman_adv: batadv0: Adding interface: batadv_slave_0
[  207.510861][ T9651] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.577808][ T9651] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  207.674439][ T9651] batman_adv: batadv0: Adding interface: batadv_slave_1
[  207.701038][ T9651] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.759694][ T9651] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  207.778834][ T9808] netlink: 'syz.0.1284': attribute type 3 has an invalid length.
[  207.809479][ T9808] netlink: 'syz.0.1284': attribute type 1 has an invalid length.
[  207.818902][ T9808] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1284'.
[  207.892147][ T9651] hsr_slave_0: entered promiscuous mode
[  207.916107][ T9651] hsr_slave_1: entered promiscuous mode
[  207.933292][ T9651] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  207.956340][ T9651] Cannot create hsr debugfs directory
[  207.965296][ T9808] can: request_module (can-proto-0) failed.
[  208.420464][ T5096] Bluetooth: hci0: command tx timeout
[  208.521140][ T9508] 8021q: adding VLAN 0 to HW filter on device batadv0
[  208.710699][ T9845] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1289'.
[  209.213579][ T9508] veth0_vlan: entered promiscuous mode
[  209.242469][ T9853] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1292'.
[  209.316240][ T9508] veth1_vlan: entered promiscuous mode
[  209.509551][ T9508] veth0_macvtap: entered promiscuous mode
[  209.552103][ T9508] veth1_macvtap: entered promiscuous mode
[  209.611780][ T9651] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  209.632485][ T9508] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.645567][ T9508] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.655683][ T9508] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.666907][ T9508] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.679347][ T9508] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.697745][ T9508] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.745425][ T9508] batman_adv: batadv0: Interface activated: batadv_slave_0
[  209.782693][ T9651] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  209.851298][ T9651] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  209.869849][ T9651] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  209.893854][ T9508] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  209.916385][ T9508] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.928137][ T9508] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  209.956401][ T9508] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.980161][ T9508] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  210.011511][ T9508] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.034193][ T9508] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  210.045410][ T9508] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.057687][ T9508] batman_adv: batadv0: Interface activated: batadv_slave_1
[  210.069471][ T9508] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  210.078920][ T9508] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  210.088245][ T9508] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  210.099459][ T9508] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  210.389221][ T9882] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1302'.
[  210.413827][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  210.436111][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  210.500744][ T5096] Bluetooth: hci0: command tx timeout
[  210.582297][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  210.601098][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  210.642964][ T9885] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1303'.
[  210.755211][ T9651] 8021q: adding VLAN 0 to HW filter on device bond0
[  210.848368][ T9651] 8021q: adding VLAN 0 to HW filter on device team0
[  210.919670][ T5235] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.926912][ T5235] bridge0: port 1(bridge_slave_0) entered forwarding state
[  210.944543][ T9898] netlink: 'syz.1.1306': attribute type 4 has an invalid length.
[  210.977789][ T9898] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1306'.
[  210.993489][ T5235] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.000727][ T5235] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.216420][ T9651] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  211.739036][  T785] IPVS: starting estimator thread 0...
[  211.780850][ T9936] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:0
[  211.850385][ T9937] IPVS: using max 16 ests per chain, 38400 per kthread
[  211.938967][ T9651] 8021q: adding VLAN 0 to HW filter on device batadv0
[  212.147581][ T9651] veth0_vlan: entered promiscuous mode
[  212.173928][ T9954] netem: change failed
[  212.225425][ T9651] veth1_vlan: entered promiscuous mode
[  212.393022][ T9651] veth0_macvtap: entered promiscuous mode
[  212.434846][ T9651] veth1_macvtap: entered promiscuous mode
[  212.524443][ T9651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  212.558518][ T9651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.600288][ T9651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  212.635622][ T9651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.666969][ T9651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  212.688198][ T9651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.699245][ T9651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  212.730347][ T9651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.775479][ T9651] batman_adv: batadv0: Interface activated: batadv_slave_0
[  212.876157][ T9651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  212.930183][ T9651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.963884][ T9651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  213.004330][ T9651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  213.037713][ T9651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  213.069407][ T9651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  213.090113][ T9651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  213.116384][ T9651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  213.142292][ T9651] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  213.169981][ T9651] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  213.202639][ T9651] batman_adv: batadv0: Interface activated: batadv_slave_1
[  213.264643][ T9651] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  213.305050][ T9651] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  213.331823][ T9651] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  213.360149][ T9651] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  213.698447][T10019] pim6reg1: entered promiscuous mode
[  213.718252][T10019] pim6reg1: entered allmulticast mode
[  213.826317][ T2827] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  213.859421][ T2827] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  213.978181][ T2464] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  214.008281][ T2464] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  214.713908][T10069] pim6reg1: entered promiscuous mode
[  214.741022][T10069] pim6reg1: entered allmulticast mode
[  215.238453][T10092] syz.4.1370[10092] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  215.238623][T10092] syz.4.1370[10092] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  215.283559][T10093] netlink: 'syz.3.1371': attribute type 9 has an invalid length.
[  215.354040][T10093] netlink: 399 bytes leftover after parsing attributes in process `syz.3.1371'.
[  215.365273][ T1043] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.752280][ T1043] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.889360][ T1043] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.987207][ T1043] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.210952][ T1043] bridge_slave_1: left allmulticast mode
[  216.216671][ T1043] bridge_slave_1: left promiscuous mode
[  216.266150][ T1043] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.311681][ T1043] bridge_slave_0: left allmulticast mode
[  216.327590][ T1043] bridge_slave_0: left promiscuous mode
[  216.345973][ T1043] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.658766][ T5105] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  216.672778][ T5105] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  216.682487][ T5105] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  216.691426][ T5105] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  216.700588][ T5105] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  216.710219][ T5105] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  216.914279][T10082] syz.0.1366: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  216.934293][T10082] CPU: 1 PID: 10082 Comm: syz.0.1366 Not tainted 6.10.0-rc5-syzkaller-01176-g19e6ad2c7578 #0
[  216.944500][T10082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  216.954583][T10082] Call Trace:
[  216.957883][T10082]  <TASK>
[  216.960823][T10082]  dump_stack_lvl+0x241/0x360
[  216.965542][T10082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  216.970768][T10082]  ? __pfx__printk+0x10/0x10
[  216.975402][T10082]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  216.981844][T10082]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  216.988387][T10082]  warn_alloc+0x278/0x410
[  216.992752][T10082]  ? __pfx_warn_alloc+0x10/0x10
[  216.997643][T10082]  ? hash_netiface_create+0x356/0x1040
[  217.003118][T10082]  ? __get_vm_area_node+0x23d/0x270
[  217.008422][T10082]  __vmalloc_node_range_noprof+0x69f/0x1460
[  217.014527][T10082]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  217.020883][T10082]  ? hash_netiface_create+0x356/0x1040
[  217.026350][T10082]  ? __get_vm_area_node+0x23d/0x270
