last executing test programs:

58.041508323s ago: executing program 4 (id=1340):
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_UPDATE_FT_IES(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000001c0)=ANY=[@ANYBLOB="e400", @ANYRES16, @ANYBLOB="000228bd7000fbdbdf256000000008000300", @ANYRES32, @ANYBLOB="0c0099001a3b00000d00000007002a0010017600b4012a00378a0704efa8fa15eaa45191c666f8a3a1181045cb0c8857f01c0b93b429475ccb6c6cced5103c1f4c2a6d290fbcf12bfb66ab52556ff9068698f8d66a209ee5561bcceb62fc5fb8bf14eeed4e94085df2aa70e6011138e3cd78cc46a0d4dbc6e1c3a127dccdb20403a67b7a03011e031be2f71fa3f007186ea1f131b31e81f70220c241cd7292b91320e98f2d1a020004030000000000000006000e00190000000100fffeffff0384e2080e40ffffffffffff01000000ffffffffffff200000ffffffffffff0600000029000008021100000001fcffff06004008"], 0x2e4}}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)={{0x14}, [@NFT_MSG_DELTABLE={0x74, 0x2, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_TABLE_USERDATA={0x22, 0x6, "8ba442cbe7a8f5c362af0a0a25ba75037f82228218f3628eda58fee04e12"}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_USERDATA={0x7, 0x6, "69d8b4"}, @NFTA_TABLE_USERDATA={0x13, 0x6, "f6be8105c70c9839b9ea0e50c58f69"}]}, @NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xc}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_FLAGS={0xffffffffffffff34, 0x3, 0x1, 0x0, 0x8}]}, @NFT_MSG_NEWSETELEM={0x58, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x2c, 0x3, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_DATA={0x1c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x140}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x10000, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48)
close(0x3)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000000180)={@private0, @empty, @ipv4={'\x00', '\xff\xff', @empty}, 0x0, 0x0, 0x7f, 0x0, 0x3, 0x10200})
ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000000040)={@mcast2, @private0, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x0, 0x3, 0x0, 0x0, 0x10200})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000000)={0x8}, 0x10)
write(r3, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000001d00000000000000050009000d000000", 0x24)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000280), 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r5, r6, 0x2}, 0x10)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@cgroup=r7, 0x2, 0x0, 0x0, &(0x7f0000001440)=[0x0], 0x1, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
socket$qrtr(0x2a, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
socket$inet_udp(0x2, 0x2, 0x0)

57.698311098s ago: executing program 4 (id=1347):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000300), &(0x7f0000000340)='%-010d \x00'}, 0x1c)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r0, <r1=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x10, &(0x7f0000000c40)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}], {0x95, 0x0, 0x3f00}}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

57.390408097s ago: executing program 4 (id=1350):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, 0x0, 0x0)

57.21635561s ago: executing program 3 (id=1353):
unshare(0x26020480)
socket(0x11, 0x800000003, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r0, r1, 0x2}, 0x10)
socket$igmp6(0xa, 0x3, 0x2)
socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-neon\x00'}, 0x58)

57.07987587s ago: executing program 3 (id=1355):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x1c, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x18, 0x10, 0x3}, @TCA_FQ_FLOW_MAX_RATE={0x2, 0x2, 0x10270000}, @TCA_FQ_QUANTUM={0xffffffffffffff0f}]}}]}, 0x48}}, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000003c0)={'vxcan0\x00', <r4=>0x0})
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r5, &(0x7f0000000000), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000003c0)={'vxcan0\x00', <r6=>0x0})
recvmsg$can_bcm(r5, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000600)=""/148, 0x94}, {0x0}], 0x2}, 0x0)
ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f0000000780)={0x0, 0x55, 0x6, 0x1})
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r7, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r8, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r7, {0x2, 0x0, @loopback}, 0x4}}, 0x2e)
ioctl$PPPIOCGCHAN(r8, 0x80047437, &(0x7f0000000080))
syz_emit_ethernet(0x4c, &(0x7f0000000140)={@link_local, @random="ece65fbcee55", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x16, 0x11, 0x0, @remote, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "30b00afe4e70"}}}}}}}, 0x0)
ioctl$SIOCGSTAMPNS(r5, 0x8907, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=@newtaction={0x44, 0x31, 0x103, 0x0, 0x0, {}, [{0x30, 0x1, [@m_bpf={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x60}}}}]}]}, 0x44}}, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
sendmsg$can_bcm(r5, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r6}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x1, 0x7ab0715dca68fed7, 0x0, {}, {}, {}, 0x4, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x20000600}}, 0x0)
sendmsg$can_bcm(r5, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r4}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x3, 0x7ab0715dca68fe47, 0x0, {}, {0x0, 0xea60}, {}, 0x4, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x80}}, 0x0)

56.938078814s ago: executing program 3 (id=1357):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="3800000055002f03020000000000000007000000", @ANYRES32, @ANYBLOB=' '], 0x38}}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="3800000055002f03020000000000000007000000", @ANYRES32, @ANYBLOB=' '], 0x38}}, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000018c0)={{r1}, &(0x7f0000001840), &(0x7f0000001880)='%pK    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000040)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@typedef={0x3}]}, {0x0, [0x0, 0x0, 0x5f]}}, 0x0, 0x29}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x2, &(0x7f00000000c0)=@raw=[@cb_func], &(0x7f0000000140)='syzkaller\x00', 0x6, 0xff, &(0x7f0000000340)=""/255, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x9, &(0x7f0000000200), 0x8}, 0x90) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x2, &(0x7f00000000c0)=@raw=[@cb_func], &(0x7f0000000140)='syzkaller\x00', 0x6, 0xff, &(0x7f0000000340)=""/255, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x9, &(0x7f0000000200), 0x8}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000180)={0x14, 0x13, 0x1, 0x0, 0x0, "", [@typed={0x6}]}, 0x14}], 0x1}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r5, &(0x7f0000000200), 0xf000)
socket$tipc(0x1e, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x80805, 0x0)
socket$alg(0x26, 0x5, 0x0)
write$binfmt_script(r7, &(0x7f0000000180), 0xfea7) (async)
write$binfmt_script(r7, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
socket$rxrpc(0x21, 0x2, 0xa) (async)
r8 = socket$rxrpc(0x21, 0x2, 0xa)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb08000300", @ANYRES16=r7], 0x2c}}, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r9, @ANYBLOB="ff830500000700ffffff", @ANYRES32=r8], 0x4}}, 0x0)

45.594317651s ago: executing program 4 (id=1350):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, 0x0, 0x0)

42.505444704s ago: executing program 3 (id=1357):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="3800000055002f03020000000000000007000000", @ANYRES32, @ANYBLOB=' '], 0x38}}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="3800000055002f03020000000000000007000000", @ANYRES32, @ANYBLOB=' '], 0x38}}, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000018c0)={{r1}, &(0x7f0000001840), &(0x7f0000001880)='%pK    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000040)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@typedef={0x3}]}, {0x0, [0x0, 0x0, 0x5f]}}, 0x0, 0x29}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x2, &(0x7f00000000c0)=@raw=[@cb_func], &(0x7f0000000140)='syzkaller\x00', 0x6, 0xff, &(0x7f0000000340)=""/255, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x9, &(0x7f0000000200), 0x8}, 0x90) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x2, &(0x7f00000000c0)=@raw=[@cb_func], &(0x7f0000000140)='syzkaller\x00', 0x6, 0xff, &(0x7f0000000340)=""/255, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x9, &(0x7f0000000200), 0x8}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000180)={0x14, 0x13, 0x1, 0x0, 0x0, "", [@typed={0x6}]}, 0x14}], 0x1}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r5, &(0x7f0000000200), 0xf000)
socket$tipc(0x1e, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x80805, 0x0)
socket$alg(0x26, 0x5, 0x0)
write$binfmt_script(r7, &(0x7f0000000180), 0xfea7) (async)
write$binfmt_script(r7, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
socket$rxrpc(0x21, 0x2, 0xa) (async)
r8 = socket$rxrpc(0x21, 0x2, 0xa)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb08000300", @ANYRES16=r7], 0x2c}}, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r9, @ANYBLOB="ff830500000700ffffff", @ANYRES32=r8], 0x4}}, 0x0)

27.501859405s ago: executing program 4 (id=1350):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, 0x0, 0x0)

25.437627624s ago: executing program 3 (id=1357):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="3800000055002f03020000000000000007000000", @ANYRES32, @ANYBLOB=' '], 0x38}}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="3800000055002f03020000000000000007000000", @ANYRES32, @ANYBLOB=' '], 0x38}}, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000018c0)={{r1}, &(0x7f0000001840), &(0x7f0000001880)='%pK    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000040)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@typedef={0x3}]}, {0x0, [0x0, 0x0, 0x5f]}}, 0x0, 0x29}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x2, &(0x7f00000000c0)=@raw=[@cb_func], &(0x7f0000000140)='syzkaller\x00', 0x6, 0xff, &(0x7f0000000340)=""/255, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x9, &(0x7f0000000200), 0x8}, 0x90) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x2, &(0x7f00000000c0)=@raw=[@cb_func], &(0x7f0000000140)='syzkaller\x00', 0x6, 0xff, &(0x7f0000000340)=""/255, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x9, &(0x7f0000000200), 0x8}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000180)={0x14, 0x13, 0x1, 0x0, 0x0, "", [@typed={0x6}]}, 0x14}], 0x1}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r5, &(0x7f0000000200), 0xf000)
socket$tipc(0x1e, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x80805, 0x0)
socket$alg(0x26, 0x5, 0x0)
write$binfmt_script(r7, &(0x7f0000000180), 0xfea7) (async)
write$binfmt_script(r7, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
socket$rxrpc(0x21, 0x2, 0xa) (async)
r8 = socket$rxrpc(0x21, 0x2, 0xa)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb08000300", @ANYRES16=r7], 0x2c}}, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r9, @ANYBLOB="ff830500000700ffffff", @ANYRES32=r8], 0x4}}, 0x0)

11.772637722s ago: executing program 4 (id=1350):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, 0x0, 0x0)

10.797742626s ago: executing program 3 (id=1357):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="3800000055002f03020000000000000007000000", @ANYRES32, @ANYBLOB=' '], 0x38}}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="3800000055002f03020000000000000007000000", @ANYRES32, @ANYBLOB=' '], 0x38}}, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000018c0)={{r1}, &(0x7f0000001840), &(0x7f0000001880)='%pK    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000040)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@typedef={0x3}]}, {0x0, [0x0, 0x0, 0x5f]}}, 0x0, 0x29}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x2, &(0x7f00000000c0)=@raw=[@cb_func], &(0x7f0000000140)='syzkaller\x00', 0x6, 0xff, &(0x7f0000000340)=""/255, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x9, &(0x7f0000000200), 0x8}, 0x90) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x2, &(0x7f00000000c0)=@raw=[@cb_func], &(0x7f0000000140)='syzkaller\x00', 0x6, 0xff, &(0x7f0000000340)=""/255, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x9, &(0x7f0000000200), 0x8}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000180)={0x14, 0x13, 0x1, 0x0, 0x0, "", [@typed={0x6}]}, 0x14}], 0x1}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r5, &(0x7f0000000200), 0xf000)
socket$tipc(0x1e, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x80805, 0x0)
socket$alg(0x26, 0x5, 0x0)
write$binfmt_script(r7, &(0x7f0000000180), 0xfea7) (async)
write$binfmt_script(r7, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
socket$rxrpc(0x21, 0x2, 0xa) (async)
r8 = socket$rxrpc(0x21, 0x2, 0xa)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb08000300", @ANYRES16=r7], 0x2c}}, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r9, @ANYBLOB="ff830500000700ffffff", @ANYRES32=r8], 0x4}}, 0x0)

9.257156585s ago: executing program 2 (id=1666):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
socket$inet(0xa, 0x801, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x4, 0x0, 0x0, 0x0, 0x26, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r1, @ANYBLOB="01000000000000000000010000000c0005000c000000000000000c0002000000020000000000040007800c000800000000000000000008000a003f0000004400078008000100", @ANYRES32, @ANYBLOB="38000100", @ANYRES32=r2, @ANYBLOB="64800400", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="080001"], 0x90}}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)

8.806128638s ago: executing program 2 (id=1668):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=0x0, @ANYBLOB="080005251ea2401cee8f9a7be51f5019c10002000000"], 0x24}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={<r2=>0xffffffffffffffff})
sendmsg(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="100000000100000002000000"], 0x10}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000001080)=@security={'security\x00', 0x4, 0x4, 0x3f0, 0xffffffff, 0x0, 0x0, 0x1e0, 0xffffffff, 0xffffffff, 0x320, 0x320, 0x320, 0xffffffff, 0x7fffffe, 0x0, {[{{@ipv6={@dev, @ipv4={'\x00', '\xff\xff', @multicast1}, [0x0, 0xffffff00], [], 'bridge_slave_1\x00', 'geneve0\x00', {}, {}, 0x0, 0x0, 0x4}, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@rand_addr=0x64010102, [0x0, 0x0, 0xffffff00, 0xff], 0x4e22, 0x4e24, 0x4e22, 0x4e22, 0x1, 0x81, 0x5, 0x4, 0x7}}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x0, 0x9}}}, {{@ipv6={@private1, @mcast1, [0xff], [], 'geneve1\x00', 'macvlan0\x00', {}, {}, 0x62}, 0x0, 0x118, 0x140, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'amanda\x00'}}, @common=@ipv6header={{0x28}, {0x2}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x450)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(r0, &(0x7f00000005c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000040)={&(0x7f00000009c0)=ANY=[@ANYBLOB="09000000833ebc74da5de8dbc3b35e32836f7696e8edd44d2c9b991d93ebd4c6b4618a838b71c8e78fe41c6ef91bb4b945b7ebb8805574adc5232a257e9aa4a54aa58c0b7ea9d6a249a132109e50cdffec2170f0bd45bf81c83faeb22066839e1c1c79d2ebd7", @ANYRES16=r1, @ANYBLOB="20002cbd7000fbdbdf251d0000000c009900010000006100000008000300", @ANYRES32=0x0, @ANYBLOB="08000300", @ANYRES32=0x0, @ANYBLOB], 0x30}}, 0x0)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x110)
connect$netrom(r4, &(0x7f0000000140)={{0x6, @rose}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(0xffffffffffffffff, &(0x7f0000000300)={{0x6, @rose}, [@null, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x48)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_inet_SIOCSARP(r6, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @empty}, {0x0, @link_local}, 0x81764109abc7f5ee, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'lo\x00'})
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_FILTER(r7, 0x6b, 0x1, 0x0, 0x0)
gettid()
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@bloom_filter={0x1e, 0x0, 0xca8, 0x10001, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x48)
r8 = socket$netlink(0x10, 0x3, 0x0)
writev(r8, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@netrom={'nr', 0x0}, 0x10)
ioctl$sock_netdev_private(r5, 0x8914, &(0x7f0000000000))
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getpeername$packet(r9, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000001c0)=0x4)

7.549794825s ago: executing program 2 (id=1671):
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0xc000}, 0x48)
socket$inet6_tcp(0xa, 0x1, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
socket$packet(0x11, 0xa, 0x300)
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000100010000000000000000008500000087000000850000000500000095"], &(0x7f0000000080)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x50)
socketpair(0x0, 0x0, 0x0, &(0x7f0000000000))
socket$inet_dccp(0x2, 0x6, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-blowfish-asm\x00'}, 0x4f)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000006c0)={'wpan0\x00'})
accept$alg(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB], 0x0}, 0x90)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@ipv4_delrule={0x3c, 0x21, 0x400, 0x70bd2a, 0x25dfdbff, {0x2, 0x14, 0x20, 0x4, 0x2}, [@FRA_SRC={0x8, 0x2, @remote}, @FRA_SRC={0x8, 0x2, @empty}, @FRA_FLOW={0x8, 0xb, 0x9}, @FRA_DST={0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x3c}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x18aa, 0x0, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2, 0x6}, 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x89f1, &(0x7f0000000900)={'ip6gre0\x00', @random="0600002000"})
getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000700)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
write$binfmt_script(r4, &(0x7f0000001040), 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x4}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}, 0x1, 0x0, 0x0, 0x4800}, 0x0)

4.074216944s ago: executing program 2 (id=1689):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000001880)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000002000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ac1414aa00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ac1e0001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000007f000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x590)

3.840392266s ago: executing program 0 (id=1690):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=@newqdisc={0x34, 0x24, 0x400, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff}, {0x0, 0xc}}, [@TCA_RATE={0x6, 0x5, {0x1, 0xdb}}, @TCA_RATE={0x6, 0x5, {0x4}}]}, 0x34}}, 0x4004000)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e23}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x26, &(0x7f0000000600), 0x4)
sendto$inet(r4, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b037511bf746bec66ba", 0x2acf, 0x11, 0x0, 0x27)
shutdown(r4, 0x1)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000b02000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$alg(0x26, 0x5, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x3c8, 0x0, 0x43, 0xa0, 0x238, 0x98, 0x330, 0x178, 0x178, 0x330, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @dev, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1f0, 0x238, 0x0, {0x0, 0x7a010000}, [@common=@inet=@hashlimit3={{0x158}, {'bond_slave_0\x00', {0x9, 0x0, 0x57, 0x0, 0x0, 0x1, 0xe1, 0x3}}}, @inet=@rpfilter={{0x28}, {0xbb}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}, {{@uncond, 0x0, 0x98, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x428)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
setsockopt$sock_int(r2, 0x1, 0x28, &(0x7f0000000440)=0x400, 0x4)
socket$inet6_sctp(0xa, 0x5, 0x84)
getsockname$packet(r5, &(0x7f0000000480)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000500)=0x14)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)

3.730787468s ago: executing program 2 (id=1691):
socket$igmp6(0xa, 0x3, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_rdma(0x10, 0x3, 0x14)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x8, 0x3, 0x2b8, 0x150, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x220, 0xffffff7a, 0xffffffff, 0x220, 0xffffffff, 0x7fffffe, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'bridge0\x00', 'veth0_to_team\x00'}, 0x6, 0x130, 0x150, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "00000100cbd047da9ca965f96ad5801f0514d30500000000000000490f6785fba3c4a44f1e25ecefef2a2d6054f5260ece5cffa56a5e8d7137024c183ebacdf741cea92ded3a9ca54de162d99e000000000000000000ffffff7f00", 0x7d}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x318)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$BTRFS_IOC_QGROUP_ASSIGN(0xffffffffffffffff, 0x40189429, &(0x7f0000000140)={0x0, 0x3ff})
r1 = socket$kcm(0xa, 0x5, 0x0)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f00000001c0)={0x5, &(0x7f0000000000)=[{}, {}, {}, {}, {0x0, 0x0, 0x0, 0x420007}]})
r2 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@bloom_filter={0x1e, 0x0, 0x400007, 0x9, 0x0, 0x1}, 0x48)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000))
sendmsg$kcm(r1, 0x0, 0x0)
socket$packet(0x11, 0xa, 0x300)
syz_emit_ethernet(0x0, 0x0, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x0, 0x0}, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket(0x1d, 0xa, 0x20000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
socket$inet6(0xa, 0x2, 0x3a)
socket$inet_sctp(0x2, 0x0, 0x84)
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x8001000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x240, 0xd0, 0x11, 0x148, 0xd0, 0x0, 0x1a8, 0x2a8, 0x2a8, 0x1a8, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x0, 0x0, 0x0, 0x2, 0x3]}}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00'}, 0x30)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0xfecc)

3.650349134s ago: executing program 1 (id=1692):
r0 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000040)={0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000fcffffff000800000000000061108100000000009500000000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}, 0x90)

3.612894009s ago: executing program 0 (id=1693):
ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000)={0x7, 'vlan1\x00', {}, 0x9})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b703000000090001db020a000000000007000000000000009500000000000a6682f0a61b01e4c027d252f602901b7cbbd5b9097bb8334a5541cf9e345af317e35f0ad53d857708f974879196ac07622b10548ccd2028eaf7610ae297a58e413b22d81494fcb1dbd1e9cb784c590ddd06ee929a27a5dedf301650960d8ae1cf339f6bda65bf6594c2839dcea6e419c9b8b7d17b9e49f392c857ccb0a3f64a59a87332ffa41c17b82700789b163bbc8507f171b46d2c569e75810e60a06b6f69ef41ca39a200"/212], &(0x7f0000003ff6)='GPL\x00', 0x4, 0x2, &(0x7f000000cf3d)=""/195}, 0x5b)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d80)={{r0}, &(0x7f0000000d00), &(0x7f0000000d40)='%+9llu \x00'}, 0x20)
r2 = socket(0x1, 0x1, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x20000400)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000025c0), 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
epoll_create1(0x0)
r4 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r4, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r4, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f0000000d80), 0x36f, 0x20102, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x0, &(0x7f0000000000)={0x1fe}, &(0x7f0000000040), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0xa)
sendmsg$AUDIT_TRIM(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x10}, 0x10}}, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x0, &(0x7f0000003700)={0x77359400})
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_ro(r5, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$fou(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x34, r8, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_PEER_V4={0x8, 0x8, @remote}, @FOU_ATTR_IPPROTO={0x5, 0x3, 0x6c}, @FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e1c}]}, 0x34}}, 0x0)
sendmsg$FOU_CMD_ADD(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYRESOCT=r1], 0x1c}}, 0x0)

3.559525728s ago: executing program 1 (id=1694):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0xe, 0x2, &(0x7f0000000000)=ANY=[@ANYBLOB="891000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x8000000}, 0x90)

3.350167933s ago: executing program 1 (id=1695):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x24, 0x0, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x24}}, 0x0)

3.266787725s ago: executing program 0 (id=1696):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f000009df00)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x2, 0x0, 0x0, 0xa4}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r2, 0x26}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000400)={@map=r3, r2, 0x5, 0x0, 0x0, @prog_id}, 0x20)
r4 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r4, &(0x7f0000004cc0)={0x2, 0x0, @private=0xa010101}, 0x10)
listen(r4, 0x8)
r5 = accept4(r4, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r5, 0x84, 0x82, 0x0, &(0x7f0000000040))

3.234575232s ago: executing program 2 (id=1697):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)
readv(r2, &(0x7f0000000300)=[{&(0x7f0000000000)=""/154, 0x9a}], 0x1)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crc32-generic\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmmsg$alg(r4, &(0x7f0000001440)=[{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000100)="9ddfc5a2c87fe3", 0xfffffdef}], 0x1}], 0x1, 0x0)
sendmsg$unix(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000240)="fd", 0x1}], 0x1}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={0x0}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)={<r6=>0xffffffffffffffff})
sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000), 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x70, 0x0, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x4}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x100000000}, @NBD_ATTR_SOCKETS={0x24, 0x7, 0x0, 0x1, [{0x8, 0x1, r2}, {0x8, 0x1, r4}, {0x8, 0x1, r5}, {0x8, 0x1, r6}]}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x70}, 0x1, 0x0, 0x0, 0x41}, 0x4880)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7)

3.204360833s ago: executing program 1 (id=1698):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
write$tun(0xffffffffffffffff, 0x0, 0xfdef)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_DEL(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x1}, 0x14}}, 0x0) (fail_nth: 2)

