last executing test programs:

11.361893353s ago: executing program 4 (id=3631):
r0 = socket$alg(0x26, 0x5, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x1, 0x1000}, 0x4)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1000}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r0, 0x0, 0x0, 0x80800)
r5 = accept(r4, 0x0, &(0x7f0000000080))
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r6, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000040)=0x8)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x85, &(0x7f0000000000)={r8, @in={{0x2, 0x0, @empty}}, 0x27c0}, 0x90)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x85, &(0x7f00000001c0)={r8, @in={{0x2, 0x0, @rand_addr=0x64010100}}, 0x0, 0xfffe}, 0x90)
sendmmsg$alg(r4, &(0x7f00000017c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
sendmsg$NFT_MSG_GETFLOWTABLE(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[], 0x5f}, 0x1, 0x0, 0x0, 0x1}, 0x948be6b639037758)
r9 = socket$inet_icmp(0x2, 0x2, 0x1)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
pipe(&(0x7f00000001c0)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
r13 = syz_genetlink_get_family_id$devlink(&(0x7f00000003c0), r11)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r5, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000400)={&(0x7f0000000540)={0x84, r13, 0x800, 0x70bd28, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xfffffff8}}, {@pci={{0x8}, {0x11}}, {0x8}}]}, 0x84}, 0x1, 0x0, 0x0, 0x4086}, 0x40000)
splice(r10, &(0x7f0000000040), r12, 0x0, 0x800000000ff, 0x0)
recvmsg(r9, &(0x7f0000000040)={0x0, 0x45, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x40002040)

10.742370903s ago: executing program 4 (id=3637):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="d80000001e0081054e81f782060000000000000006007c095dd2466518000e800a00142603600e", 0x27}], 0x1}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x30, 0x1410, 0x1, 0x70bd2c, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x24044836}, 0xc094)
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000000)="fc0000001d000724ab09254ec10007", 0xf)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
close(r4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
splice(r2, 0x0, r4, 0x0, 0xe, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000003b000701000000000ce2aa66027c00000400000014000180066ea6d07128"], 0x2c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=@ipv6_newroute={0x24, 0x18, 0x105, 0x0, 0x1000, {0xa, 0x20}, [@RTA_PRIORITY={0x8, 0x6, 0x10}]}, 0x24}, 0x1, 0x0, 0x0, 0xc000082}, 0x0)

10.574014211s ago: executing program 4 (id=3641):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000215000/0x1000)=nil, 0x1000, 0x0, 0x6011, r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x6, &(0x7f0000000680)=ANY=[@ANYBLOB="b40900000000000061111000000000008510000002000000850000005000000095000000000000009500000000000000752791631222a4b4dbffcb3e429313c626d8575b733278661f13493d24a9e56d000045361df4f2d2d4f8c2f01b4ebc5e56040b1134ecdb1e1f38ce94b48a6e6325a3c0fa265afb4cfef8a901af313b77f13a966aeb27ccb654fac79ae10600000075fa8341a6875728e9a45938c338b7a958249211eb70d5d978eff738aa6be2d07fedb69c65b63dd665e66a92dec0189df1c319c72478e432b17c45bec66c923fb483a6d4e050bfaa8f8f85364f849802fa2c3b80975e8753560000f0c313d9c19ebc37219f14fbcdd539b9b96af3000000000000a5ba432868c94d89a587a608d4a2775463f6ac50a87677ff52cdc32c5ca6b15a0f7dd116bf074bdf18f78df0a7ea01bf1b70dc492fb776d382e53f33275334ab9055204cf808192fe7965d545adc3025140be6c4ce9c53a78654d285020c3ed1802e4905bdaf45b00ca255fc9720af279d003823d909e0028d0e54b3bbab4040064c8075fb861c0957378d1aa25363fe4e6ee692dbc22d130f06b86ea597aa9147723879c8f36b42109343d97e02186e240d1c455ab6e5bdd818e196a93467649726cd2c134ede56f61c9b8da92eee2a520a1de4078d326bb41cf0e5e83f9354fabeb8f726aa631253e5cb18e2268a4c530df35d2e40646363b84d6e3cc37809dc3dc91b1747d982b00d04f69400"/542], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_int(r2, &(0x7f0000000080)='hugetlb.2MB.max_usage_in_bytes\x00', 0x2, 0x0)
sendfile(r3, r3, 0x0, 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x4c)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0xd1383000)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000780)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x10000, @value=r0}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="180000190000000002000000000000001840000002000000000000000000000095000000000000009500000000000200"], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r4, 0x8, 0x0, 0x0, 0x14, &(0x7f0000000600), 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

10.281909148s ago: executing program 4 (id=3643):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_INTERVAL={0x8, 0x7, 0x7}]}}}]}, 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x50}}, 0x4000000)
bind$bt_hci(r0, &(0x7f0000000000), 0x6)
r2 = socket$key(0xf, 0x3, 0x2)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r3, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000001280)="51ee2ef5560396a6e3b0a0e2daee0e1ece92a8cd9a587eff4f547b73", 0x1c}, 0x1, 0x0, 0x0, 0x40004}, 0x20)
recvmsg(r3, &(0x7f0000004480)={0x0, 0x0, &(0x7f0000004440)=[{&(0x7f0000001400)=""/4096, 0x1000}], 0x1}, 0x100)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_ext={0x1c, 0x2d, &(0x7f00000007c0)=ANY=[], 0x0, 0xff, 0xfa, &(0x7f00000001c0)=""/250, 0x40f00, 0x50, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x32a0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
write(r5, &(0x7f0000000300)="98a613fd", 0x4)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r7, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newlink={0x4c, 0x10, 0xffffff1f, 0x0, 0x25dfdbfe, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x8, 0x2, @local}, @IFLA_IPTUN_ENCAP_FLAGS={0x6, 0x10, 0xd1}]}}}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket(0x1, 0x803, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r11}]}, 0x44}}, 0x8000)
sendmsg$key(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="020e0000100000000000000000000000030005000000000002000000ac1e000100000000000000000300060000000000020000000000000000000000000000000800120026"], 0x80}}, 0x0)
ioctl$sock_bt_hci(r0, 0x400448e6, &(0x7f0000000100))

9.332358427s ago: executing program 4 (id=3650):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c00000010000800000000000000009c8cfb3b61", @ANYRES32=0x0, @ANYBLOB="0002000060000100140012800900010076657468000000000400028008001f0001000000"], 0x3c}}, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xa, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x1, 0x0, 0x5a}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x200000000000021d, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="50000000020605000000000000000000000000000c00078008000640001000000500010006000000050005000200000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x50}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="40000000090601020000000000000000000000000900020073797a31000000000500010007000000180007800c00018008000140fffffffe0500030008"], 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r4=>0x0})
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', r4, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000440)={@map, r5, 0x36, 0x4, 0x0, @void, @value=r5}, 0x20)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c9554a916000104000000000000000300000000", @ANYRES32=r8, @ANYBLOB="00000000800100001c0012800b00010067656e65766500000c0002800500090001000000"], 0x3c}, 0x1, 0x2}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000400)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16, @ANYBLOB="010800000000000000000b00000008000300", @ANYRES32=r9, @ANYBLOB="0a0006000802110000000000380050800800030004ac0f0011000100cabee339084eeef109002471f40000000800070000000000050002"], 0x60}}, 0x0)
r10 = syz_genetlink_get_family_id$fou(&(0x7f00000002c0), r7)
sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x54, r10, 0x200, 0x70bd2a, 0x25dfdbfb, {}, [@FOU_ATTR_IFINDEX={0x8, 0xb, r4}, @FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_IFINDEX={0x8}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e22}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e20}, @FOU_ATTR_PEER_V6={0x14, 0x9, @remote}]}, 0x54}, 0x1, 0x0, 0x0, 0x4841}, 0x84)
sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0)
r11 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r11, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r11, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r11, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r11, &(0x7f0000007fc0), 0x800001d, 0x0)
recvmmsg(r11, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)

6.256338259s ago: executing program 3 (id=3674):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1806000000000300000000000000c29c18120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000280), &(0x7f00000002c0)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xe, 0x0, &(0x7f0000000000)="43227504000000b32415f73227b2", 0x0, 0xd01, 0x0, 0x0, 0x700, 0x0, 0x0, 0x2}, 0x50)

5.997653417s ago: executing program 3 (id=3677):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000611494000000000b05000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

5.866341971s ago: executing program 3 (id=3678):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r0, @ANYBLOB="01000000000000000000030000002c000280060002004e2000000800090010000000060002004e210000080007000101000006000f000700000008000400ff7fffff1400028008000600020000000800090008000000080004000200000060000180080009005600000007000600666f00000c0007002000000002000000080008000100000008000b00736970000600010002000000080005"], 0xc4}}, 0x0)
nanosleep(&(0x7f0000000000)={0x77359400}, &(0x7f0000000040))