[  217.031563][T10082]  __vmalloc_node_range_noprof+0x5bf/0x1460
[  217.037466][T10082]  ? hash_netiface_create+0x356/0x1040
[  217.042959][T10082]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  217.049384][T10082]  ? rcu_is_watching+0x15/0xb0
[  217.054158][T10082]  ? trace_kmalloc+0x1f/0xd0
[  217.058753][T10082]  ? __kmalloc_node_noprof+0x247/0x440
[  217.064222][T10082]  ? kvmalloc_node_noprof+0x72/0x190
[  217.069515][T10082]  kvmalloc_node_noprof+0x142/0x190
[  217.074746][T10082]  ? hash_netiface_create+0x356/0x1040
[  217.080220][T10082]  hash_netiface_create+0x356/0x1040
[  217.085537][T10082]  ? __pfx_hash_netiface_create+0x10/0x10
[  217.091270][T10082]  ip_set_create+0xa5c/0x1900
[  217.095956][T10082]  ? ip_set_create+0x45e/0x1900
[  217.100819][T10082]  ? __mutex_trylock_common+0xa/0x2e0
[  217.106213][T10082]  ? __pfx_ip_set_create+0x10/0x10
[  217.111332][T10082]  ? trace_contention_end+0x3c/0x120
[  217.116786][T10082]  ? nfnetlink_rcv_msg+0x225/0x1180
[  217.122003][T10082]  nfnetlink_rcv_msg+0xbec/0x1180
[  217.127568][T10082]  ? kernel_text_address+0xa7/0xe0
[  217.132702][T10082]  ? nfnetlink_rcv_msg+0x225/0x1180
[  217.137934][T10082]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  217.143434][T10082]  ? netlink_deliver_tap+0x19d/0x1b0
[  217.148732][T10082]  ? netlink_unicast+0x7be/0x990
[  217.153677][T10082]  ? netlink_sendmsg+0x8e4/0xcb0
[  217.158642][T10082]  ? __sock_sendmsg+0x221/0x270
[  217.163500][T10082]  ? ____sys_sendmsg+0x525/0x7d0
[  217.168451][T10082]  ? __sys_sendmsg+0x2b0/0x3a0
[  217.173230][T10082]  ? do_syscall_64+0xf3/0x230
[  217.177917][T10082]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.184450][T10082]  netlink_rcv_skb+0x1e3/0x430
[  217.189230][T10082]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  217.194707][T10082]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  217.200020][T10082]  ? apparmor_capable+0x138/0x1b0
[  217.205074][T10082]  ? bpf_lsm_capable+0x9/0x10
[  217.209762][T10082]  ? security_capable+0x90/0xb0
[  217.214631][T10082]  nfnetlink_rcv+0x297/0x2a90
[  217.219326][T10082]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  217.225060][T10082]  ? __dev_queue_xmit+0x2da/0x3e90
[  217.230192][T10082]  ? __dev_queue_xmit+0x1763/0x3e90
[  217.235402][T10082]  ? kasan_save_track+0x51/0x80
[  217.240283][T10082]  ? do_syscall_64+0xf3/0x230
[  217.244985][T10082]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  217.250112][T10082]  ? __dev_queue_xmit+0x2da/0x3e90
[  217.255358][T10082]  ? __pfx___dev_queue_xmit+0x10/0x10
[  217.260761][T10082]  ? ref_tracker_free+0x643/0x7e0
[  217.265839][T10082]  ? __asan_memcpy+0x40/0x70
[  217.270440][T10082]  ? __pfx_ref_tracker_free+0x10/0x10
[  217.275849][T10082]  ? netlink_deliver_tap+0x2e/0x1b0
[  217.281061][T10082]  ? skb_clone+0x240/0x390
[  217.285505][T10082]  ? __pfx_lock_release+0x10/0x10
[  217.290544][T10082]  ? __netlink_deliver_tap+0x77e/0x7c0
[  217.296112][T10082]  ? netlink_deliver_tap+0x2e/0x1b0
[  217.301327][T10082]  netlink_unicast+0x7f0/0x990
[  217.306107][T10082]  ? __pfx_netlink_unicast+0x10/0x10
[  217.311407][T10082]  ? __virt_addr_valid+0x183/0x520
[  217.316534][T10082]  ? __check_object_size+0x49c/0x900
[  217.321860][T10082]  ? bpf_lsm_netlink_send+0x9/0x10
[  217.326991][T10082]  netlink_sendmsg+0x8e4/0xcb0
[  217.331783][T10082]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.337086][T10082]  ? __import_iovec+0x536/0x820
[  217.341952][T10082]  ? aa_sock_msg_perm+0x91/0x160
[  217.346915][T10082]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  217.352211][T10082]  ? security_socket_sendmsg+0x87/0xb0
[  217.357684][T10082]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.362986][T10082]  __sock_sendmsg+0x221/0x270
[  217.367765][T10082]  ____sys_sendmsg+0x525/0x7d0
[  217.372559][T10082]  ? __pfx_____sys_sendmsg+0x10/0x10
[  217.377893][T10082]  __sys_sendmsg+0x2b0/0x3a0
[  217.382506][T10082]  ? __pfx___sys_sendmsg+0x10/0x10
[  217.387675][T10082]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  217.394020][T10082]  ? do_syscall_64+0x100/0x230
[  217.398826][T10082]  ? do_syscall_64+0xb6/0x230
[  217.403532][T10082]  do_syscall_64+0xf3/0x230
[  217.408068][T10082]  ? clear_bhb_loop+0x35/0x90
[  217.412860][T10082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.418788][T10082] RIP: 0033:0x7fad8f575f19
[  217.423224][T10082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.442845][T10082] RSP: 002b:00007fad90274048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  217.451276][T10082] RAX: ffffffffffffffda RBX: 00007fad8f703f60 RCX: 00007fad8f575f19
[  217.459291][T10082] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  217.467291][T10082] RBP: 00007fad8f5e4bcd R08: 0000000000000000 R09: 0000000000000000
[  217.475278][T10082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  217.483276][T10082] R13: 000000000000000b R14: 00007fad8f703f60 R15: 00007ffed1ba8088
[  217.491302][T10082]  </TASK>
[  217.518150][T10082] Mem-Info:
[  217.524534][T10082] active_anon:4254 inactive_anon:0 isolated_anon:0
[  217.524534][T10082]  active_file:1771 inactive_file:38201 isolated_file:0
[  217.524534][T10082]  unevictable:768 dirty:236 writeback:0
[  217.524534][T10082]  slab_reclaimable:8947 slab_unreclaimable:99822
[  217.524534][T10082]  mapped:14646 shmem:1242 pagetables:765
[  217.524534][T10082]  sec_pagetables:0 bounce:0
[  217.524534][T10082]  kernel_misc_reclaimable:0
[  217.524534][T10082]  free:1369539 free_pcp:1905 free_cma:0
[  217.577055][T10082] Node 0 active_anon:16916kB inactive_anon:0kB active_file:7084kB inactive_file:152732kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:58584kB dirty:940kB writeback:0kB shmem:3432kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10588kB pagetables:2960kB sec_pagetables:0kB all_unreclaimable? no
[  217.610895][T10082] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  217.643983][T10082] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  217.671335][T10082] lowmem_reserve[]: 0 2571 2571 0 0
[  217.676644][T10082] Node 0 DMA32 free:1516200kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:16980kB inactive_anon:0kB active_file:7084kB inactive_file:152408kB unevictable:1536kB writepending:936kB present:3129332kB managed:2659868kB mlocked:0kB bounce:0kB free_pcp:6672kB local_pcp:1712kB free_cma:0kB
[  217.709080][T10082] lowmem_reserve[]: 0 0 0 0 0
[  217.713981][T10082] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:324kB unevictable:0kB writepending:4kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  217.740868][T10082] lowmem_reserve[]: 0 0 0 0 0
[  217.745680][T10082] Node 1 Normal free:3946596kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:4kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:1256kB local_pcp:1256kB free_cma:0kB
[  217.777312][T10082] lowmem_reserve[]: 0 0 0 0 0
[  217.782192][T10082] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  217.797353][T10082] Node 0 DMA32: 4*4kB (ME) 13*8kB (UME) 39*16kB (UME) 52*32kB (UME) 39*64kB (UM) 29*128kB (UME) 11*256kB (UM) 9*512kB (M) 5*1024kB (UM) 2*2048kB (M) 364*4096kB (M) = 1516200kB
[  217.815696][T10082] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  217.827696][T10082] Node 1 Normal: 3*4kB (UM) 3*8kB (UM) 6*16kB (UM) 7*32kB (UM) 0*64kB 0*128kB 1*256kB (M) 5*512kB (UM) 1*1024kB (U) 3*2048kB (U) 961*4096kB (M) = 3946596kB
[  217.845093][T10082] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  217.855246][T10082] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  217.865094][T10082] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  217.875206][T10082] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  217.887212][T10082] 41214 total pagecache pages
[  217.893826][T10082] 0 pages in swap cache
[  217.898135][T10082] Free swap  = 124996kB
[  217.902880][T10082] Total swap = 124996kB
[  217.907084][T10082] 2097051 pages RAM
[  217.911413][T10082] 0 pages HighMem/MovableOnly
[  217.916125][T10082] 400874 pages reserved
[  217.920868][T10082] 0 pages cma reserved
[  217.986613][ T1043] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  218.008109][ T1043] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  218.029100][ T1043] bond0 (unregistering): Released all slaves
[  218.077181][T10125] syzkaller0: entered promiscuous mode
[  218.087768][T10125] syzkaller0: entered allmulticast mode
[  218.458232][T10143] bond_slave_0: entered promiscuous mode
[  218.464397][T10143] bond_slave_1: entered promiscuous mode
[  218.483594][T10148] netlink: 'syz.1.1384': attribute type 9 has an invalid length.
[  218.495268][T10143] vlan2: entered promiscuous mode
[  218.501144][T10148] netlink: 399 bytes leftover after parsing attributes in process `syz.1.1384'.
[  218.522702][T10143] bond0: entered promiscuous mode
[  218.569497][T10143] bond0: left promiscuous mode
[  218.601250][T10143] bond_slave_0: left promiscuous mode
[  218.606761][T10143] bond_slave_1: left promiscuous mode
[  218.830537][ T5105] Bluetooth: hci0: command tx timeout
[  218.913501][T10166] Bluetooth: MGMT ver 1.22
[  219.139457][ T1043] hsr_slave_0: left promiscuous mode
[  219.146019][T10173] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1391'.
[  219.184327][ T1043] hsr_slave_1: left promiscuous mode
[  219.224793][ T1043] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  219.248487][ T1043] batman_adv: batadv0: Removing interface: batadv_slave_0
[  219.280368][ T1043] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  219.287858][ T1043] batman_adv: batadv0: Removing interface: batadv_slave_1
[  219.413073][ T1043] veth1_macvtap: left promiscuous mode
[  219.431537][ T1043] veth0_macvtap: left promiscuous mode
[  219.451650][ T1043] veth1_vlan: left promiscuous mode
[  219.468798][ T1043] veth0_vlan: left promiscuous mode
[  219.736821][T10189] netlink: 'syz.4.1397': attribute type 9 has an invalid length.