2.994281604s ago: executing program 0 (id=1699):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00'}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x200, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@window, @mss, @window, @timestamp, @sack_perm, @timestamp, @timestamp, @sack_perm], 0x8)
write$binfmt_elf64(r0, &(0x7f0000000280)=ANY=[], 0x40)
sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[], 0x24}}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
unshare(0x22020400)
ppoll(&(0x7f0000000080)=[{r0}], 0x1, 0x0, 0x0, 0x0)

2.61525862s ago: executing program 1 (id=1700):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x80003, 0x0)
r2 = socket(0x200000000000011, 0x3, 0x0)
r3 = socket(0x8, 0x3, 0x100)
setsockopt$WPAN_SECURITY_LEVEL(r3, 0x0, 0x2, &(0x7f0000000040)=0x5, 0x1)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(r4, 0x84, 0xe, &(0x7f0000000380)={<r5=>0x0, 0x2, 0x0, 0x2, 0x2, 0x8, 0x88, 0x400, {0x0, @in6={{0xa, 0x4e20, 0x81, @private2, 0x6}}, 0x3, 0x200, 0x4, 0x0, 0x1ff}}, &(0x7f0000000440)=0xb0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r3, 0x84, 0xf, &(0x7f0000000480)={r5, @in={{0x2, 0x4e21, @multicast2}}, 0x4, 0x7, 0x1f, 0x71, 0x80000000}, &(0x7f0000000540)=0x98)
getsockopt$inet_mreqn(r3, 0x0, 0x20, &(0x7f0000000180)={@dev, @empty, <r6=>0x0}, &(0x7f0000000300)=0xc)
sendmmsg$inet(r3, &(0x7f0000003f80)=[{{0x0, 0x22, 0x0, 0x0, &(0x7f0000000340)=[@ip_retopts={{0x0, 0x0, 0x7, {[@generic={0x44, 0x0, "42b2b2363e"}]}}}, @ip_pktinfo={{0x0, 0x0, 0x8, {r6, @local, @remote}}}], 0x10}}], 0x1, 0x4000855)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000400)={'syztnl2\x00', &(0x7f0000000380)={'syztnl1\x00', <r7=>0x0, 0x2f, 0x81, 0x40, 0x3, 0x42, @ipv4={'\x00', '\xff\xff', @broadcast}, @rand_addr=' \x01\x00', 0x8, 0x10, 0x800, 0x5}})
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r9=>0x0})
r10 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r10, &(0x7f0000000000)={0x1d, r9}, 0x10)
sendmsg$nl_route_sched(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r9}}, 0x24}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000540)={&(0x7f0000000280), 0xc, &(0x7f0000000500)={&(0x7f0000000440)=@newnexthop={0x84, 0x68, 0x8, 0x6, 0x25dfdbfc, {0x0, 0x0, 0x2, 0x0, 0x5}, [@NHA_BLACKHOLE={0x4}, @NHA_FDB={0x4}, @NHA_OIF={0x8, 0x5, r6}, @NHA_ENCAP_TYPE={0x6, 0x7, 0x4}, @NHA_BLACKHOLE={0x4}, @NHA_OIF={0x8, 0x5, r7}, @NHA_FDB={0x4}, @NHA_GROUP={0x34, 0x2, [{0x2, 0x7f}, {0x0, 0x4c}, {0x1, 0x2}, {0x0, 0x8}, {0x0, 0x3}, {0x2, 0xa}]}, @NHA_OIF={0x8}, @NHA_OIF={0x8, 0x5, r9}]}, 0x84}, 0x1, 0x0, 0x0, 0x8800}, 0x20000000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r11}, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'team0\x00', <r12=>0x0})
bind$packet(r2, &(0x7f0000000240)={0x11, 0x0, r12}, 0x14)
getsockname$packet(r2, &(0x7f0000000040)={0x11, 0x0, <r13=>0x0}, &(0x7f0000000000)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @local}, @IFLA_IPTUN_ENCAP_SPORT={0x6}]}}}, @IFLA_MASTER={0x8, 0xa, r13}]}, 0x48}}, 0x0)

2.604692366s ago: executing program 0 (id=1701):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x15c, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_CHAIN={0x8}, @TCA_RATE={0x6}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_flower={{0xb}, {0x38, 0x2, [@TCA_FLOWER_KEY_ICMPV6_CODE={0x5}, @TCA_FLOWER_KEY_TCP_DST_MASK={0x6}, @TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK={0x14}, @TCA_FLOWER_KEY_UDP_SRC_MASK={0x6}, @TCA_FLOWER_KEY_ICMPV6_TYPE={0x5}]}}, @filter_kind_options=@f_route={{0xa}, {0xd0, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_POLICE={0xc, 0x5, [@TCA_POLICE_AVRATE={0x8}]}, @TCA_ROUTE4_ACT={0xb0, 0x6, [@m_nat={0xac, 0x0, 0x0, 0x0, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{}, @private, @dev}}, @TCA_NAT_PARMS={0x28, 0x1, {{}, @local, @remote}}, @TCA_NAT_PARMS={0x28, 0x1, {{}, @broadcast, @loopback}}]}, {0x9, 0x6, "3eaed48f50"}, {0xc}, {0xc}}}]}]}}]}, 0x15c}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000580)={&(0x7f00000000c0), 0x10, &(0x7f0000000540)={&(0x7f0000000880)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\t\x00\x00\x00\x00\x00\x00\x00', @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64, @ANYRES64, @ANYBLOB="0400008001000000040026006010020000b0b5217dab9e3253180a52cca9e416352e2f10a9e6891a7478141b4f74131cca8c83c73adcaecf455465c95fe7c98d6157e652eee87cea2d883b4b3be454bafc"], 0x80}, 0x1, 0x0, 0x0, 0x4004044}, 0x20008000)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

73.764494ms ago: executing program 0 (id=1702):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000001c0)={'gretap0\x00', 0x0})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e0", 0x1}], 0x1}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={0x0, 0x34}}, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000140)={'netdevsim0\x00', &(0x7f0000000080)=@ethtool_rxfh_indir={0x33}})
socket(0x10, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb00df"], &(0x7f0000000540)=""/7, 0x38, 0x7, 0x1}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0xfffffffd}, 0x48)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendto(r2, &(0x7f0000000280), 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@ipv6_delroute={0x2c, 0x19, 0x1, 0x0, 0x0, {}, [@RTA_ENCAP={0x8, 0x16, 0x0, 0x1, @MPLS_IPTUNNEL_DST={0x4}}, @RTA_PREF={0x5}]}, 0x2c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00'})
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r4 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0xae, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd60"], 0x0)
sendmsg(r4, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f86dd", 0x12e}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'veth1_to_bridge\x00', <r5=>0x0})
socket$inet6_mptcp(0xa, 0x1, 0x106)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet6_SIOCADDRT(r6, 0x890b, &(0x7f0000000140)={@mcast2, @mcast1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x4, 0x0, 0x20, 0x400, 0x2, 0xa0022, r5})
bpf$MAP_CREATE(0x0, 0x0, 0x0)

0s ago: executing program 1 (id=1703):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r1)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r1)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r1, &(0x7f0000000340)={&(0x7f00000000c0), 0xc, &(0x7f0000000300)={&(0x7f0000000140)={0x198, r2, 0x1, 0x0, 0x0, {}, [{@pci={{0x8}, {0x11}}, {0xd}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xffffffffffffffb2}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}]}, 0x198}}, 0x0)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000100), r0)
sendmsg$TIPC_CMD_GET_NETID(r1, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r3, 0x210, 0x70bd28, 0x25dfdbff, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000804}, 0x40080)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wlan1\x00'})
ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, &(0x7f0000001e40))
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffff44}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000840)='contention_end\x00', r7}, 0x10)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000280)={'virt_wifi0\x00', <r9=>0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000000020000000000000000", @ANYRES32=r9], 0x20}}, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x4, 0xe, &(0x7f0000000800)=ANY=[@ANYBLOB], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r11, 0x1f2f, 0xe, 0x0, &(0x7f00000007c0)="9f44948721919580684010a49e66", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r0, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000400)={&(0x7f0000000580)=ANY=[@ANYBLOB="e8160000", @ANYRES16=r5, @ANYBLOB="00032abd7000fbdbdf257500000008000300", @ANYRES32=0x0, @ANYBLOB="6c13f0800400050018010d80b7000000762da2d9b0c1766589c0b60faeadef46a13dd1d6e44ab7a00e3531953f071461bc37a8f942a2638df4f802e027698d5bb3cca63e5831522b6cb9c5c6a93a8f8f663159b2eb0c64dc9b82bacf577f0c8ea42f86de793504e13d5cc21e2bd699184c1b42df65b84210adb50fefe8a9a3484f233fcb0d3a5876adff3d534786b81a28fd7869398b60a81ae5bfd0ae94085f8b0c87c699407f1d310150e00d3e7aafd77df75fba493d76af48b7f6b3f9bc0098ee27005100000089772acf2f3f0a2ae40934524815e66250343d36f36224cf21996109d91e1a84517df56ae7409d246ae6f3299a02b43c8d2c1b10a3707fa25f4fe6702452f5532ef766804931ce9f553a445a1100000007000000c4aec300050010000800000005000700000000003c120e8004100000568436ef436c80c44b22e03fee43cd857506d86417c3bc05ca8ad00e8fbbcff1975dd87b8976916386583453ff8692027e0b44e442d1f222b6fd67625290045a33dd6fe70d2d2ecebbe993d5dc2d21669b8c027c4d82c8a4ac3cfae79e342f2853a1cb6f9f0fc53c0f932a1c007b408232c0c5da514e58a93646d54ea2d8c83e5da811b362b4fa89070016c09b4a4edcccf8fd0d09295371e902740fdb36949c34de31ac255f425f5b8017c7a726124c92d570618a4af5f3a0870a3208c6ff080e7fcc1df1899ba3d18bc7a846f47b4fa0b75585bfc0c1a763de9e3121b270699027c54b7138832924fe6a24fbf6f0c646e93de4765893bf723f86bd024ee2549d55abb74be788ab8e8771ef29d7af9c8bf4bc4344f9bb79fa7600e38eb27d33c23fca08ae3ec6d8f2e30a98c78ac4c9fa060a36ce3decbf056009f6ca651052b88dbaf1d3897330f38ce1b11af39e3a8cc91d77fc6eea6676b42b3638692119697bb46c0aa835944aea942b3acaa1e8ed1a4a05ff2f76f796c27e3781dd17c23c021744e6e0f3882f14bf0a52841624017cd4e74c7b0016cce666cf02abf804ebbce1a6b0517977b1b410af6851e393da8826b76540883fd7c5b9a2284f41f70b63830469ead5027b67204bb126f80058ee8d0a98a060199a314510e5bca3c407966b4e42bf59afced6815afb6e3ce793605605559b1c8c5d7646800b5e4724047ddc9f09467a2d207c19a5d8869f5f4a083dec5570516e9fb82174a36664dcb89c982cc2e7580a5f6a9b53d9e2e175994389fbd64e94001d4cf59ed4e61ec88ea9c9110a59ba781ae48fc9e16a90911052d1192f2c7eb5510e89ce47b0baf5bec3b861e47c33358957f31a7906ee961f41e0cb30c7ad001e1bf823e70abc3845c695d47b9092fd50ca157ebe13df95ce80e65a16d902aa859677129a56de4a027163e1147b4abbff5fbc42fc23129390ee392e2979f525b3ab9cafe4977a3734a6f7c5c72a7d97d202e1ba1d68d174b8d13ed553c2930c4850b5c3247a6555a96aa1f0be92296719b1f2e15b349870bd05a47477963143b243e55d91900b70c6c50c7c6498fb770c743deda71eabdafa74de66eaff391ab42bae226bd78eaedf16262e75f01323fa666167681fb605940d2257ed848ebbe9fd9cbc06494c719c5f8efa335a77b8ff8871f194c4ac64b1cc8d406a9e182cb8a1a29117c4bf2ee7bc0a1d00b7d80d3cc2fdb3a6f74c45ea7a06fd5a9ff52dab893b82ccf739b1d6ea4a8e09f69f9fe429b3c0adabd3b63f50fc6412674f975d59c1e0e3ce6698238872bae48a09f6366747910539906b1320e85f50ffe2c06f2b95f4ab1e3d7b0f445a44d65e0e400f48d6d77a858067517fabf7f43e22135a513a6397342b0e76cf1525b6474ac321085b07473a9f66d27d51ee6cbfa9f54e7f81f48c5339832d9eab55c5f00de2f7c3f24eaf7523e6f9ec7d71bdedd7d23cc616663de815b73d7e794851c001b582d476604963d7e79c6c20beced609ae55407746240ce4bd9cff5c641747335c926a58982b4231dfd1f364e4954fe7d42e45087d4fdce8b1e28d6b9787e4cb39a8d1467b17b724093624a95f8d522677c55d37a1190bd305e182a7c8e4b800559847dd1464ad6cd3f55fe521dc9df7bdecd9c787a6cc73615f096107becce06a7ced22a34a746076eaf5a2a2e6623f5a04c0358f42bf2e4f2ecc81ccdc83346c1763450ffb9ab55dbdef108b0b845f2d5c086cbde136bdc52de7532787873b72de70d0f87676cafa8f5c2a2cfeb9f1cf59981af65e2685a1d7355e666ab67aa8550ac27e189fe7c97266ccd4cfbb15c18e9472d6e529ac588cf0b1449c3a85aad51e8034ce0f5dcd887b54cd0ae5cc4a0537979adaafb981513e5cde51f83d23604721d37bbc7ca1c34173d4fb498ae69f77c7ea2837b3f7a4de70c97c90c7f4486c33af9bfbb6e326c1f45696c0ff7f6557f4b252a56603205c531f50a17621de27c59fc0cf10681303da954d726e93533404e35db01f09338359187b5356f6455eca5c4b5330242ded49cba5d7f9990c1f7e3a670aa24733f512a35abe6f7b1d0174dc868e0519c934cadc6bd2b1e0f652e51206354c8b47077e1981ab2443570fc81969b4ecfd152a4b658fd71e99cc9f50b4c6dc0eee8201160eb708af2836a02a202fee9199c2c095ae654d76ead3eaff6e9c561af70ecdaba233defc2509656bec5b6590fed738e8a683bf4ddffc0f811869fa1dd39d9ea10a1454a8ee52613fdfd579158bfea32dc89efaed8ca2e23cae26b440aa3f6e9639c4082b82a991c5765f4c1dace322502db6546304ba5ed27198b1b2f462a009451697768154dbb73d162a8d026f401b22f55950cb61566deaaca48dac676f68f2dc80cf00fdaccc2f258f90f1fd9868ef686328853c4ddb1a38340513b29984d0b07010a26a529a96f28b14d96cdd54a0f5803635d954a28ee75a94e79b71fdae8f16274927d3674ac0730841ea2d285bb77968101c1f976fe6dd164c067731093270429b86ef439b282653f9e324a4fd71f662b3e96c306cdf5e3dc065448c71329ab98e4d19f9fb0851b4d8e71e58b626930b582d75224d23192bbee52b5f6f2dbe322c4fcc07f88f33f4ac30c8cb9fc3062401866d579d055a1bedc15d0a977e18a242976560554d0e7eb2100b4366f5dacaba171c68ab9f0ca4a99d9466ed673bfe39233b92a180f57f3a6fb66e142be3e17cb9eb7692eccfabde41cc1f6c1a337cb1128329e9a7284650edda44633b67666e78c596f566d88635d06d61e480305770f270fd7715ef182cd4a6ef1a91aff075f95f05ec3c588f3436bffca4426ca2155c9ff4635ef7c2a7eb76064a20fda97b7d2cb6c5fbdf7c3bc44445a4af0d70ae6fe77ce2c2170244395043d7e12b094eba0429aaa5cb6d87eef6c7febbe17280b45d48b6fbe47707f42f20f843e37aafe1322b003054ddfbdf6538da624ad66368f68f8c010f1641e83190ee474c58fecc9f80cdd59e2277ae46d782a7722e5ba2b18d878c97f3deae570c70e4f503762d97d3fcab68058d7fbbae7744f1ffd31f8209c311300b7be2853beaacb51bfa49a553fb9c9ec81dd910c08369d3d134ddf8cb4b0b025baa816e95bd6608bf1f934f32509de7d385bf8414086c67e910003e3cf64184856957209a1839e43511cfc5e29528c7e37accdeec06b207304451b19d1b17c95bfe7551e1f1fe9337046bca8aa008eba429175368e3cbeffea6274a5bdc548bd179d42d33ae07d793adfb4b01b517c82ab4debe21f347f1ce74a1549b1b36baa5d9644397bd7ff2174cd457ec30118fcb1379f2deaf0e6b2ca282487deb733895c72808c1ef53cb5bf383ff65756a185c1cb91a3bc35e89e8deed0f3aa8f32997069c524449790a2618c8d31e6de5ca5759223bc83e0a9e8450902792db4e5f40ecacd872d50a504a2d4942d02cdd3deef1a641f568a8dee16ac6509de22f904bf9e5a4b084898ed558a13495d0a627f01d078c0614d6094a5784f3a47f5f1b9ae39103eb09e33621002c68eadc03e52e22febe0e0254371d584d6266628aa70253303bf317e99383e930c7438aebc2a79ccb94befb257a444a8795b331c94e3c92045cb6a44a325e776cbe3fc2b5dac1a1e73612b4df5e48851df8c216a42f"], 0x16e8}, 0x1, 0x0, 0x0, 0x8015}, 0x20008004)
syz_emit_ethernet(0x96, &(0x7f0000000040)={@local, @remote, @void, {@ipv4={0x8864, @tcp={{0x1d, 0x4, 0x0, 0x0, 0x88, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010102, @local, {[@ra={0x94, 0x4}, @end, @noop, @rr={0x7, 0x13, 0xc0, [@multicast2, @broadcast, @empty, @private=0xa010100]}, @timestamp={0x44, 0x8, 0x94, 0x0, 0xe, [0x8]}, @timestamp_addr={0x44, 0x2c, 0xb3, 0x1, 0x2, [{@multicast1, 0x3}, {@broadcast, 0x1}, {@broadcast, 0x1}, {@broadcast, 0x8}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x24bb}]}, @lsrr={0x83, 0xf, 0xec, [@initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010101, @multicast1]}, @noop]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x40, r4, 0x1, 0x0, 0x0, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_TX_SHARE={0xc}]}, 0x40}}, 0x0)

kernel console output (not intermixed with test programs):

041]  ? __import_iovec+0x536/0x820
[  154.218699][ T9041]  ? aa_sock_msg_perm+0x91/0x160
[  154.223662][ T9041]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  154.228976][ T9041]  ? security_socket_sendmsg+0x87/0xb0
[  154.234467][ T9041]  ? __pfx_netlink_sendmsg+0x10/0x10
[  154.239869][ T9041]  __sock_sendmsg+0x221/0x270
[  154.244579][ T9041]  ____sys_sendmsg+0x525/0x7d0
[  154.249574][ T9041]  ? __pfx_____sys_sendmsg+0x10/0x10
[  154.254983][ T9041]  __sys_sendmsg+0x2b0/0x3a0
[  154.259707][ T9041]  ? __pfx___sys_sendmsg+0x10/0x10
[  154.264941][ T9041]  ? vfs_write+0x7c4/0xc90
[  154.269424][ T9041]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  154.275963][ T9041]  ? do_syscall_64+0x100/0x230
[  154.280781][ T9041]  ? do_syscall_64+0xb6/0x230
[  154.285493][ T9041]  do_syscall_64+0xf3/0x230
[  154.290031][ T9041]  ? clear_bhb_loop+0x35/0x90
[  154.295907][ T9041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.301931][ T9041] RIP: 0033:0x7f8bb8d779f9
[  154.306369][ T9041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.326006][ T9041] RSP: 002b:00007f8bb9bd1048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  154.334451][ T9041] RAX: ffffffffffffffda RBX: 00007f8bb8f05f80 RCX: 00007f8bb8d779f9
[  154.342458][ T9041] RDX: 0000000000000000 RSI: 0000000020000d00 RDI: 0000000000000003
[  154.350455][ T9041] RBP: 00007f8bb9bd10a0 R08: 0000000000000000 R09: 0000000000000000
[  154.358453][ T9041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.366450][ T9041] R13: 000000000000000b R14: 00007f8bb8f05f80 R15: 00007ffcdb252b88
[  154.374466][ T9041]  </TASK>
[  154.459879][ T5235] block nbd10: Receive control failed (result -107)
[  154.538611][ T9045] nbd10: detected capacity change from 0 to 256
[  154.642247][ T9056] netlink: 'syz.4.1052': attribute type 33 has an invalid length.
[  155.262295][ T9089] x_tables: ip6_tables: TRACE target: only valid in raw table, not (
[  155.271202][ T9095] netdevsim netdevsim3: Direct firmware load for 
 failed with error -2
[  155.311366][ T9095] netdevsim netdevsim3: Falling back to sysfs fallback for: 

[  155.692720][ T9161] team0: Device sit1 is of different type
[  156.107093][ T9176] FAULT_INJECTION: forcing a failure.
[  156.107093][ T9176] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  156.148192][ T9176] CPU: 1 UID: 0 PID: 9176 Comm: syz.0.1075 Not tainted 6.11.0-rc1-syzkaller-00266-g45160cebd6ac #0
[  156.158927][ T9176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  156.169005][ T9176] Call Trace:
[  156.172308][ T9176]  <TASK>
[  156.175259][ T9176]  dump_stack_lvl+0x241/0x360
[  156.179970][ T9176]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.185205][ T9176]  ? __pfx__printk+0x10/0x10
[  156.189831][ T9176]  ? __pfx_lock_release+0x10/0x10
[  156.194901][ T9176]  should_fail_ex+0x3b0/0x4e0
[  156.199619][ T9176]  _copy_from_iter+0x1f6/0x1960
[  156.204505][ T9176]  ? __virt_addr_valid+0x183/0x530
[  156.209645][ T9176]  ? __pfx_lock_release+0x10/0x10
[  156.214702][ T9176]  ? __alloc_skb+0x28f/0x440
[  156.219309][ T9176]  ? __pfx__copy_from_iter+0x10/0x10
[  156.224591][ T9176]  ? __virt_addr_valid+0x183/0x530
[  156.229696][ T9176]  ? __virt_addr_valid+0x183/0x530
[  156.234793][ T9176]  ? __virt_addr_valid+0x45f/0x530
[  156.239978][ T9176]  ? __check_object_size+0x49c/0x900
[  156.245289][ T9176]  netlink_sendmsg+0x73d/0xcb0
[  156.250069][ T9176]  ? __pfx_netlink_sendmsg+0x10/0x10
[  156.257212][ T9176]  ? __import_iovec+0x536/0x820
[  156.262072][ T9176]  ? aa_sock_msg_perm+0x91/0x160
[  156.267027][ T9176]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  156.272351][ T9176]  ? security_socket_sendmsg+0x87/0xb0
[  156.277913][ T9176]  ? __pfx_netlink_sendmsg+0x10/0x10
[  156.283216][ T9176]  __sock_sendmsg+0x221/0x270
[  156.287918][ T9176]  ____sys_sendmsg+0x525/0x7d0
[  156.292694][ T9176]  ? __pfx_____sys_sendmsg+0x10/0x10
[  156.297987][ T9176]  __sys_sendmsg+0x2b0/0x3a0
[  156.302572][ T9176]  ? __pfx___sys_sendmsg+0x10/0x10
[  156.307684][ T9176]  ? vfs_write+0x7c4/0xc90
[  156.314331][ T9176]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  156.320668][ T9176]  ? do_syscall_64+0x100/0x230
[  156.325435][ T9176]  ? do_syscall_64+0xb6/0x230
[  156.330108][ T9176]  do_syscall_64+0xf3/0x230
[  156.334605][ T9176]  ? clear_bhb_loop+0x35/0x90
[  156.339299][ T9176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.345187][ T9176] RIP: 0033:0x7f0742b779f9
[  156.349683][ T9176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.369368][ T9176] RSP: 002b:00007f07439eb048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  156.377950][ T9176] RAX: ffffffffffffffda RBX: 00007f0742d05f80 RCX: 00007f0742b779f9
[  156.385909][ T9176] RDX: 0000000000000000 RSI: 0000000020000d00 RDI: 0000000000000003
[  156.394044][ T9176] RBP: 00007f07439eb0a0 R08: 0000000000000000 R09: 0000000000000000
[  156.402090][ T9176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.410055][ T9176] R13: 000000000000000b R14: 00007f0742d05f80 R15: 00007ffd2b4900e8
[  156.418116][ T9176]  </TASK>
[  156.924309][ T9208] ieee802154 phy0 wpan0: encryption failed: -22
[  157.100121][ T9221] __nla_validate_parse: 14 callbacks suppressed
[  157.100140][ T9221] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1084'.
[  157.230884][ T9226] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1086'.
[  157.235222][ T9210] team0: Device sit1 is of different type
[  157.314044][ T9233] netdevsim netdevsim3: Direct firmware load for 
 failed with error -2
[  157.331328][ T9233] netdevsim netdevsim3: Falling back to sysfs fallback for: 