5.642795058s ago: executing program 0 (id=3682):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000100000000000081123c00000000009500000700000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg(r0, &(0x7f0000000a40)={&(0x7f0000000080)=@vsock={0x28, 0x0, 0x2711, @my=0x1}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000300)="ff877352e6053fff4f811de1743a61440f1c8ab443f8b8db5f7d1af84936", 0x1e}, {&(0x7f0000000340)="b065621728ccf306cee9b6941f94341f29a8dbc3dcce", 0x16}], 0x2, &(0x7f00000003c0)=[{0x110, 0x103, 0x10000, "d631fce659f070a5f31d10ef6078eaa12847ab3fed0bd276a5926714abbee18b3620c6b33d3c97ebac02e1649887a95a5083d535b572d1b50063cbfdf7c5b2fe3470b38ffb21e94ac6c4fd238949df70256081747060cac1c4ecb814e5dd3078da5448efbe53823b888582d9940446a128de8320aba88efc77b9e0bfb79e6a74affc240225adffae110684c155d61f539d51cde04f5c4d004811053221af41c22d4f95dda89cb1815334c8cda8bd43e7d1897e0c32ef5e529f3ae25edb150928886ec1b463ad46150e3366c3c475acd7db894595ae623959704ed2de765413025c177cf7c02006ccebed5114227649f81a3b99784df31174adc8a79557"}, {0x60, 0x115, 0x7, "3327091c6dbd695bb40cfabcc408dc3401bdd6c405734263b3e99747000f8fabb222f62103c945f9396d59990cbbac60cbf206969a934ee0502dc4c5a864f3894769a1de9c099406f2b59339681e"}, {0xa0, 0x113, 0x6, "41eea271a43137cd0d502420b8847d001c133b8f441f2c250466052d7d4f143b73595f1ab4a695e76514ee19ed0d534d8454b389f85215b0d1efae494461f4f235942589592a98528387fa6068222f67585c34335bb7890ce0f831c615d469232b8f499b6a330050fe56754ffcc23e02cac069eba3410fa4d253c72f5e27729eb110a22dd607b0836a65"}, {0xf8, 0x103, 0xf, "506a146a0798af0e307df11f5851fc2819bb945f63a4b6a20ec50c48caadee56d80c405127908fbfa46e9bb35b7bdaa67d179545cdf24eb9b73b1c8f481461f958c6bac038a68765e06dc62c742882c250ccf40011303e75562aaeb01e13905c1f749293921de735d991dc23b17992598f8ca8f96bb69c24b5deb38899e15fb003ae73a0b838cc766608373cd9efcc80b717d107476ac504f96f8cf72f94d026784ae8c9dfeb11b2bf5281f5084285193b607795ecd2d38d416418951699fab9f5591670400f464652a741aca424f2ae3ac495667b0b5b191b0a4c0a12694713c2fcc7b73634"}, {0xe8, 0x111, 0x800, "89853547c53b02de827c3255b0cb7b6b3bd224f464a89a54acf81797d1be4833d5416d52174e7a9e6484eb876b5bce42c180cbab364e7a0a7e119c9ced1a73b8eb55056b7b4a25f8f12a3cdfd687e418ab69a2ccba97330b40d582ff24b1a8114dc9fdafd88701c6ec7576d4c579bda8a78761965c83e9acd7a1b7aa539c9cafffdb50918e9ed6e076826f8d904a7ebd702adf8769c74acf9af0ef5bb5d069c2bb011170a07690d5e6aa78e08309d79de1fd14e4499c51bdd7f9c3b0bfb389a87cf5a5b8b107152f71616ccd16ba3ed1989d10188253bb"}, {0x108, 0x10d, 0x0, "93c3466ebb7d3ce9431ed33f2b9a93f95b70558f64ab24c70fdcfb2811b5d124415ae8b1086550dcbd270012ad64221ceb7a287c59608c37ac1484d938c5dcd45d018c4cc0ddcdaf63812478caf00f48aaaa907ea697160898843c85c2d01e3e83bfcd76f6b766adbf20416f40e1a21613c7a31d8cec52cff9dabf493c90958d5e0a1d16796783862626ed148fb941c15cf97aa0f8e052c2158f326824dd625e4a9527a2a44e979b2d79c3eba5c32d3ebf80bf2d42f951bb1c008623d517710b29e21aa4f80f5f319349b5167609104921e17e36cdeab958a9fb45d5831b07dc57543f93fabb644d341938435245a78fb2cf3795d5b98ec2"}, {0x68, 0x0, 0x9, "eecb0aed9c676bcfe0faa362735d6efacc7eab956c0869fb36a546720459fe54dfe1869340f4ee8726e4f2f0a1e2d701ad6aa710a7d5f5f98777a79a36f5aa2cdf41126ffa87f1a16e9b4978d4231ab0a9cef9"}, {0x110, 0x10b, 0x7, "6a61c5b5dd88b9015e1c5a81033cf90425d9b0727f3cdb2377fe00def648186b284c5a8dde206a6fcf014e8a8bc4a8cc67b2536ec6b0cd137b9dbef8ab5cc28f822eae10c81b9645d6ae9cfb8d37669ee22af6cc751dafcda837ca66de5e5daf82442bfb0a523aeb7cf7fbd70e07eec2daaef69cb2d7045035b3936d67bf8757d946d0ba063793d72ecf7dc0bf932cc38f3dedb0c37da6920504df6cd4df024583e0435dd56bb52f1131578243f4cd951f4c44bcb516da888d56c785b163651e756edf9a420e817b17814a7e3f7de454026ee39d7c32436b39b89e47da6e9a6c96878fb3b47fd7810942c30f41b67833d405c2ae33fc1a2ac5b978"}], 0x670}, 0x80)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x54, r1, 0x400, 0x70bd28, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}, @IPVS_CMD_ATTR_SERVICE={0x38, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wlc\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x67}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0xe, 0x10}}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x10}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x40040}, 0x1)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="39feee8f490d9e1caa5ef90d070100000000000000eae9090000003c000380140002007663616e3000000000000904001000000800030002000000eaff00000100000014000600ff010000000000000000000000000001"], 0x50}}, 0x48000)

5.48804495s ago: executing program 0 (id=3684):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @multicast1}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x800000000f, &(0x7f0000000080)=0x7, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x2, 0x4)
bind$inet6(r1, &(0x7f0000000240)={0xa, 0x4e22, 0xfffffff7, @loopback}, 0x1c)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r3)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x30, r4, 0x5, 0x0, 0x0, {0x7, 0x74, 0x600}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x2}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @loopback}]}, 0x30}, 0x1, 0xffffffff00000003}, 0x0)
r5 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=@newqdisc={0x78, 0x24, 0xd0f, 0x8, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0x8}, {0xffff, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x200, 0x5, 0x1, 0x0, 0xf407}, 0xfffffffb, 0x0, 0x0, 0x4, 0x7, 0x0, 0x40, 0x9, 0x0, 0x1ff, {0x0, 0x0, 0x0, 0x6}}}}]}, 0x78}}, 0x0)
listen(r0, 0x0)