[  219.770849][T10189] netlink: 399 bytes leftover after parsing attributes in process `syz.4.1397'.
[  220.838384][ T1043] team0 (unregistering): Port device team_slave_1 removed
[  220.910207][ T5096] Bluetooth: hci0: command tx timeout
[  220.938704][ T1043] team0 (unregistering): Port device team_slave_0 removed
[  220.980479][ T5105] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  221.888377][T10218] netlink: 'syz.0.1410': attribute type 9 has an invalid length.
[  221.916836][T10218] netlink: 399 bytes leftover after parsing attributes in process `syz.0.1410'.
[  222.194215][T10226] netlink: 'syz.0.1413': attribute type 7 has an invalid length.
[  222.614920][T10238] team_slave_0: entered promiscuous mode
[  222.621068][T10238] team_slave_1: entered promiscuous mode
[  222.649486][T10248] netlink: 'syz.1.1422': attribute type 9 has an invalid length.
[  222.657786][T10248] netlink: 399 bytes leftover after parsing attributes in process `syz.1.1422'.
[  222.736269][T10250] netlink: 'syz.4.1417': attribute type 10 has an invalid length.
[  222.790317][T10250] team_slave_0: left promiscuous mode
[  222.824400][T10250] team_slave_1: left promiscuous mode
[  222.869273][T10250] team_slave_0: entered promiscuous mode
[  222.875103][T10250] team_slave_1: entered promiscuous mode
[  222.933615][T10250] 8021q: adding VLAN 0 to HW filter on device team0
[  222.945629][T10250] bond0: (slave team0): Enslaving as an active interface with an up link
[  222.980640][ T5105] Bluetooth: hci0: command 0x040f tx timeout
[  223.138991][T10233] team_slave_0: left promiscuous mode
[  223.145035][T10233] team_slave_1: left promiscuous mode
[  223.196815][T10127] chnl_net:caif_netlink_parms(): no params data found
[  223.436453][T10283] netlink: 'syz.0.1433': attribute type 9 has an invalid length.
[  223.476009][T10283] netlink: 399 bytes leftover after parsing attributes in process `syz.0.1433'.
[  223.777476][T10127] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.792362][T10127] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.799800][T10127] bridge_slave_0: entered allmulticast mode
[  223.808620][T10127] bridge_slave_0: entered promiscuous mode
[  223.818160][T10127] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.825909][T10127] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.847337][T10127] bridge_slave_1: entered allmulticast mode
[  223.855726][T10127] bridge_slave_1: entered promiscuous mode
[  223.909887][T10127] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  223.958644][T10127] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  224.238376][T10127] team0: Port device team_slave_0 added
[  224.284323][T10127] team0: Port device team_slave_1 added
[  224.348635][T10331] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1447'.
[  224.369322][T10331] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1447'.
[  224.381775][T10331] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1447'.
[  224.416598][T10127] batman_adv: batadv0: Adding interface: batadv_slave_0
[  224.428317][T10127] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  224.469664][T10127] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  224.492976][T10127] batman_adv: batadv0: Adding interface: batadv_slave_1
[  224.500209][T10127] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  224.543985][T10127] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  224.697611][T10348] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1455'.
[  224.783350][T10127] hsr_slave_0: entered promiscuous mode
[  224.803448][T10127] hsr_slave_1: entered promiscuous mode
[  224.827929][T10127] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  224.856009][T10127] Cannot create hsr debugfs directory
[  225.064897][ T5105] Bluetooth: hci0: command 0x040f tx timeout
[  225.453874][T10387] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1468'.
[  225.641711][T10388] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1466'.
[  225.701435][T10388] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1466'.
[  225.733534][T10388] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1466'.
[  226.291476][T10417] syzkaller0: entered promiscuous mode
[  226.297023][T10417] syzkaller0: entered allmulticast mode
[  226.446368][T10435] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1486'.
[  227.150591][ T5105] Bluetooth: hci0: command 0x040f tx timeout
[  227.597411][T10465] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1499'.
[  228.310129][T10127] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  228.322819][T10127] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  228.375612][T10127] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  228.412541][T10127] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  229.556551][T10517] syzkaller0: entered promiscuous mode
[  229.575065][T10517] syzkaller0: entered allmulticast mode
[  231.321267][T10534] __nla_validate_parse: 1 callbacks suppressed
[  231.321289][T10534] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1518'.
[  233.147818][T10127] 8021q: adding VLAN 0 to HW filter on device bond0
[  233.324761][T10561] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  233.328719][T10127] 8021q: adding VLAN 0 to HW filter on device team0
[  233.405208][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[  233.412606][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[  233.431700][T10561] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  233.530774][ T5139] bridge0: port 2(bridge_slave_1) entered blocking state
[  233.537998][ T5139] bridge0: port 2(bridge_slave_1) entered forwarding state
[  233.620842][T10581] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  233.733528][T10581] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  234.215660][T10127] 8021q: adding VLAN 0 to HW filter on device batadv0
[  234.337843][T10613] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  234.398610][T10127] veth0_vlan: entered promiscuous mode
[  234.432264][T10613] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  234.458366][T10127] veth1_vlan: entered promiscuous mode
[  234.572054][T10127] veth0_macvtap: entered promiscuous mode
[  234.643453][T10127] veth1_macvtap: entered promiscuous mode
[  234.677530][T10630] netlink: 'syz.4.1548': attribute type 15 has an invalid length.
[  234.697777][T10630] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1548'.
[  234.813113][T10127] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.851880][T10127] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.872380][T10127] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.883667][T10127] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.910075][T10127] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.931150][T10127] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.950613][T10127] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.966501][T10645] netlink: 'syz.1.1549': attribute type 4 has an invalid length.
[  234.974448][T10127] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.988684][T10127] batman_adv: batadv0: Interface activated: batadv_slave_0
[  234.996573][T10645] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1549'.
[  235.054079][T10127] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.078505][T10127] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.091936][T10127] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.130798][T10127] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.153186][T10127] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.187093][T10127] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.212389][T10127] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.225220][T10127] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.236073][T10127] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.254641][T10127] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.297039][T10127] batman_adv: batadv0: Interface activated: batadv_slave_1
[  235.326953][T10127] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  235.339074][T10654] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  235.361998][T10127] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  235.388075][T10127] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  235.409026][T10654] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  235.430668][T10127] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.748403][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  235.783911][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  235.861364][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  235.869242][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  236.137277][T10694] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  236.175210][T10694] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  236.357440][T10703] netlink: 'syz.0.1567': attribute type 4 has an invalid length.
[  236.393413][T10703] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1567'.
[  236.662199][T10720] netlink: 312 bytes leftover after parsing attributes in process `syz.3.1574'.
[  236.777423][T10726] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  236.809116][T10726] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.027913][T10738] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1579'.
[  237.055990][T10738] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1579'.
[  237.121490][T10738] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1579'.
[  237.164270][T10745] netlink: 'syz.3.1583': attribute type 4 has an invalid length.
[  237.173510][T10745] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1583'.
[  237.436695][T10755] netlink: 'syz.4.1588': attribute type 9 has an invalid length.
[  237.477637][T10755] netlink: 399 bytes leftover after parsing attributes in process `syz.4.1588'.
[  237.478611][T10757] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.528679][T10757] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.565379][ T1043] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.997512][ T1043] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.084093][ T1043] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.152084][ T1043] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.353759][T10762] netlink: 'syz.0.1590': attribute type 3 has an invalid length.
[  238.408386][T10762] netlink: 'syz.0.1590': attribute type 1 has an invalid length.
[  238.416993][ T1043] bridge_slave_1: left allmulticast mode
[  238.439004][ T1043] bridge_slave_1: left promiscuous mode
[  238.441654][T10762] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1590'.
[  238.447927][ T1043] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.505029][ T1043] bridge_slave_0: left allmulticast mode
[  238.519602][ T1043] bridge_slave_0: left promiscuous mode
[  238.529942][ T1043] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.599580][T10762] can: request_module (can-proto-0) failed.
[  238.751869][T10782] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1595'.
[  238.788443][T10782] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1595'.
[  238.829637][ T5096] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  238.847759][ T5096] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  238.857148][ T5096] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  238.871623][ T5096] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  238.883125][ T5096] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  238.892864][ T5096] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  239.164772][ T1043] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  239.178612][ T1043] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  239.201883][ T1043] bond0 (unregistering): Released all slaves
[  239.571131][T10795] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  239.601521][T10795] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  239.655024][T10798] netlink: 'syz.1.1601': attribute type 1 has an invalid length.