[  157.409464][ T9240] FAULT_INJECTION: forcing a failure.
[  157.409464][ T9240] name failslab, interval 1, probability 0, space 0, times 0
[  157.474029][ T9243] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1089'.
[  157.486175][ T9240] CPU: 1 UID: 0 PID: 9240 Comm: syz.4.1088 Not tainted 6.11.0-rc1-syzkaller-00266-g45160cebd6ac #0
[  157.496902][ T9240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  157.507083][ T9240] Call Trace:
[  157.510383][ T9240]  <TASK>
[  157.513335][ T9240]  dump_stack_lvl+0x241/0x360
[  157.518149][ T9240]  ? __pfx_dump_stack_lvl+0x10/0x10
[  157.523470][ T9240]  ? __pfx__printk+0x10/0x10
[  157.528093][ T9240]  ? ref_tracker_alloc+0x332/0x490
[  157.533234][ T9240]  should_fail_ex+0x3b0/0x4e0
[  157.537947][ T9240]  ? skb_clone+0x20c/0x390
[  157.542380][ T9240]  should_failslab+0xac/0x100
[  157.547084][ T9240]  ? skb_clone+0x20c/0x390
[  157.551522][ T9240]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  157.556916][ T9240]  skb_clone+0x20c/0x390
[  157.561185][ T9240]  __netlink_deliver_tap+0x3cc/0x7c0
[  157.566508][ T9240]  ? netlink_deliver_tap+0x2e/0x1b0
[  157.571737][ T9240]  netlink_deliver_tap+0x19d/0x1b0
[  157.576879][ T9240]  netlink_unicast+0x7be/0x990
[  157.581700][ T9240]  ? __pfx_netlink_unicast+0x10/0x10
[  157.587007][ T9240]  ? __virt_addr_valid+0x183/0x530
[  157.592159][ T9240]  ? __check_object_size+0x49c/0x900
[  157.597455][ T9240]  ? bpf_lsm_netlink_send+0x9/0x10
[  157.602569][ T9240]  netlink_sendmsg+0x8e4/0xcb0
[  157.607355][ T9240]  ? __pfx_netlink_sendmsg+0x10/0x10
[  157.612640][ T9240]  ? __import_iovec+0x536/0x820
[  157.617497][ T9240]  ? aa_sock_msg_perm+0x91/0x160
[  157.622425][ T9240]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  157.627792][ T9240]  ? security_socket_sendmsg+0x87/0xb0
[  157.633251][ T9240]  ? __pfx_netlink_sendmsg+0x10/0x10
[  157.638530][ T9240]  __sock_sendmsg+0x221/0x270
[  157.643201][ T9240]  ____sys_sendmsg+0x525/0x7d0
[  157.647959][ T9240]  ? __pfx_____sys_sendmsg+0x10/0x10
[  157.653270][ T9240]  __sys_sendmsg+0x2b0/0x3a0
[  157.657872][ T9240]  ? __pfx___sys_sendmsg+0x10/0x10
[  157.662983][ T9240]  ? vfs_write+0x7c4/0xc90
[  157.667435][ T9240]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  157.673770][ T9240]  ? do_syscall_64+0x100/0x230
[  157.678565][ T9240]  ? do_syscall_64+0xb6/0x230
[  157.683253][ T9240]  do_syscall_64+0xf3/0x230
[  157.687752][ T9240]  ? clear_bhb_loop+0x35/0x90
[  157.692428][ T9240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.698406][ T9240] RIP: 0033:0x7f6bd9f779f9
[  157.702809][ T9240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.722404][ T9240] RSP: 002b:00007f6bdad4a048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  157.730829][ T9240] RAX: ffffffffffffffda RBX: 00007f6bda105f80 RCX: 00007f6bd9f779f9
[  157.738808][ T9240] RDX: 0000000000000000 RSI: 0000000020000d00 RDI: 0000000000000003
[  157.746776][ T9240] RBP: 00007f6bdad4a0a0 R08: 0000000000000000 R09: 0000000000000000
[  157.754740][ T9240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.762707][ T9240] R13: 000000000000000b R14: 00007f6bda105f80 R15: 00007ffe2df0a5c8
[  157.770680][ T9240]  </TASK>
[  157.882423][ T9256] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1093'.
[  158.125840][ T9276] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1098'.
[  158.150189][ T9279] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1097'.
[  158.331264][ T9286] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1099'.
[  158.360161][ T9286] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1099'.
[  158.366781][ T9291] xt_TCPMSS: Only works on TCP SYN packets
[  158.396407][ T9292] xt_TCPMSS: Only works on TCP SYN packets
[  158.494164][ T9292] netlink: 300 bytes leftover after parsing attributes in process `syz.0.1103'.
[  158.819116][ T9323] netdevsim netdevsim3: Direct firmware load for 
 failed with error -2
[  158.838690][ T9323] netdevsim netdevsim3: Falling back to sysfs fallback for: 

[  158.871448][ T9325] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1111'.
[  159.168889][ T9337] netlink: 'syz.2.1115': attribute type 13 has an invalid length.
[  159.220466][ T9339] ipip0: entered promiscuous mode
[  159.300074][ T9342] netlink: 'syz.0.1116': attribute type 3 has an invalid length.
[  159.409570][ T9345] lo speed is unknown, defaulting to 1000
[  159.737738][ T9356] netem: incorrect gi model size
[  159.743263][ T9356] netem: change failed
[  160.583931][ T9378] netlink: 'syz.1.1126': attribute type 4 has an invalid length.
[  160.658568][ T9378] A link change request failed with some changes committed already. Interface veth1_vlan may have been left with an inconsistent configuration, please check.
[  160.893536][ T9385] FAULT_INJECTION: forcing a failure.
[  160.893536][ T9385] name failslab, interval 1, probability 0, space 0, times 0
[  160.916967][ T9385] CPU: 0 UID: 0 PID: 9385 Comm: syz.2.1129 Not tainted 6.11.0-rc1-syzkaller-00266-g45160cebd6ac #0
[  160.927718][ T9385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  160.937800][ T9385] Call Trace:
[  160.941113][ T9385]  <TASK>
[  160.944506][ T9385]  dump_stack_lvl+0x241/0x360
[  160.949228][ T9385]  ? __pfx_dump_stack_lvl+0x10/0x10
[  160.954451][ T9385]  ? __pfx__printk+0x10/0x10
[  160.959061][ T9385]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  160.965048][ T9385]  ? __pfx___might_resched+0x10/0x10
[  160.970342][ T9385]  should_fail_ex+0x3b0/0x4e0
[  160.975028][ T9385]  should_failslab+0xac/0x100
[  160.979703][ T9385]  ? __alloc_skb+0x1c3/0x440
[  160.984290][ T9385]  kmem_cache_alloc_node_noprof+0x71/0x320
[  160.990102][ T9385]  __alloc_skb+0x1c3/0x440
[  160.994608][ T9385]  ? __pfx___alloc_skb+0x10/0x10
[  160.999545][ T9385]  ? netlink_ack_tlv_len+0x6e/0x200
[  161.004761][ T9385]  netlink_ack+0x13f/0xa30
[  161.009186][ T9385]  ? __pfx_lock_acquire+0x10/0x10
[  161.014219][ T9385]  ? __pfx_team_nl_options_get_doit+0x10/0x10
[  161.020322][ T9385]  netlink_rcv_skb+0x262/0x430
[  161.025100][ T9385]  ? __pfx_genl_rcv_msg+0x10/0x10
[  161.030119][ T9385]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  161.035408][ T9385]  ? __netlink_deliver_tap+0x77e/0x7c0
[  161.040874][ T9385]  genl_rcv+0x28/0x40
[  161.044871][ T9385]  netlink_unicast+0x7f0/0x990
[  161.049659][ T9385]  ? __pfx_netlink_unicast+0x10/0x10
[  161.054964][ T9385]  ? __virt_addr_valid+0x183/0x530
[  161.060079][ T9385]  ? __check_object_size+0x49c/0x900
[  161.065363][ T9385]  ? bpf_lsm_netlink_send+0x9/0x10
[  161.070485][ T9385]  netlink_sendmsg+0x8e4/0xcb0
[  161.077024][ T9385]  ? __pfx_netlink_sendmsg+0x10/0x10
[  161.082320][ T9385]  ? __import_iovec+0x536/0x820
[  161.087265][ T9385]  ? aa_sock_msg_perm+0x91/0x160
[  161.092201][ T9385]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  161.097481][ T9385]  ? security_socket_sendmsg+0x87/0xb0
[  161.102944][ T9385]  ? __pfx_netlink_sendmsg+0x10/0x10
[  161.108225][ T9385]  __sock_sendmsg+0x221/0x270
[  161.112897][ T9385]  ____sys_sendmsg+0x525/0x7d0
[  161.117668][ T9385]  ? __pfx_____sys_sendmsg+0x10/0x10
[  161.122985][ T9385]  __sys_sendmsg+0x2b0/0x3a0
[  161.127593][ T9385]  ? __pfx___sys_sendmsg+0x10/0x10
[  161.132713][ T9385]  ? vfs_write+0x7c4/0xc90
[  161.137167][ T9385]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  161.143499][ T9385]  ? do_syscall_64+0x100/0x230
[  161.148350][ T9385]  ? do_syscall_64+0xb6/0x230
[  161.153120][ T9385]  do_syscall_64+0xf3/0x230
[  161.157629][ T9385]  ? clear_bhb_loop+0x35/0x90
[  161.162313][ T9385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.168207][ T9385] RIP: 0033:0x7f8bb8d779f9
[  161.172626][ T9385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.192230][ T9385] RSP: 002b:00007f8bb9bd1048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  161.200639][ T9385] RAX: ffffffffffffffda RBX: 00007f8bb8f05f80 RCX: 00007f8bb8d779f9
[  161.208604][ T9385] RDX: 0000000000000000 RSI: 0000000020000d00 RDI: 0000000000000003
[  161.216565][ T9385] RBP: 00007f8bb9bd10a0 R08: 0000000000000000 R09: 0000000000000000
[  161.224526][ T9385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  161.232490][ T9385] R13: 000000000000000b R14: 00007f8bb8f05f80 R15: 00007ffcdb252b88
[  161.240464][ T9385]  </TASK>
[  162.075612][ T9415] lo speed is unknown, defaulting to 1000
[  162.467804][ T9425] __nla_validate_parse: 7 callbacks suppressed
[  162.467824][ T9425] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1143'.
[  162.564942][ T9435] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1144'.
[  162.819472][ T9440] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1146'.
[  162.922528][ T9442] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1148'.
[  163.327226][ T9460] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1151'.
[  163.742849][ T9472] syzkaller1: entered promiscuous mode
[  163.788026][ T9472] syzkaller1: entered allmulticast mode
[  164.082458][ T9490] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1157'.
[  164.256924][ T9497] netdevsim netdevsim2: Direct firmware load for 
 failed with error -2
[  164.301104][ T9497] netdevsim netdevsim2: Falling back to sysfs fallback for: 

[  164.412892][ T9500] netlink: 'syz.1.1162': attribute type 4 has an invalid length.
[  164.617817][ T9509] lo speed is unknown, defaulting to 1000
[  165.510073][ T9544] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1172'.
[  165.678611][ T9549] FAULT_INJECTION: forcing a failure.
[  165.678611][ T9549] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.717729][ T9549] CPU: 0 UID: 0 PID: 9549 Comm: syz.2.1174 Not tainted 6.11.0-rc1-syzkaller-00266-g45160cebd6ac #0
[  165.729515][ T9549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  165.739685][ T9549] Call Trace:
[  165.742986][ T9549]  <TASK>
[  165.745931][ T9549]  dump_stack_lvl+0x241/0x360
[  165.750643][ T9549]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.755859][ T9549]  ? __pfx__printk+0x10/0x10
[  165.760478][ T9549]  ? __pfx_lock_release+0x10/0x10
[  165.765533][ T9549]  ? __lock_acquire+0x137a/0x2040
[  165.770607][ T9549]  should_fail_ex+0x3b0/0x4e0
[  165.775325][ T9549]  _copy_from_user+0x2f/0xe0
[  165.779945][ T9549]  kstrtouint_from_user+0xc6/0x190
[  165.780852][ T9551] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1175'.
[  165.785073][ T9549]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  165.799859][ T9549]  ? __pfx_lock_acquire+0x10/0x10
[  165.804924][ T9549]  proc_fail_nth_write+0xaa/0x2d0
[  165.809979][ T9549]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  165.815897][ T9549]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  165.821561][ T9549]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  165.827222][ T9549]  vfs_write+0x2a2/0xc90
[  165.831504][ T9549]  ? __pfx_vfs_write+0x10/0x10
[  165.836294][ T9549]  ? __fget_files+0x29/0x470
[  165.840913][ T9549]  ? __fget_files+0x3f6/0x470
[  165.845633][ T9549]  ksys_write+0x1a0/0x2c0
[  165.849992][ T9549]  ? __pfx_ksys_write+0x10/0x10
[  165.854860][ T9549]  ? do_syscall_64+0x100/0x230
[  165.859652][ T9549]  ? do_syscall_64+0xb6/0x230
[  165.864350][ T9549]  do_syscall_64+0xf3/0x230
[  165.868963][ T9549]  ? clear_bhb_loop+0x35/0x90
[  165.873664][ T9549]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.879600][ T9549] RIP: 0033:0x7f8bb8d764df
[  165.884045][ T9549] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48
[  165.903686][ T9549] RSP: 002b:00007f8bb9bd1040 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  165.912400][ T9549] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f8bb8d764df
[  165.921355][ T9549] RDX: 0000000000000001 RSI: 00007f8bb9bd10b0 RDI: 0000000000000004
[  165.929349][ T9549] RBP: 00007f8bb9bd10a0 R08: 0000000000000000 R09: 0000000000000000
[  165.937340][ T9549] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  165.945331][ T9549] R13: 000000000000000b R14: 00007f8bb8f05f80 R15: 00007ffcdb252b88
[  165.953346][ T9549]  </TASK>
[  166.164465][ T9558] netlink: 'syz.1.1176': attribute type 4 has an invalid length.
[  166.242110][ T9563] syz_tun (unregistering): left promiscuous mode
[  166.698139][ T9579] netlink: 'syz.4.1185': attribute type 9 has an invalid length.
[  166.727992][ T9579] netlink: 194632 bytes leftover after parsing attributes in process `syz.4.1185'.
[  166.855491][ T9586] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1188'.
[  167.152163][ T9599] netlink: 'syz.4.1191': attribute type 4 has an invalid length.
[  167.174356][ T9600] team0: Device ipvlan3 is already an upper device of the team interface
[  167.336424][ T9607] delete_channel: no stack
[  167.620926][ T9612] syzkaller0: entered promiscuous mode
[  167.650604][ T9612] syzkaller0: entered allmulticast mode
[  167.696441][ T9624] __nla_validate_parse: 1 callbacks suppressed
[  167.696460][ T9624] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1201'.
[  169.786743][ T9650] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1206'.
[  169.854253][ T9652] lo speed is unknown, defaulting to 1000
[  169.904937][ T9659] sctp: [Deprecated]: syz.0.1208 (pid 9659) Use of int in max_burst socket option deprecated.
[  169.904937][ T9659] Use struct sctp_assoc_value instead
[  170.015205][ T9665] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1208'.
[  170.084937][ T9673] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1211'.
[  170.091896][ T9665] netlink: 'syz.0.1208': attribute type 6 has an invalid length.
[  170.164391][ T9665] netlink: 'syz.0.1208': attribute type 5 has an invalid length.
[  170.443391][ T9682] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1215'.
[  170.576257][ T9689] netlink: 'syz.3.1218': attribute type 1 has an invalid length.
[  170.595004][ T9689] netlink: 'syz.3.1218': attribute type 2 has an invalid length.
[  170.612453][ T9689] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1218'.
[  170.650982][ T9696] netlink: 'syz.2.1220': attribute type 13 has an invalid length.
[  170.683068][ T9694] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1219'.
[  171.213399][ T9728] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1227'.
[  171.542141][ T9743] netlink: 'syz.4.1232': attribute type 13 has an invalid length.
[  171.562781][ T9741] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[  171.670300][ T9749] netlink: 'syz.0.1230': attribute type 5 has an invalid length.
[  171.726748][ T9749] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1230'.
[  171.826565][ T9756] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1236'.
[  171.858304][ T9759] sctp: [Deprecated]: syz.4.1235 (pid 9759) Use of int in maxseg socket option.
[  171.858304][ T9759] Use struct sctp_assoc_value instead
[  171.886912][ T9758] netlink: 'syz.2.1237': attribute type 4 has an invalid length.
[  171.995739][ T9761] netlink: 'syz.3.1238': attribute type 4 has an invalid length.
[  172.045479][    T9] lo speed is unknown, defaulting to 1000
[  172.369138][ T9767] netdevsim netdevsim3: Direct firmware load for 
 failed with error -2
[  172.397717][ T9767] netdevsim netdevsim3: Falling back to sysfs fallback for: 

[  172.650016][ T9777] netlink: 'syz.1.1245': attribute type 13 has an invalid length.
[  172.704487][ T9773] netlink: 'syz.2.1239': attribute type 4 has an invalid length.
[  172.728865][ T9773] __nla_validate_parse: 2 callbacks suppressed
[  172.728887][ T9773] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1239'.
[  172.776416][ T9782] xt_recent: Unsupported userspace flags (00000042)
[  172.855620][ T9784] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1247'.
[  172.876070][ T9789] netlink: 'syz.1.1249': attribute type 4 has an invalid length.
[  172.877392][ T9788] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1248'.
[  172.903621][ T9789] netlink: 128124 bytes leftover after parsing attributes in process `syz.1.1249'.
[  172.924502][ T9790] vlan1: entered promiscuous mode
[  172.927762][ T9784] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1247'.
[  172.989350][ T5235] block nbd11: Receive control failed (result -107)
[  173.007750][ T9789] vlan1: left promiscuous mode
[  173.018041][ T9784] nbd11: detected capacity change from 0 to 256
[  173.074459][ T9795] netlink: 'syz.4.1250': attribute type 4 has an invalid length.
[  173.135143][ T9799] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1251'.
[  173.158319][ T9804] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1252'.
[  173.273064][ T9809] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1254'.
[  173.491479][ T9830] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1258'.
[  173.620143][ T9836] netdevsim netdevsim4: Direct firmware load for 
 failed with error -2
[  173.641520][ T9837] FAULT_INJECTION: forcing a failure.
[  173.641520][ T9837] name failslab, interval 1, probability 0, space 0, times 0
[  173.654928][ T9837] CPU: 1 UID: 0 PID: 9837 Comm: syz.0.1262 Not tainted 6.11.0-rc1-syzkaller-00266-g45160cebd6ac #0
[  173.665644][ T9837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  173.675804][ T9837] Call Trace:
[  173.679105][ T9837]  <TASK>
[  173.682037][ T9837]  dump_stack_lvl+0x241/0x360
[  173.686713][ T9837]  ? __pfx_dump_stack_lvl+0x10/0x10
[  173.691904][ T9837]  ? __pfx__printk+0x10/0x10
[  173.696487][ T9837]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  173.702460][ T9837]  ? __pfx___might_resched+0x10/0x10
[  173.707749][ T9837]  should_fail_ex+0x3b0/0x4e0
[  173.712443][ T9837]  should_failslab+0xac/0x100
[  173.717119][ T9837]  ? __alloc_skb+0x1c3/0x440
[  173.721710][ T9837]  kmem_cache_alloc_node_noprof+0x71/0x320
[  173.727511][ T9837]  __alloc_skb+0x1c3/0x440
[  173.731924][ T9837]  ? __pfx___alloc_skb+0x10/0x10
[  173.736855][ T9837]  ? netlink_autobind+0xd6/0x2f0
[  173.741783][ T9837]  ? netlink_autobind+0x2b0/0x2f0
[  173.746804][ T9837]  netlink_sendmsg+0x638/0xcb0
[  173.751575][ T9837]  ? __pfx_netlink_sendmsg+0x10/0x10
[  173.756854][ T9837]  ? __import_iovec+0x536/0x820
[  173.761696][ T9837]  ? aa_sock_msg_perm+0x91/0x160
[  173.766625][ T9837]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  173.771904][ T9837]  ? security_socket_sendmsg+0x87/0xb0
[  173.777361][ T9837]  ? __pfx_netlink_sendmsg+0x10/0x10
[  173.782637][ T9837]  __sock_sendmsg+0x221/0x270
[  173.787310][ T9837]  ____sys_sendmsg+0x525/0x7d0
[  173.792070][ T9837]  ? __pfx_____sys_sendmsg+0x10/0x10
[  173.797357][ T9837]  __sys_sendmsg+0x2b0/0x3a0
[  173.801937][ T9837]  ? __pfx___sys_sendmsg+0x10/0x10
[  173.807033][ T9837]  ? vfs_write+0x7c4/0xc90
[  173.811473][ T9837]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  173.817796][ T9837]  ? do_syscall_64+0x100/0x230
[  173.822820][ T9837]  ? do_syscall_64+0xb6/0x230
[  173.827492][ T9837]  do_syscall_64+0xf3/0x230
[  173.831988][ T9837]  ? clear_bhb_loop+0x35/0x90
[  173.836654][ T9837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.842541][ T9837] RIP: 0033:0x7f0742b779f9
[  173.846946][ T9837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.867501][ T9837] RSP: 002b:00007f07439eb048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  173.876185][ T9837] RAX: ffffffffffffffda RBX: 00007f0742d05f80 RCX: 00007f0742b779f9
[  173.884147][ T9837] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  173.892104][ T9837] RBP: 00007f07439eb0a0 R08: 0000000000000000 R09: 0000000000000000
[  173.900061][ T9837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.908025][ T9837] R13: 000000000000000b R14: 00007f0742d05f80 R15: 00007ffd2b4900e8
[  173.916001][ T9837]  </TASK>
[  173.923548][ T9836] netdevsim netdevsim4: Falling back to sysfs fallback for: 