5.327921253s ago: executing program 0 (id=3686):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000300)=0x3)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
getsockopt(r1, 0x1, 0x27, 0x0, &(0x7f0000000080))
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000100)=0x2000004)
pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000500)="00214717a70700000000030600710a5e31163ceb9d0471200000000500000000000000ffff03425d4d50e7182ce0ab6d0000c94a6072890afd959ea16f3c89bd9e8954dd7a88b3b58ccb812a886e0021b935a182189d", 0x56}], 0x1, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61157800000000006113700000000000bfa000000000000007000000ee0016055e03010000000000640500000000000069163e0000000000bf07000000000000260507000fff07206706000020000000040600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x3f}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
listen(r2, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "fc7771", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x3, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x4, 0x2, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000007c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\f\n5', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r6=>0x0})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{0x1, <r7=>0xffffffffffffffff}, &(0x7f0000000340), &(0x7f00000004c0)=r3}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x1c, 0x9, 0x0, 0x9, 0x400, r7, 0xfa, '\x00', r6, 0xffffffffffffffff, 0x4, 0x0, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff})
r9 = gettid()
r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r11, 0x81f8943c, &(0x7f0000002180))
pwritev(r10, &(0x7f00000002c0)=[{&(0x7f0000001180)="b60666fb7943680adb2c49e31f0086cbfe83a0434042049f93db58dbfc33ec6f4250434aea9f480638e778c738ee6c7f985ba41a9355e6cdc2fbefb278cb3f1a9e012713c428b492f1e3957a1af548861e23212de4212384dd648e12d60a4cc38833bd730f59673d3d9bc3606e71091afd2ff36eed12e7bf631ed132c83ab514084e62970810b28172f7a48a50450d0ec8f56e470daace0fbaba484792a0d3a4bf0415fba4465fc5e3ea6e594c49c751b99d22dba483d676f15bbcc40e62dc57a552ba297004e619e58bc93f38ecafea041074267cd78a11bf9496516dd3ee478b1f3be915b126e7cad0c93386b9e062e3b0c5b32023d1476db61b505a672f03ec04909ddfc474384c89e8cfade85f36db973ebfbc913a6872d73fd42b55837ea06f1009b456ed7eb0c3d36ec48db74a5cad0bdfdb868943eac8e66ff2b71fd807e215f96cdd9ab47153ba705e1cfee32235309da9be9ecd27e3d80862737a02fcd1c0849c73ca03724d11e0655325f5955a46bf125ced172f3e0d00192efa6787b082f8e199ea48aa44e07bc1e905860daf991ca6778fd40cb76ee3f66cd9e750c0de3ee6cb8894cb2f3afad821ebe329b290f16c5075696ca3301baee1fc8587202a8ead30ff934f51b9c4a3b5fb13f521d235d1caeb825039dec31d1b3c5233c7629c43439db8dbeeda8fb1e6d525a2c5c3c2ed0ae17d0f4ea1ee50d577054f1cafe48e91c14319c418fb82fde975f7e8aae07da6e7ff812a904dda1840ec5868fd50250a9a63a6b3f0908cba83b4c516af4b84ae92a5043f52bea8890a0fb51be7fdfc0c637a4374cbe1d6ebc44ee9e44e2a98bfab243d23b89e50e2f7b5e98831a9e011c97afa71c7f808e93e79869d1501c6a1125ddeca280d1351c26745d8a5305f5b6326ffa80545ef85ae93c32cca164dc767ac4399f759460003a48735c25e455b0981b8a23288d93ff3f80a71edc2600a5065f95942110424e47317e6269f4ad48db3042f039e8db7fcfab57a8f18a194ef62b1218381ff58c9036257b9da46834b5d7af5c42f092b2a0447a20e6f461152587224356c30848a942ab7c067084cd0c5677da8ee37182731a271f754676507b29ed589265d5e558ec8b2111be464bfcc8b4a6ac939890344fccc8f7928b01b5af83d055e647b020fd40100c5fcab965d75cd73d87788eceebf7bcf0721ce54d1315fc4264805efb0527a812def0cf8f7ad26f26586af19d34c2848ed3a1b7a3b513945f34d8c67dfe897a7ca57b320c321b238ed9acb9b1f1451b880b6e89f4defe518f8fd0e5eb676d82537f4e87cd900fe0a557645e425d9b8d26c1ce329316591aa94fc5342f0cacbf68a362a0dc2b30a39a7642a1a7ace5da639fc38ecbdf111301ccd871f84aa377370b28bdd9aa7929d456a04dfd7b2fc746051d6585714e9d9bb9be2127ac425e0f53bcfa61d88ad1e0e8e1b68b447baa82cb87eb53c68989856d0349daf51cd00a48467f85703579a2ddc58724ab09ae8e3e5d0e710066a0d88e576dc360c5e69d2bcc568f748d2cdb64439a1a4d497c3edd0de28a5ac17bbc4aeef8e3b0a6f5f5d99e2116d954a5a4724327be699fd5affd4d60c79223e73cd7dc69c723c4a796ef7d57e20ef42cad2aed1402df698e22c79ea5924037370e177a5da513bfc4fb48c1a63e2c2bac7eee3c15d479ac403bef69f0cb9fcb89c5a386dfacdae0b61b37ee55d23a22d89b37d3bccc88ddfccbd2b4988ec8cdc184df927915f52738d06945f5eeb66f7561fa27c1be2b0754ec138193821349eebe4466ea9670c755ab9bc5b5710f94671b2fa8fdb1debb2e840008b359f77cabf2332738f7f9b6d59f3014531b96c6b37250dcd2e522ae0e5a13974caaa7987d99985a55cd4a269752e66302d6205ca9917b40f7b23d81aceafe30f1edb1c7e3efd3bcfcdcb5b94ffcb39a0a390225405f3dcd62030ad02c3c7c3a195b0431f70b8a579c14498ab183f6494a397c38d08ad56800b983fcbc4a11e1330765df5a02e4eb0e0142ef65ddfd70f47cef2764ce86963939acc0a037083e1eb944286e010f4d272afc11bf2f2cbee97b9dfef1d230a524047f6f6f89ccef820af5de820d640e51ab55f35aa24704b0ca99ec5cab3189546a6b10af344ee33ad4dd17eef532e003291bad6ad42a9b4f338203ef462292a93821fdee1769de58dbda1a4db6e063c7fa5e8e23c1e6b0e4ee8aab172234d4ced5ddc42a6552ced0323cb9c8805ad2d51d98a9d51972d170e713c16cc449e657c0fd116c9c605bf87424bde8534f9c7894049b9100a7f892da6893b8ccc19a483158504c1b74aefdd0b29bbabd627798571feaea7482ebbf89808de4c4d1118c471df808efd0f4ba4a901d116ed2432b717f7a89d8167870a78492aabe568ef54b5acf1e32dbd00b4f3e5ae3afbd7f89e9d0a2c689c53954e81de9dce044270b90bac1b1bc6c9d868b9f853bc9beaa6c47c916f65ef724c1810f227bbcea88013104d4261230eca70101d0fa64158f3e681a200bf805e52166f08986cd3158b48cd55bd94a3e1b56deff0bc992dcf23f8418d8191605bfb0830ea2b5759a9d3040d85b59f6767f3fadbc5c3fe6b4adfac3fd06a483bb58ad9691a22bb2b81c90f014ed85e89b16539431028fa13b247cc89842bd085225dcf8188bc9180c4d5e475f231fa1096b429a470485ebf40a8231f82def8c3fd7ca8497761e1b9a356cbaf52e350e1bdf8657220e277d2f26dec66da54aff52d3caeaa749be8cafc9f569032c6588190856327f68728e7b536bab04aabbd1dcd6191d748eba116d1f7294c9fcdf32b3ee84592a14f55747e03b452b6c45a7f5a6c702c470000131cf53f034755108303a2c376059356097e89954207aa2138325698628769f710a4eb8db38ca67142624ae658f6e8a861a6873a09e948b06092796f4dde0ee0a37f0f6bee38861e60587caa65180a02973fc38964422fd910b3749c99a08f76160191855d49c4ae376f62d8aae80a76e92cb45ac9d8fc1b083da49e5a81058a243d46caec6766a16d6baf1a7125642b98bc437acd572e50651fe49dd455e26cac0b2d060061293424b0019f73e500668fe6f52f564da37b7df9cc6aa288ed2616386f7cbe7ca41bb4b4b57ef988fad0e29185df9f4942d1d70abd2bed628354418c394b3fb50b63080caa6cba92f3c2c890576927fa471622e736814e70ee9c668c427493d244c269cbff1672fe5ded2546d30d37abe5d6770a0d1a0ca1b178bef8d33e4133ebd8df39e74a7e10c165cf08438998dff442c4d7b1ccc5f5c4edead15f92e625040f7938fa3267a09aa9ca4a448cfc5e9d7690ad718c9d8dd4d8aa1852d4d6a6a453e8da2384b9a847d0cf09e712275e09450d8985d2e04254dd8b747481b0876d9ffcbeab938e171a325a483587586df9c6fd6873df049c7dbdd46bc0500083f696b7581ac06297534eb78bb86cd76aaa64eaaf8a6aba96a02be858f5f77e2eac2c2ce3320f7acb8300d85e04f901e94c2a3d11843607b61a7a94b776fbd2d14353678b34629c36c04295e9b058cd1eaece6184b5f4e41b73ac651e5c06bc0a4a28d31a4ca9a130e8c18fd479a84fe78239efa679a98a0de627eac49c643ffe046667fc6e351194c9992df4b38488edf108a640cabe936ab1d836c6318f2966d32081ad1d436d144b386cee85b249ab7f8469e5a8277968a1aec6c08a48d4526f21793270e79130e3dd5733ad94db81c7dc853f72860b23a05775ba979b9fcdcf4ca7586fdec8c9ebb68413af7e6bf837cd32752ef8729df7beb26ab324c0de8c5a1e7913d9f80f9f15fc97f425932f5c07492bf5b360f10e6a50481016b69c19e1d34d883452c40c8a589cb3bfcf7a49b46ad1818d907f55a73d1e28f161678bba95ed2cf55b6be1b237d73244520021a8734c2908b77fa26c4ec2f0b0baf752d37f622329d9e48203925a4eb2535f85c821a084ef328e56fef9ff513725f40337eea525723185ddc9b970a43cad82cfdb7125285b9795e90a256640f23a9450f91550ad8451862c7a698d30588a707cf507b72e6bb35cb1b2c4ae6319848d6de94f69fc1b25d756c6f499cdc1f3b929e72b874d7d8842a8a2d62b71efc8c759a7156d89f196cd886f60b8432f7b94109424582435d48db7d687e4a696a36f07b1062da896980c47c109f6f6b0825d541c079006b066cce8492d4f6ccbcb378245e16cb0af5ca8c2dd73385b3874bfe1276a591f6877a7a297ffcd1e64473c1a4672156510a4abb2b0ef73a6815e5a2e882209cc3092d829b51ef72832c74996d9018d0c8ba00bcd5af8062fc71b645b3c8209cdddbf7a106a5b8852cde1ff8cb2ab54afffbab58e2f5dfdf85220721f404972db2d294c0071812f6b760ef1d63667a687c49158d77ef3d5bf0d11e862b27eca4592a0c4339299c594ec63d59850105461d09b9c1d40863d57b20007c75d8fc91286280cfe418b90fd0dbff82091e49abc5f1252dbd69789affadcbad0ffe8e02b1d5b48a6bf3692486d954eb49141419c91491fc523c40c96ef4123f47196af5422fe39ba0d82933ecb03f27fce4f777897e04aaa3f7ddbe3484c9314088454f2bcd2fc0037970bd3fb06430c897fd937e832635e26abaf4b895d7e0a4cbca00dd7ad9b6a641aa398675febb44d0236e2c53f31ed254d131dbc622350df04f6406d7dae751da3081ce56334452f8a0b3e20a2cb0568070e4721472ab4f6832de1407e0f5dcc4e86ee59baab2cb52e756737990afe3749b473be772f9a498390ae3e4334c52540e486790463bbe214a2f31e7623c7c6ede778e74ce99db9f09543935ef19b1640d8757ca7043eb502b53c440c05d5b7b12fcdab908fd392b60cf553f4fb5c003dd77ce98e2db3e55096657ca488c30f4c67ebd3dd1244bb4970ac50edfbd28ad127261b7caf0c43db93ca79f955ffafa74f5532852cd9ab559df501da89ec806aeecbac0fa53a2a760e4589895b6c60f0db3b4e8f17d730e2a30f0b75e939e50b5145eef9652f107a6536a5e4f55d735b11531bc5b407bcdd08e74892277b1b74b9dee8f3e569314cb5a59d153f8be955ff4191a5455baf88a973b5c84463043525738e5d6271270ce83d85eb30c04d40f4074db4e8344fbefaa5fa10c2bf1c2f72e63a080d089bd68f1c4f4a118ebd2c70aba1dd60a03eebe27fb398868d234e3fb559e7d99b490e9f94fd49ed21f814382a95efc6448727dee265900c7757e71da6db9c66c53b393dd087accb7a50d6fde58dd1f1e032b095280541d71a5cd5e0534ea87662540faa4048ec0b3c58c828da2622440c9c0ced19f286f8968a3fa55d142aa5bebd4511fc0753b560840a1ae9a866dfa5230aa22ba1d22f1aa2f23948d19d43a919717e35582a3b0cfef2a1408611edd6c6bfce8735df9f02df0799dc560d4482573455a0c7933c67f8f758012a7b08eeed863f71789a157723f429fa47d4b1cedb89bf91a619266b0eb380afd00d67af2ec719bfeb215694daf1d85b663969353686a0c0e52bfee80c2f4c2e495e58ed0d9117fd99fdbf2f32c548550ed6238f2a492a02227e9eef95329660fd849bd01e76efe0120da6ba6f7e0391e5411b7b72fd8f167b6f8e43c10b5adc1d0b36b049cbe87c14bb71f1bb345c76eaf18dd3f4d4a4b39f29099e07444dc8a037463053e9533e9f3a87217c313da5822b61f90e51483126f85cb047ba0d50eda4fe3874c93a65f002afb69e5b870477d51ac5f5b96f1ed02a953f670add0c26e3", 0x1000}, {&(0x7f00000003c0)="891ecf2354fdc6de2618bcbd351e31b2598948818adf4ea92f5ccc6183e6efd7f429567a517fbdd2e7c20410d0b63264fcccc9fad3067667fe3078895eace2b17e98ca068f520b765ff86fa9353d782993febfa3e17fcaf0eb44f4201b4125133f6de9520da6195dc60d34222fc88a3ac236b513d888a8853106d9fb5432d217d4bde0ca66e1a224bba525be5ff6c2dc07b475cb43cdf4fa64855145cd756b3a6da389263e2fab7333f295e42b14d187d9e737c6254a2e1d2bdffe544a92cbbfd754574c26b72ced46f9a7b079d3903ef37d50878d5b8036b45cd394496fe921ed34aec23270b3976561e9ed54693971b19a", 0xf2}, {&(0x7f0000000580)="7dff8d9b4015d668b64c758ae27560a744f214485d2cb59d46360f9dca67bb2e90558e07013fdf0142ba3e9f737ccf7920698e4f8d71f70741a434e9f030a930b203c8edd06a6bf075d93c06286d9b2aeea969a0470115cd07c55430b4f1f5419c50fd179f7f81970c0437f81b349e42e35fd189c79b01659d985969df357c8e759e11b6c738b02a1db5107a33ae4f294fab9dae2c4eaead220d5bd76563f9f1d2ef56a56b7533260e248af6c6a09622d8a7e5d3c0ec8aaf03acf1da", 0xbc}], 0x3, 0x4, 0x3)
sendmsg$unix(r8, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@cred={{0x1c, 0x1, 0x2, {r9}}}], 0x20}, 0x0)
sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@bridge_getlink={0x58, 0x10, 0x100, 0x0, 0x0, {0x7, 0x0, 0x0, r6, 0x14352}, [@IFLA_VFINFO_LIST={0x4}, @IFLA_TXQLEN={0x8, 0xd, 0xfffffffa}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x3c7f2}, @IFLA_NET_NS_PID={0x8, 0x13, r9}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x40}, @IFLA_NET_NS_PID={0x8, 0x13, r9}, @IFLA_BROADCAST={0xa, 0x2, @random="6512654e0929"}]}, 0x58}}, 0x0)

5.270273846s ago: executing program 1 (id=3687):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x38, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
socket$inet_udp(0x2, 0x2, 0x0)
mmap(&(0x7f0000abb000/0x1000)=nil, 0x1000, 0x0, 0x102000200032, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="6c001100", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x0)

5.17773505s ago: executing program 2 (id=3688):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0xffffffff}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x20, 0x12, 0xa01, 0x0, 0x0, {0xa}}, 0x26}}, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_group_source_req(r1, 0x0, 0x2e, &(0x7f0000000080)={0x9, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @broadcast}}}, 0x108)
setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f0000000a40)={0x9, {{0x2, 0x100, @multicast2}}}, 0x90)