[  239.672154][T10798] netlink: 'syz.1.1601': attribute type 1 has an invalid length.
[  239.707608][T10798] netlink: 'syz.1.1601': attribute type 2 has an invalid length.
[  240.335515][ T1043] hsr_slave_0: left promiscuous mode
[  240.358801][ T1043] hsr_slave_1: left promiscuous mode
[  240.376026][ T1043] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  240.402029][ T1043] batman_adv: batadv0: Removing interface: batadv_slave_0
[  240.417999][ T1043] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  240.427982][ T1043] batman_adv: batadv0: Removing interface: batadv_slave_1
[  240.482000][ T1043] veth1_macvtap: left promiscuous mode
[  240.488347][ T1043] veth0_macvtap: left promiscuous mode
[  240.500265][ T1043] veth1_vlan: left promiscuous mode
[  240.505842][ T1043] veth0_vlan: left promiscuous mode
[  240.981306][ T5096] Bluetooth: hci0: command tx timeout
[  241.338763][ T1043] team0 (unregistering): Port device team_slave_1 removed
[  241.386656][ T1043] team0 (unregistering): Port device team_slave_0 removed
[  241.828260][T10835] __nla_validate_parse: 8 callbacks suppressed
[  241.828285][T10835] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1609'.
[  241.902201][T10860] netlink: 'syz.4.1617': attribute type 15 has an invalid length.
[  241.922066][T10860] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1617'.
[  241.959145][T10783] chnl_net:caif_netlink_parms(): no params data found
[  242.066211][T10869] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  242.110302][T10869] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  242.385401][T10886] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1626'.
[  242.398067][T10783] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.426920][T10783] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.460615][T10783] bridge_slave_0: entered allmulticast mode
[  242.468637][T10783] bridge_slave_0: entered promiscuous mode
[  242.526264][T10783] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.539604][T10783] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.560563][T10783] bridge_slave_1: entered allmulticast mode
[  242.571728][T10783] bridge_slave_1: entered promiscuous mode
[  242.735905][T10898] netlink: 'syz.3.1630': attribute type 15 has an invalid length.
[  242.750716][T10898] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1630'.
[  242.856293][T10783] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  242.898510][T10783] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  243.060615][ T5096] Bluetooth: hci0: command tx timeout
[  243.115707][T10916] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1633'.
[  243.192909][T10916] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1633'.
[  243.228162][T10783] team0: Port device team_slave_0 added
[  243.249160][T10909] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1633'.
[  243.265162][T10783] team0: Port device team_slave_1 added
[  243.301466][T10931] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1638'.
[  243.522954][T10940] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  243.549578][T10783] batman_adv: batadv0: Adding interface: batadv_slave_0
[  243.559929][T10783] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.593457][T10783] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  243.604936][T10940] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  243.676656][T10783] batman_adv: batadv0: Adding interface: batadv_slave_1
[  243.709293][T10783] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.776089][T10783] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  243.828037][T10950] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  243.871006][T10950] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  243.982898][T10783] hsr_slave_0: entered promiscuous mode
[  244.006621][T10783] hsr_slave_1: entered promiscuous mode
[  244.017838][T10783] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  244.028769][T10783] Cannot create hsr debugfs directory
[  244.585476][T10985] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1652'.
[  244.612545][T10985] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1652'.
[  245.141168][ T5096] Bluetooth: hci0: command tx timeout
[  245.522607][T11023] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  245.568326][T10783] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  245.612273][T11023] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  245.632235][T10783] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  245.680692][T10783] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  245.711586][T10783] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  245.819876][T11033] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  245.880353][T11033] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  246.114254][T10783] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.177742][T10783] 8021q: adding VLAN 0 to HW filter on device team0
[  246.225411][ T1542] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.232809][ T1542] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.299170][ T1542] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.306455][ T1542] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.555459][T11069] bridge_slave_1: left allmulticast mode
[  246.573467][T11069] bridge_slave_1: left promiscuous mode
[  246.609006][T11069] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.679654][T11069] bridge_slave_0: left allmulticast mode
[  246.721271][T11069] bridge_slave_0: left promiscuous mode
[  246.748313][T11069] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.763362][T11080] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2920
[  246.887770][T11080] __nla_validate_parse: 13 callbacks suppressed
[  246.887792][T11080] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1674'.
[  246.933362][T11080] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1674'.
[  246.965159][T11080] (unnamed net_device) (uninitialized): up delay (83) is not a multiple of miimon (100), value rounded to 0 ms
[  247.198006][T10783] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.220510][ T5096] Bluetooth: hci0: command tx timeout
[  247.356467][T11101] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1677'.
[  247.383122][T11101] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1677'.
[  247.489676][T11110] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1679'.
[  247.557356][T11110] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1679'.
[  247.607771][T10783] veth0_vlan: entered promiscuous mode
[  247.622633][T11110] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1679'.
[  247.667092][T10783] veth1_vlan: entered promiscuous mode
[  247.866944][T10783] veth0_macvtap: entered promiscuous mode
[  247.905704][T10783] veth1_macvtap: entered promiscuous mode
[  247.973135][T11125] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  248.018830][T11125] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  248.028140][T10783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.047160][T10783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.058331][T10783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.078723][T10783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.112554][T10783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.145767][T10783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.176891][T10783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.213749][T10783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.232448][T10783] batman_adv: batadv0: Interface activated: batadv_slave_0
[  248.248724][T11139] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1685'.
[  248.308597][T11139] bridge_slave_1: left allmulticast mode
[  248.335032][T11139] bridge_slave_1: left promiscuous mode
[  248.350996][T11139] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.367795][T11139] bridge_slave_0: left allmulticast mode
[  248.385729][T11139] bridge_slave_0: left promiscuous mode
[  248.402043][T11139] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.462830][T11151] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2920
[  248.508663][T11139] bridge0 (unregistering): left promiscuous mode
[  248.636831][T11151] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1688'.
[  248.654236][T11151] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1688'.
[  248.675966][T11151] (unnamed net_device) (uninitialized): up delay (83) is not a multiple of miimon (100), value rounded to 0 ms
[  248.744471][T10783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.756916][T10783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.769499][T10783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.781542][T10783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.791497][T10783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.808143][T10783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.819442][T10783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.831078][T10783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.841713][T10783] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.852529][T10783] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.884075][T10783] batman_adv: batadv0: Interface activated: batadv_slave_1
[  248.954292][T10783] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  248.986667][T10783] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  249.016991][T10783] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  249.036746][T10783] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  249.381080][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.392463][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.527597][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.564305][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  250.187084][T11221] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  250.247568][T11221] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  250.601969][ T5105] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  250.613091][ T5105] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  250.623618][ T5105] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  250.633891][ T5105] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  250.642640][ T5105] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  250.656269][ T5105] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  250.743673][T11241] netlink: 'syz.3.1712': attribute type 4 has an invalid length.
[  250.819723][   T51] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.948796][   T51] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.051651][   T51] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.307362][   T51] bond0: (slave netdevsim0): Releasing backup interface
[  251.328812][   T51] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.468038][T11236] chnl_net:caif_netlink_parms(): no params data found
[  252.362405][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  252.432412][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  252.461387][   T51] bond0 (unregistering): (slave team0): Releasing backup interface
[  252.482459][   T51] bond0 (unregistering): Released all slaves
[  252.515079][   T51] bond1 (unregistering): Released all slaves
[  252.578774][   T51] bond2 (unregistering): Released all slaves
[  252.624647][ T5096] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  252.635733][ T5096] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  252.650221][ T5096] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  252.664731][   T51] bond3 (unregistering): Released all slaves
[  252.672681][ T5096] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  252.684056][ T5096] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  252.698887][ T5096] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  252.739038][T11300] __nla_validate_parse: 6 callbacks suppressed
[  252.739059][T11300] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1726'.
[  252.756520][ T5096] Bluetooth: hci0: command tx timeout
[  252.870280][T11300] netlink: 27 bytes leftover after parsing attributes in process `syz.3.1726'.
[  252.922812][T11305] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  252.975330][T11305] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  252.987479][   T51] IPVS: stopping backup sync thread 5418 ...
[  253.062032][T11236] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.075036][T11236] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.082552][T11236] bridge_slave_0: entered allmulticast mode
[  253.110879][T11236] bridge_slave_0: entered promiscuous mode
[  253.133235][T11236] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.142728][T11236] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.151053][T11236] bridge_slave_1: entered allmulticast mode
[  253.158409][T11236] bridge_slave_1: entered promiscuous mode
[  253.485526][T11236] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  253.542230][T11236] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  253.659032][   T51] hsr_slave_0: left promiscuous mode
[  253.700806][   T51] hsr_slave_1: left promiscuous mode
[  253.714551][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  253.726320][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  253.746094][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  253.762560][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  253.826207][   T51] veth0_macvtap: left promiscuous mode
[  253.832572][   T51] veth1_vlan: left promiscuous mode
[  253.841033][   T51] veth0_vlan: left promiscuous mode
[  253.888243][T11340] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  253.926745][T11340] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  254.113143][T11347] netlink: 'syz.0.1736': attribute type 4 has an invalid length.