[  173.991889][ T9840] netlink: 'syz.3.1264': attribute type 4 has an invalid length.
[  174.289754][ T9857] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1270'.
[  174.312446][ T9857] netem: incorrect gi model size
[  174.326533][ T9857] netem: change failed
[  174.705780][ T9883] netlink: 'syz.2.1278': attribute type 4 has an invalid length.
[  174.787439][ T9886] tap0: tun_chr_ioctl cmd 2147767517
[  175.076993][ T9908] netdevsim netdevsim2: Direct firmware load for 
 failed with error -2
[  175.105392][ T9908] netdevsim netdevsim2: Falling back to sysfs fallback for: 

[  175.131535][ T9911] netem: incorrect gi model size
[  175.137030][ T9911] netem: change failed
[  175.504722][ T9932] xt_time: invalid argument - start or stop time greater than 23:59:59
[  175.508128][ T9933] xt_time: invalid argument - start or stop time greater than 23:59:59
[  175.825700][ T9949] netem: incorrect gi model size
[  175.831595][ T9949] netem: change failed
[  176.368198][ T9979] netem: incorrect gi model size
[  176.383464][ T9979] netem: change failed
[  177.152373][T10031] netem: incorrect gi model size
[  177.157387][T10031] netem: change failed
[  177.273286][T10033] lo speed is unknown, defaulting to 1000
[  177.715085][T10062] validate_nla: 2 callbacks suppressed
[  177.715103][T10062] netlink: 'syz.2.1332': attribute type 17 has an invalid length.
[  177.878497][T10067] __nla_validate_parse: 9 callbacks suppressed
[  177.878518][T10067] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1334'.
[  177.922851][T10067] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1334'.
[  177.983302][ T5235] block nbd12: Receive control failed (result -107)
[  178.017622][T10067] nbd12: detected capacity change from 0 to 256
[  178.027414][T10074] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1336'.
[  178.161273][T10077] netlink: 276 bytes leftover after parsing attributes in process `syz.2.1338'.
[  178.273276][T10083] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1340'.
[  178.695778][T10102] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1348'.
[  178.768209][T10102] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1348'.
[  178.789433][T10105] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1349'.
[  178.850456][ T5235] block nbd13: Receive control failed (result -107)
[  178.877743][T10102] nbd13: detected capacity change from 0 to 256
[  179.376859][T10117] netlink: 'syz.0.1351': attribute type 11 has an invalid length.
[  179.688874][ T5228] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  179.699499][ T5228] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  179.713583][ T5228] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  179.727009][ T5228] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  179.749386][ T5228] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  179.762232][ T5228] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  180.034882][T10130] lo speed is unknown, defaulting to 1000
[  180.237383][ T5239] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  180.278371][ T5239] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  180.287015][ T5239] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  180.296466][ T5239] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  180.306447][ T5239] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  180.316771][ T5239] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  180.426978][T10130] chnl_net:caif_netlink_parms(): no params data found
[  180.465553][T10151] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1361'.
[  180.568605][T10151] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1361'.
[  180.641996][T10142] lo speed is unknown, defaulting to 1000
[  180.699833][ T5228] block nbd14: Receive control failed (result -107)
[  180.736196][T10130] bridge0: port 1(bridge_slave_0) entered blocking state
[  180.741599][T10151] nbd14: detected capacity change from 0 to 256
[  180.744386][T10130] bridge0: port 1(bridge_slave_0) entered disabled state
[  180.760666][T10130] bridge_slave_0: entered allmulticast mode
[  180.768587][T10130] bridge_slave_0: entered promiscuous mode
[  180.815562][T10130] bridge0: port 2(bridge_slave_1) entered blocking state
[  180.844009][T10130] bridge0: port 2(bridge_slave_1) entered disabled state
[  180.856694][T10130] bridge_slave_1: entered allmulticast mode
[  180.869216][T10130] bridge_slave_1: entered promiscuous mode
[  181.020532][T10130] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  181.057260][T10130] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  181.222294][T10130] team0: Port device team_slave_0 added
[  181.254417][T10130] team0: Port device team_slave_1 added
[  181.399700][ T5228] Bluetooth: hci3: command 0x0406 tx timeout
[  181.400594][ T5239] Bluetooth: hci1: command 0x0406 tx timeout
[  181.501815][T10130] batman_adv: batadv0: Adding interface: batadv_slave_0
[  181.526578][T10130] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  181.557309][T10130] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  181.571665][T10130] batman_adv: batadv0: Adding interface: batadv_slave_1
[  181.579755][T10130] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  181.609497][T10130] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  181.763161][T10130] hsr_slave_0: entered promiscuous mode
[  181.782610][T10130] hsr_slave_1: entered promiscuous mode
[  181.788580][ T5240] Bluetooth: hci0: command tx timeout
[  181.809251][T10130] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  181.824780][T10130] Cannot create hsr debugfs directory
[  181.835958][T10142] chnl_net:caif_netlink_parms(): no params data found
[  182.175743][T10197] Bluetooth: MGMT ver 1.23
[  182.187972][T10197] Bluetooth: hci3: invalid len left 7, exp >= 255
[  182.348549][ T5240] Bluetooth: hci4: command tx timeout
[  182.384787][T10142] bridge0: port 1(bridge_slave_0) entered blocking state
[  182.425100][T10142] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.466548][T10142] bridge_slave_0: entered allmulticast mode
[  182.507063][T10142] bridge_slave_0: entered promiscuous mode
[  182.532487][T10142] bridge0: port 2(bridge_slave_1) entered blocking state
[  182.558491][T10142] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.578721][T10142] bridge_slave_1: entered allmulticast mode
[  182.586608][T10142] bridge_slave_1: entered promiscuous mode
[  182.646529][T10214] FAULT_INJECTION: forcing a failure.
[  182.646529][T10214] name failslab, interval 1, probability 0, space 0, times 0
[  182.685690][T10214] CPU: 0 UID: 0 PID: 10214 Comm: syz.2.1376 Not tainted 6.11.0-rc1-syzkaller-00266-g45160cebd6ac #0
[  182.698775][T10214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  182.708859][T10214] Call Trace:
[  182.712164][T10214]  <TASK>
[  182.715128][T10214]  dump_stack_lvl+0x241/0x360
[  182.719844][T10214]  ? __pfx_dump_stack_lvl+0x10/0x10
[  182.725059][T10214]  ? __pfx__printk+0x10/0x10
[  182.729675][T10214]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  182.735683][T10214]  ? __pfx___might_resched+0x10/0x10
[  182.741011][T10214]  should_fail_ex+0x3b0/0x4e0
[  182.745718][T10214]  should_failslab+0xac/0x100
[  182.750418][T10214]  ? __alloc_skb+0x1c3/0x440
[  182.755040][T10214]  kmem_cache_alloc_node_noprof+0x71/0x320
[  182.760876][T10214]  ? genl_rcv_msg+0x88c/0xec0
[  182.765658][T10214]  __alloc_skb+0x1c3/0x440
[  182.770092][T10214]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.776200][T10214]  ? __pfx___alloc_skb+0x10/0x10
[  182.781172][T10214]  netlink_dump+0x2cd/0xd80
[  182.785725][T10214]  ? __pfx_netlink_dump+0x10/0x10
[  182.790811][T10214]  ? __asan_memset+0x23/0x50
[  182.795427][T10214]  ? genl_start+0x4a8/0x6d0
[  182.799959][T10214]  __netlink_dump_start+0x59f/0x780
[  182.805186][T10214]  genl_rcv_msg+0x88c/0xec0
[  182.809707][T10214]  ? mark_lock+0x9a/0x350
[  182.814076][T10214]  ? __pfx_genl_rcv_msg+0x10/0x10
[  182.819541][T10214]  ? __pfx_genl_start+0x10/0x10
[  182.824679][T10214]  ? __pfx_genl_dumpit+0x10/0x10
[  182.829644][T10214]  ? __pfx_genl_done+0x10/0x10
[  182.834441][T10214]  ? __pfx_lock_acquire+0x10/0x10
[  182.839488][T10214]  ? __pfx_fou_nl_get_dumpit+0x10/0x10
[  182.845152][T10214]  ? __pfx___might_resched+0x10/0x10
[  182.850481][T10214]  netlink_rcv_skb+0x1e3/0x430
[  182.855285][T10214]  ? __pfx_genl_rcv_msg+0x10/0x10
[  182.860331][T10214]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  182.865669][T10214]  ? __netlink_deliver_tap+0x77e/0x7c0
[  182.871182][T10214]  genl_rcv+0x28/0x40
[  182.875182][T10214]  netlink_unicast+0x7f0/0x990
[  182.880066][T10214]  ? __pfx_netlink_unicast+0x10/0x10
[  182.885546][T10214]  ? __virt_addr_valid+0x183/0x530
[  182.890680][T10214]  ? __check_object_size+0x49c/0x900
[  182.896267][T10214]  ? bpf_lsm_netlink_send+0x9/0x10
[  182.901845][T10214]  netlink_sendmsg+0x8e4/0xcb0
[  182.906647][T10214]  ? __pfx_netlink_sendmsg+0x10/0x10
[  182.911960][T10214]  ? __import_iovec+0x536/0x820
[  182.916828][T10214]  ? aa_sock_msg_perm+0x91/0x160
[  182.921789][T10214]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  182.927094][T10214]  ? security_socket_sendmsg+0x87/0xb0
[  182.932582][T10214]  ? __pfx_netlink_sendmsg+0x10/0x10
[  182.937886][T10214]  __sock_sendmsg+0x221/0x270
[  182.942581][T10214]  ____sys_sendmsg+0x525/0x7d0
[  182.947369][T10214]  ? __pfx_____sys_sendmsg+0x10/0x10
[  182.952691][T10214]  __sys_sendmsg+0x2b0/0x3a0
[  182.957299][T10214]  ? __pfx___sys_sendmsg+0x10/0x10
[  182.962424][T10214]  ? vfs_write+0x7c4/0xc90
[  182.966907][T10214]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  182.973342][T10214]  ? do_syscall_64+0x100/0x230
[  182.978130][T10214]  ? do_syscall_64+0xb6/0x230
[  182.982833][T10214]  do_syscall_64+0xf3/0x230
[  182.987354][T10214]  ? clear_bhb_loop+0x35/0x90
[  182.992046][T10214]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.997963][T10214] RIP: 0033:0x7f8bb8d779f9
[  183.002389][T10214] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.022012][T10214] RSP: 002b:00007f8bb9bd1048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  183.030450][T10214] RAX: ffffffffffffffda RBX: 00007f8bb8f05f80 RCX: 00007f8bb8d779f9
[  183.038439][T10214] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  183.046502][T10214] RBP: 00007f8bb9bd10a0 R08: 0000000000000000 R09: 0000000000000000
[  183.054493][T10214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.062478][T10214] R13: 000000000000004d R14: 00007f8bb8f05f80 R15: 00007ffcdb252b88
[  183.071533][T10214]  </TASK>
[  183.162677][T10217] __nla_validate_parse: 3 callbacks suppressed
[  183.162697][T10217] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1377'.
[  183.208784][T10130] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  183.219873][T10130] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.233146][T10217] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1377'.
[  183.258827][T10210] pim6reg1: entered promiscuous mode
[  183.266364][T10210] pim6reg1: entered allmulticast mode
[  183.281075][T10142] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  183.307913][ T5240] block nbd15: Receive control failed (result -107)
[  183.337843][T10217] nbd15: detected capacity change from 0 to 256
[  183.512435][T10130] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  183.526046][T10130] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.549052][T10142] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  183.700607][T10130] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  183.739788][T10130] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.806215][T10223] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  183.842209][T10142] team0: Port device team_slave_0 added
[  183.867663][ T5240] Bluetooth: hci0: command tx timeout
[  183.880408][T10142] team0: Port device team_slave_1 added
[  183.944312][T10130] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  183.956189][T10130] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.974609][T10232] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1382'.
[  184.086174][T10142] batman_adv: batadv0: Adding interface: batadv_slave_0
[  184.099877][T10142] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  184.134529][T10142] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  184.168184][T10142] batman_adv: batadv0: Adding interface: batadv_slave_1
[  184.185389][T10142] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  184.254235][T10142] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  184.437239][ T5240] Bluetooth: hci4: command tx timeout
[  184.446269][T10142] hsr_slave_0: entered promiscuous mode
[  184.461869][T10142] hsr_slave_1: entered promiscuous mode
[  184.479492][T10142] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  184.487117][T10142] Cannot create hsr debugfs directory
[  184.610229][T10130] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  184.641880][T10130] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  184.696627][T10130] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  184.722156][T10130] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  185.183944][T10142] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  185.228221][T10142] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.284979][T10257] pim6reg: entered allmulticast mode
[  185.381686][T10142] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  185.398084][T10142] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.453435][T10257] pim6reg: left allmulticast mode
[  185.590751][T10142] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  185.616267][T10142] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.669906][T10130] 8021q: adding VLAN 0 to HW filter on device bond0
[  185.689806][T10262] netdevsim netdevsim0: Direct firmware load for 
 failed with error -2
[  185.713619][T10262] netdevsim netdevsim0: Falling back to sysfs fallback for: 