5.109235599s ago: executing program 1 (id=3689):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a32000000001400000011"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x44, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x17}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x6c}}, 0x10)
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={0x0}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x19, 0x4, 0x8, 0x8, 0x4, 0xffffffffffffffff, 0x40000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x100)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in6=@dev, 0x0, 0x0, 0x0, 0xf7fd, 0x2, 0x0, 0x0, 0x11}, {0x0, 0x0, 0x995, 0x0, 0x0, 0x2}, {}, 0x0, 0x0, 0x1}, {{@in=@private=0xa010100, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
syz_emit_ethernet(0x4a, &(0x7f00000000c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a27f2", 0x14, 0x2c, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
r3 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

5.057462667s ago: executing program 0 (id=3690):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0xa, 0x9, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x3, 0x6, &(0x7f0000000180)=ANY=[@ANYBLOB="180200000000001b000000000000000018130000", @ANYRES32=r2, @ANYBLOB="000000000000000085000000c000000095"], &(0x7f0000001680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000003c0)="9e36d4fd3108451a7818d854b388", 0x0, 0x10700, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = socket(0x10, 0x3, 0x0)
r5 = socket(0x11, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000600)={'team0\x00', <r6=>0x0})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x28011, r7, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000880)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, [0x8]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x40040c0}, 0x20000000)
socket$kcm(0x11, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYRES64=r9], 0x48)
r11 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000100)=0x101, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r10}, &(0x7f0000000500), &(0x7f00000002c0)=r9}, 0x20)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000880)=ANY=[@ANYRES32=r10, @ANYRES32=r11, @ANYRES16=r8], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r10}, &(0x7f00000006c0), &(0x7f0000000700)=r9}, 0x20)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYRESDEC], 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x40480d0)

4.965890204s ago: executing program 2 (id=3691):
syz_emit_ethernet(0x82, &(0x7f0000000000)={@broadcast, @random="1704b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414aa, @rand_addr, {[@lsrr={0x83, 0x3}, @rr={0x7, 0x2a}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@private=0xa010101}, {@private}, {@dev}, {@remote}, {@private}, {@dev}, {@private}]}]}}}}}}}, 0x0)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000000040)=""/247, 0x26, 0xf7, 0x1, 0x0, 0x0, @void, @value}, 0x20)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYRES16=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
syz_emit_ethernet(0x82, &(0x7f0000000000)={@broadcast, @random="1704b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414aa, @rand_addr, {[@lsrr={0x83, 0x3}, @rr={0x7, 0x2a}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@private=0xa010101}, {@private}, {@dev}, {@remote}, {@private}, {@dev}, {@private}]}]}}}}}}}, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000000040)=""/247, 0x26, 0xf7, 0x1, 0x0, 0x0, @void, @value}, 0x20) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYRES16=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) (async)

4.926243105s ago: executing program 1 (id=3692):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xa000000}}], {0x95, 0x0, 0x0, 0x4100}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

4.839273158s ago: executing program 3 (id=3693):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x0)
getsockname$packet(r0, 0x0, &(0x7f0000001480))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x34, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000380)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x1, 0xfff3}, {}, {0xfff3}}}, 0x24}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@bloom_filter={0x1e, 0xfffffffc, 0xa3, 0x0, 0x0, 0xffffffffffffffff, 0xe5c0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x0, 0x5, @void, @value, @void, @value}, 0x50)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000600)={'syztnl2\x00', &(0x7f0000000540)={'syztnl2\x00', <r7=>0x0, 0x4, 0x6, 0xb, 0x6, 0x2f, @mcast1, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x81, 0x700, 0x81, 0x2}})
bpf$ITER_CREATE(0x21, &(0x7f0000000640)={r3}, 0x8)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@bloom_filter={0x1e, 0x3, 0xffff0268, 0xfff, 0x8, r6, 0x401, '\x00', r7, 0xffffffffffffffff, 0x1, 0x5, 0x3, 0x6, @void, @value, @void, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x3, &(0x7f00000001c0)={r8, 0x0, 0x0}, 0x20)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f00000003c0)={'gre0\x00', &(0x7f0000000240)={'ip_vti0\x00', <r9=>0x0, 0x40, 0x7, 0x4, 0x9, {{0x13, 0x4, 0x0, 0x7, 0x4c, 0x65, 0x0, 0x3, 0x29, 0x0, @remote, @multicast2, {[@timestamp_addr={0x44, 0x2c, 0x80, 0x1, 0x1, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, {@loopback, 0xe}, {@loopback, 0x8000}, {@remote, 0xfffff800}, {@loopback, 0x2}]}, @generic={0x44, 0x9, "9abdbd9a8c4998"}]}}}}})
bind$packet(r5, &(0x7f0000000440)={0x11, 0xd, r9, 0x1, 0x10, 0x6, @local}, 0x14)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'geneve1\x00'})
sendto$packet(r5, &(0x7f0000000040)="0b031200e0ff64000200475400f6a13bb1000000086086dd4803", 0x1a, 0x4800, &(0x7f0000000140)={0x11, 0x1, r9, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1f}}, 0x14)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRESDEC=r10, @ANYBLOB="01980000000000002000128008000100677265001400028008000700ac"], 0x40}}, 0x800)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

4.824013667s ago: executing program 0 (id=3694):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x10, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x4, 0x79, 0x10, 0x48}, [@ldst={0x3, 0x0, 0x3, 0xa, 0x0, 0xfffffffffffffff8}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x8, 0xc6, &(0x7f0000000400)=""/198, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

4.775486709s ago: executing program 2 (id=3695):
socket$kcm(0x11, 0x3, 0x0) (async)
r0 = socket$kcm(0x11, 0x3, 0x0)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000440)=ANY=[@ANYRES16], 0x1c}], 0x1}, 0x0)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001380)='net_prio.prioidx\x00', 0x275a, 0x0) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001380)='net_prio.prioidx\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000004, 0x12, r3, 0x0)
write$cgroup_subtree(r3, &(0x7f00000001c0)={[{0x2b, 'net_prio'}, {0x2b, 'hugetlb'}, {0x2b, 'net'}, {0x2b, 'net_prio'}, {0x2b, 'rlimit'}, {0x2b, 'rdma'}, {0x2d, 'cpuset'}, {0x2b, 'cpu'}]}, 0x3d)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getsockopt$inet_mreqsrc(r2, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f00000000c0)=0x28)
getsockopt$inet_buf(r2, 0x0, 0x2a, &(0x7f0000000100)=""/33, &(0x7f0000000140)=0x21)
sendmsg$kcm(r0, &(0x7f0000000580)={&(0x7f0000001340)=@hci={0x1f, 0x0, 0x47}, 0x80, &(0x7f0000000d80)=[{&(0x7f0000000000)="5a5a5718fb956db600000000888e", 0xe}], 0x1}, 0x90)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
socket$inet_tcp(0x2, 0x1, 0x0)