[  254.148947][T11347] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1736'.
[  254.737189][   T51] team0 (unregistering): Port device team_slave_1 removed
[  254.740273][ T5096] Bluetooth: hci1: command tx timeout
[  254.798218][   T51] team0 (unregistering): Port device team_slave_0 removed
[  254.821174][ T5096] Bluetooth: hci0: command tx timeout
[  255.254973][T11333] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1735'.
[  255.416510][T11236] team0: Port device team_slave_0 added
[  255.474617][T11236] team0: Port device team_slave_1 added
[  255.485143][T11357] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1739'.
[  255.525684][T11357] netlink: 27 bytes leftover after parsing attributes in process `syz.0.1739'.
[  255.652542][T11236] batman_adv: batadv0: Adding interface: batadv_slave_0
[  255.662143][T11236] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  255.689222][T11236] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  255.709388][T11236] batman_adv: batadv0: Adding interface: batadv_slave_1
[  255.735085][T11236] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  255.788008][T11236] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  255.892040][T11368] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  255.928930][T11368] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  256.023507][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[  256.033613][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  256.238981][T11236] hsr_slave_0: entered promiscuous mode
[  256.266234][T11236] hsr_slave_1: entered promiscuous mode
[  256.282551][T11236] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  256.297884][T11236] Cannot create hsr debugfs directory
[  256.305106][T11385] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1746'.
[  256.374212][T11294] chnl_net:caif_netlink_parms(): no params data found
[  256.467874][T11394] netlink: 'syz.0.1748': attribute type 4 has an invalid length.
[  256.479316][T11394] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1748'.
[  256.581111][T11392] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  256.622834][T11392] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  256.631862][ T2827] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.820860][ T5096] Bluetooth: hci1: command tx timeout
[  256.878820][ T2827] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.901857][ T5096] Bluetooth: hci0: command tx timeout
[  256.912685][T11408] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1751'.
[  256.972964][T11408] netlink: 27 bytes leftover after parsing attributes in process `syz.3.1751'.
[  257.061395][T11294] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.075963][T11294] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.084699][T11294] bridge_slave_0: entered allmulticast mode
[  257.096114][T11294] bridge_slave_0: entered promiscuous mode
[  257.126387][ T2827] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.150939][T11294] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.158289][T11294] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.168129][T11294] bridge_slave_1: entered allmulticast mode
[  257.177098][T11294] bridge_slave_1: entered promiscuous mode
[  257.287103][ T2827] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.359072][T11294] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  257.409170][T11294] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  257.661890][T11294] team0: Port device team_slave_0 added
[  257.683105][T11294] team0: Port device team_slave_1 added
[  257.756048][T11429] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1757'.
[  257.909946][T11438] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  257.962500][T11438] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  258.064755][T11294] batman_adv: batadv0: Adding interface: batadv_slave_0
[  258.080070][T11294] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  258.145870][T11294] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  258.166618][T11294] batman_adv: batadv0: Adding interface: batadv_slave_1
[  258.177797][T11294] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  258.206706][T11294] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  258.522369][ T2827] bridge_slave_1: left allmulticast mode
[  258.534762][ T2827] bridge_slave_1: left promiscuous mode
[  258.540847][ T2827] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.557911][ T2827] bridge_slave_0: left allmulticast mode
[  258.563976][ T2827] bridge_slave_0: left promiscuous mode
[  258.569710][ T2827] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.901995][ T5096] Bluetooth: hci1: command tx timeout
[  258.982201][ T5096] Bluetooth: hci0: command tx timeout
[  259.020944][ T2827] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  259.034297][ T2827] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  259.036366][T11469] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  259.061102][ T2827] bond0 (unregistering): Released all slaves
[  259.073919][T11469] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  259.219167][T11294] hsr_slave_0: entered promiscuous mode
[  259.238134][T11294] hsr_slave_1: entered promiscuous mode
[  259.245098][T11294] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  259.255961][T11294] Cannot create hsr debugfs directory
[  259.526833][T11478] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  259.574513][T11476] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  259.666918][T11236] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  259.687027][T11236] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  259.729205][T11236] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  259.764432][ T2827] hsr_slave_0: left promiscuous mode
[  259.776755][ T2827] hsr_slave_1: left promiscuous mode
[  259.793710][ T2827] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  259.822235][ T2827] batman_adv: batadv0: Removing interface: batadv_slave_0
[  259.845484][ T2827] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  259.853550][ T2827] batman_adv: batadv0: Removing interface: batadv_slave_1
[  259.898719][ T2827] veth1_macvtap: left promiscuous mode
[  259.910240][ T2827] veth0_macvtap: left promiscuous mode
[  259.918769][ T2827] veth1_vlan: left promiscuous mode
[  259.930322][ T2827] veth0_vlan: left promiscuous mode
[  260.727438][ T2827] team0 (unregistering): Port device team_slave_1 removed
[  260.774601][ T2827] team0 (unregistering): Port device team_slave_0 removed
[  260.980707][ T5096] Bluetooth: hci1: command tx timeout
[  261.262892][T11236] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  261.283086][T11487] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1769'.
[  261.462771][T11506] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  261.553626][T11502] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  261.635723][T11511] netlink: 'syz.0.1777': attribute type 4 has an invalid length.
[  261.659560][T11511] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1777'.
[  261.809797][T11515] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  261.867810][T11515] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  262.006597][T11236] 8021q: adding VLAN 0 to HW filter on device bond0
[  262.096635][T11236] 8021q: adding VLAN 0 to HW filter on device team0
[  262.152370][ T5235] bridge0: port 1(bridge_slave_0) entered blocking state
[  262.159639][ T5235] bridge0: port 1(bridge_slave_0) entered forwarding state
[  262.209281][ T5235] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.216578][ T5235] bridge0: port 2(bridge_slave_1) entered forwarding state
[  262.258525][T11523] netlink: 87 bytes leftover after parsing attributes in process `syz.1.1782'.
[  262.339893][T11294] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  262.362898][T11294] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  262.395047][T11294] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  262.441799][T11294] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  262.891765][T11553] netlink: 'syz.3.1789': attribute type 4 has an invalid length.
[  262.899737][T11553] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1789'.
[  262.982010][T11294] 8021q: adding VLAN 0 to HW filter on device bond0
[  263.083900][T11294] 8021q: adding VLAN 0 to HW filter on device team0
[  263.134204][ T5141] bridge0: port 1(bridge_slave_0) entered blocking state
[  263.141468][ T5141] bridge0: port 1(bridge_slave_0) entered forwarding state
[  263.202933][ T5141] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.210198][ T5141] bridge0: port 2(bridge_slave_1) entered forwarding state
[  263.411969][T11567] netlink: 'syz.3.1793': attribute type 15 has an invalid length.
[  263.419868][T11567] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1793'.
[  263.491633][T11236] 8021q: adding VLAN 0 to HW filter on device batadv0
[  263.504823][T11572] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  263.618965][T11572] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  264.032435][T11294] 8021q: adding VLAN 0 to HW filter on device batadv0
[  264.218578][T11294] veth0_vlan: entered promiscuous mode
[  264.271167][T11294] veth1_vlan: entered promiscuous mode
[  264.368970][T11611] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1803'.
[  264.535091][T11294] veth0_macvtap: entered promiscuous mode
[  264.558759][T11236] veth0_vlan: entered promiscuous mode
[  264.573395][T11621] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1805'.
[  264.606899][T11621] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1805'.
[  264.656085][T11294] veth1_macvtap: entered promiscuous mode
[  264.709341][T11236] veth1_vlan: entered promiscuous mode
[  264.763769][T11294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  264.801273][T11294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  264.816721][T11294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  264.839458][T11294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  264.859147][T11294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  264.874191][T11294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  264.902564][T11294] batman_adv: batadv0: Interface activated: batadv_slave_0
[  264.956511][T11294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  264.988801][T11294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.028842][T11294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  265.051824][T11294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.069479][T11294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  265.089391][T11294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.100975][T11294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  265.126538][T11294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.139201][T11294] batman_adv: batadv0: Interface activated: batadv_slave_1
[  265.242467][T11294] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  265.266268][T11294] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  265.287316][T11294] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  265.297185][T11294] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  265.395923][T11236] veth0_macvtap: entered promiscuous mode
[  265.447214][T11654] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1815'.
[  265.467365][T11236] veth1_macvtap: entered promiscuous mode
[  265.477861][T11655] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1813'.