[  185.735012][T10130] 8021q: adding VLAN 0 to HW filter on device team0
[  185.821986][T10142] team0: Port device netdevsim0 removed
[  185.842087][T10142] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  185.853489][T10142] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.894592][T10265] lo speed is unknown, defaulting to 1000
[  185.912781][ T5269] bridge0: port 1(bridge_slave_0) entered blocking state
[  185.919985][ T5269] bridge0: port 1(bridge_slave_0) entered forwarding state
[  185.948510][ T5240] Bluetooth: hci0: command tx timeout
[  186.018598][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.025795][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.492787][T10130] 8021q: adding VLAN 0 to HW filter on device batadv0
[  186.508237][ T5240] Bluetooth: hci4: command tx timeout
[  186.573793][T10278] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1392'.
[  186.632177][T10281] FAULT_INJECTION: forcing a failure.
[  186.632177][T10281] name failslab, interval 1, probability 0, space 0, times 0
[  186.650645][T10281] CPU: 1 UID: 0 PID: 10281 Comm: syz.0.1393 Not tainted 6.11.0-rc1-syzkaller-00266-g45160cebd6ac #0
[  186.661466][T10281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  186.671541][T10281] Call Trace:
[  186.674840][T10281]  <TASK>
[  186.677791][T10281]  dump_stack_lvl+0x241/0x360
[  186.682497][T10281]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.689126][T10281]  ? __pfx__printk+0x10/0x10
[  186.693757][T10281]  ? ref_tracker_alloc+0x332/0x490
[  186.698890][T10281]  should_fail_ex+0x3b0/0x4e0
[  186.703590][T10281]  ? skb_clone+0x20c/0x390
[  186.708032][T10281]  should_failslab+0xac/0x100
[  186.712844][T10281]  ? skb_clone+0x20c/0x390
[  186.717284][T10281]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  186.722708][T10281]  skb_clone+0x20c/0x390
[  186.726992][T10281]  __netlink_deliver_tap+0x3cc/0x7c0
[  186.732326][T10281]  ? netlink_deliver_tap+0x2e/0x1b0
[  186.737556][T10281]  netlink_deliver_tap+0x19d/0x1b0
[  186.742704][T10281]  netlink_dump+0x851/0xd80
[  186.747249][T10281]  ? __pfx_netlink_dump+0x10/0x10
[  186.752316][T10281]  ? __asan_memset+0x23/0x50
[  186.756933][T10281]  ? genl_start+0x4a8/0x6d0
[  186.761470][T10281]  __netlink_dump_start+0x59f/0x780
[  186.766715][T10281]  genl_rcv_msg+0x88c/0xec0
[  186.771242][T10281]  ? mark_lock+0x9a/0x350
[  186.775614][T10281]  ? __pfx_genl_rcv_msg+0x10/0x10
[  186.780679][T10281]  ? __pfx_genl_start+0x10/0x10
[  186.785552][T10281]  ? __pfx_genl_dumpit+0x10/0x10
[  186.790508][T10281]  ? __pfx_genl_done+0x10/0x10
[  186.795309][T10281]  ? __pfx_lock_acquire+0x10/0x10
[  186.800362][T10281]  ? __pfx_fou_nl_get_dumpit+0x10/0x10
[  186.805843][T10281]  ? __pfx___might_resched+0x10/0x10
[  186.811161][T10281]  netlink_rcv_skb+0x1e3/0x430
[  186.815956][T10281]  ? __pfx_genl_rcv_msg+0x10/0x10
[  186.821007][T10281]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  186.826335][T10281]  ? __netlink_deliver_tap+0x77e/0x7c0
[  186.831837][T10281]  genl_rcv+0x28/0x40
[  186.835838][T10281]  netlink_unicast+0x7f0/0x990
[  186.840636][T10281]  ? __pfx_netlink_unicast+0x10/0x10
[  186.845959][T10281]  ? __virt_addr_valid+0x183/0x530
[  186.851101][T10281]  ? __check_object_size+0x49c/0x900
[  186.856408][T10281]  ? bpf_lsm_netlink_send+0x9/0x10
[  186.861550][T10281]  netlink_sendmsg+0x8e4/0xcb0
[  186.866341][T10281]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.871669][T10281]  ? __import_iovec+0x536/0x820
[  186.877073][T10281]  ? aa_sock_msg_perm+0x91/0x160
[  186.882055][T10281]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  186.887376][T10281]  ? security_socket_sendmsg+0x87/0xb0
[  186.892876][T10281]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.898190][T10281]  __sock_sendmsg+0x221/0x270
[  186.902991][T10281]  ____sys_sendmsg+0x525/0x7d0
[  186.907794][T10281]  ? __pfx_____sys_sendmsg+0x10/0x10
[  186.913134][T10281]  __sys_sendmsg+0x2b0/0x3a0
[  186.917761][T10281]  ? __pfx___sys_sendmsg+0x10/0x10
[  186.922887][T10281]  ? vfs_write+0x7c4/0xc90
[  186.927367][T10281]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  186.933722][T10281]  ? do_syscall_64+0x100/0x230
[  186.938518][T10281]  ? do_syscall_64+0xb6/0x230
[  186.943225][T10281]  do_syscall_64+0xf3/0x230
[  186.947756][T10281]  ? clear_bhb_loop+0x35/0x90
[  186.952454][T10281]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.958379][T10281] RIP: 0033:0x7f0742b779f9
[  186.962813][T10281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.966509][T10130] veth0_vlan: entered promiscuous mode
[  186.982415][T10281] RSP: 002b:00007f07439eb048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  186.982459][T10281] RAX: ffffffffffffffda RBX: 00007f0742d05f80 RCX: 00007f0742b779f9
[  186.982472][T10281] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  186.982482][T10281] RBP: 00007f07439eb0a0 R08: 0000000000000000 R09: 0000000000000000
[  186.982494][T10281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.982505][T10281] R13: 000000000000000b R14: 00007f0742d05f80 R15: 00007ffd2b4900e8
[  186.982532][T10281]  </TASK>
[  187.002293][T10130] veth1_vlan: entered promiscuous mode
[  187.152176][T10130] veth0_macvtap: entered promiscuous mode
[  187.200729][T10130] veth1_macvtap: entered promiscuous mode
[  187.262984][T10130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  187.275841][T10130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.291477][T10130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  187.302652][T10130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.315937][T10130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  187.338057][T10130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.359151][T10130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  187.376815][T10130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.391714][T10130] batman_adv: batadv0: Interface activated: batadv_slave_0
[  187.435343][T10130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  187.456257][T10130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.467640][T10130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  187.489753][T10130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.513139][T10130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  187.534780][T10309] netlink: 248 bytes leftover after parsing attributes in process `syz.0.1401'.
[  187.539627][T10130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.554930][T10130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  187.566200][T10130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.579812][T10130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  187.590622][T10130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.603577][T10130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  187.614167][T10130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.631497][T10130] batman_adv: batadv0: Interface activated: batadv_slave_1
[  187.644594][T10130] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  187.655581][T10130] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  187.664890][T10130] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  187.673863][T10130] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  188.027952][ T5240] Bluetooth: hci0: command tx timeout
[  188.087123][T10142] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  188.116562][ T9139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  188.132620][ T9139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  188.152838][T10142] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  188.169853][T10142] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  188.219035][T10142] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  188.264333][ T1066] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  188.292216][ T1066] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  188.565691][T10142] 8021q: adding VLAN 0 to HW filter on device bond0
[  188.598402][ T5240] Bluetooth: hci4: command tx timeout
[  188.625242][T10142] 8021q: adding VLAN 0 to HW filter on device team0
[  188.683314][   T47] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.690567][   T47] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.755149][ T5269] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.762460][ T5269] bridge0: port 2(bridge_slave_1) entered forwarding state
[  188.872745][T10334] FAULT_INJECTION: forcing a failure.
[  188.872745][T10334] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  188.932077][T10142] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  188.945840][T10334] CPU: 1 UID: 0 PID: 10334 Comm: syz.0.1406 Not tainted 6.11.0-rc1-syzkaller-00266-g45160cebd6ac #0
[  188.956652][T10334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  188.966730][T10334] Call Trace:
[  188.970033][T10334]  <TASK>
[  188.972980][T10334]  dump_stack_lvl+0x241/0x360
[  188.977689][T10334]  ? __pfx_dump_stack_lvl+0x10/0x10
[  188.982997][T10334]  ? __pfx__printk+0x10/0x10
[  188.987622][T10334]  ? snprintf+0xda/0x120
[  188.991893][T10334]  should_fail_ex+0x3b0/0x4e0
[  188.996605][T10334]  _copy_to_user+0x2f/0xb0
[  189.001049][T10334]  simple_read_from_buffer+0xca/0x150
[  189.006451][T10334]  proc_fail_nth_read+0x1e9/0x250
[  189.011498][T10334]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  189.017060][T10334]  ? rw_verify_area+0x520/0x6b0
[  189.021929][T10334]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  189.027503][T10334]  vfs_read+0x204/0xbc0
[  189.031697][T10334]  ? __pfx_lock_release+0x10/0x10
[  189.036844][T10334]  ? __pfx_vfs_read+0x10/0x10
[  189.041552][T10334]  ? __fget_files+0x29/0x470
[  189.046176][T10334]  ? __fget_files+0x3f6/0x470
[  189.050895][T10334]  ksys_read+0x1a0/0x2c0
[  189.055166][T10334]  ? __pfx_ksys_read+0x10/0x10
[  189.059954][T10334]  ? do_syscall_64+0x100/0x230
[  189.064743][T10334]  ? do_syscall_64+0xb6/0x230
[  189.069453][T10334]  do_syscall_64+0xf3/0x230
[  189.073996][T10334]  ? clear_bhb_loop+0x35/0x90
[  189.078713][T10334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.085684][T10334] RIP: 0033:0x7f0742b7643c
[  189.090160][T10334] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48
[  189.109906][T10334] RSP: 002b:00007f07439eb040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  189.118498][T10334] RAX: ffffffffffffffda RBX: 00007f0742d05f80 RCX: 00007f0742b7643c
[  189.126499][T10334] RDX: 000000000000000f RSI: 00007f07439eb0b0 RDI: 0000000000000004
[  189.134498][T10334] RBP: 00007f07439eb0a0 R08: 0000000000000000 R09: 0000000000000000
[  189.142493][T10334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  189.150579][T10334] R13: 000000000000000b R14: 00007f0742d05f80 R15: 00007ffd2b4900e8
[  189.158594][T10334]  </TASK>
[  189.330608][T10340] FAULT_INJECTION: forcing a failure.
[  189.330608][T10340] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  189.368655][T10340] CPU: 1 UID: 0 PID: 10340 Comm: syz.0.1408 Not tainted 6.11.0-rc1-syzkaller-00266-g45160cebd6ac #0
[  189.379487][T10340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  189.389562][T10340] Call Trace:
[  189.392854][T10340]  <TASK>
[  189.395795][T10340]  dump_stack_lvl+0x241/0x360
[  189.400507][T10340]  ? __pfx_dump_stack_lvl+0x10/0x10
[  189.405728][T10340]  ? __pfx__printk+0x10/0x10
[  189.410341][T10340]  ? __pfx_lock_release+0x10/0x10
[  189.415392][T10340]  should_fail_ex+0x3b0/0x4e0
[  189.420094][T10340]  _copy_to_user+0x2f/0xb0
[  189.424531][T10340]  sctp_getsockopt_ecn_supported+0x44e/0x5e0
[  189.430534][T10340]  ? __pfx_sctp_getsockopt_ecn_supported+0x10/0x10
[  189.437048][T10340]  sctp_getsockopt+0x8fc/0xbb0
[  189.441804][T10340]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  189.447883][T10340]  do_sock_getsockopt+0x373/0x850
[  189.453502][T10340]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  189.459169][T10340]  ? __fget_files+0x3f6/0x470
[  189.463887][T10340]  __sys_getsockopt+0x271/0x330
[  189.468753][T10340]  ? __pfx___sys_getsockopt+0x10/0x10
[  189.474560][T10340]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  189.480894][T10340]  ? do_syscall_64+0x100/0x230
[  189.485673][T10340]  __x64_sys_getsockopt+0xb5/0xd0
[  189.490703][T10340]  do_syscall_64+0xf3/0x230
[  189.495199][T10340]  ? clear_bhb_loop+0x35/0x90
[  189.499869][T10340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.506108][T10340] RIP: 0033:0x7f0742b779f9
[  189.510519][T10340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.530570][T10340] RSP: 002b:00007f07439eb048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  189.539075][T10340] RAX: ffffffffffffffda RBX: 00007f0742d05f80 RCX: 00007f0742b779f9
[  189.547048][T10340] RDX: 0000000000000082 RSI: 0000000000000084 RDI: 0000000000000004
[  189.555109][T10340] RBP: 00007f07439eb0a0 R08: 0000000020000040 R09: 0000000000000000
[  189.563075][T10340] R10: 0000000020000240 R11: 0000000000000246 R12: 0000000000000001
[  189.571040][T10340] R13: 000000000000000b R14: 00007f0742d05f80 R15: 00007ffd2b4900e8
[  189.579037][T10340]  </TASK>
[  189.748942][T10142] 8021q: adding VLAN 0 to HW filter on device batadv0
[  189.886082][T10142] veth0_vlan: entered promiscuous mode
[  189.911812][T10142] veth1_vlan: entered promiscuous mode
[  190.004514][T10142] veth0_macvtap: entered promiscuous mode
[  190.018844][T10357] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1413'.
[  190.027595][T10142] veth1_macvtap: entered promiscuous mode
[  190.090862][T10142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.114799][T10142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.136561][T10142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.148877][T10142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.167009][T10142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.189352][T10142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.218554][T10142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.240196][T10142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.260022][T10142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.283364][T10142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.301787][T10142] batman_adv: batadv0: Interface activated: batadv_slave_0
[  190.309547][T10357] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1413'.
[  190.330876][T10142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.341680][T10142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.355446][T10142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.366193][T10142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.376408][T10142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.387186][T10142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.397776][T10142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.414546][T10142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.424683][T10142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.435529][T10142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.446109][T10142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.456916][T10142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.468061][T10142] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.479124][T10142] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.491155][T10142] batman_adv: batadv0: Interface activated: batadv_slave_1
[  190.501096][ T5240] block nbd16: Receive control failed (result -107)
[  190.530127][T10142] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.539322][T10357] nbd16: detected capacity change from 0 to 256
[  190.546469][T10142] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.575628][T10142] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.595858][T10142] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  190.708317][ T9133] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.971521][ T9139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  190.998269][ T9139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  191.118450][ T9145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  191.151369][ T9145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  191.210383][T10368] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1415'.
[  191.264445][T10368] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1415'.
[  191.320766][T10368] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1415'.
[  191.450254][T10373] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  191.478581][T10373] macvlan2: entered promiscuous mode
[  191.509581][T10373] mac80211_hwsim hwsim2 wlan0: left promiscuous mode
[  191.618979][ T5235] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  191.648580][ T5235] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  191.659873][ T9133] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.678325][ T5235] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  191.689646][ T5235] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  191.700799][ T5235] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  191.716284][ T5235] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  191.920396][ T9133] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.972116][T10389] netlink: 'syz.1.1418': attribute type 4 has an invalid length.
[  191.992046][T10389] netlink: 'syz.1.1418': attribute type 4 has an invalid length.
[  192.025311][T10379] lo speed is unknown, defaulting to 1000
[  192.085299][ T9133] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.213593][T10396] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1421'.
[  192.449796][ T9133] bridge_slave_1: left allmulticast mode
[  192.462746][ T9133] bridge_slave_1: left promiscuous mode
[  192.478720][ T9133] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.509610][ T9133] bridge_slave_0: left allmulticast mode
[  192.517527][ T9133] bridge_slave_0: left promiscuous mode
[  192.534040][ T9133] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.245272][ T9133] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  193.259546][ T9133] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  193.273448][ T9133] bond0 (unregistering): Released all slaves
[  193.584008][T10379] chnl_net:caif_netlink_parms(): no params data found
[  193.801194][ T5240] Bluetooth: hci0: command tx timeout
[  194.293977][T10379] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.356683][T10379] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.398158][T10379] bridge_slave_0: entered allmulticast mode
[  194.405524][T10379] bridge_slave_0: entered promiscuous mode
[  194.511622][T10379] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.547687][T10379] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.617770][T10379] bridge_slave_1: entered allmulticast mode
[  194.648676][T10379] bridge_slave_1: entered promiscuous mode
[  194.680164][ T1271] ieee802154 phy0 wpan0: encryption failed: -22
[  194.833224][ T9133] hsr_slave_0: left promiscuous mode
[  194.834481][ T5235] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  194.853613][ T5235] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  194.862897][ T5235] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  194.872101][ T9133] hsr_slave_1: left promiscuous mode
[  194.884791][ T5235] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  194.893762][ T5235] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  194.902614][ T5235] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  194.916357][ T9133] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  194.950011][ T9133] batman_adv: batadv0: Removing interface: batadv_slave_0
[  194.962401][ T9133] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  194.972764][ T9133] batman_adv: batadv0: Removing interface: batadv_slave_1
[  195.034254][ T9133] veth1_macvtap: left promiscuous mode
[  195.046834][ T9133] veth0_macvtap: left promiscuous mode
[  195.059346][ T9133] veth1_vlan: left promiscuous mode
[  195.065137][ T9133] veth0_vlan: left promiscuous mode
[  195.868733][ T5235] Bluetooth: hci0: command tx timeout
[  196.020663][ T9133] team0 (unregistering): Port device team_slave_1 removed
[  196.132476][ T9133] team0 (unregistering): Port device team_slave_0 removed
[  196.988668][ T5235] Bluetooth: hci4: command tx timeout
[  197.085805][T10379] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  197.132210][T10379] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  197.239253][T10492] lo speed is unknown, defaulting to 1000
[  197.273079][T10507] netlink: 'syz.2.1441': attribute type 2 has an invalid length.
[  197.277399][T10379] team0: Port device team_slave_0 added
[  197.303018][T10507] netlink: 'syz.2.1441': attribute type 2 has an invalid length.
[  197.312016][T10379] team0: Port device team_slave_1 added
[  197.329540][T10507] netlink: 'syz.2.1441': attribute type 2 has an invalid length.
[  197.368431][T10507] netlink: 'syz.2.1441': attribute type 1 has an invalid length.
[  197.502489][T10379] batman_adv: batadv0: Adding interface: batadv_slave_0
[  197.512308][T10510] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1442'.
[  197.523868][T10379] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  197.561046][T10379] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  197.586656][T10379] batman_adv: batadv0: Adding interface: batadv_slave_1
[  197.597348][T10379] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  197.652061][T10379] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  197.881060][T10379] hsr_slave_0: entered promiscuous mode
[  197.922686][T10379] hsr_slave_1: entered promiscuous mode
[  197.947804][T10379] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  197.950370][ T5235] Bluetooth: hci0: command tx timeout
[  197.956235][T10379] Cannot create hsr debugfs directory
[  198.207272][T10525] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1447'.
[  198.267279][T10525] Êü�: entered promiscuous mode
[  198.385593][ T9133] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.445964][T10545] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1454'.
[  198.604857][T10548] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1456'.
[  198.680322][ T9133] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.744475][T10492] chnl_net:caif_netlink_parms(): no params data found
[  198.839437][ T9133] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.858331][T10562] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1461'.
[  198.906604][T10561] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1459'.
[  199.051924][ T9133] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.068240][ T5235] Bluetooth: hci4: command tx timeout
[  199.086320][T10572] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1462'.
[  199.390703][T10492] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.422507][T10492] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.435979][T10492] bridge_slave_0: entered allmulticast mode
[  199.444381][T10492] bridge_slave_0: entered promiscuous mode
[  199.499181][T10492] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.506595][T10492] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.515923][T10492] bridge_slave_1: entered allmulticast mode
[  199.529019][T10492] bridge_slave_1: entered promiscuous mode
[  199.542787][T10588] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1468'.
[  199.666798][T10492] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  199.714548][T10492] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  199.730283][T10597] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1472'.
[  199.774651][ T9133] bridge_slave_1: left allmulticast mode
[  199.781384][ T9133] bridge_slave_1: left promiscuous mode
[  199.816549][ T9133] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.869489][ T9133] bridge_slave_0: left allmulticast mode
[  199.875285][ T9133] bridge_slave_0: left promiscuous mode
[  199.891731][ T9133] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.029302][ T5235] Bluetooth: hci0: command tx timeout
[  200.231187][T10604] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1474'.
[  200.416289][ T5235] block nbd17: Receive control failed (result -107)
[  200.469644][T10604] nbd17: detected capacity change from 0 to 256
[  200.734590][ T9133] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  200.752012][ T9133] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  200.764742][ T9133] bond0 (unregistering): Released all slaves
[  200.806544][T10492] team0: Port device team_slave_0 added
[  200.846217][T10492] team0: Port device team_slave_1 added
[  200.931323][T10612] xt_bpf: check failed: parse error
[  201.066324][T10492] batman_adv: batadv0: Adding interface: batadv_slave_0
[  201.087650][T10492] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.140544][T10492] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  201.148260][ T5235] Bluetooth: hci4: command tx timeout
[  201.157747][T10492] batman_adv: batadv0: Adding interface: batadv_slave_1
[  201.164909][T10492] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.214231][T10492] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  201.288844][T10622] 0ªX¹¦Dö»: renamed from gretap0 (while UP)
[  201.312198][T10622] 0ªX¹¦Dö»: entered allmulticast mode
[  201.401245][T10379] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  201.426402][T10379] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  201.514145][T10492] hsr_slave_0: entered promiscuous mode
[  201.535162][T10492] hsr_slave_1: entered promiscuous mode
[  201.564483][T10492] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  201.572755][T10492] Cannot create hsr debugfs directory
[  201.634190][T10379] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  201.725759][T10379] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  201.842167][ T9133] hsr_slave_0: left promiscuous mode
[  201.889944][ T9133] hsr_slave_1: left promiscuous mode
[  201.912411][ T9133] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  201.920848][ T9133] batman_adv: batadv0: Removing interface: batadv_slave_0
[  201.930557][ T9133] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  201.938470][ T9133] batman_adv: batadv0: Removing interface: batadv_slave_1
[  201.961920][ T9133] veth1_macvtap: left promiscuous mode
[  201.967621][ T9133] veth0_macvtap: left promiscuous mode
[  201.973445][ T9133] veth1_vlan: left promiscuous mode
[  201.979076][ T9133] veth0_vlan: left promiscuous mode
[  202.575435][ T9133] team0 (unregistering): Port device team_slave_1 removed
[  202.659140][ T9133] team0 (unregistering): Port device team_slave_0 removed
[  203.115516][T10644] netlink: 'syz.0.1486': attribute type 21 has an invalid length.
[  203.147914][T10654] netlink: 'syz.1.1488': attribute type 5 has an invalid length.
[  203.164847][T10657] __nla_validate_parse: 5 callbacks suppressed
[  203.164867][T10657] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1486'.
[  203.228504][ T5235] Bluetooth: hci4: command tx timeout
[  203.230820][T10658] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1486'.
[  203.390449][T10670] syz.2.1490[10670] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  203.390701][T10670] syz.2.1490[10670] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  203.488915][T10663] netlink: 'syz.2.1490': attribute type 2 has an invalid length.
[  203.673278][T10674] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1494'.
[  203.815562][T10379] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.925534][T10379] 8021q: adding VLAN 0 to HW filter on device team0
[  204.000633][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.007853][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  204.070633][T10686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  204.099003][T10686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.109954][T10686] dummy0: entered promiscuous mode
[  204.116271][T10686] batadv0: entered promiscuous mode
[  204.136581][T10687] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1498'.
[  204.151202][T10687] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1498'.
[  204.216074][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.223314][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  204.334302][T10691] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1499'.
[  204.374961][T10691] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1499'.
[  204.422600][T10492] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  204.462739][T10492] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  204.490132][T10492] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  204.510610][T10492] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  204.533516][T10701] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1502'.
[  204.603225][T10379] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  204.823538][T10492] 8021q: adding VLAN 0 to HW filter on device bond0
[  204.882538][T10492] 8021q: adding VLAN 0 to HW filter on device team0
[  204.927380][ T5269] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.934648][ T5269] bridge0: port 1(bridge_slave_0) entered forwarding state
[  204.956943][T10719] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1506'.
[  204.993662][ T5316] bridge0: port 2(bridge_slave_1) entered blocking state
[  205.000903][ T5316] bridge0: port 2(bridge_slave_1) entered forwarding state
[  205.044075][T10721] netlink: 248 bytes leftover after parsing attributes in process `syz.2.1508'.
[  205.130301][T10379] 8021q: adding VLAN 0 to HW filter on device batadv0
[  205.450274][T10735] netlink: 'syz.2.1510': attribute type 1 has an invalid length.
[  205.792490][T10492] 8021q: adding VLAN 0 to HW filter on device batadv0
[  205.804678][T10379] veth0_vlan: entered promiscuous mode
[  205.843819][T10379] veth1_vlan: entered promiscuous mode
[  206.000737][T10379] veth0_macvtap: entered promiscuous mode
[  206.062442][T10379] veth1_macvtap: entered promiscuous mode
[  206.084197][T10492] veth0_vlan: entered promiscuous mode
[  206.144913][T10492] veth1_vlan: entered promiscuous mode
[  206.181067][T10379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.206193][T10379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.230145][T10763] netlink: 'syz.1.1518': attribute type 2 has an invalid length.
[  206.239500][T10379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.250748][T10763] netlink: 'syz.1.1518': attribute type 2 has an invalid length.
[  206.259270][T10379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.272899][T10763] netlink: 'syz.1.1518': attribute type 2 has an invalid length.
[  206.281601][T10379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.295102][T10763] netlink: 'syz.1.1518': attribute type 1 has an invalid length.
[  206.303909][T10379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.317112][T10379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.336796][T10379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.357239][T10379] batman_adv: batadv0: Interface activated: batadv_slave_0
[  206.373488][T10379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.385806][T10379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.396968][T10379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.416856][T10379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.427062][T10379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.438232][T10379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.448500][T10379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.461175][T10379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.472259][T10379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.484596][T10379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.495079][T10379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.506250][T10379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.519431][T10379] batman_adv: batadv0: Interface activated: batadv_slave_1
[  206.538955][T10768] netdevsim netdevsim1: Direct firmware load for 
 failed with error -2
[  206.550915][T10768] netdevsim netdevsim1: Falling back to sysfs fallback for: 

[  206.554552][T10379] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  206.575753][T10379] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  206.584930][T10379] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  206.605735][T10379] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  206.743682][T10492] veth0_macvtap: entered promiscuous mode
[  206.772430][T10492] veth1_macvtap: entered promiscuous mode
[  206.795745][ T9112] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  206.817622][ T9112] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  206.840326][T10492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.854809][T10492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.866105][T10492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.878121][T10492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.888529][T10492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.901278][T10492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.911690][T10492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.922930][T10492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.933663][T10492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.944844][T10492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.957119][T10492] batman_adv: batadv0: Interface activated: batadv_slave_0
[  207.010104][T10492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  207.030970][T10492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.042378][T10492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  207.053386][T10492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.063605][T10492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  207.075547][T10492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.086664][T10492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  207.097913][T10492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.112616][T10492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  207.138829][T10492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.170168][T10492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  207.195469][T10492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.211595][T10492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  207.222877][T10492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.236825][T10492] batman_adv: batadv0: Interface activated: batadv_slave_1
[  207.285519][ T9112] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  207.310057][T10492] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  207.328123][ T9112] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  207.338913][T10492] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  207.350133][T10492] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  207.359448][T10492] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  207.728662][ T9112] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  207.736780][ T9112] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  207.876992][T10811] syz.2.1534: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[  207.898390][T10811] CPU: 1 UID: 0 PID: 10811 Comm: syz.2.1534 Not tainted 6.11.0-rc1-syzkaller-00266-g45160cebd6ac #0
[  207.909212][T10811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  207.917312][T10806] bond1: entered promiscuous mode
[  207.919354][T10811] Call Trace:
[  207.919423][T10811]  <TASK>
[  207.919433][T10811]  dump_stack_lvl+0x241/0x360
[  207.935394][T10811]  ? __pfx_dump_stack_lvl+0x10/0x10
[  207.940638][T10811]  ? __pfx__printk+0x10/0x10
[  207.945268][T10811]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  207.951719][T10811]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  207.958264][T10811]  warn_alloc+0x278/0x410
[  207.962624][T10811]  ? stack_depot_save_flags+0x29/0x830
[  207.968109][T10811]  ? __vmalloc_node_range_noprof+0x10b/0x1460
[  207.974200][T10811]  ? __pfx_warn_alloc+0x10/0x10
[  207.979088][T10811]  ? kasan_save_track+0x3f/0x80
[  207.983965][T10811]  ? __kasan_kmalloc+0x98/0xb0
[  207.988758][T10811]  ? xsk_setsockopt+0x4ea/0x950
[  207.993632][T10811]  ? do_sock_setsockopt+0x3af/0x720
[  207.998866][T10811]  ? __sys_setsockopt+0x1ae/0x250
[  208.003924][T10811]  ? __x64_sys_setsockopt+0xb5/0xd0
[  208.009142][T10811]  ? do_syscall_64+0xf3/0x230
[  208.013830][T10811]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.019907][T10811]  __vmalloc_node_range_noprof+0x130/0x1460
[  208.025816][T10811]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  208.032174][T10811]  ? __kasan_kmalloc+0x98/0xb0
[  208.036936][T10811]  ? xskq_create+0x54/0x170
[  208.041434][T10811]  vmalloc_user_noprof+0x74/0x80
[  208.046363][T10811]  ? xskq_create+0xb6/0x170
[  208.050859][T10811]  xskq_create+0xb6/0x170
[  208.055181][T10811]  xsk_init_queue+0xa1/0x100
[  208.059767][T10811]  xsk_setsockopt+0x4ea/0x950
[  208.064440][T10811]  ? __pfx_xsk_setsockopt+0x10/0x10
[  208.071025][T10811]  ? __pfx_lock_acquire+0x10/0x10
[  208.076133][T10811]  ? aa_sock_opt_perm+0x79/0x120
[  208.081065][T10811]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  208.086610][T10811]  ? security_socket_setsockopt+0x87/0xb0
[  208.092327][T10811]  ? __pfx_xsk_setsockopt+0x10/0x10
[  208.097516][T10811]  do_sock_setsockopt+0x3af/0x720
[  208.102542][T10811]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  208.108090][T10811]  ? __fget_files+0x29/0x470
[  208.112677][T10811]  ? __fget_files+0x3f6/0x470
[  208.117364][T10811]  __sys_setsockopt+0x1ae/0x250
[  208.122217][T10811]  __x64_sys_setsockopt+0xb5/0xd0
[  208.127239][T10811]  do_syscall_64+0xf3/0x230
[  208.131738][T10811]  ? clear_bhb_loop+0x35/0x90
[  208.136411][T10811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.142322][T10811] RIP: 0033:0x7f8bb8d779f9
[  208.146743][T10811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.166355][T10811] RSP: 002b:00007f8bb9bd1048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  208.174765][T10811] RAX: ffffffffffffffda RBX: 00007f8bb8f05f80 RCX: 00007f8bb8d779f9
[  208.182726][T10811] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000006
[  208.190770][T10811] RBP: 00007f8bb8de58ee R08: 0000000000000004 R09: 0000000000000000
[  208.198906][T10811] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000000
[  208.206866][T10811] R13: 000000000000004d R14: 00007f8bb8f05f80 R15: 00007ffcdb252b88
[  208.214846][T10811]  </TASK>
[  208.226514][T10811] Mem-Info:
[  208.230338][T10811] active_anon:6614 inactive_anon:0 isolated_anon:0
[  208.230338][T10811]  active_file:1678 inactive_file:38206 isolated_file:0
[  208.230338][T10811]  unevictable:768 dirty:147 writeback:0
[  208.230338][T10811]  slab_reclaimable:9673 slab_unreclaimable:107041
[  208.230338][T10811]  mapped:21214 shmem:1227 pagetables:694
[  208.230338][T10811]  sec_pagetables:0 bounce:0
[  208.230338][T10811]  kernel_misc_reclaimable:0
[  208.230338][T10811]  free:1368970 free_pcp:927 free_cma:0
[  208.251145][ T9133] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  208.279072][T10811] Node 0 active_anon:26476kB inactive_anon:0kB active_file:6712kB inactive_file:152760kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:84828kB dirty:592kB writeback:0kB shmem:3372kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11872kB pagetables:2820kB sec_pagetables:0kB all_unreclaimable? no
[  208.311068][ T9133] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  208.318334][T10811] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:64kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  208.373128][T10811] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  208.401419][T10811] lowmem_reserve[]: 0 2561 2562 0 0
[  208.406704][T10811] Node 0 DMA32 free:1515604kB boost:0kB min:35020kB low:43772kB high:52524kB reserved_highatomic:0KB active_anon:26284kB inactive_anon:0kB active_file:6712kB inactive_file:151436kB unevictable:1536kB writepending:592kB present:3129332kB managed:2651252kB mlocked:0kB bounce:0kB free_pcp:1200kB local_pcp:96kB free_cma:0kB
[  208.459740][T10811] lowmem_reserve[]: 0 0 1 0 0
[  208.472779][T10811] Node 0 Normal free:4kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1328kB unevictable:0kB writepending:4kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  208.502227][T10811] lowmem_reserve[]: 0 0 0 0 0
[  208.538973][T10820] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT
[  208.539089][T10811] Node 1 Normal free:3944608kB boost:0kB min:54864kB low:68580kB high:82296kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:64kB unevictable:1536kB writepending:0kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:2512kB local_pcp:0kB free_cma:0kB
[  208.581932][T10822] __nla_validate_parse: 3 callbacks suppressed
[  208.581952][T10822] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1536'.
[  208.614694][T10811] lowmem_reserve[]: 0 0 0 0 0
[  208.625148][T10811] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  208.639512][T10811] Node 0 DMA32: 101*4kB (UME) 110*8kB (UME) 88*16kB (UME) 57*32kB (UME) 70*64kB (UME) 43*128kB (UME) 16*256kB (UM) 16*512kB (UME) 8*1024kB (UME) 3*2048kB (UM) 360*4096kB (UM) = 1515684kB
[  208.660724][T10811] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  208.675415][T10811] Node 1 Normal: 1*4kB (U) 6*8kB (U) 6*16kB (U) 4*32kB (U) 1*64kB (M) 1*128kB (U) 1*256kB (M) 1*512kB (M) 5*1024kB (U) 3*2048kB (U) 960*4096kB (M) = 3944660kB
[  208.730194][T10811] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  208.752167][T10811] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  208.770611][T10811] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  208.782689][T10811] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  208.794319][T10811] 41112 total pagecache pages
[  208.807873][T10811] 0 pages in swap cache
[  208.820428][T10811] Free swap  = 124996kB
[  208.861023][T10811] Total swap = 124996kB
[  208.865239][T10811] 2097051 pages RAM
[  208.909757][T10811] 0 pages HighMem/MovableOnly
[  208.933361][T10811] 402772 pages reserved
[  208.962131][ T9112] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.976782][T10811] 0 pages cma reserved
[  209.019525][T10826] netdevsim netdevsim1: Direct firmware load for 
 failed with error -2
[  209.051966][T10826] netdevsim netdevsim1: Falling back to sysfs fallback for: 