4.601511189s ago: executing program 0 (id=3696):
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$SO_COOKIE(r0, 0x1, 0x39, &(0x7f0000000000), &(0x7f0000000080)=0x8) (async)
r1 = socket$kcm(0xa, 0x3, 0x3a)
socket$packet(0x11, 0x2, 0x300) (async, rerun: 64)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0x0, 0xac14140c}, 0xff000000}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)="8bcd", 0xffe3}], 0x1, 0x0, 0x0, 0x900}, 0x60) (async, rerun: 64)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (rerun: 64)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r4=>0x0})
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) (async)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) (async, rerun: 32)
sendto$inet(r5, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 32)
sendmsg$inet6(r3, &(0x7f0000000240)={&(0x7f0000000100)={0xa, 0x4e24, 0x1ff, @remote, 0x6}, 0x1c, &(0x7f0000019700)=[{&(0x7f0000000180)="1ce96d4207ea4be7fd1563788673e1e2", 0x10}, {&(0x7f00000001c0)="311f871008db5172a898977d6f1cda76107f4fa0bf5a50cf7a86c6e982114955fcaff7f6bcd9f4986571a65662c96a1845e50874b7ebc53c103fdc39cccea0a53a3c3da3014e8bfbacdf53352f5028c67e41a8b8208259c0cf1ea178fbaf3821fccd2c7adc76c85f9b0682b4fad3fb8af5585a73ab2895920f91af2db011a0", 0x7f}, {&(0x7f0000019580)="368a57536d39a2ef1df45348aa3a73df1e446fddba2f15f6a2b4c6e6dfc84f9df58e629533b9d11027464c53f6e2ae64610b4377b9b180a8c92e29a1ac09651794a3ad659e14c85197468b6742bc8516e277f0fc945d327beaa29de6ca8b1585b627a8b8d3ab5194c119fd5dd0a6ee70f35b8930a96c0850d17d911f344811fd68fda013b9dc479aa4c9a4e833377323812bec52a4340f33174d27a0fb15d503072560b43be93e8c8f764ec975b04eb0ca880f7f7c01a7de09417bb40836efe3bc47d032d1eadbe409ef389635", 0xcd}, {&(0x7f00000002c0)="c1b5884ceb2e62a29c369193b7cb7bc6b8619c4ce72640d817f80553b7b7f312c9a5da4b877b3df24fc4b25be08be46deedecfa69d8381e1f3561ee3a9b83bdc4a57663edf6b08320793a836d726271e9867734a5f5b25e54f33b3b6f9909f98dcfe61a1ad97392c3ce020c3f0", 0x6d}, {&(0x7f00000004c0)="2818407bac21b27e755ed73e77bdd811452afb37157df735a9250f56b36588b24f41628a674ef0c4a1fe51dcfc6f9468af95eac394d19fd1a16d6b2e30bc5e6bd0819e2190960e5a8b8275b38ff0e06e17c52fffeceb40b561c6daee214e447b1a50968c26d55152424dfde78543b094dde12e61da0970b06810028dcf44e9d9574b6437135bab4d75195e65214a3dda2fa344e6964a704fc6ebaed9166688427dca91d9be93c6fa200c526c09c74a", 0xaf}, {&(0x7f0000019680)="bbed1c62ad06c29a094fa9b467ea08857fcee3ecece349b28d1d742570ede1a6ca94e3adc25e1bbf24bf88e3f579804ba6f23a8b4a5b6836e3d1fd5567cfd6b8e9cd0a2e7ac75d4ae2ebd7f65dcc13b8742a01499dbce036b31b4ee5d14123d340d50ebcb362ab256f787e7a8a0f9c9c7e6870b76c1429", 0x77}], 0x6, &(0x7f0000019780)=ANY=[@ANYBLOB="480000000000000029000000370000002b0500000000000007100000000302000200000000000a000000c910fe8000000000000000000000000000aa000100010500000000000000380000000000000029000000360000002f03000000000000010100c910fe8000000000000000000000000000bbc204000000050000000000140000000000000029000000340000000700000000000000080100000000000029000000370000003a1d000000000000c91000000000000000000000ffff0000000004010d6fc867bc8699020d2b9d31ca666ed234bdb5dd34e17c0da41cab7cca073892ad3347a6d8cfb6fec3dee415186ad3e210898a0a6d691d350ecdc7de4747ad4e82dfcb52f0c72cf7d65bee3c7d11647efff76532721004fbd08bcbf525c566955364092c34b2d89b7fbe92cc4d53565a284251b72e099891209c2ee792fac99b9c781c090000000000000092bf629e9aa3ca092772ee03fca53e3ced80929294a73352c020f27add58909da6b8c9081830b957d46603db5dd479ea74a8d23346e0b845dc0e6a087e78df6105020008000100c2040000080000000000200000000000000029000000370000002f0000000000000000010000000000001400000000000000290000003e000000040000000000000070010000000000002900000037000000292a0000000000000107000000000000000401040730000000030a04050006000000000000000700000000000000010400000000000001800000000000000600000000000000c91000000000000000000000ffff7f00000104010b040102050200080cf5305405a45a04f6430b601f092b442f32913374a8331e280600470c574d7f9f33c3e8d1bd7ed65018577bd8410e842a88e0913f39d079986fe6f00d59b7fc2c6cc0b184cf81c0e25625e7964ef4e466d362e7438398ec602233a151c92dc9b2484f0bb512acf1bde7e99222859f0eb007ba17203366ea875d8b1beeb966dd8890fc2632d7200cf516e91fd553aa8ca4319c48881c94f73813adf3a7bfdda917f6d51f10f9a2fd82b521527272545a540196ad3bb21d188c9d622ce73ad9a5d870166aa5a3ea1e766cf7b82015e36cc5d408c7d94f7388724e30bd6c955a2176617d4493f88a28c4c694b573162e6198a77db052a09900000000000000"], 0x348}, 0x4000098)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61128c000000000061138c0000000000bf2000000000000015000000081400002d0301000000000095000000000000006916600000000000bf67000000000000260300000fff0748670600000f000000170300000ee60020bf050000000000001d360000000000006507f9ff01000000070700004c000000cc75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000000500000000000000950000000000000032ff7f5be95e09b67754bb12feffffff8ecf264e0f84f9f17d3c51e3c7bdd2d17f2f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703d6c4f6f3be5b369289aa6812b8e007e733b9a4f16d0abbd5ad9381806ef08513e3d3778a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad5b803306b17cf4ef3f1d45f65727546e7c955ccefa1f6ab689fde4de4e63edf10271a5144ddc8da3aa5b0ab733a1b901627b562ed04ae76002d4519af619e3a2a4d69e0dee5eb106774a8f3e6916dfec88b5634ef79b02d2ca8ff54c158f0200000000eafb735fd552bdc206004aeb0743eb2dc819c75c8ac86d8a297dff0445a13d006723888fb126a163f16fb2ad9bc1162ba7cbebe174cecac4d03723f1c932b3faffffffffffffff5fc998e13b670e373e3e5897f7ad2e99e0e67a993716dbf580469f0f53acbb40b401e3738270b315d362ed834f2a0700000096649a462e7ee4bcf8b07a101c879730beb4000000000000000000000000000000bc00f674629709e7e78f4ddc3d1bc3ebf0bd9d42ca019dd5d022cf7468659fbe2562671cd47840a7afaab43176e65ec1118d46d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7eab04871bc47287cd313f3bea788ea2bcdc340ffb567b40407d000000000000000000000000005f37d83f84e98a523d80bd0d0d703f3767ce603c9d4867b63d20a268bb9f15a0a6e66ce4660fbee91629ab028acfc1d9260e9659a0f6a5480a55c22fe3ae5f562d0ae520c38d2bab6528000000596fb73a96b33c81cdbbd421a27f7f1db054cc7a0a4d372849c99a98822103b9851d924b85b1ca4b21b187db00000000000000066dead3b9670a7604a5ddd0fd2e4fb8a5749a8a8ad78454ba1eebeff1b528da294247d294d2487babb176fdfafeb3d492a325671e6b91afb41f87feda4ce2f468a3758750c0b8f151d4d8574bbbe027687a0e12311cdf3384a26ee3f6f2424ba1e5be98ef1f8f2db9a4991e234f9f447e1730ceaf54cf25c0e3ad7cbb0de06d55db89d154c9d3fcd01c551b0ef58034c252629aefbfd5305845b9a8763b264e8f0bcd0f606fe92e511f122325ebc5fef1b68f2e2ec7bebe423d4baae0e27845d0eb8b8a4f97f83424221e94a5c4623feb8496ccdbc55b27773bf1b3e6a91a20e0c27fc80262647f88d8d1123d199b2c7729bb7700e887ea963f00004a1d0851dbfb9308d16cadcc7b477c9a9586571182526898735552a203c4797228533b1a73ab44aa115136353964648abcc4adbe765556643842290a92eafea0ec2c000000000000000000000000000000e1f3518dc3fc2bbefe043804ac1b6b1c8b7e3afed045a3a808700bca61a39d5bfa83877803013e2d145e642253632f3a283c6eee0e22cb69fe7f94786220c31e9b2a82a9856e947bace74923e4740bf1c17cb41ef19161c3d417655517c28bd08dee32d77a40b834ba7a12223354e9321b8300f7d5d63fa0e8f074adc176285a8f41609ce040cec99943792f5443ca5292447b0f0f240743c4b2b8142ce0b43d4d1731ce11533f61ef241c83557f5aae58a848b5ccce86b8b0fb21fe369c90f06e2d9680003df72f3f0060e6c3415cc1026d342003bece09fbfd062efdd9b48377335903f3b4e87386915e3ac429a4db646da1cc6e29ad8650f4da326cbfdce12c8d5deba32549d6aefe422e0d665d62325c737fe76ec1f3c3670ed96f86738a2cf1c59b5f9b84ffd068f7b4509f53617910a41b811a3f7cd6251f8100008133af11a4db2d00c0ad86ce9f40f3e06b41b45f72b1598a12abddf58ac778bff2f1e49306a1d2f80b2a7d7a28f3997ee60793c62ffee96535e47adac9f367395cf26056a4b76d646f7682f21beafcdb7a9c07acfd145487426f1a009327b8ec6e695e6a7ddcc2c9151cc9c4efa413fa1e521b398151247104bc47748199441cf298e925ef2e3374f4ec0193b38a355c35ee44962fceb3f418510742c93a442f857733b74b6d9197cd62784d7f2afa6a4bc5cae18e33435665250241a7ffd96fc0790000009c17c570096bb75de737107e029b18ec0e61ab3761366452a1c6e3e3c912170f874555aaefc9644cffa768eb2b47c6b040698746df86026730db64859c46cdfb775b86214cfd1932d5ad87c56ea4f38bca780000000000000000000000003bf179c894590cb06b546082451bb735e7152afd5340683663e8effbfb49855ec98703a1e141ab7510fc0e3b081e72d25bfa4e52bedadd11e152bb1dcfcfe942b97b813cf4cdd8626ecfb630425db071c1bfdb03fee96f80b1a96f9427e17edfdc902749ccbab746e26a3a46527b3a32c49dab9608ab1dca3982590c1e78ff5c87d10eef5c3707974981c01c00000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94) (async)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000003c0)=ANY=[], 0x4c}}, 0x0) (async)
getsockopt(r5, 0x200000000114, 0x271e, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9)
setsockopt$ax25_SO_BINDTODEVICE(r5, 0x101, 0x19, &(0x7f00000000c0)=@netrom={'nr', 0x0}, 0x10) (async)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="2085020000000000240012800c0001006d6163766c616e00140002800800010010000000080003000200000008000500", @ANYRES32=r4, @ANYBLOB="3a5ef388d5c0f5e1986e1108b065476366f8b41a9019c2a30d0f79979b24513eccd79ed63e5c170f2f40d3c913f6c966c815328577e54a18fbd89ca266f5bde35b6467a2b4487799e42c65cd7f09f9568d58087fd215fb78606f10b2de574841fe610d908bfecf901776b4e38f7cecaab9492edb82a0f6cf5991fef012b1d6493e08d33f18637f5a2cb8d9779c830400c3b63437346801fdcc95a915d511ceac2e965889afdee26d578ec8ca4b22cc2c395eea9a6bb993912614ae3e16a409522adec21bdcfdf3800dac5130d2ebb77d5f8e43975feca2513bb1f82270bc975c1a5c315fd931646dc7211149381a0d08f6"], 0x4c}}, 0x0)

4.601211172s ago: executing program 1 (id=3697):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x70d, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendmsg$key(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[], 0x30}}, 0x4851)
sendmmsg$inet(r0, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000040)="93", 0x1}], 0x1}}], 0x1, 0x4040040)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f0000000000)={0x3, 0x9, 0x8000, 0xff, 0x8001, 0x8001, 0x44b8, 0x7ff}, 0x20)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000980)={0x2}, 0x10)
write(r1, &(0x7f0000000300)="1c0000001a005f0214f9f4070d0903001f000000fe05000000020000", 0x1c)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000005000/0xb000)=nil, 0xb000, 0x0, 0x0, 0x0, &(0x7f00000004c0)=""/218, 0xda, 0x0, 0x0}, &(0x7f0000000100)=0x40)

4.548711719s ago: executing program 3 (id=3698):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000001814010000000000030000000800010000000000080003"], 0x20}, 0x1, 0xf00, 0x0, 0x4080000}, 0x4000004)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

4.463494883s ago: executing program 1 (id=3699):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a32000000001400000011"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="142000001000010000000000000000000000000a44000000060a0b8400000000000000000200000024000480200001800700010002800800024000000008080001400000001709001d0073797a3000000000140000001100010000000000000000000000000a"], 0x6c}}, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x19)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x19, 0x4, 0x8, 0x8, 0x4, 0xffffffffffffffff, 0x40000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = socket$alg(0x26, 0x5, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0xe0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x37, &(0x7f0000000580)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000600), &(0x7f0000000640), 0x8, 0x76, 0x8, 0x8, &(0x7f00000006c0)}}, 0x10)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffff"], 0x6f4}}, 0x0)

4.413720661s ago: executing program 2 (id=3700):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000611494000000000e05000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