[  265.572954][T11236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  265.601840][T11657] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  265.604994][T11236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.631695][T11236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  265.663218][T11236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.690088][T11236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  265.731747][T11236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.760048][T11236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  265.784235][T11236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.806134][T11236] batman_adv: batadv0: Interface activated: batadv_slave_0
[  265.863187][T11236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  265.900190][T11236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.917194][T11236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  265.936566][T11236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.963084][T11236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  265.980053][T11236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.989957][T11236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  266.009771][T11236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.020572][T11236] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  266.031329][T11236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  266.058069][T11236] batman_adv: batadv0: Interface activated: batadv_slave_1
[  266.095375][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  266.112235][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  266.159587][T11236] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  266.210255][T11236] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  266.219034][T11236] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  266.248122][T11236] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  266.386502][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  266.402026][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  266.569409][T11690] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1820'.
[  266.651160][T11690] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1820'.
[  266.660408][ T2827] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  266.668276][ T2827] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  266.997610][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  267.030724][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  267.237152][T11707] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1825'.
[  267.283913][T11712] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2920
[  267.334993][T11712] (unnamed net_device) (uninitialized): up delay (83) is not a multiple of miimon (100), value rounded to 0 ms
[  267.743069][T11730] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  267.793254][T11730] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  268.307865][T11753] __nla_validate_parse: 3 callbacks suppressed
[  268.307891][T11753] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1838'.
[  268.613612][   T35] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.729552][   T35] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.808826][   T35] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.899034][   T35] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.109295][   T35] bridge_slave_1: left allmulticast mode
[  269.120829][   T35] bridge_slave_1: left promiscuous mode
[  269.126786][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.147026][   T35] bridge_slave_0: left allmulticast mode
[  269.157892][   T35] bridge_slave_0: left promiscuous mode
[  269.166952][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.925574][T11817] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1843'.
[  270.227217][ T5105] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  270.245578][ T5105] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  270.273968][ T5105] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  270.284795][ T5105] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  270.306012][ T5105] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  270.322623][ T5105] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  270.388164][T11830] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2920
[  270.450663][T11833] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  270.471380][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  270.487215][T11833] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  270.530274][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  270.553121][   T35] bond0 (unregistering): Released all slaves
[  270.583129][T11830] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1851'.
[  270.593013][T11830] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1851'.
[  270.607411][T11830] (unnamed net_device) (uninitialized): up delay (83) is not a multiple of miimon (100), value rounded to 0 ms
[  270.683253][T11839] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2920
[  270.765968][T11839] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1854'.
[  270.793748][T11839] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1854'.
[  270.807939][T11845] tipc: Can't bind to reserved service type 0
[  270.808255][T11839] (unnamed net_device) (uninitialized): up delay (83) is not a multiple of miimon (100), value rounded to 0 ms
[  270.887665][T11848] netlink: 'syz.0.1857': attribute type 4 has an invalid length.
[  270.896647][T11848] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1857'.
[  270.981674][T11844] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1856'.
[  271.214884][T11853] netlink: 'syz.4.1859': attribute type 15 has an invalid length.
[  271.261680][T11853] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1859'.
[  271.528195][   T35] hsr_slave_0: left promiscuous mode
[  271.568995][   T35] hsr_slave_1: left promiscuous mode
[  271.572570][T11879] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2920
[  271.585497][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  271.600229][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  271.609441][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  271.625923][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  271.677365][   T35] veth1_macvtap: left promiscuous mode
[  271.683409][   T35] veth0_macvtap: left promiscuous mode
[  271.689427][   T35] veth1_vlan: left promiscuous mode
[  271.695139][   T35] veth0_vlan: left promiscuous mode
[  272.277415][T11900] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 2920
[  272.432404][ T5105] Bluetooth: hci1: command tx timeout
[  272.538247][   T35] team0 (unregistering): Port device team_slave_1 removed
[  272.584909][   T35] team0 (unregistering): Port device team_slave_0 removed
[  273.028037][T11875] netlink: 'syz.4.1864': attribute type 15 has an invalid length.
[  273.036322][T11875] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1864'.
[  273.054145][T11879] (unnamed net_device) (uninitialized): up delay (83) is not a multiple of miimon (100), value rounded to 0 ms
[  273.089011][T11879] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  273.119342][T11900] (unnamed net_device) (uninitialized): up delay (83) is not a multiple of miimon (100), value rounded to 0 ms
[  273.160571][T11900] workqueue: Failed to create a rescuer kthread for wq "bond6": -EINTR
[  273.268414][T11909] netlink: 'syz.3.1871': attribute type 4 has an invalid length.
[  273.346090][T11905] __nla_validate_parse: 5 callbacks suppressed
[  273.346111][T11905] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1870'.
[  273.370839][T11913] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  273.431843][T11917] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  273.446668][T11916] netlink: 'syz.1.1874': attribute type 15 has an invalid length.
[  273.462409][ T5105] Bluetooth: hci4: command 0x0405 tx timeout
[  273.472327][T11916] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1874'.
[  273.627205][T11827] chnl_net:caif_netlink_parms(): no params data found
[  273.921334][T11827] bridge0: port 1(bridge_slave_0) entered blocking state
[  273.928764][T11827] bridge0: port 1(bridge_slave_0) entered disabled state
[  273.936406][T11827] bridge_slave_0: entered allmulticast mode
[  273.945320][T11827] bridge_slave_0: entered promiscuous mode
[  273.956330][T11827] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.964450][T11827] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.972653][T11827] bridge_slave_1: entered allmulticast mode
[  273.980652][T11827] bridge_slave_1: entered promiscuous mode
[  273.988360][T11937] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1879'.
[  274.051195][T11937] bridge_slave_1: left allmulticast mode
[  274.056921][T11937] bridge_slave_1: left promiscuous mode
[  274.087166][T11937] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.146018][T11937] bridge_slave_0: left allmulticast mode
[  274.177921][T11937] bridge_slave_0: left promiscuous mode
[  274.188271][T11937] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.488707][T11959] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1884'.
[  274.510356][ T5096] Bluetooth: hci1: command tx timeout
[  274.538093][T11963] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1885'.
[  274.695528][T11967] netlink: 'syz.3.1887': attribute type 15 has an invalid length.
[  274.701630][T11971] netlink: 'syz.1.1886': attribute type 4 has an invalid length.
[  274.724797][T11967] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1887'.
[  274.743525][T11971] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1886'.
[  274.795015][T11827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  274.862213][T11827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  274.881487][T11978] netlink: 'syz.0.1891': attribute type 3 has an invalid length.
[  274.919903][T11978] netlink: 'syz.0.1891': attribute type 1 has an invalid length.
[  274.950539][T11978] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1891'.
[  274.966513][T11980] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  275.003562][T11827] team0: Port device team_slave_0 added
[  275.014348][T11980] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  275.027023][T11827] team0: Port device team_slave_1 added
[  275.081212][T11827] batman_adv: batadv0: Adding interface: batadv_slave_0
[  275.104537][T11827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  275.160136][T11827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  275.189336][T11827] batman_adv: batadv0: Adding interface: batadv_slave_1
[  275.197014][T11827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  275.228606][T11827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  275.472490][T11998] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1896'.
[  275.489224][T11827] hsr_slave_0: entered promiscuous mode
[  275.509735][T11827] hsr_slave_1: entered promiscuous mode
[  275.512291][T11999] netlink: 'syz.0.1897': attribute type 3 has an invalid length.
[  275.535257][T11999] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.1897'.
[  275.556611][T11827] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  275.591444][T11827] Cannot create hsr debugfs directory
[  276.113517][T12023] validate_nla: 1 callbacks suppressed
[  276.113539][T12023] netlink: 'syz.1.1903': attribute type 15 has an invalid length.
[  276.121162][T12026] netlink: 'syz.0.1904': attribute type 4 has an invalid length.
[  276.580328][ T5096] Bluetooth: hci1: command tx timeout
[  276.581608][T12045] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  276.605673][T12045] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  276.783300][T12049] netlink: 'syz.3.1910': attribute type 3 has an invalid length.
[  276.792319][T12049] netlink: 'syz.3.1910': attribute type 1 has an invalid length.
[  277.221738][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  277.235035][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  277.248582][   T51] bond0 (unregistering): Released all slaves
[  277.425493][   T51] tipc: Disabling bearer <eth:ipvlan0>
[  277.452509][   T51] tipc: Left network mode
[  277.529860][T12060] netlink: 'syz.0.1914': attribute type 3 has an invalid length.
[  277.567147][T12060] netlink: 'syz.0.1914': attribute type 1 has an invalid length.
[  277.888451][T12074] netlink: 'syz.1.1917': attribute type 15 has an invalid length.
[  278.009043][T11827] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  278.078733][T12087] netlink: 'syz.3.1919': attribute type 4 has an invalid length.
[  278.183901][T11827] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  278.294693][T11827] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  278.352976][   T51] team0: left promiscuous mode
[  278.358008][   T51] team_slave_0: left promiscuous mode
[  278.391183][   T51] team_slave_1: left promiscuous mode
[  278.402621][T12099] __nla_validate_parse: 14 callbacks suppressed
[  278.402644][T12099] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1922'.