[  209.114357][T10831] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1538'.
[  209.139572][T10831] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1538'.
[  209.149432][T10831] netlink: 'syz.0.1538': attribute type 4 has an invalid length.
[  209.386996][ T5240] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  209.402622][ T5240] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  209.412231][ T5240] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  209.421432][ T5240] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  209.432833][ T5240] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  209.441058][ T5240] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  209.494470][T10840] lo speed is unknown, defaulting to 1000
[  209.692411][ T9112] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.835424][ T9112] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.871889][T10840] chnl_net:caif_netlink_parms(): no params data found
[  209.924069][ T9112] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.095722][T10840] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.113202][T10840] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.121220][T10840] bridge_slave_0: entered allmulticast mode
[  210.129564][T10840] bridge_slave_0: entered promiscuous mode
[  210.147139][T10840] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.162021][T10840] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.186632][T10840] bridge_slave_1: entered allmulticast mode
[  210.218534][T10840] bridge_slave_1: entered promiscuous mode
[  210.294003][T10862] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1546'.
[  210.321546][T10860] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1545'.
[  210.419908][T10840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  210.454705][ T9112] bridge_slave_1: left allmulticast mode
[  210.461521][ T9112] bridge_slave_1: left promiscuous mode
[  210.472790][ T9112] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.490465][ T9112] bridge_slave_0: left allmulticast mode
[  210.504876][ T9112] bridge_slave_0: left promiscuous mode
[  210.516608][ T9112] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.642743][T10877] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1549'.
[  210.685724][T10878] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1550'.
[  211.357299][ T5240] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  211.368786][ T5240] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  211.376388][ T9112] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  211.378507][ T5240] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  211.396690][ T5240] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  211.407256][ T5240] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  211.417443][ T5240] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  211.418413][ T9112] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  211.449610][ T9112] bond0 (unregistering): Released all slaves
[  211.469401][ T5235] Bluetooth: hci0: command tx timeout
[  211.480363][T10840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  211.505848][T10878] Êü�: entered promiscuous mode
[  211.705496][T10888] netdevsim netdevsim2: Direct firmware load for 
 failed with error -2
[  211.713904][T10840] team0: Port device team_slave_0 added
[  211.717104][T10840] team0: Port device team_slave_1 added
[  211.740614][T10888] netdevsim netdevsim2: Falling back to sysfs fallback for: 