4.314958358s ago: executing program 3 (id=3701):
r0 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="88000000140000022c4300", @ANYRES32=r1, @ANYBLOB="08000100ac1414bb08000200ffffffff140006000e00000022070000040000007f000000080008008000000014000600db3600000b000000030000000800000008000800140400001400060002000000fdffffff04000000050000001400030074756e6c3000"/112], 0x88}, 0x1, 0x0, 0x0, 0x240409d0}, 0x4) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={{0x14}, [@NFT_MSG_NEWRULE={0x88, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x48, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x24, 0x5, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xb0}}, 0x0)
getsockopt(r0, 0x6, 0xd, &(0x7f0000000180)=""/133, &(0x7f0000000240)=0x85) (async)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000003c0)={{{@in, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@dev}, 0x0, @in=@multicast1}}, &(0x7f00000004c0)=0xe8)
r5 = socket$phonet(0x23, 0x2, 0x1)
r6 = socket$netlink(0x10, 0x3, 0xc) (async)
pipe(&(0x7f0000000700)) (async)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000002840)={0x0, <r7=>0x0}, &(0x7f0000002880)=0xc)
sendmsg$netlink(r6, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000002780)=[{&(0x7f0000000980)={0x10, 0x32, 0x4, 0x70bd25, 0x25dfdbff}, 0x10}], 0x1, &(0x7f0000002900)=[@cred={{0x1c, 0x1, 0x2, {0x0, r7}}}], 0x20, 0x50}, 0x40880) (async)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000500)={{{@in6=@ipv4={""/10, ""/2, @broadcast}, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@private0}}, &(0x7f0000000640)=0xe8)
sendmsg$nl_xfrm(r0, &(0x7f00000006c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2082000}, 0xc, &(0x7f0000000680)={&(0x7f0000000800)=@expire={0x6fc, 0x18, 0x10, 0x70bd25, 0x25dfdbfe, {{{@in6=@private1, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4e22, 0x3, 0x4e23, 0x0, 0x2, 0x20, 0x80, 0x16, r1, r4}, {@in=@multicast2, 0x4d5, 0xff}, @in=@broadcast, {0x9, 0x0, 0x0, 0xfffffffffffff801, 0x9, 0x7, 0xf68, 0x5}, {0x0, 0xa14, 0x0, 0xcd7d}, {0x7, 0x10000, 0x8}, 0x70bd2a, 0x0, 0x2, 0x3, 0x6, 0x40}, 0xd}, [@tmpl={0x184, 0x5, [{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4d5, 0x3c}, 0x2, @in=@multicast1, 0x3503, 0x0, 0x0, 0x8, 0x26a4, 0xfffff5ae, 0x12f}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4d6, 0x33}, 0x2, @in=@local, 0x3506, 0x3, 0x1, 0xf8, 0x4, 0x2, 0x3}, {{@in=@multicast1, 0x4d5, 0x6c}, 0x2, @in6=@private2, 0x0, 0x1, 0x0, 0x4, 0x80, 0x1, 0x8}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x40}, 0x4d2, 0x2b}, 0x2, @in6=@rand_addr=' \x01\x00', 0x3502, 0x0, 0x0, 0x5, 0x2, 0x15, 0x7f}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x27}, 0x4d4, 0x2b}, 0x2, @in=@multicast1, 0x0, 0x1, 0x2, 0xe, 0x58, 0x2, 0xfd0155f8}, {{@in=@multicast2, 0x4d2, 0x2b}, 0x2, @in6=@mcast1, 0x3502, 0x2, 0x1, 0x25, 0x93, 0xaf, 0x59f}]}, @extra_flags={0x8, 0x18, 0xac8}, @encap={0x1c, 0x4, {0x3, 0x4e21, 0x4e23, @in6=@local}}, @replay_thresh={0x8, 0xb, 0x9}, @sa={0xe4, 0x6, {{@in=@rand_addr=0x64010101, @in6=@mcast1, 0x4e24, 0x0, 0x4e24, 0x7ff, 0xa, 0x0, 0x7c5ca6dc67d1b24c, 0x0, r1, r7}, {@in=@private=0xa010102, 0x4d4, 0x3c}, @in=@multicast1, {0x5, 0xfffffffeffffffff, 0x8, 0x4, 0x4b1, 0x9, 0x9, 0x9}, {0x5, 0xf, 0x7, 0x6}, {0x4be4, 0x9, 0x3}, 0x70bd26, 0x3504, 0x2, 0x3, 0x5, 0xd8}}, @migrate={0x9c, 0x11, [{@in=@rand_addr=0x64010102, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in=@broadcast, @in6=@mcast1, 0xff, 0x0, 0x0, 0x0, 0x2, 0x2}, {@in6=@empty, @in6=@remote, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in=@broadcast, 0x33, 0x4, 0x0, 0x3501, 0x2, 0xa}]}, @migrate={0x1cc, 0x11, [{@in6=@loopback, @in=@loopback, @in=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x2b, 0x2, 0x0, 0x0, 0xa, 0x2}, {@in6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2b}}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in=@private=0xa010102, @in=@local, 0x32, 0x4, 0x0, 0x3505, 0x2, 0x2}, {@in=@private=0xa010100, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@multicast2, @in=@rand_addr=0x64010101, 0x32, 0x2, 0x0, 0x0, 0x2, 0x2}, {@in=@multicast2, @in6=@remote, @in=@private=0xa010100, @in6=@remote, 0x6c, 0x0, 0x0, 0x0, 0x2, 0x2}, {@in=@dev={0xac, 0x14, 0x14, 0x17}, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@multicast1, @in=@rand_addr=0x64010101, 0x17, 0x3, 0x0, 0x3500, 0x2, 0x2}, {@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in=@multicast2, @in=@rand_addr=0x64010102, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0xff, 0x1, 0x0, 0x0, 0x2, 0x2}]}, @srcaddr={0x14, 0xd, @in=@loopback}, @replay_val={0x10, 0xa, {0x70bd26, 0x70bd2c, 0x898}}, @sa={0xe4, 0x6, {{@in6=@mcast2, @in6=@ipv4={'\x00', '\xff\xff', @multicast1}, 0x4e24, 0xda5d, 0x4e20, 0x7fff, 0xa, 0xe0, 0xa0, 0x87, r1, r8}, {@in6=@dev={0xfe, 0x80, '\x00', 0x2a}, 0x4d6, 0x33}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, {0x4b7c, 0x66, 0x9, 0x5, 0x4, 0x8, 0x2, 0x8}, {0x81, 0x8, 0x5, 0x30d}, {0x8, 0x2, 0x1}, 0x70bd28, 0x3502, 0x0, 0x3, 0x5, 0x2}}]}, 0x6fc}, 0x1, 0x0, 0x0, 0x20000004}, 0x40014)
r9 = accept$netrom(r0, &(0x7f0000000280)={{0x3, @null}, [@remote, @null, @netrom, @netrom, @default, @bcast, @rose, @rose]}, &(0x7f0000000300)=0x48)
setsockopt$SO_TIMESTAMP(r9, 0x1, 0x23, &(0x7f0000000340), 0x4)
ioctl$F2FS_IOC_GET_COMPRESS_OPTION(r2, 0x8002f515, &(0x7f00000000c0)) (async)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001600)=@newqdisc={0xa4, 0x24, 0xf0b, 0x0, 0xfffffffc, {0x0, 0x0, 0x12, r1, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0xb}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x0, 0x8, 0x0, 0xfffe, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x5c7}]}]}]}}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

4.22588049s ago: executing program 2 (id=3702):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a32000000001400000011"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x44, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x17}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x6c}}, 0x10)
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={0x0}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x19, 0x4, 0x8, 0x8, 0x4, 0xffffffffffffffff, 0x40000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x100)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in6=@dev, 0x0, 0x0, 0x0, 0xf7fd, 0x2, 0x0, 0x0, 0x11}, {0x0, 0x0, 0x995, 0x0, 0x0, 0x2}, {}, 0x0, 0x0, 0x1}, {{@in=@private=0xa010100, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
syz_emit_ethernet(0x4a, &(0x7f00000000c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a27f2", 0x14, 0x2c, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
r3 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

4.107558566s ago: executing program 1 (id=3703):
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x80002, 0x0) (async)
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001, 0x8}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0xfffe, 0x0, @mcast1, 0x9}, 0x1c) (async)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0xfffe, 0x0, @mcast1, 0x9}, 0x1c)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r1, &(0x7f0000000080)={{0x3, @null, 0x3}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast]}, 0x48)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}, 0x12}], 0x400000000000172, 0x4001c00)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
r2 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000100)=[{{0x0, 0x1, 0x1, 0x1}, {0x3, 0x1, 0x0, 0x1}}, {{0x1, 0x1, 0x1, 0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x0, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x1}}, {{0x1, 0x1, 0x1}, {0x3, 0x1, 0x0, 0x1}}], 0x38) (async)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000100)=[{{0x0, 0x1, 0x1, 0x1}, {0x3, 0x1, 0x0, 0x1}}, {{0x1, 0x1, 0x1, 0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x0, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x1}}, {{0x1, 0x1, 0x1}, {0x3, 0x1, 0x0, 0x1}}], 0x38)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0xd}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=@newtfilter={0x48, 0x2c, 0xd27, 0x70bd2d, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x1, 0xfff3}, {}, {0x5}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x14, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x7, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0xfffffffffffffe77, 0x1, 0x3}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x4}]}]}}]}, 0x48}}, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, 0x0, 0x4000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x10, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000711046000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

4.030250718s ago: executing program 4 (id=3704):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000380)={0x0, {0x2, 0x4e23, @empty}, {0x2, 0x0, @loopback}, {0x2, 0x4e21, @empty}, 0x107, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000})
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000001f40)={0x0, @in6={{0xa, 0x0, 0x0, @mcast1}}}, &(0x7f00000002c0)=0x98)
ioctl$sock_inet_SIOCADDRT(r0, 0x890c, &(0x7f0000000840)={0x0, {0x2, 0x4e24, @empty}, {0x2, 0x44, @multicast2}, {0x2, 0x4e22, @remote}, 0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x3})