[  278.453451][   T51] dummy0: left promiscuous mode
[  278.465070][T12105] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  278.486910][T12105] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  278.526728][   T51] hsr_slave_0: left promiscuous mode
[  278.533250][   T51] hsr_slave_1: left promiscuous mode
[  278.539445][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  278.556381][T12108] netlink: 312 bytes leftover after parsing attributes in process `syz.4.1925'.
[  278.566526][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  278.587018][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  278.604327][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  278.631850][   T51] veth1_macvtap: left promiscuous mode
[  278.637725][   T51] veth0_macvtap: left promiscuous mode
[  278.644348][   T51] veth1_vlan: left promiscuous mode
[  278.649884][   T51] veth0_vlan: left promiscuous mode
[  278.660823][ T5096] Bluetooth: hci1: command tx timeout
[  279.657620][   T51] team0 (unregistering): Port device team_slave_1 removed
[  279.704512][   T51] team0 (unregistering): Port device team_slave_0 removed
[  280.138811][T11827] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  280.148519][T12101] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1923'.
[  280.318111][T12141] netlink: 'syz.4.1928': attribute type 3 has an invalid length.
[  280.346768][T12141] netlink: 'syz.4.1928': attribute type 1 has an invalid length.
[  280.380131][T12141] netlink: 181400 bytes leftover after parsing attributes in process `syz.4.1928'.
[  280.397666][T12144] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1930'.
[  280.479942][T11827] 8021q: adding VLAN 0 to HW filter on device bond0
[  280.498457][T12147] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1931'.
[  280.573673][T11827] 8021q: adding VLAN 0 to HW filter on device team0
[  280.629563][T12151] netlink: 312 bytes leftover after parsing attributes in process `syz.1.1933'.
[  280.647821][ T5141] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.655152][ T5141] bridge0: port 1(bridge_slave_0) entered forwarding state
[  280.689735][ T5141] bridge0: port 2(bridge_slave_1) entered blocking state
[  280.697036][ T5141] bridge0: port 2(bridge_slave_1) entered forwarding state
[  280.952140][T12161] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  280.962559][T12162] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1935'.
[  280.988168][T12161] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  281.005970][T12166] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1936'.
[  281.025057][T12165] netlink: 312 bytes leftover after parsing attributes in process `syz.3.1938'.
[  281.326274][T11827] 8021q: adding VLAN 0 to HW filter on device batadv0
[  281.441393][T11827] veth0_vlan: entered promiscuous mode
[  281.469442][T11827] veth1_vlan: entered promiscuous mode
[  281.521015][T11827] veth0_macvtap: entered promiscuous mode
[  281.535648][T11827] veth1_macvtap: entered promiscuous mode
[  281.586833][T11827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  281.603047][T11827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.615433][T11827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  281.637231][T11827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.667794][T11827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  281.691687][T11827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.705976][T11827] batman_adv: batadv0: Interface activated: batadv_slave_0
[  281.727880][T11827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  281.759331][T11827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.792679][T11827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  281.810080][T11827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.835266][T11827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  281.846181][T11827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.875780][T11827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  281.896617][T11827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.933223][T11827] batman_adv: batadv0: Interface activated: batadv_slave_1
[  281.984610][T11827] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  282.027005][T11827] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  282.043850][T11827] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  282.057046][T11827] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  282.311993][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  282.319881][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  282.469336][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  282.496380][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  283.449877][T12251] __nla_validate_parse: 14 callbacks suppressed
[  283.449898][T12251] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1966'.
[  283.518093][T12251] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1966'.
[  283.569793][T12242] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1966'.
[  284.048215][T12277] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1972'.
[  284.078379][T12277] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1972'.
[  284.115766][T12277] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1972'.
[  284.170353][ T5143] ==================================================================
[  284.178566][ T5143] BUG: KASAN: slab-use-after-free in nf_tables_trans_destroy_work+0x152b/0x1750
[  284.187633][ T5143] Read of size 2 at addr ffff88802d2959c4 by task kworker/0:4/5143
[  284.195557][ T5143] 
[  284.198068][ T5143] CPU: 0 PID: 5143 Comm: kworker/0:4 Not tainted 6.10.0-rc5-syzkaller-01176-g19e6ad2c7578 #0
[  284.208288][ T5143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  284.218369][ T5143] Workqueue: events nf_tables_trans_destroy_work
[  284.224749][ T5143] Call Trace:
[  284.228038][ T5143]  <TASK>
[  284.230993][ T5143]  dump_stack_lvl+0x241/0x360
[  284.235787][ T5143]  ? __pfx_dump_stack_lvl+0x10/0x10
[  284.241016][ T5143]  ? __pfx__printk+0x10/0x10
[  284.245670][ T5143]  ? _printk+0xd5/0x120
[  284.249863][ T5143]  ? __virt_addr_valid+0x183/0x520
[  284.254995][ T5143]  ? __virt_addr_valid+0x183/0x520
[  284.260151][ T5143]  print_report+0x169/0x550
[  284.264696][ T5143]  ? __virt_addr_valid+0x183/0x520
[  284.269837][ T5143]  ? __virt_addr_valid+0x183/0x520
[  284.275056][ T5143]  ? __virt_addr_valid+0x44e/0x520
[  284.280204][ T5143]  ? __phys_addr+0xba/0x170
[  284.284809][ T5143]  ? nf_tables_trans_destroy_work+0x152b/0x1750
[  284.291058][ T5143]  kasan_report+0x143/0x180
[  284.295575][ T5143]  ? nf_tables_trans_destroy_work+0x152b/0x1750
[  284.301825][ T5143]  nf_tables_trans_destroy_work+0x152b/0x1750
[  284.307913][ T5143]  ? __pfx_nf_tables_trans_destroy_work+0x10/0x10
[  284.314417][ T5143]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  284.320404][ T5143]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  284.326741][ T5143]  ? process_scheduled_works+0x945/0x1830
[  284.332462][ T5143]  process_scheduled_works+0xa2c/0x1830
[  284.338049][ T5143]  ? __pfx_process_scheduled_works+0x10/0x10
[  284.344074][ T5143]  ? assign_work+0x364/0x3d0
[  284.348685][ T5143]  worker_thread+0x86d/0xd50
[  284.353290][ T5143]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  284.359210][ T5143]  ? __kthread_parkme+0x169/0x1d0
[  284.364332][ T5143]  ? __pfx_worker_thread+0x10/0x10
[  284.369464][ T5143]  kthread+0x2f0/0x390
[  284.373543][ T5143]  ? __pfx_worker_thread+0x10/0x10
[  284.378658][ T5143]  ? __pfx_kthread+0x10/0x10
[  284.383256][ T5143]  ret_from_fork+0x4b/0x80
[  284.387766][ T5143]  ? __pfx_kthread+0x10/0x10
[  284.392361][ T5143]  ret_from_fork_asm+0x1a/0x30
[  284.397145][ T5143]  </TASK>
[  284.400181][ T5143] 
[  284.402614][ T5143] Allocated by task 12280:
[  284.407050][ T5143]  kasan_save_track+0x3f/0x80
[  284.411746][ T5143]  __kasan_kmalloc+0x98/0xb0
[  284.416353][ T5143]  kmalloc_trace_noprof+0x19c/0x2c0
[  284.421565][ T5143]  nf_tables_newtable+0x52e/0x1dc0
[  284.426683][ T5143]  nfnetlink_rcv+0x1427/0x2a90
[  284.431456][ T5143]  netlink_unicast+0x7f0/0x990
[  284.436224][ T5143]  netlink_sendmsg+0x8e4/0xcb0
[  284.441001][ T5143]  __sock_sendmsg+0x221/0x270
[  284.445767][ T5143]  ____sys_sendmsg+0x525/0x7d0