[  211.750354][T10882] lo speed is unknown, defaulting to 1000
[  211.895423][T10840] batman_adv: batadv0: Adding interface: batadv_slave_0
[  211.918831][T10840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.960065][T10840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  211.980162][T10840] batman_adv: batadv0: Adding interface: batadv_slave_1
[  211.987149][T10840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.014268][T10840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  212.096115][ T9112] hsr_slave_0: left promiscuous mode
[  212.103224][ T9112] hsr_slave_1: left promiscuous mode
[  212.113575][ T9112] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  212.124463][ T9112] batman_adv: batadv0: Removing interface: batadv_slave_0
[  212.136153][ T9112] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  212.144844][ T9112] batman_adv: batadv0: Removing interface: batadv_slave_1
[  212.175782][ T9112] veth1_macvtap: left promiscuous mode
[  212.182157][ T9112] veth0_macvtap: left promiscuous mode
[  212.188966][ T9112] veth1_vlan: left promiscuous mode
[  212.194437][ T9112] veth0_vlan: left promiscuous mode
[  212.314436][T10905] Bluetooth: MGMT ver 1.23
[  212.854610][T10918] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1561'.
[  213.204946][ T9112] team0 (unregistering): Port device team_slave_1 removed
[  213.266266][ T9112] team0 (unregistering): Port device team_slave_0 removed
[  213.475653][ T5235] Bluetooth: hci4: command tx timeout
[  213.552582][ T5235] Bluetooth: hci0: command tx timeout
[  213.823165][T10922] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1562'.
[  213.964194][T10840] hsr_slave_0: entered promiscuous mode
[  213.996289][T10840] hsr_slave_1: entered promiscuous mode
[  214.010277][T10840] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  214.024866][T10840] Cannot create hsr debugfs directory
[  214.126229][T10932] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1564'.
[  214.418524][T10950] TCP: TCP_TX_DELAY enabled
[  214.470079][T10950] netlink: 'syz.2.1568': attribute type 1 has an invalid length.
[  214.486052][T10950] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1568'.
[  214.524304][T10882] chnl_net:caif_netlink_parms(): no params data found
[  214.965026][ T9112] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.016732][T10968] Cannot find set identified by id 0 to match
[  215.077264][ T9112] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.097291][T10882] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.116460][T10882] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.129208][T10882] bridge_slave_0: entered allmulticast mode
[  215.136032][T10882] bridge_slave_0: entered promiscuous mode
[  215.149405][T10882] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.156684][T10882] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.177196][T10882] bridge_slave_1: entered allmulticast mode
[  215.189825][T10882] bridge_slave_1: entered promiscuous mode
[  215.320985][ T9112] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.503667][T10882] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  215.562350][ T5235] Bluetooth: hci4: command tx timeout
[  215.618987][ T9112] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.638193][ T5235] Bluetooth: hci0: command tx timeout
[  215.716924][T10882] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  215.911177][T11012] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1583'.
[  216.002773][T11020] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1586'.
[  216.036800][T10882] team0: Port device team_slave_0 added
[  216.067930][T11018] netlink: 165 bytes leftover after parsing attributes in process `syz.2.1586'.
[  216.114034][T11020] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1586'.
[  216.181906][T10882] team0: Port device team_slave_1 added
[  216.332985][T10840] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  216.394412][T10882] batman_adv: batadv0: Adding interface: batadv_slave_0
[  216.403359][T10882] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  216.431227][T10882] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  216.455165][ T9112] bridge_slave_1: left allmulticast mode
[  216.463922][ T9112] bridge_slave_1: left promiscuous mode
[  216.478454][ T9112] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.491225][ T9112] bridge_slave_0: left allmulticast mode
[  216.496921][ T9112] bridge_slave_0: left promiscuous mode
[  216.512677][ T9112] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.926346][ T9112] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  216.949001][ T9112] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  216.960568][ T9112] bond0 (unregistering): Released all slaves
[  216.974612][T10840] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  216.985115][T10882] batman_adv: batadv0: Adding interface: batadv_slave_1
[  216.993725][T10882] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.020506][T10882] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  217.100947][T10840] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  217.146107][T10840] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  217.422924][T10882] hsr_slave_0: entered promiscuous mode
[  217.449767][T10882] hsr_slave_1: entered promiscuous mode
[  217.468270][T10882] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  217.476067][T10882] Cannot create hsr debugfs directory
[  217.514944][T11047] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1592'.
[  217.628191][ T5235] Bluetooth: hci4: command tx timeout
[  217.718542][ T5235] Bluetooth: hci0: command tx timeout
[  217.752155][T11069] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1597'.
[  217.809737][ T9112] hsr_slave_0: left promiscuous mode
[  217.818233][ T9112] hsr_slave_1: left promiscuous mode
[  217.831115][ T9112] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  217.841734][ T9112] batman_adv: batadv0: Removing interface: batadv_slave_0
[  217.856954][ T9112] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  217.866088][ T9112] batman_adv: batadv0: Removing interface: batadv_slave_1
[  217.890519][ T9112] veth1_macvtap: left promiscuous mode
[  217.896065][ T9112] veth0_macvtap: left promiscuous mode
[  217.902875][ T9112] veth1_vlan: left promiscuous mode
[  217.908695][ T9112] veth0_vlan: left promiscuous mode
[  218.505639][ T9112] team0 (unregistering): Port device team_slave_1 removed
[  218.550111][ T9112] team0 (unregistering): Port device team_slave_0 removed
[  219.061365][T11073] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1599'.
[  219.573161][T11097] rdma_rxe: rxe_newlink: failed to add lo
[  219.648885][T10840] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.707741][ T5235] Bluetooth: hci4: command tx timeout
[  219.729963][T11105] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1607'.
[  219.743351][T10840] 8021q: adding VLAN 0 to HW filter on device team0
[  219.824356][ T5289] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.831590][ T5289] bridge0: port 1(bridge_slave_0) entered forwarding state
[  219.948775][ T5289] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.955957][ T5289] bridge0: port 2(bridge_slave_1) entered forwarding state
[  220.132963][T10840] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  220.217303][T10882] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  220.236129][T10882] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  220.278497][T10882] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  220.309296][T10882] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  220.535869][T10882] 8021q: adding VLAN 0 to HW filter on device bond0
[  220.602303][T10882] 8021q: adding VLAN 0 to HW filter on device team0
[  220.625533][ T5269] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.632791][ T5269] bridge0: port 1(bridge_slave_0) entered forwarding state
[  220.707830][T10840] 8021q: adding VLAN 0 to HW filter on device batadv0
[  220.717070][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.725513][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  220.816239][T11137] netlink: 'syz.0.1616': attribute type 10 has an invalid length.
[  221.064508][T11150] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  221.266950][T10882] 8021q: adding VLAN 0 to HW filter on device batadv0
[  221.479352][T10882] veth0_vlan: entered promiscuous mode
[  221.511050][T10882] veth1_vlan: entered promiscuous mode
[  221.596580][T10840] veth0_vlan: entered promiscuous mode
[  221.617299][T10840] veth1_vlan: entered promiscuous mode
[  221.671687][T10882] veth0_macvtap: entered promiscuous mode
[  221.692964][T10882] veth1_macvtap: entered promiscuous mode
[  221.770983][T10882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.798662][T10882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.818130][T10882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.835366][T10882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.846267][T10882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.881818][T10882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.906701][T10882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.925356][T10882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.943149][T10882] batman_adv: batadv0: Interface activated: batadv_slave_0
[  221.962225][T10882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.973570][T10882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.990049][T10882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.001407][T10882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.012137][T10882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.025244][T10882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.041062][T10882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.052271][T10882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.062407][T10882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.073530][T10882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.084754][T10882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.096859][T10882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.112387][T10882] batman_adv: batadv0: Interface activated: batadv_slave_1
[  222.134676][T10840] veth0_macvtap: entered promiscuous mode
[  222.156250][T10882] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  222.168785][T10882] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  222.194270][T10882] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  222.218472][T10882] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  222.250187][T10840] veth1_macvtap: entered promiscuous mode
[  222.286060][T10840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.313102][T10840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.335230][T10840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.346658][T10840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.369276][T10840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.383293][T10840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.394081][T10840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.405315][T10840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.432166][T10840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.455385][T11199] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1630'.
[  222.470657][T10840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.499789][T10840] batman_adv: batadv0: Interface activated: batadv_slave_0
[  222.535462][T10840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.548296][T10840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.558686][T10840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.570161][T10840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.580642][T10840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.592202][T10840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.611511][T10840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.642632][T10840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.656314][T10840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.668704][T10840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.688235][T10840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.714257][T10840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.725229][T10840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.736635][T10840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.760833][T10840] batman_adv: batadv0: Interface activated: batadv_slave_1
[  222.781350][T11206] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1634'.
[  222.806485][T10840] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  222.834704][T10840] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  222.878244][T10840] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  222.886997][T10840] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  223.003928][T11208] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1635'.
[  223.088244][T11218] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1638'.
[  223.134915][T11219] xt_TCPMSS: Only works on TCP SYN packets
[  223.142127][ T9133] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  223.152609][T11218] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1638'.
[  223.161499][ T9133] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  223.219969][ T5235] block nbd18: Receive control failed (result -107)
[  223.277871][T11218] nbd18: detected capacity change from 0 to 256
[  223.426277][T11228] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1641'.
[  223.437108][ T9130] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  223.455687][ T9130] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  223.458180][T11229] netlink: 'syz.2.1640': attribute type 4 has an invalid length.
[  223.544189][ T9121] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  223.583327][ T9121] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  223.818408][ T9133] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  223.826345][ T9133] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  224.152907][T11259] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1647'.
[  224.341237][T11266] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1649'.
[  224.532559][ T9136] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.739724][ T9136] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.945919][ T9136] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.167364][T11279] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1652'.
[  225.179240][ T9136] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.259643][T11277] netlink: 'syz.2.1654': attribute type 4 has an invalid length.
[  225.298213][T11279] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1652'.
[  225.361989][ T9136] bridge_slave_1: left allmulticast mode
[  225.378558][ T9136] bridge_slave_1: left promiscuous mode
[  225.379458][ T5235] block nbd19: Receive control failed (result -107)
[  225.404543][ T9136] bridge0: port 2(bridge_slave_1) entered disabled state
[  225.428028][T11279] nbd19: detected capacity change from 0 to 256
[  225.541284][ T9136] bridge_slave_0: left allmulticast mode
[  225.558528][ T9136] bridge_slave_0: left promiscuous mode
[  225.564325][ T9136] bridge0: port 1(bridge_slave_0) entered disabled state
[  225.646723][ T5240] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  225.661255][ T5240] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  225.671574][ T5240] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  225.681073][ T5240] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  225.705730][ T5240] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  225.716116][ T5240] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  226.124705][ T9136] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  226.142108][ T9136] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  226.155687][ T9136] bond0 (unregistering): Released all slaves
[  226.196977][T11290] lo speed is unknown, defaulting to 1000
[  226.353133][T11299] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1656'.
[  226.514939][T11299] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1656'.
[  226.537197][T11305] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1660'.
[  226.597015][T11307] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1659'.
[  226.832057][ T5240] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  226.849918][ T5240] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  226.872148][ T5240] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  226.893837][ T5240] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  226.904619][ T5240] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  226.913242][ T5240] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  227.058598][T11290] chnl_net:caif_netlink_parms(): no params data found
[  227.074341][T11329] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1666'.
[  227.175322][ T9136] hsr_slave_0: left promiscuous mode
[  227.194617][ T9136] hsr_slave_1: left promiscuous mode
[  227.216615][ T9136] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  227.224410][ T9136] batman_adv: batadv0: Removing interface: batadv_slave_0
[  227.234130][T11329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1666'.
[  227.244563][ T9136] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  227.252272][ T9136] batman_adv: batadv0: Removing interface: batadv_slave_1
[  227.279517][ T5235] block nbd20: Receive control failed (result -107)
[  227.280440][ T9136] veth1_macvtap: left promiscuous mode
[  227.305207][ T9136] veth0_macvtap: left promiscuous mode
[  227.323178][ T9136] veth1_vlan: left promiscuous mode
[  227.331828][T11329] nbd20: detected capacity change from 0 to 256
[  227.331888][ T9136] veth0_vlan: left promiscuous mode
[  227.790180][ T5235] Bluetooth: hci0: command tx timeout
[  227.986601][ T9136] team0 (unregistering): Port device team_slave_1 removed
[  228.033963][ T9136] team0 (unregistering): Port device team_slave_0 removed
[  228.589089][T11342] netlink: 'syz.2.1668': attribute type 4 has an invalid length.
[  228.652931][T11315] lo speed is unknown, defaulting to 1000
[  228.924055][T11290] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.936806][T11290] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.967885][T11290] bridge_slave_0: entered allmulticast mode
[  228.992676][ T5235] Bluetooth: hci4: command tx timeout
[  229.017860][T11290] bridge_slave_0: entered promiscuous mode
[  229.063869][T11290] bridge0: port 2(bridge_slave_1) entered blocking state
[  229.137674][T11290] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.144995][T11290] bridge_slave_1: entered allmulticast mode
[  229.189051][T11290] bridge_slave_1: entered promiscuous mode
[  229.425194][T11290] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  229.491560][T11290] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  229.491835][T11381] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1675'.
[  229.697165][T11383] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1676'.
[  229.699969][T11290] team0: Port device team_slave_0 added
[  229.731424][T11290] team0: Port device team_slave_1 added
[  229.870433][ T5235] Bluetooth: hci0: command tx timeout
[  229.908820][ T9136] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.954948][T11389] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1678'.
[  230.049530][T11389] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1678'.
[  230.075701][ T9136] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.115467][ T5235] block nbd21: Receive control failed (result -107)
[  230.130614][T11290] batman_adv: batadv0: Adding interface: batadv_slave_0
[  230.139262][T11290] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.165822][T11389] nbd21: detected capacity change from 0 to 256
[  230.175726][T11290] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  230.210951][T11290] batman_adv: batadv0: Adding interface: batadv_slave_1
[  230.225448][T11290] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.264194][T11290] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  230.350767][ T9136] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.490505][ T9136] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.575436][T11290] hsr_slave_0: entered promiscuous mode
[  230.608459][T11290] hsr_slave_1: entered promiscuous mode
[  230.615044][T11290] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  230.637799][T11290] Cannot create hsr debugfs directory
[  230.649489][T11315] chnl_net:caif_netlink_parms(): no params data found
[  230.683491][T11401] netlink: 'syz.1.1681': attribute type 4 has an invalid length.
[  230.742049][T11409] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1683'.
[  231.067631][ T5235] Bluetooth: hci4: command tx timeout
[  231.269450][T11315] bridge0: port 1(bridge_slave_0) entered blocking state
[  231.276629][T11315] bridge0: port 1(bridge_slave_0) entered disabled state
[  231.308356][T11315] bridge_slave_0: entered allmulticast mode
[  231.315849][T11315] bridge_slave_0: entered promiscuous mode
[  231.350434][ T9136] bridge_slave_1: left allmulticast mode
[  231.356127][ T9136] bridge_slave_1: left promiscuous mode
[  231.377554][ T9136] bridge0: port 2(bridge_slave_1) entered disabled state
[  231.400432][ T9136] bridge_slave_0: left allmulticast mode
[  231.406127][ T9136] bridge_slave_0: left promiscuous mode
[  231.421879][ T9136] bridge0: port 1(bridge_slave_0) entered disabled state
[  231.957727][ T5235] Bluetooth: hci0: command tx timeout
[  232.191383][ T9136] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  232.225311][ T9136] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  232.251532][ T9136] bond0 (unregistering): Released all slaves
[  232.351015][T11315] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.368693][T11315] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.385756][T11315] bridge_slave_1: entered allmulticast mode
[  232.404969][T11315] bridge_slave_1: entered promiscuous mode
[  232.480220][T11435] ipt_rpfilter: unknown options
[  232.573868][T11438] Cannot find add_set index 0 as target
[  232.826358][T11315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  233.033912][T11315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  233.147807][ T5235] Bluetooth: hci4: command tx timeout
[  233.166441][T11456] FAULT_INJECTION: forcing a failure.
[  233.166441][T11456] name failslab, interval 1, probability 0, space 0, times 0
[  233.255673][T11456] CPU: 0 UID: 0 PID: 11456 Comm: syz.1.1698 Not tainted 6.11.0-rc1-syzkaller-00266-g45160cebd6ac #0
[  233.266844][T11456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  233.276916][T11456] Call Trace:
[  233.280193][T11456]  <TASK>
[  233.283117][T11456]  dump_stack_lvl+0x241/0x360
[  233.287803][T11456]  ? __pfx_dump_stack_lvl+0x10/0x10
[  233.293002][T11456]  ? __pfx__printk+0x10/0x10
[  233.297594][T11456]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  233.303579][T11456]  ? __pfx___might_resched+0x10/0x10
[  233.308867][T11456]  should_fail_ex+0x3b0/0x4e0
[  233.313544][T11456]  should_failslab+0xac/0x100
[  233.318220][T11456]  ? __alloc_skb+0x1c3/0x440
[  233.322803][T11456]  kmem_cache_alloc_node_noprof+0x71/0x320
[  233.328617][T11456]  __alloc_skb+0x1c3/0x440
[  233.333031][T11456]  ? __pfx___alloc_skb+0x10/0x10
[  233.337969][T11456]  ? netlink_autobind+0xd6/0x2f0
[  233.342899][T11456]  ? netlink_autobind+0x2b0/0x2f0
[  233.347920][T11456]  netlink_sendmsg+0x638/0xcb0
[  233.352683][T11456]  ? __pfx_netlink_sendmsg+0x10/0x10
[  233.357961][T11456]  ? __import_iovec+0x536/0x820
[  233.362800][T11456]  ? aa_sock_msg_perm+0x91/0x160
[  233.367727][T11456]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  233.373004][T11456]  ? security_socket_sendmsg+0x87/0xb0
[  233.378459][T11456]  ? __pfx_netlink_sendmsg+0x10/0x10
[  233.383736][T11456]  __sock_sendmsg+0x221/0x270
[  233.388417][T11456]  ____sys_sendmsg+0x525/0x7d0
[  233.393183][T11456]  ? __pfx_____sys_sendmsg+0x10/0x10
[  233.398470][T11456]  __sys_sendmsg+0x2b0/0x3a0
[  233.403050][T11456]  ? __pfx___sys_sendmsg+0x10/0x10
[  233.408146][T11456]  ? vfs_write+0x7c4/0xc90
[  233.412608][T11456]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  233.418960][T11456]  ? do_syscall_64+0x100/0x230
[  233.423747][T11456]  ? do_syscall_64+0xb6/0x230
[  233.428422][T11456]  do_syscall_64+0xf3/0x230
[  233.432959][T11456]  ? clear_bhb_loop+0x35/0x90
[  233.438790][T11456]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.444697][T11456] RIP: 0033:0x7ff6027779f9
[  233.449110][T11456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.468715][T11456] RSP: 002b:00007ff603635048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  233.477123][T11456] RAX: ffffffffffffffda RBX: 00007ff602905f80 RCX: 00007ff6027779f9
[  233.485090][T11456] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000003
[  233.493051][T11456] RBP: 00007ff6036350a0 R08: 0000000000000000 R09: 0000000000000000
[  233.501012][T11456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.508973][T11456] R13: 000000000000004d R14: 00007ff602905f80 R15: 00007ffd090bc978
[  233.516946][T11456]  </TASK>
[  233.595261][ T9136] hsr_slave_0: left promiscuous mode
[  233.609429][ T9136] hsr_slave_1: left promiscuous mode
[  233.669839][ T9136] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  233.688414][ T9136] batman_adv: batadv0: Removing interface: batadv_slave_0
[  233.706847][ T9136] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  233.748675][ T9136] batman_adv: batadv0: Removing interface: batadv_slave_1
[  233.820508][ T9136] veth1_macvtap: left promiscuous mode
[  233.826100][ T9136] veth0_macvtap: left promiscuous mode
[  233.852900][ T9136] veth1_vlan: left promiscuous mode
[  233.874403][ T9136] veth0_vlan: left promiscuous mode
[  234.029983][ T5235] Bluetooth: hci0: command tx timeout
[  234.933986][ T9136] team0 (unregistering): Port device team_slave_1 removed
[  235.040642][ T9136] team0 (unregistering): Port device team_slave_0 removed
[  235.227723][ T5235] Bluetooth: hci4: command tx timeout
[  236.132594][T11473] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1700'.
[  236.195900][T11315] team0: Port device team_slave_0 added
[  236.245313][T11315] team0: Port device team_slave_1 added
[  236.269708][   T30] INFO: task udevd:5282 blocked for more than 143 seconds.
[  236.278628][   T30]       Not tainted 6.11.0-rc1-syzkaller-00266-g45160cebd6ac #0
[  236.286298][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  236.305964][   T30] task:udevd           state:D stack:21632 pid:5282  tgid:5282  ppid:1      flags:0x00004002
[  236.340275][T11478] netlink: 248 bytes leftover after parsing attributes in process `syz.1.1703'.
[  236.355447][   T30] Call Trace:
[  236.368352][   T30]  <TASK>
[  236.371427][   T30]  __schedule+0x1800/0x4a60
[  236.376220][   T30]  ? __pfx___schedule+0x10/0x10
[  236.393861][   T30]  ? __blk_flush_plug+0x449/0x500
[  236.410193][   T30]  ? __pfx_lock_release+0x10/0x10
[  236.425535][   T30]  ? __asan_memset+0x23/0x50
[  236.430880][   T30]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  236.447160][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  236.467751][   T30]  ? schedule+0x90/0x320
[  236.472060][   T30]  schedule+0x14b/0x320
[  236.476231][   T30]  schedule_timeout+0x1be/0x310
[  236.494895][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  236.538381][   T30]  ? __pfx_process_timeout+0x10/0x10
[  236.564731][   T30]  ? prepare_to_wait_event+0x3ba/0x400
[  236.591666][   T30]  nbd_queue_rq+0x7cd/0x2f70
[  236.596465][   T30]  ? validate_chain+0x11e/0x5900
[  236.602467][   T30]  ? validate_chain+0x11e/0x5900
[  236.610372][   T30]  ? __pfx_validate_chain+0x10/0x10
[  236.621366][   T30]  ? validate_chain+0x11e/0x5900
[  236.631026][   T30]  ? __pfx_nbd_queue_rq+0x10/0x10
[  236.636127][   T30]  ? __lock_acquire+0x137a/0x2040
[  236.641876][   T30]  ? __pfx_autoremove_wake_function+0x10/0x10
[  236.648264][   T30]  blk_mq_dispatch_rq_list+0xb89/0x1b30
[  236.653836][   T30]  ? sbitmap_find_bit+0x435/0x4c0
[  236.677710][   T30]  ? sbitmap_get+0x289/0x3f0
[  236.682382][   T30]  ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10
[  236.697554][   T30]  ? __blk_mq_alloc_driver_tag+0x32d/0x730
[  236.703426][   T30]  __blk_mq_sched_dispatch_requests+0xb8a/0x1840
[  236.718421][   T30]  ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10
[  236.725233][   T30]  ? blk_mq_run_hw_queue+0x1d3/0xae0
[  236.731183][   T30]  ? __pfx___might_resched+0x10/0x10
[  236.736508][   T30]  blk_mq_sched_dispatch_requests+0xcb/0x140
[  236.745289][   T30]  ? blk_mq_run_hw_queue+0x54d/0xae0
[  236.753498][   T30]  blk_mq_run_hw_queue+0x576/0xae0
[  236.758847][   T30]  ? blk_mq_run_hw_queue+0x1d3/0xae0
[  236.764160][   T30]  blk_mq_flush_plug_list+0x1115/0x1880
[  236.769925][   T30]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  236.775843][   T30]  ? blk_mq_submit_bio+0x1288/0x22d0
[  236.781582][   T30]  __blk_flush_plug+0x420/0x500
[  236.786468][   T30]  ? __pfx___blk_flush_plug+0x10/0x10
[  236.792618][   T30]  ? timekeeping_get_ns+0x5c/0x420
[  236.798347][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  236.803660][   T30]  __submit_bio+0x422/0x560
[  236.809163][   T30]  ? __pfx___submit_bio+0x10/0x10
[  236.814477][   T30]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[  236.821310][   T30]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  236.828694][   T30]  submit_bio_noacct_nocheck+0x4d3/0xe30
[  236.834454][   T30]  ? bio_associate_blkg_from_css+0x182/0xc70
[  236.841367][   T30]  ? __pfx___might_resched+0x10/0x10
[  236.846773][   T30]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  236.855948][   T30]  block_read_full_folio+0x93b/0xcd0
[  236.862791][   T30]  ? __pfx_blkdev_get_block+0x10/0x10
[  236.871308][   T30]  ? __pfx_block_read_full_folio+0x10/0x10
[  236.877225][   T30]  ? __pfx_lru_add_fn+0x10/0x10
[  236.884947][   T30]  ? folio_add_lru+0x357/0xd70
[  236.902809][   T30]  ? folio_add_lru+0x58f/0xd70
[  236.914719][   T30]  filemap_read_folio+0x1a0/0x790
[  236.920885][   T30]  ? __pfx_blkdev_read_folio+0x10/0x10
[  236.926372][   T30]  ? __pfx_filemap_read_folio+0x10/0x10
[  236.932169][   T30]  ? __filemap_get_folio+0x984/0xc10
[  236.937638][   T30]  do_read_cache_folio+0x134/0x820
[  236.942779][   T30]  ? __pfx_blkdev_read_folio+0x10/0x10
[  236.948415][   T30]  read_part_sector+0xb3/0x330
[  236.953200][   T30]  adfspart_check_ICS+0xd9/0x9a0
[  236.960522][   T30]  ? __pfx_vsnprintf+0x10/0x10
[  236.965322][   T30]  ? __pfx_adfspart_check_ICS+0x10/0x10
[  236.971082][   T30]  ? snprintf+0xda/0x120
[  236.975346][   T30]  ? alloc_pages_mpol_noprof+0x417/0x680
[  236.981129][   T30]  ? vsnprintf+0x1cc3/0x1da0
[  236.985731][   T30]  ? vsnprintf+0x184/0x1da0
[  236.990594][   T30]  ? __pfx_snprintf+0x10/0x10
[  236.995673][   T30]  ? __kasan_kmalloc+0x98/0xb0
[  237.002991][   T30]  bdev_disk_changed+0x72c/0x13d0
[  237.008275][   T30]  ? __pfx_bdev_disk_changed+0x10/0x10
[  237.013758][   T30]  blkdev_get_whole+0x2d2/0x450
[  237.018677][   T30]  bdev_open+0x2d4/0xc60
[  237.022968][   T30]  blkdev_open+0x3e8/0x570
[  237.027396][   T30]  ? __pfx_blkdev_open+0x10/0x10
[  237.032443][   T30]  do_dentry_open+0x970/0x1440
[  237.037210][   T30]  vfs_open+0x3e/0x330
[  237.041359][   T30]  path_openat+0x2b3e/0x3470
[  237.045964][   T30]  ? __pfx_stack_trace_save+0x10/0x10
[  237.051990][   T30]  ? __lock_acquire+0x137a/0x2040
[  237.057041][   T30]  ? __pfx_path_openat+0x10/0x10
[  237.062084][   T30]  do_filp_open+0x235/0x490
[  237.066602][   T30]  ? __pfx_do_filp_open+0x10/0x10
[  237.074111][   T30]  ? _raw_spin_unlock+0x28/0x50
[  237.079079][   T30]  ? alloc_fd+0x5a1/0x640
[  237.083457][   T30]  do_sys_openat2+0x13e/0x1d0