0s ago: executing program 2 (id=3705):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r0)
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000040), r0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000a, 0x12012, r4, 0x0)
write$cgroup_int(r4, &(0x7f0000000000), 0xffffff6a)
ioctl$FS_IOC_RESVSP(r4, 0x4030582b, &(0x7f0000000300)={0x1100, 0x0, 0x7f, 0x2a40})
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000040)={'team0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000780)=ANY=[@ANYBLOB="5400000010000304000000000000000000000400", @ANYRES32=0x0, @ANYBLOB="00030000000000002c0012800b00010062726964676500001c00028008000500010000000500250001000000050029000000000008000a00", @ANYRES32=r5], 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x8044)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000100)={<r6=>0x0, @rand_addr, @initdev}, &(0x7f0000000140)=0xc)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', <r7=>0x0})
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000200)={'vcan0\x00', <r8=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'dummy0\x00', <r9=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'vxcan1\x00', <r10=>0x0})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000340)={'gre0\x00', &(0x7f00000002c0)={'gretap0\x00', <r11=>0x0, 0x20, 0x7, 0xd, 0x9, {{0x17, 0x4, 0x3, 0x29, 0x5c, 0x64, 0x0, 0x0, 0x2f, 0x0, @multicast1, @dev={0xac, 0x14, 0x14, 0x39}, {[@cipso={0x86, 0x3c, 0x3, [{0x7, 0x8, "a37403c06e36"}, {0x5, 0xa, "4d2f9ea14eff9537"}, {0x1, 0x12, "afc38af2dc12a94ac0078ca193209b27"}, {0x6, 0x12, "7ee5f4d0501f4d81370a58bcdf887347"}]}, @rr={0x7, 0xb, 0xf9, [@multicast2, @empty]}]}}}}})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000440)={'team0\x00', <r12=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000580)={'syztnl2\x00', &(0x7f0000000480)={'erspan0\x00', <r13=>0x0, 0x8, 0x7800, 0x3, 0x5, {{0x34, 0x4, 0x3, 0x9, 0xd0, 0x68, 0x0, 0x6, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010102, {[@timestamp_addr={0x44, 0xc, 0x11, 0x1, 0x1, [{@broadcast, 0x3ff}]}, @end, @rr={0x7, 0x1b, 0x16, [@remote, @empty, @loopback, @remote, @loopback, @multicast1]}, @noop, @lsrr={0x83, 0x17, 0x60, [@empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @dev={0xac, 0x14, 0x14, 0x2d}, @multicast1]}, @cipso={0x86, 0x17, 0x2, [{0x6, 0x2}, {0x2, 0xf, "088bb4978da57c0b2e57157b7e"}]}, @ra={0x94, 0x4}, @ssrr={0x89, 0x7, 0x73, [@dev={0xac, 0x14, 0x14, 0xc}]}, @timestamp_prespec={0x44, 0x2c, 0x58, 0x3, 0x1, [{@private=0xa010100, 0x9}, {@multicast1, 0x1f}, {@multicast2, 0x9}, {@dev={0xac, 0x14, 0x14, 0xb}}, {@multicast2, 0x1}]}, @lsrr={0x83, 0x2b, 0x44, [@local, @broadcast, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010101, @remote, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x21}, @dev={0xac, 0x14, 0x14, 0x20}, @initdev={0xac, 0x1e, 0x1, 0x0}]}]}}}}})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000005c0)={'team0\x00', <r14=>0x0})
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
getsockopt(0xffffffffffffffff, 0xfffffe01, 0xb7f, &(0x7f0000000380)=""/138, &(0x7f0000000800)=0x8a)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000680)={'ip6_vti0\x00', &(0x7f0000000600)={'syztnl0\x00', <r15=>0x0, 0x29, 0x9, 0x2, 0x30000, 0x76, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1, 0x700, 0x9, 0x1}})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000006c0)={'team0\x00', <r16=>0x0})
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000700)={'wg1\x00', <r17=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000007c0)={'syztnl2\x00', &(0x7f0000000740)={'ip6_vti0\x00', <r18=>0x0, 0x29, 0x8, 0x80, 0x7, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7, 0x8, 0x8001, 0x5}})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000001000)={'team0\x00', <r19=>0x0})
sendmsg$TEAM_CMD_PORT_LIST_GET(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000f80)={&(0x7f0000000840)={0x724, r2, 0x200, 0x70bd28, 0x25dfdbfb, {}, [{{0x8, 0x1, r5}, {0xb4, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r6}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}, {{0x8, 0x1, r7}, {0x210, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x6e8a}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x10001}}}, {0x7c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x4c, 0x4, [{0x3, 0x2, 0x0, 0x7}, {0x3, 0x2, 0x2, 0x2}, {0x7, 0x4, 0x1, 0x72a2}, {0xe40, 0x7f, 0x8, 0x6}, {0x5, 0x5, 0x6, 0x5}, {0x9, 0x5, 0x1, 0x4}, {0xa00, 0xf, 0x9, 0x9}, {0x8, 0x6, 0x7e, 0x7}, {0x8, 0xe1, 0x65, 0x5}]}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}]}}, {{0x8, 0x1, r9}, {0x134, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r10}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x7d8}}, {0x8, 0x6, r11}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x10001}}}]}}, {{0x8, 0x1, r12}, {0x19c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x74, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x44, 0x4, [{0x0, 0x0, 0x6, 0x31e}, {0x4, 0x5, 0x6}, {0x80, 0x0, 0x7, 0xfffffe01}, {0x7f, 0x7, 0x6, 0x7}, {0x5, 0x2, 0x80, 0x101}, {0x0, 0x10, 0x6, 0x2}, {0x1, 0x5, 0x2, 0x3}, {0x7, 0x7, 0x9, 0x6}]}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r13}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x200}}}]}}, {{0x8, 0x1, r14}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r15}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}]}}, {{0x8, 0x1, r16}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r17}}}]}}, {{0x8, 0x1, r18}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffffffc}}}]}}, {{0x8}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x800}}}]}}, {{0x8, 0x1, r19}, {0x4}}]}, 0x724}, 0x1, 0x0, 0x0, 0x4}, 0x800)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r20=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001580)={&(0x7f00000015c0)=ANY=[@ANYBLOB="2c000002", @ANYRES16=r1, @ANYBLOB="010000000000000000000f00000008000300", @ANYRES32=r20, @ANYBLOB="05002a000000000008002b0000000100"], 0x2c}}, 0x0)

kernel console output (not intermixed with test programs):