[  284.450543][ T5143]  __sys_sendmsg+0x2b0/0x3a0
[  284.455157][ T5143]  do_syscall_64+0xf3/0x230
[  284.459683][ T5143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.465579][ T5143] 
[  284.467941][ T5143] Freed by task 12279:
[  284.472099][ T5143]  kasan_save_track+0x3f/0x80
[  284.476780][ T5143]  kasan_save_free_info+0x40/0x50
[  284.481806][ T5143]  poison_slab_object+0xe0/0x150
[  284.486935][ T5143]  __kasan_slab_free+0x37/0x60
[  284.491705][ T5143]  kfree+0x149/0x360
[  284.495612][ T5143]  __nft_release_table+0xe80/0xf40
[  284.500772][ T5143]  nft_rcv_nl_event+0x55f/0x6d0
[  284.505718][ T5143]  notifier_call_chain+0x19f/0x3e0
[  284.510833][ T5143]  blocking_notifier_call_chain+0x69/0x90
[  284.516577][ T5143]  netlink_release+0x11a6/0x1b10
[  284.521522][ T5143]  sock_close+0xbc/0x240
[  284.525765][ T5143]  __fput+0x406/0x8b0
[  284.529756][ T5143]  task_work_run+0x24f/0x310
[  284.534355][ T5143]  syscall_exit_to_user_mode+0x168/0x370
[  284.539994][ T5143]  do_syscall_64+0x100/0x230
[  284.544631][ T5143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.550533][ T5143] 
[  284.552856][ T5143] Last potentially related work creation:
[  284.558568][ T5143]  kasan_save_stack+0x3f/0x60
[  284.563259][ T5143]  __kasan_record_aux_stack+0xac/0xc0
[  284.568631][ T5143]  insert_work+0x3e/0x330
[  284.572984][ T5143]  __queue_work+0xc16/0xee0
[  284.577495][ T5143]  queue_work_on+0x1c2/0x380
[  284.582093][ T5143]  rhltable_remove+0x1097/0x1160
[  284.587038][ T5143]  nf_tables_commit+0x3401/0x8a40
[  284.592068][ T5143]  nfnetlink_rcv+0x1e44/0x2a90
[  284.596843][ T5143]  netlink_unicast+0x7f0/0x990
[  284.601609][ T5143]  netlink_sendmsg+0x8e4/0xcb0
[  284.606378][ T5143]  __sock_sendmsg+0x221/0x270
[  284.611067][ T5143]  ____sys_sendmsg+0x525/0x7d0
[  284.615838][ T5143]  __sys_sendmsg+0x2b0/0x3a0
[  284.620447][ T5143]  do_syscall_64+0xf3/0x230
[  284.624956][ T5143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.630857][ T5143] 
[  284.633179][ T5143] The buggy address belongs to the object at ffff88802d295800
[  284.633179][ T5143]  which belongs to the cache kmalloc-cg-512 of size 512
[  284.647497][ T5143] The buggy address is located 452 bytes inside of
[  284.647497][ T5143]  freed 512-byte region [ffff88802d295800, ffff88802d295a00)
[  284.661333][ T5143] 
[  284.663749][ T5143] The buggy address belongs to the physical page:
[  284.670221][ T5143] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2d294
[  284.678992][ T5143] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  284.687511][ T5143] memcg:ffff888079c81a01
[  284.691749][ T5143] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  284.699294][ T5143] page_type: 0xffffefff(slab)
[  284.703975][ T5143] raw: 00fff00000000040 ffff88801504f140 dead000000000100 dead000000000122
[  284.712578][ T5143] raw: 0000000000000000 0000000000100010 00000001ffffefff ffff888079c81a01
[  284.721179][ T5143] head: 00fff00000000040 ffff88801504f140 dead000000000100 dead000000000122
[  284.729878][ T5143] head: 0000000000000000 0000000000100010 00000001ffffefff ffff888079c81a01
[  284.738562][ T5143] head: 00fff00000000002 ffffea0000b4a501 ffffffffffffffff 0000000000000000
[  284.747258][ T5143] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[  284.755952][ T5143] page dumped because: kasan: bad access detected
[  284.762397][ T5143] page_owner tracks the page as allocated
[  284.768111][ T5143] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4760, tgid 4760 (dhcpcd), ts 49194735843, free_ts 49182506738
[  284.788959][ T5143]  post_alloc_hook+0x1f3/0x230
[  284.793739][ T5143]  get_page_from_freelist+0x2e4c/0x2f10
[  284.799293][ T5143]  __alloc_pages_noprof+0x256/0x6c0
[  284.804490][ T5143]  alloc_slab_page+0x5f/0x120
[  284.809195][ T5143]  allocate_slab+0x5a/0x2f0
[  284.813707][ T5143]  ___slab_alloc+0xcd1/0x14b0
[  284.818476][ T5143]  __slab_alloc+0x58/0xa0
[  284.822985][ T5143]  kmalloc_node_track_caller_noprof+0x281/0x440
[  284.829287][ T5143]  kmalloc_reserve+0x111/0x2a0
[  284.834056][ T5143]  __alloc_skb+0x1f3/0x440
[  284.838490][ T5143]  alloc_skb_with_frags+0xc3/0x770
[  284.843611][ T5143]  sock_alloc_send_pskb+0x91a/0xa60
[  284.848822][ T5143]  unix_dgram_sendmsg+0x6d3/0x1f80
[  284.853935][ T5143]  __sock_sendmsg+0x221/0x270
[  284.858616][ T5143]  sock_write_iter+0x2dd/0x400
[  284.863382][ T5143]  do_iter_readv_writev+0x5a4/0x800
[  284.868588][ T5143] page last free pid 4881 tgid 4881 stack trace:
[  284.874912][ T5143]  free_unref_page+0xd22/0xea0
[  284.879690][ T5143]  __slab_free+0x31b/0x3d0
[  284.884207][ T5143]  qlist_free_all+0x9e/0x140
[  284.888800][ T5143]  kasan_quarantine_reduce+0x14f/0x170
[  284.894277][ T5143]  __kasan_slab_alloc+0x23/0x80
[  284.899142][ T5143]  kmem_cache_alloc_noprof+0x135/0x2a0
[  284.904616][ T5143]  getname_flags+0xbd/0x4f0
[  284.909128][ T5143]  do_sys_openat2+0xd2/0x1d0
[  284.913718][ T5143]  __x64_sys_openat+0x247/0x2a0
[  284.918666][ T5143]  do_syscall_64+0xf3/0x230
[  284.923170][ T5143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.929070][ T5143] 
[  284.931415][ T5143] Memory state around the buggy address:
[  284.937039][ T5143]  ffff88802d295880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  284.945098][ T5143]  ffff88802d295900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  284.953158][ T5143] >ffff88802d295980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  284.961392][ T5143]                                            ^
[  284.967543][ T5143]  ffff88802d295a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  284.975602][ T5143]  ffff88802d295a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  284.983676][ T5143] ==================================================================
[  285.011814][T12284] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  285.055969][ T5143] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  285.063222][ T5143] CPU: 0 PID: 5143 Comm: kworker/0:4 Not tainted 6.10.0-rc5-syzkaller-01176-g19e6ad2c7578 #0
[  285.073437][ T5143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  285.083519][ T5143] Workqueue: events nf_tables_trans_destroy_work
[  285.089893][ T5143] Call Trace:
[  285.093213][ T5143]  <TASK>
[  285.096163][ T5143]  dump_stack_lvl+0x241/0x360
[  285.100878][ T5143]  ? __pfx_dump_stack_lvl+0x10/0x10
[  285.106108][ T5143]  ? __pfx__printk+0x10/0x10
[  285.110741][ T5143]  ? preempt_schedule+0xe1/0xf0
[  285.115759][ T5143]  ? vscnprintf+0x5d/0x90
[  285.120151][ T5143]  panic+0x349/0x860
[  285.124090][ T5143]  ? check_panic_on_warn+0x21/0xb0
[  285.129237][ T5143]  ? __pfx_panic+0x10/0x10
[  285.133694][ T5143]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  285.139705][ T5143]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  285.146066][ T5143]  ? print_report+0x502/0x550
[  285.150782][ T5143]  check_panic_on_warn+0x86/0xb0
[  285.155851][ T5143]  ? nf_tables_trans_destroy_work+0x152b/0x1750
[  285.162124][ T5143]  end_report+0x77/0x160
[  285.166409][ T5143]  kasan_report+0x154/0x180
[  285.170952][ T5143]  ? nf_tables_trans_destroy_work+0x152b/0x1750
[  285.177231][ T5143]  nf_tables_trans_destroy_work+0x152b/0x1750
[  285.183345][ T5143]  ? __pfx_nf_tables_trans_destroy_work+0x10/0x10
[  285.189865][ T5143]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  285.195904][ T5143]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  285.202301][ T5143]  ? process_scheduled_works+0x945/0x1830
[  285.208028][ T5143]  process_scheduled_works+0xa2c/0x1830
[  285.213608][ T5143]  ? __pfx_process_scheduled_works+0x10/0x10
[  285.219632][ T5143]  ? assign_work+0x364/0x3d0
[  285.224282][ T5143]  worker_thread+0x86d/0xd50
[  285.228881][ T5143]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  285.234789][ T5143]  ? __kthread_parkme+0x169/0x1d0
[  285.239822][ T5143]  ? __pfx_worker_thread+0x10/0x10
[  285.245128][ T5143]  kthread+0x2f0/0x390
[  285.249338][ T5143]  ? __pfx_worker_thread+0x10/0x10
[  285.254479][ T5143]  ? __pfx_kthread+0x10/0x10
[  285.259090][ T5143]  ret_from_fork+0x4b/0x80
[  285.263544][ T5143]  ? __pfx_kthread+0x10/0x10
[  285.268144][ T5143]  ret_from_fork_asm+0x1a/0x30
[  285.272961][ T5143]  </TASK>
[  285.276240][ T5143] Kernel Offset: disabled
[  285.280567][ T5143] Rebooting in 86400 seconds..