[  237.088379][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  237.093595][   T30]  __x64_sys_openat+0x247/0x2a0
[  237.098837][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[  237.104250][   T30]  ? do_syscall_64+0x100/0x230
[  237.111567][   T30]  ? do_syscall_64+0xb6/0x230
[  237.116272][   T30]  do_syscall_64+0xf3/0x230
[  237.120851][   T30]  ? clear_bhb_loop+0x35/0x90
[  237.125538][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.131638][   T30] RIP: 0033:0x7f37d15169a4
[  237.136059][   T30] RSP: 002b:00007ffd40026490 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  237.144500][   T30] RAX: ffffffffffffffda RBX: 00005577895fde10 RCX: 00007f37d15169a4
[  237.152766][   T30] RDX: 00000000000a0800 RSI: 00005577895dd6b0 RDI: 00000000ffffff9c
[  237.160823][   T30] RBP: 00005577895dd6b0 R08: 0000000000000001 R09: 7fffffffffffffff
[  237.169235][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000000a0800
[  237.177218][   T30] R13: 00005577895e5a90 R14: 0000000000000001 R15: 00005577895dc910
[  237.186283][   T30]  </TASK>
[  237.189871][   T30] INFO: task udevd:5585 blocked for more than 144 seconds.
[  237.197088][   T30]       Not tainted 6.11.0-rc1-syzkaller-00266-g45160cebd6ac #0
[  237.206604][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  237.215615][   T30] task:udevd           state:D stack:22032 pid:5585  tgid:5585  ppid:1      flags:0x00004002
[  237.226168][   T30] Call Trace:
[  237.232093][   T30]  <TASK>
[  237.235320][   T30]  __schedule+0x1800/0x4a60
[  237.240137][   T30]  ? __pfx___schedule+0x10/0x10
[  237.245048][   T30]  ? __blk_flush_plug+0x449/0x500
[  237.250532][   T30]  ? __pfx_lock_release+0x10/0x10
[  237.255660][   T30]  ? __asan_memset+0x23/0x50
[  237.260473][   T30]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  237.266346][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  237.274133][   T30]  ? schedule+0x90/0x320
[  237.278560][   T30]  schedule+0x14b/0x320
[  237.282733][   T30]  schedule_timeout+0x1be/0x310
[  237.290080][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  237.295517][   T30]  ? __pfx_process_timeout+0x10/0x10
[  237.301349][   T30]  ? prepare_to_wait_event+0x3ba/0x400
[  237.306846][   T30]  nbd_queue_rq+0x7cd/0x2f70
[  237.311809][   T30]  ? __pfx_validate_chain+0x10/0x10
[  237.317030][   T30]  ? validate_chain+0x11e/0x5900
[  237.322030][   T30]  ? __pfx_nbd_queue_rq+0x10/0x10
[  237.327067][   T30]  ? __lock_acquire+0x137a/0x2040
[  237.332288][   T30]  ? __pfx_autoremove_wake_function+0x10/0x10
[  237.340885][   T30]  blk_mq_dispatch_rq_list+0xb89/0x1b30
[  237.346460][   T30]  ? sbitmap_find_bit+0x435/0x4c0
[  237.351690][   T30]  ? sbitmap_get+0x289/0x3f0
[  237.356294][   T30]  ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10
[  237.362325][   T30]  ? __blk_mq_alloc_driver_tag+0x32d/0x730
[  237.368300][   T30]  __blk_mq_sched_dispatch_requests+0xb8a/0x1840
[  237.374654][   T30]  ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10
[  237.381456][   T30]  ? blk_mq_run_hw_queue+0x1d3/0xae0
[  237.386815][   T30]  ? __pfx___might_resched+0x10/0x10
[  237.392596][   T30]  blk_mq_sched_dispatch_requests+0xcb/0x140
[  237.401076][   T30]  ? blk_mq_run_hw_queue+0x54d/0xae0
[  237.406597][   T30]  blk_mq_run_hw_queue+0x576/0xae0
[  237.411906][   T30]  ? blk_mq_run_hw_queue+0x1d3/0xae0
[  237.417206][   T30]  blk_mq_flush_plug_list+0x1115/0x1880
[  237.422805][   T30]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  237.428858][   T30]  ? blk_mq_submit_bio+0x1288/0x22d0
[  237.434252][   T30]  __blk_flush_plug+0x420/0x500
[  237.439144][   T30]  ? __pfx___blk_flush_plug+0x10/0x10
[  237.444534][   T30]  ? timekeeping_get_ns+0x5c/0x420
[  237.453219][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  237.458533][   T30]  __submit_bio+0x422/0x560
[  237.463056][   T30]  ? __pfx___submit_bio+0x10/0x10
[  237.468261][   T30]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[  237.474531][   T30]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  237.481227][   T30]  submit_bio_noacct_nocheck+0x4d3/0xe30
[  237.486877][   T30]  ? bio_associate_blkg_from_css+0x182/0xc70
[  237.493044][   T30]  ? __pfx___might_resched+0x10/0x10
[  237.498424][   T30]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  237.504890][   T30]  block_read_full_folio+0x93b/0xcd0
[  237.512757][   T30]  ? __pfx_blkdev_get_block+0x10/0x10
[  237.518226][   T30]  ? __pfx_block_read_full_folio+0x10/0x10
[  237.524490][   T30]  ? __pfx_lru_add_fn+0x10/0x10
[  237.529545][   T30]  ? folio_add_lru+0x357/0xd70
[  237.534322][   T30]  ? folio_add_lru+0x58f/0xd70
[  237.539151][   T30]  filemap_read_folio+0x1a0/0x790
[  237.544189][   T30]  ? __pfx_blkdev_read_folio+0x10/0x10
[  237.556273][   T30]  ? __pfx_filemap_read_folio+0x10/0x10
[  237.563386][   T30]  ? __filemap_get_folio+0x984/0xc10
[  237.571369][   T30]  do_read_cache_folio+0x134/0x820
[  237.576547][   T30]  ? __pfx_blkdev_read_folio+0x10/0x10
[  237.582569][   T30]  read_part_sector+0xb3/0x330
[  237.587358][   T30]  adfspart_check_ICS+0xd9/0x9a0
[  237.592905][   T30]  ? __pfx_vsnprintf+0x10/0x10
[  237.598400][   T30]  ? __pfx_adfspart_check_ICS+0x10/0x10
[  237.603981][   T30]  ? snprintf+0xda/0x120
[  237.608557][   T30]  ? alloc_pages_mpol_noprof+0x417/0x680
[  237.614204][   T30]  ? vsnprintf+0x1cc3/0x1da0
[  237.620469][   T30]  ? vsnprintf+0x184/0x1da0
[  237.624996][   T30]  ? __pfx_snprintf+0x10/0x10
[  237.630271][   T30]  ? __kasan_kmalloc+0x98/0xb0
[  237.635080][   T30]  bdev_disk_changed+0x72c/0x13d0
[  237.640630][   T30]  ? __pfx_bdev_disk_changed+0x10/0x10
[  237.646104][   T30]  blkdev_get_whole+0x2d2/0x450
[  237.651473][   T30]  bdev_open+0x2d4/0xc60
[  237.655758][   T30]  blkdev_open+0x3e8/0x570
[  237.660308][   T30]  ? __pfx_blkdev_open+0x10/0x10
[  237.665265][   T30]  do_dentry_open+0x970/0x1440
[  237.670236][   T30]  vfs_open+0x3e/0x330
[  237.674323][   T30]  path_openat+0x2b3e/0x3470
[  237.681239][   T30]  ? __pfx_stack_trace_save+0x10/0x10
[  237.686646][   T30]  ? __lock_acquire+0x137a/0x2040
[  237.691938][   T30]  ? __pfx_path_openat+0x10/0x10
[  237.697358][   T30]  do_filp_open+0x235/0x490
[  237.701955][   T30]  ? __pfx_do_filp_open+0x10/0x10
[  237.707261][   T30]  ? _raw_spin_unlock+0x28/0x50
[  237.713538][   T30]  ? alloc_fd+0x5a1/0x640
[  237.718023][   T30]  do_sys_openat2+0x13e/0x1d0
[  237.722719][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  237.728159][   T30]  __x64_sys_openat+0x247/0x2a0
[  237.733035][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[  237.740627][   T30]  ? do_syscall_64+0x100/0x230
[  237.745417][   T30]  ? do_syscall_64+0xb6/0x230
[  237.750290][   T30]  do_syscall_64+0xf3/0x230
[  237.754808][   T30]  ? clear_bhb_loop+0x35/0x90
[  237.759554][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.765465][   T30] RIP: 0033:0x7f37d15169a4
[  237.770111][   T30] RSP: 002b:00007ffd40026490 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  237.778620][   T30] RAX: ffffffffffffffda RBX: 00005577895fde10 RCX: 00007f37d15169a4
[  237.786685][   T30] RDX: 00000000000a0800 RSI: 0000557789612e00 RDI: 00000000ffffff9c
[  237.797506][   T30] RBP: 0000557789612e00 R08: 0000000000000001 R09: 7fffffffffffffff
[  237.805519][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000000a0800
[  237.813878][   T30] R13: 00005577895ef250 R14: 0000000000000001 R15: 00005577895dc910
[  237.821944][   T30]  </TASK>
[  237.826056][   T30] INFO: task udevd:6038 blocked for more than 144 seconds.
[  237.840560][   T30]       Not tainted 6.11.0-rc1-syzkaller-00266-g45160cebd6ac #0
[  237.858413][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  237.867131][   T30] task:udevd           state:D stack:19952 pid:6038  tgid:6038  ppid:1      flags:0x00004002
[  237.890297][   T30] Call Trace:
[  237.893622][   T30]  <TASK>
[  237.896568][   T30]  __schedule+0x1800/0x4a60
[  237.914273][   T30]  ? __pfx___schedule+0x10/0x10
[  237.920173][   T30]  ? __blk_flush_plug+0x449/0x500
[  237.925236][   T30]  ? __pfx_lock_release+0x10/0x10
[  237.937723][   T30]  ? __asan_memset+0x23/0x50
[  237.942387][   T30]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  237.948299][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  237.954666][   T30]  ? schedule+0x90/0x320
[  237.959109][   T30]  schedule+0x14b/0x320
[  237.963295][   T30]  schedule_timeout+0x1be/0x310
[  237.970571][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  237.975976][   T30]  ? __pfx_process_timeout+0x10/0x10
[  237.981498][   T30]  ? prepare_to_wait_event+0x3ba/0x400
[  237.986993][   T30]  nbd_queue_rq+0x7cd/0x2f70
[  237.991670][   T30]  ? __pfx_validate_chain+0x10/0x10
[  237.996886][   T30]  ? validate_chain+0x11e/0x5900
[  238.002615][   T30]  ? __pfx_nbd_queue_rq+0x10/0x10
[  238.007797][   T30]  ? __lock_acquire+0x137a/0x2040
[  238.012883][   T30]  ? __pfx_autoremove_wake_function+0x10/0x10
[  238.021803][   T30]  blk_mq_dispatch_rq_list+0xb89/0x1b30
[  238.027408][   T30]  ? sbitmap_find_bit+0x435/0x4c0
[  238.032705][   T30]  ? sbitmap_get+0x289/0x3f0
[  238.037316][   T30]  ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10
[  238.043411][   T30]  ? __blk_mq_alloc_driver_tag+0x32d/0x730
[  238.049394][   T30]  __blk_mq_sched_dispatch_requests+0xb8a/0x1840
[  238.055754][   T30]  ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10
[  238.062702][   T30]  ? blk_mq_run_hw_queue+0x1d3/0xae0
[  238.069714][   T30]  ? __pfx___might_resched+0x10/0x10
[  238.075023][   T30]  blk_mq_sched_dispatch_requests+0xcb/0x140
[  238.083219][   T30]  ? blk_mq_run_hw_queue+0x54d/0xae0
[  238.089099][   T30]  blk_mq_run_hw_queue+0x576/0xae0
[  238.094231][   T30]  ? blk_mq_run_hw_queue+0x1d3/0xae0
[  238.100194][   T30]  blk_mq_flush_plug_list+0x1115/0x1880
[  238.105769][   T30]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  238.112442][   T30]  ? blk_mq_submit_bio+0x1288/0x22d0
[  238.118360][   T30]  __blk_flush_plug+0x420/0x500
[  238.123228][   T30]  ? __pfx___blk_flush_plug+0x10/0x10
[  238.129555][   T30]  ? timekeeping_get_ns+0x5c/0x420
[  238.134677][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  238.140213][   T30]  __submit_bio+0x422/0x560
[  238.144710][   T30]  ? __pfx___submit_bio+0x10/0x10
[  238.150431][   T30]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[  238.156684][   T30]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  238.163724][   T30]  submit_bio_noacct_nocheck+0x4d3/0xe30
[  238.170227][   T30]  ? bio_associate_blkg_from_css+0x182/0xc70
[  238.176242][   T30]  ? __pfx___might_resched+0x10/0x10
[  238.181967][   T30]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  238.188425][   T30]  block_read_full_folio+0x93b/0xcd0
[  238.193754][   T30]  ? __pfx_blkdev_get_block+0x10/0x10
[  238.203816][   T30]  ? __pfx_block_read_full_folio+0x10/0x10
[  238.209821][   T30]  ? __pfx_lru_add_fn+0x10/0x10
[  238.214689][   T30]  ? folio_add_lru+0x357/0xd70
[  238.219634][   T30]  ? folio_add_lru+0x58f/0xd70
[  238.224593][   T30]  filemap_read_folio+0x1a0/0x790
[  238.229705][   T30]  ? __pfx_blkdev_read_folio+0x10/0x10
[  238.235185][   T30]  ? __pfx_filemap_read_folio+0x10/0x10
[  238.243236][   T30]  ? __filemap_get_folio+0x984/0xc10
[  238.248659][   T30]  do_read_cache_folio+0x134/0x820
[  238.253810][   T30]  ? __pfx_blkdev_read_folio+0x10/0x10
[  238.259590][   T30]  read_part_sector+0xb3/0x330
[  238.264469][   T30]  adfspart_check_ICS+0xd9/0x9a0
[  238.269697][   T30]  ? __pfx_vsnprintf+0x10/0x10
[  238.274500][   T30]  ? __pfx_adfspart_check_ICS+0x10/0x10
[  238.280355][   T30]  ? snprintf+0xda/0x120
[  238.284637][   T30]  ? alloc_pages_mpol_noprof+0x417/0x680
[  238.290329][   T30]  ? vsnprintf+0x1cc3/0x1da0
[  238.294938][   T30]  ? vsnprintf+0x184/0x1da0
[  238.299651][   T30]  ? __pfx_snprintf+0x10/0x10
[  238.304337][   T30]  ? __kasan_kmalloc+0x98/0xb0
[  238.311585][   T30]  bdev_disk_changed+0x72c/0x13d0
[  238.316646][   T30]  ? __pfx_bdev_disk_changed+0x10/0x10
[  238.322240][   T30]  blkdev_get_whole+0x2d2/0x450
[  238.327296][   T30]  bdev_open+0x2d4/0xc60
[  238.331585][   T30]  blkdev_open+0x3e8/0x570
[  238.336009][   T30]  ? __pfx_blkdev_open+0x10/0x10
[  238.341090][   T30]  do_dentry_open+0x970/0x1440
[  238.345862][   T30]  vfs_open+0x3e/0x330
[  238.352625][   T30]  path_openat+0x2b3e/0x3470
[  238.357254][   T30]  ? __pfx_stack_trace_save+0x10/0x10
[  238.362718][   T30]  ? __lock_acquire+0x137a/0x2040
[  238.367823][   T30]  ? __pfx_path_openat+0x10/0x10
[  238.372799][   T30]  do_filp_open+0x235/0x490
[  238.377309][   T30]  ? __pfx_do_filp_open+0x10/0x10
[  238.382448][   T30]  ? _raw_spin_unlock+0x28/0x50
[  238.387287][   T30]  ? alloc_fd+0x5a1/0x640
[  238.391836][   T30]  do_sys_openat2+0x13e/0x1d0
[  238.396535][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  238.401920][   T30]  __x64_sys_openat+0x247/0x2a0
[  238.407144][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[  238.412638][   T30]  ? do_syscall_64+0x100/0x230
[  238.417427][   T30]  ? do_syscall_64+0xb6/0x230
[  238.424651][   T30]  do_syscall_64+0xf3/0x230
[  238.429560][   T30]  ? clear_bhb_loop+0x35/0x90
[  238.434270][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.440357][   T30] RIP: 0033:0x7f37d15169a4
[  238.444867][   T30] RSP: 002b:00007ffd40026490 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  238.453352][   T30] RAX: ffffffffffffffda RBX: 00005577895fe870 RCX: 00007f37d15169a4
[  238.462417][   T30] RDX: 00000000000a0800 RSI: 00005577896010a0 RDI: 00000000ffffff9c
[  238.470890][   T30] RBP: 00005577896010a0 R08: 0000000000000001 R09: 7fffffffffffffff
[  238.479541][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000000a0800
[  238.488365][   T30] R13: 00005577895eda70 R14: 0000000000000001 R15: 00005577895dc910
[  238.496366][   T30]  </TASK>
[  238.501096][   T30] INFO: task udevd:6101 blocked for more than 145 seconds.
[  238.515799][   T30]       Not tainted 6.11.0-rc1-syzkaller-00266-g45160cebd6ac #0
[  238.524971][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  238.533956][   T30] task:udevd           state:D stack:21848 pid:6101  tgid:6101  ppid:1      flags:0x00004002
[  238.546073][   T30] Call Trace:
[  238.550205][   T30]  <TASK>
[  238.553145][   T30]  __schedule+0x1800/0x4a60
[  238.558380][   T30]  ? __pfx___schedule+0x10/0x10
[  238.563253][   T30]  ? __blk_flush_plug+0x449/0x500
[  238.568556][   T30]  ? __pfx_lock_release+0x10/0x10
[  238.573571][   T30]  ? __asan_memset+0x23/0x50
[  238.579087][   T30]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  238.584927][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  238.591894][   T30]  ? schedule+0x90/0x320
[  238.596155][   T30]  schedule+0x14b/0x320
[  238.601032][   T30]  schedule_timeout+0x1be/0x310
[  238.605890][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  238.612945][   T30]  ? __pfx_process_timeout+0x10/0x10
[  238.618934][   T30]  ? prepare_to_wait_event+0x3ba/0x400
[  238.624424][   T30]  nbd_queue_rq+0x7cd/0x2f70
[  238.629200][   T30]  ? __pfx_validate_chain+0x10/0x10
[  238.634407][   T30]  ? validate_chain+0x11e/0x5900
[  238.639609][   T30]  ? __pfx_nbd_queue_rq+0x10/0x10
[  238.644634][   T30]  ? __lock_acquire+0x137a/0x2040
[  238.649748][   T30]  ? __pfx_autoremove_wake_function+0x10/0x10
[  238.655849][   T30]  blk_mq_dispatch_rq_list+0xb89/0x1b30
[  238.661753][   T30]  ? sbitmap_find_bit+0x435/0x4c0
[  238.668928][   T30]  ? sbitmap_get+0x289/0x3f0
[  238.673550][   T30]  ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10
[  238.680278][   T30]  ? __blk_mq_alloc_driver_tag+0x32d/0x730
[  238.686130][   T30]  __blk_mq_sched_dispatch_requests+0xb8a/0x1840
[  238.693683][   T30]  ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10
[  238.701508][   T30]  ? blk_mq_run_hw_queue+0x1d3/0xae0
[  238.706833][   T30]  ? __pfx___might_resched+0x10/0x10
[  238.712821][   T30]  blk_mq_sched_dispatch_requests+0xcb/0x140
[  238.720491][   T30]  ? blk_mq_run_hw_queue+0x54d/0xae0
[  238.725781][   T30]  blk_mq_run_hw_queue+0x576/0xae0
[  238.731825][   T30]  ? blk_mq_run_hw_queue+0x1d3/0xae0
[  238.737130][   T30]  blk_mq_flush_plug_list+0x1115/0x1880
[  238.743070][   T30]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  238.749985][   T30]  ? blk_mq_submit_bio+0x1288/0x22d0
[  238.755386][   T30]  __blk_flush_plug+0x420/0x500
[  238.761077][   T30]  ? __pfx___blk_flush_plug+0x10/0x10
[  238.766454][   T30]  ? timekeeping_get_ns+0x5c/0x420
[  238.771916][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  238.777156][   T30]  __submit_bio+0x422/0x560
[  238.782001][   T30]  ? __pfx___submit_bio+0x10/0x10
[  238.787017][   T30]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[  238.793997][   T30]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  238.800892][   T30]  submit_bio_noacct_nocheck+0x4d3/0xe30
[  238.806552][   T30]  ? bio_associate_blkg_from_css+0x182/0xc70
[  238.813182][   T30]  ? __pfx___might_resched+0x10/0x10
[  238.819383][   T30]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  238.826007][   T30]  block_read_full_folio+0x93b/0xcd0
[  238.834166][   T30]  ? __pfx_blkdev_get_block+0x10/0x10
[  238.840499][   T30]  ? __pfx_block_read_full_folio+0x10/0x10
[  238.846348][   T30]  ? __pfx_lru_add_fn+0x10/0x10
[  238.851600][   T30]  ? folio_add_lru+0x357/0xd70
[  238.856389][   T30]  ? folio_add_lru+0x58f/0xd70
[  238.861258][   T30]  filemap_read_folio+0x1a0/0x790
[  238.867549][   T30]  ? __pfx_blkdev_read_folio+0x10/0x10
[  238.873660][   T30]  ? __pfx_filemap_read_folio+0x10/0x10
[  238.881892][   T30]  ? __filemap_get_folio+0x984/0xc10
[  238.887244][   T30]  do_read_cache_folio+0x134/0x820
[  238.892477][   T30]  ? __pfx_blkdev_read_folio+0x10/0x10
[  238.898142][   T30]  read_part_sector+0xb3/0x330
[  238.902926][   T30]  adfspart_check_ICS+0xd9/0x9a0
[  238.915976][   T30]  ? __pfx_vsnprintf+0x10/0x10
[  238.921029][   T30]  ? __pfx_adfspart_check_ICS+0x10/0x10
[  238.926607][   T30]  ? snprintf+0xda/0x120
[  238.933278][   T30]  ? alloc_pages_mpol_noprof+0x417/0x680
[  238.941924][   T30]  ? vsnprintf+0x1cc3/0x1da0
[  238.946548][   T30]  ? vsnprintf+0x184/0x1da0
[  238.951362][   T30]  ? __pfx_snprintf+0x10/0x10
[  238.956067][   T30]  ? __kasan_kmalloc+0x98/0xb0
[  238.960982][   T30]  bdev_disk_changed+0x72c/0x13d0
[  238.966009][   T30]  ? __pfx_bdev_disk_changed+0x10/0x10
[  238.972269][   T30]  blkdev_get_whole+0x2d2/0x450
[  238.977137][   T30]  bdev_open+0x2d4/0xc60
[  238.982077][   T30]  blkdev_open+0x3e8/0x570
[  238.986512][   T30]  ? __pfx_blkdev_open+0x10/0x10
[  238.991978][   T30]  do_dentry_open+0x970/0x1440
[  238.996776][   T30]  vfs_open+0x3e/0x330
[  239.002029][   T30]  path_openat+0x2b3e/0x3470
[  239.006674][   T30]  ? __pfx_stack_trace_save+0x10/0x10
[  239.012581][   T30]  ? __lock_acquire+0x137a/0x2040
[  239.018318][   T30]  ? __pfx_path_openat+0x10/0x10
[  239.023287][   T30]  do_filp_open+0x235/0x490
[  239.028506][   T30]  ? __pfx_do_filp_open+0x10/0x10
[  239.033533][   T30]  ? _raw_spin_unlock+0x28/0x50
[  239.039042][   T30]  ? alloc_fd+0x5a1/0x640
[  239.044209][   T30]  do_sys_openat2+0x13e/0x1d0
[  239.051829][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  239.057073][   T30]  __x64_sys_openat+0x247/0x2a0
[  239.062435][   T30]  ? __pfx___x64_sys_openat+0x10/0x10
[  239.071507][   T30]  ? do_syscall_64+0x100/0x230
[  239.076535][   T30]  ? do_syscall_64+0xb6/0x230
[  239.081917][   T30]  do_syscall_64+0xf3/0x230
[  239.086441][   T30]  ? clear_bhb_loop+0x35/0x90
[  239.091505][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.097393][   T30] RIP: 0033:0x7f37d15169a4
[  239.102523][   T30] RSP: 002b:00007ffd40026490 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  239.111325][   T30] RAX: ffffffffffffffda RBX: 00005577895fde10 RCX: 00007f37d15169a4
[  239.120196][   T30] RDX: 00000000000a0800 RSI: 0000557789601020 RDI: 00000000ffffff9c
[  239.128990][   T30] RBP: 0000557789601020 R08: 0000000000000001 R09: 7fffffffffffffff
[  239.137073][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000000a0800
[  239.145779][   T30] R13: 00005577895f1540 R14: 0000000000000001 R15: 00005577895dc910
[  239.154406][   T30]  </TASK>
[  239.160642][   T30] 
[  239.160642][   T30] Showing all locks held in the system:
[  239.179392][   T30] 1 lock held by khungtaskd/30:
[  239.184291][   T30]  #0: ffffffff8e9377a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  239.207331][   T30] 2 locks held by getty/4978:
[  239.212588][   T30]  #0: ffff88802f9e20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  239.222641][   T30]  #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00
[  239.233655][   T30] 3 locks held by udevd/5282:
[  239.239151][   T30]  #0: ffff88802105c4c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0xf0/0xc60
[  239.250699][   T30]  #1: ffff88801bf45010 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x54d/0xae0
[  239.260745][   T30]  #2: ffff888021198180 (&cmd->lock){+.+.}-{3:3}, at: nbd_queue_rq+0xfc/0x2f70
[  239.272509][   T30] 3 locks held by udevd/5585:
[  239.277379][   T30]  #0: ffff8880210bb4c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0xf0/0xc60
[  239.286935][   T30]  #1: ffff88801ff01b90 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x54d/0xae0
[  239.296912][   T30]  #2: ffff888021218180 (&cmd->lock){+.+.}-{3:3}, at: nbd_queue_rq+0xfc/0x2f70
[  239.306461][   T30] 3 locks held by udevd/6038:
[  239.312165][   T30]  #0: ffff8880211604c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0xf0/0xc60
[  239.322002][   T30]  #1: ffff88801bf45710 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x54d/0xae0
[  239.332082][   T30]  #2: ffff888021270180 (&cmd->lock){+.+.}-{3:3}, at: nbd_queue_rq+0xfc/0x2f70
[  239.345210][   T30] 3 locks held by udevd/6101:
[  239.352931][   T30]  #0: ffff8880210bf4c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0xf0/0xc60
[  239.362470][   T30]  #1: ffff88801faf4210 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x54d/0xae0
[  239.372110][   T30]  #2: ffff8880212a0180 (&cmd->lock){+.+.}-{3:3}, at: nbd_queue_rq+0xfc/0x2f70
[  239.383414][   T30] 2 locks held by kworker/u8:20/9120:
[  239.388905][   T30] 4 locks held by kworker/u8:32/9133:
[  239.394389][   T30]  #0: ffff8880b933ea18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  239.404530][   T30]  #1: ffff8880b9328948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x441/0x770
[  239.416475][   T30]  #2: ffffffff8e937800 (rcu_read_lock_bh){....}-{1:2}, at: mod_peer_timer+0x21/0x260
[  239.426895][   T30]  #3: ffff8880b932a718 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x112/0x240
[  239.436733][   T30] 4 locks held by kworker/u8:34/9136:
[  239.442380][   T30]  #0: ffff8880166e5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  239.454278][   T30]  #1: ffffc9000987fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  239.467631][   T30]  #2: ffffffff8fc735d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  239.477092][   T30]  #3: ffffffff8fc80048 (rtnl_mutex){+.+.}-{3:3}, at: wg_destruct+0x25/0x2e0
[  239.486610][   T30] 8 locks held by syz-executor/11290:
[  239.494187][   T30]  #0: ffff88801e4ac420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90
[  239.503415][   T30]  #1: ffff88807e06f888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500
[  239.513295][   T30]  #2: ffff888022d62788 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500
[  239.523575][   T30]  #3: ffffffff8f51cf88 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480
[  239.533882][   T30]  #4: ffff88806bf390e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0
[  239.544541][   T30]  #5: ffff88806bf38250 (&devlink->lock_key#11){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160
[  239.554924][   T30]  #6: ffffffff8fc80048 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0
[  239.563926][   T30]  #7: ffffffff8e93cb78 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  239.575660][   T30] 1 lock held by syz-executor/11315:
[  239.581203][   T30]  #0: ffffffff8fc80048 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  239.592819][   T30] 1 lock held by syz.2.1697/11455:
[  239.600217][   T30]  #0: ffffffff8fc80048 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[  239.609290][   T30] 1 lock held by syz.0.1702/11476:
[  239.614407][   T30]  #0: ffffffff8fc80048 (rtnl_mutex){+.+.}-{3:3}, at: dev_ethtool+0x21e/0x1bc0
[  239.623576][   T30] 1 lock held by syz.0.1702/11479:
[  239.628843][   T30]  #0: ffffffff8fc80048 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  239.638462][   T30] 1 lock held by syz.0.1702/11481:
[  239.643572][   T30]  #0: ffffffff8fc80048 (rtnl_mutex){+.+.}-{3:3}, at: ipv6_route_ioctl+0x4cb/0x870
[  239.652932][   T30] 1 lock held by syz.1.1703/11482:
[  239.658573][   T30]  #0: ffffffff8fc80048 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  239.668174][   T30] 
[  239.670513][   T30] =============================================
[  239.670513][   T30] 
[  239.680114][   T30] NMI backtrace for cpu 0
[  239.684464][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc1-syzkaller-00266-g45160cebd6ac #0
[  239.694984][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  239.705067][   T30] Call Trace:
[  239.708361][   T30]  <TASK>
[  239.711305][   T30]  dump_stack_lvl+0x241/0x360
[  239.715998][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  239.721222][   T30]  ? __pfx__printk+0x10/0x10
[  239.725825][   T30]  ? vprintk_emit+0x631/0x770
[  239.730524][   T30]  ? __pfx_vprintk_emit+0x10/0x10
[  239.735558][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  239.740506][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  239.745972][   T30]  ? _printk+0xd5/0x120
[  239.750126][   T30]  ? __pfx__printk+0x10/0x10
[  239.754720][   T30]  ? __wake_up_klogd+0xcc/0x110
[  239.759567][   T30]  ? __pfx__printk+0x10/0x10
[  239.764167][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  239.769200][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  239.775175][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  239.781159][   T30]  watchdog+0xfee/0x1030
[  239.785399][   T30]  ? watchdog+0x1ea/0x1030
[  239.789816][   T30]  ? __pfx_watchdog+0x10/0x10
[  239.794486][   T30]  kthread+0x2f0/0x390
[  239.798544][   T30]  ? __pfx_watchdog+0x10/0x10
[  239.803218][   T30]  ? __pfx_kthread+0x10/0x10
[  239.807805][   T30]  ret_from_fork+0x4b/0x80
[  239.812227][   T30]  ? __pfx_kthread+0x10/0x10
[  239.816805][   T30]  ret_from_fork_asm+0x1a/0x30
[  239.821577][   T30]  </TASK>
[  239.825804][   T30] Sending NMI from CPU 0 to CPUs 1:
[  239.831265][    C1] NMI backtrace for cpu 1
[  239.831278][    C1] CPU: 1 UID: 0 PID: 9120 Comm: kworker/u8:20 Not tainted 6.11.0-rc1-syzkaller-00266-g45160cebd6ac #0
[  239.831297][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  239.831308][    C1] Workqueue: bat_events batadv_nc_worker
[  239.831329][    C1] RIP: 0010:kasan_check_range+0x1b/0x290
[  239.831353][    C1] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 55 41 57 41 56 41 54 53 b0 01 48 85 f6 0f 84 a0 01 00 00 4c 8d 04 37 <49> 39 f8 0f 82 56 02 00 00 48 89 fd 48 c1 ed 2f 81 fd fe ff 01 00
[  239.831367][    C1] RSP: 0018:ffffc9000ce678c0 EFLAGS: 00000002
[  239.831380][    C1] RAX: 0000000000000001 RBX: 0000000000000021 RCX: ffffffff816fc3b7
[  239.831392][    C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff93729800
[  239.831402][    C1] RBP: fd0d7518173bf8e1 R08: ffffffff93729808 R09: 1ffffffff26e531b
[  239.831414][    C1] R10: dffffc0000000000 R11: fffffbfff26e531c R12: 0000000000000000
[  239.831425][    C1] R13: ffff88802276e4d8 R14: 1ffff110044edcaa R15: ffff88802276e550
[  239.831437][    C1] FS:  0000000000000000(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000
[  239.831451][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  239.831462][    C1] CR2: 0000000020fd4030 CR3: 000000000e734000 CR4: 00000000003506f0
[  239.831476][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  239.831486][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  239.831496][    C1] Call Trace:
[  239.831502][    C1]  <NMI>
[  239.831510][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  239.831531][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  239.831552][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  239.831581][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  239.831599][    C1]  ? nmi_handle+0x14f/0x5a0
[  239.831614][    C1]  ? nmi_handle+0x2a/0x5a0
[  239.831630][    C1]  ? kasan_check_range+0x1b/0x290
[  239.831649][    C1]  ? default_do_nmi+0x63/0x160
[  239.831664][    C1]  ? exc_nmi+0x123/0x1f0
[  239.831678][    C1]  ? end_repeat_nmi+0xf/0x53
[  239.831696][    C1]  ? __lock_acquire+0x1297/0x2040
[  239.831715][    C1]  ? kasan_check_range+0x1b/0x290
[  239.831736][    C1]  ? kasan_check_range+0x1b/0x290
[  239.831762][    C1]  ? kasan_check_range+0x1b/0x290
[  239.831782][    C1]  </NMI>
[  239.831787][    C1]  <TASK>
[  239.831794][    C1]  __lock_acquire+0x1297/0x2040
[  239.831820][    C1]  lock_acquire+0x1ed/0x550
[  239.831839][    C1]  ? batadv_nc_worker+0xcb/0x610
[  239.831858][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  239.831878][    C1]  ? batadv_nc_worker+0xcb/0x610
[  239.831894][    C1]  ? __pfx_lock_release+0x10/0x10
[  239.831914][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  239.831937][    C1]  batadv_nc_worker+0xec/0x610
[  239.831952][    C1]  ? batadv_nc_worker+0xcb/0x610
[  239.831968][    C1]  ? batadv_nc_worker+0xcb/0x610
[  239.831985][    C1]  ? process_scheduled_works+0x945/0x1830
[  239.832003][    C1]  process_scheduled_works+0xa2c/0x1830
[  239.832033][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  239.832055][    C1]  ? assign_work+0x364/0x3d0
[  239.832076][    C1]  worker_thread+0x86d/0xd40
[  239.832100][    C1]  ? __kthread_parkme+0x169/0x1d0
[  239.832121][    C1]  ? __pfx_worker_thread+0x10/0x10
[  239.832139][    C1]  kthread+0x2f0/0x390
[  239.832153][    C1]  ? __pfx_worker_thread+0x10/0x10
[  239.832170][    C1]  ? __pfx_kthread+0x10/0x10
[  239.832184][    C1]  ret_from_fork+0x4b/0x80
[  239.832203][    C1]  ? __pfx_kthread+0x10/0x10
[  239.832217][    C1]  ret_from_fork_asm+0x1a/0x30
[  239.832243][    C1]  </TASK>
[  239.855010][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  239.855029][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc1-syzkaller-00266-g45160cebd6ac #0
[  240.196785][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  240.206836][   T30] Call Trace:
[  240.210104][   T30]  <TASK>
[  240.213023][   T30]  dump_stack_lvl+0x241/0x360
[  240.217785][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  240.222975][   T30]  ? __pfx__printk+0x10/0x10
[  240.227552][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  240.233529][   T30]  ? vscnprintf+0x5d/0x90
[  240.237861][   T30]  panic+0x349/0x860
[  240.241835][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  240.248668][   T30]  ? __pfx_panic+0x10/0x10
[  240.253205][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  240.259206][   T30]  ? __irq_work_queue_local+0x137/0x410
[  240.264780][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  240.270145][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  240.276295][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  240.282456][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  240.288604][   T30]  watchdog+0x102d/0x1030
[  240.292931][   T30]  ? watchdog+0x1ea/0x1030
[  240.297343][   T30]  ? __pfx_watchdog+0x10/0x10
[  240.302013][   T30]  kthread+0x2f0/0x390
[  240.306080][   T30]  ? __pfx_watchdog+0x10/0x10
[  240.311126][   T30]  ? __pfx_kthread+0x10/0x10
[  240.315717][   T30]  ret_from_fork+0x4b/0x80
[  240.320131][   T30]  ? __pfx_kthread+0x10/0x10
[  240.324714][   T30]  ret_from_fork_asm+0x1a/0x30
[  240.329480][   T30]  </TASK>
[  240.332869][   T30] Kernel Offset: disabled
[  240.337179][   T30] Rebooting in 86400 seconds..