[  271.412962][T14400] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2839'.
[  272.099535][T14433] netlink: 'syz.0.2849': attribute type 2 has an invalid length.
[  272.107692][T14433] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2849'.
[  272.160931][T14435] netlink: 'syz.1.2851': attribute type 10 has an invalid length.
[  272.206186][T14439] openvswitch: netlink: Invalid MD length 0 for MD type 0
[  272.225334][T14439] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  272.917041][T14470] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  272.956475][T14471] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2862'.
[  273.194378][T14481] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2866'.
[  273.412132][T14501] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2873'.
[  273.448362][T14501] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2873'.
[  273.560552][T14511] netlink: 'syz.1.2876': attribute type 10 has an invalid length.
[  274.000490][T14539] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2884'.
[  274.177549][T14549] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2887'.
[  274.253252][T14546] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2887'.
[  274.469856][T14562] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  274.506201][T14567] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2891'.
[  274.522701][T14569] openvswitch: netlink: Actions may not be safe on all matching packets
[  274.529946][T14567] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2891'.
[  274.556593][T14567] netlink: 'syz.3.2891': attribute type 1 has an invalid length.
[  274.583618][T14567] nbd: error processing sock list
[  274.699625][T14575] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2896'.
[  274.745178][T14575] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2896'.
[  274.829494][T14583] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2897'.
[  275.248895][T14600] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  275.265505][T14598] netlink: 'syz.1.2903': attribute type 10 has an invalid length.
[  275.331784][T14606] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2901'.
[  275.516772][T14614] lo speed is unknown, defaulting to 1000
[  275.532595][T14614] lo speed is unknown, defaulting to 1000
[  275.758072][T14625] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2910'.
[  275.791573][T14627] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2909'.
[  275.849088][T14633] IPVS: set_ctl: invalid protocol: 136 224.0.0.1:20004
[  275.881604][T14635] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  275.892600][T14625] vxcan1 (unregistering): left allmulticast mode
[  275.912850][T14008] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  275.943643][T14008] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  276.097185][T14641] xt_cluster: you have exceeded the maximum number of cluster nodes (768 > 32)
[  276.577212][T14658] vlan4: entered promiscuous mode
[  276.601173][T14658] vlan4: entered allmulticast mode
[  276.887265][T14673] netlink: 'syz.3.2923': attribute type 11 has an invalid length.
[  276.931550][   T55] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  276.941058][T14678] netlink: 'syz.3.2923': attribute type 1 has an invalid length.
[  276.949763][   T55] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  276.965644][   T55] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  276.994668][   T55] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  277.002663][   T55] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  277.011088][   T55] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  277.338248][T14674] lo speed is unknown, defaulting to 1000
[  277.350171][T14689] lo speed is unknown, defaulting to 1000
[  277.357293][T14674] lo speed is unknown, defaulting to 1000
[  277.654494][T14674] chnl_net:caif_netlink_parms(): no params data found
[  277.925281][T14674] bridge0: port 1(bridge_slave_0) entered blocking state
[  277.937623][T14674] bridge0: port 1(bridge_slave_0) entered disabled state
[  277.963860][T14674] bridge_slave_0: entered allmulticast mode
[  277.974689][T14674] bridge_slave_0: entered promiscuous mode
[  278.015018][T14674] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.022199][T14674] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.053606][T14674] bridge_slave_1: entered allmulticast mode
[  278.060916][T14674] bridge_slave_1: entered promiscuous mode
[  278.575925][T14674] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  278.576478][T14744] FAULT_INJECTION: forcing a failure.
[  278.576478][T14744] name failslab, interval 1, probability 0, space 0, times 0
[  278.604127][T14744] CPU: 1 UID: 0 PID: 14744 Comm: syz.0.2944 Not tainted 6.14.0-rc5-syzkaller-00142-g77b2ab31fc65 #0
[  278.604159][T14744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  278.604172][T14744] Call Trace:
[  278.604180][T14744]  <TASK>
[  278.604188][T14744]  dump_stack_lvl+0x241/0x360
[  278.604221][T14744]  ? __pfx_dump_stack_lvl+0x10/0x10
[  278.604244][T14744]  ? __pfx__printk+0x10/0x10
[  278.604268][T14744]  ? kmem_cache_alloc_noprof+0x48/0x380
[  278.604308][T14744]  ? __pfx___might_resched+0x10/0x10
[  278.604342][T14744]  should_fail_ex+0x40a/0x550
[  278.604379][T14744]  should_failslab+0xac/0x100
[  278.604408][T14744]  ? mempool_init_node+0x1ee/0x4e0
[  278.604434][T14744]  kmem_cache_alloc_noprof+0x70/0x380
[  278.604463][T14744]  ? __pfx_mempool_alloc_slab+0x10/0x10
[  278.604490][T14744]  mempool_init_node+0x1ee/0x4e0
[  278.604522][T14744]  ? __pfx_mempool_alloc_slab+0x10/0x10
[  278.604547][T14744]  ? __pfx_mempool_free_slab+0x10/0x10
[  278.604571][T14744]  mempool_init_noprof+0x3a/0x50
[  278.604599][T14744]  bioset_init+0x2e8/0x820
[  278.604634][T14744]  ? __pfx_bioset_init+0x10/0x10
[  278.604664][T14744]  ? __kasan_kmalloc+0x98/0xb0
[  278.604691][T14744]  ? __alloc_disk_node+0x60/0x580
[  278.604714][T14744]  __alloc_disk_node+0x88/0x580
[  278.604740][T14744]  __blk_mq_alloc_disk+0x218/0x370
[  278.604776][T14744]  ? __pfx___blk_mq_alloc_disk+0x10/0x10
[  278.604826][T14744]  ? __pfx_idr_alloc+0x10/0x10
[  278.604865][T14744]  nbd_dev_add+0x50f/0xc60
[  278.604895][T14744]  ? __mutex_lock+0x397/0x1010
[  278.604924][T14744]  ? aa_get_newest_label+0xff/0x6f0
[  278.604955][T14744]  ? __pfx_nbd_dev_add+0x10/0x10
[  278.605004][T14744]  ? bpf_lsm_capable+0x9/0x10
[  278.605035][T14744]  ? security_capable+0x7e/0x2d0
[  278.605065][T14744]  ? radix_tree_lookup+0x238/0x290
[  278.605095][T14744]  nbd_genl_connect+0xc01/0x1c80
[  278.605144][T14744]  ? __pfx_nbd_genl_connect+0x10/0x10
[  278.605184][T14744]  ? __nla_parse+0x40/0x60
[  278.605210][T14744]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  278.605249][T14744]  genl_rcv_msg+0xb1f/0xec0
[  278.605364][T14744]  ? __pfx_genl_rcv_msg+0x10/0x10
[  278.605424][T14744]  ? __pfx_lock_acquire+0x10/0x10
[  278.605455][T14744]  ? __pfx_nbd_genl_connect+0x10/0x10
[  278.605481][T14744]  ? __pfx___might_resched+0x10/0x10
[  278.605521][T14744]  netlink_rcv_skb+0x206/0x480
[  278.605544][T14744]  ? __pfx_genl_rcv_msg+0x10/0x10
[  278.605575][T14744]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  278.605632][T14744]  genl_rcv+0x28/0x40
[  278.605657][T14744]  netlink_unicast+0x7f6/0x990
[  278.605700][T14744]  ? __pfx_netlink_unicast+0x10/0x10
[  278.605730][T14744]  ? __virt_addr_valid+0x45f/0x530
[  278.605751][T14744]  ? __phys_addr_symbol+0x2f/0x70
[  278.605770][T14744]  ? __check_object_size+0x47a/0x730
[  278.605803][T14744]  netlink_sendmsg+0x8de/0xcb0
[  278.605840][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  278.605869][T14744]  ? aa_sock_msg_perm+0x91/0x160
[  278.605906][T14744]  ? __pfx_netlink_sendmsg+0x10/0x10
[  278.605928][T14744]  __sock_sendmsg+0x221/0x270
[  278.605957][T14744]  ____sys_sendmsg+0x53a/0x860
[  278.605984][T14744]  ? __pfx_____sys_sendmsg+0x10/0x10
[  278.606002][T14744]  ? __fget_files+0x2a/0x410
[  278.606036][T14744]  ? __fget_files+0x2a/0x410
[  278.606073][T14744]  __sys_sendmsg+0x269/0x350
[  278.606097][T14744]  ? __pfx___sys_sendmsg+0x10/0x10
[  278.606130][T14744]  ? do_sys_openat2+0x17a/0x1d0
[  278.606187][T14744]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  278.606221][T14744]  ? do_syscall_64+0x100/0x230
[  278.606252][T14744]  ? do_syscall_64+0xb6/0x230
[  278.606291][T14744]  do_syscall_64+0xf3/0x230
[  278.606319][T14744]  ? clear_bhb_loop+0x35/0x90
[  278.606352][T14744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.606379][T14744] RIP: 0033:0x7fb9db98d169
[  278.606398][T14744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  278.606415][T14744] RSP: 002b:00007fb9dc89c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  278.606437][T14744] RAX: ffffffffffffffda RBX: 00007fb9dbba5fa0 RCX: 00007fb9db98d169
[  278.606451][T14744] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000004
[  278.606464][T14744] RBP: 00007fb9dc89c090 R08: 0000000000000000 R09: 0000000000000000
[  278.606476][T14744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  278.606488][T14744] R13: 0000000000000000 R14: 00007fb9dbba5fa0 R15: 00007fffbc49f608
[  278.606519][T14744]  </TASK>
[  279.134629][T14674] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  279.153686][ T5833] Bluetooth: hci5: command tx timeout
[  279.181583][T14744] nbd: failed to add new device
[  279.240239][T14750] netlink: 'syz.2.2946': attribute type 29 has an invalid length.
[  279.264975][T14754] netlink: 'syz.2.2946': attribute type 29 has an invalid length.
[  279.369535][T14674] team0: Port device team_slave_0 added
[  279.414781][T14674] team0: Port device team_slave_1 added
[  279.465315][T14674] batman_adv: batadv0: Adding interface: batadv_slave_0
[  279.472380][T14674] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.500818][T14674] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  279.515078][T14767] veth0_to_hsr: invalid flags given to default FDB implementation
[  279.535743][T14674] batman_adv: batadv0: Adding interface: batadv_slave_1
[  279.543229][T14674] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.598093][T14674] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  279.698991][T14674] hsr_slave_0: entered promiscuous mode
[  279.715045][T14674] hsr_slave_1: entered promiscuous mode
[  279.738339][T14772] netlink: 'syz.1.2953': attribute type 10 has an invalid length.
[  280.029165][T14786] __nla_validate_parse: 8 callbacks suppressed
[  280.029184][T14786] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2957'.
[  280.034343][T14674] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.050477][T14786] FAULT_INJECTION: forcing a failure.
[  280.050477][T14786] name failslab, interval 1, probability 0, space 0, times 0
[  280.070118][T14786] CPU: 0 UID: 0 PID: 14786 Comm: syz.3.2957 Not tainted 6.14.0-rc5-syzkaller-00142-g77b2ab31fc65 #0
[  280.070148][T14786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  280.070161][T14786] Call Trace:
[  280.070168][T14786]  <TASK>
[  280.070178][T14786]  dump_stack_lvl+0x241/0x360
[  280.070219][T14786]  ? __pfx_dump_stack_lvl+0x10/0x10
[  280.070243][T14786]  ? __pfx__printk+0x10/0x10
[  280.070267][T14786]  ? kmem_cache_alloc_noprof+0x48/0x380
[  280.070298][T14786]  ? __pfx___might_resched+0x10/0x10
[  280.070332][T14786]  should_fail_ex+0x40a/0x550
[  280.070370][T14786]  should_failslab+0xac/0x100
[  280.070400][T14786]  ? mempool_init_node+0x1ee/0x4e0
[  280.070422][T14786]  kmem_cache_alloc_noprof+0x70/0x380
[  280.070452][T14786]  ? __pfx_mempool_alloc_slab+0x10/0x10
[  280.070484][T14786]  mempool_init_node+0x1ee/0x4e0
[  280.070517][T14786]  ? __pfx_mempool_alloc_slab+0x10/0x10
[  280.070542][T14786]  ? __pfx_mempool_free_slab+0x10/0x10
[  280.070564][T14786]  mempool_init_noprof+0x3a/0x50
[  280.070590][T14786]  bioset_init+0x2e8/0x820
[  280.070624][T14786]  ? __pfx_bioset_init+0x10/0x10
[  280.070652][T14786]  ? __kasan_kmalloc+0x98/0xb0
[  280.070679][T14786]  ? __alloc_disk_node+0x60/0x580
[  280.070704][T14786]  __alloc_disk_node+0x88/0x580
[  280.070732][T14786]  __blk_mq_alloc_disk+0x218/0x370
[  280.070769][T14786]  ? __pfx___blk_mq_alloc_disk+0x10/0x10
[  280.070823][T14786]  ? __pfx_idr_alloc+0x10/0x10
[  280.070859][T14786]  nbd_dev_add+0x50f/0xc60
[  280.070886][T14786]  ? __mutex_lock+0x397/0x1010
[  280.070913][T14786]  ? aa_get_newest_label+0xff/0x6f0
[  280.070942][T14786]  ? __pfx_nbd_dev_add+0x10/0x10
[  280.070990][T14786]  ? bpf_lsm_capable+0x9/0x10
[  280.071020][T14786]  ? security_capable+0x7e/0x2d0
[  280.071050][T14786]  ? radix_tree_lookup+0x253/0x290
[  280.071079][T14786]  nbd_genl_connect+0xc01/0x1c80
[  280.071118][T14786]  ? __pfx_nbd_genl_connect+0x10/0x10
[  280.071158][T14786]  ? __nla_parse+0x40/0x60
[  280.071186][T14786]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  280.071234][T14786]  genl_rcv_msg+0xb1f/0xec0
[  280.071272][T14786]  ? __pfx_genl_rcv_msg+0x10/0x10
[  280.071332][T14786]  ? __pfx_lock_acquire+0x10/0x10
[  280.071364][T14786]  ? __pfx_nbd_genl_connect+0x10/0x10
[  280.071391][T14786]  ? __pfx___might_resched+0x10/0x10
[  280.071431][T14786]  netlink_rcv_skb+0x206/0x480
[  280.071455][T14786]  ? __pfx_genl_rcv_msg+0x10/0x10
[  280.071487][T14786]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  280.071543][T14786]  genl_rcv+0x28/0x40
[  280.071570][T14786]  netlink_unicast+0x7f6/0x990
[  280.071610][T14786]  ? __pfx_netlink_unicast+0x10/0x10
[  280.071641][T14786]  ? __virt_addr_valid+0x45f/0x530
[  280.071662][T14786]  ? __phys_addr_symbol+0x2f/0x70
[  280.071682][T14786]  ? __check_object_size+0x47a/0x730
[  280.071716][T14786]  netlink_sendmsg+0x8de/0xcb0
[  280.071753][T14786]  ? __pfx_netlink_sendmsg+0x10/0x10
[  280.071783][T14786]  ? aa_sock_msg_perm+0x91/0x160
[  280.071821][T14786]  ? __pfx_netlink_sendmsg+0x10/0x10
[  280.071843][T14786]  __sock_sendmsg+0x221/0x270
[  280.071873][T14786]  ____sys_sendmsg+0x53a/0x860
[  280.071904][T14786]  ? __pfx_____sys_sendmsg+0x10/0x10
[  280.071923][T14786]  ? __fget_files+0x2a/0x410
[  280.071956][T14786]  ? __fget_files+0x2a/0x410
[  280.071998][T14786]  __sys_sendmsg+0x269/0x350
[  280.072025][T14786]  ? __pfx___sys_sendmsg+0x10/0x10
[  280.072060][T14786]  ? do_sys_openat2+0x17a/0x1d0
[  280.072120][T14786]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  280.072154][T14786]  ? do_syscall_64+0x100/0x230
[  280.072187][T14786]  ? do_syscall_64+0xb6/0x230
[  280.072228][T14786]  do_syscall_64+0xf3/0x230
[  280.072258][T14786]  ? clear_bhb_loop+0x35/0x90
[  280.072293][T14786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.072321][T14786] RIP: 0033:0x7f898518d169
[  280.072340][T14786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  280.072359][T14786] RSP: 002b:00007f8985fdb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  280.072382][T14786] RAX: ffffffffffffffda RBX: 00007f89853a5fa0 RCX: 00007f898518d169
[  280.072398][T14786] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000004
[  280.072411][T14786] RBP: 00007f8985fdb090 R08: 0000000000000000 R09: 0000000000000000
[  280.072423][T14786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  280.072434][T14786] R13: 0000000000000000 R14: 00007f89853a5fa0 R15: 00007ffdeb62de08
[  280.072465][T14786]  </TASK>
[  280.530904][T14786] nbd: failed to add new device
[  280.622593][T14674] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.706552][T14674] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.804616][T14674] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.999067][T14810] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2967'.
[  281.122256][T14674] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  281.148959][T14674] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  281.160427][T14814] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2969'.
[  281.167359][T14674] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  281.186211][T14814] FAULT_INJECTION: forcing a failure.
[  281.186211][T14814] name failslab, interval 1, probability 0, space 0, times 0
[  281.204141][T14814] CPU: 0 UID: 0 PID: 14814 Comm: syz.3.2969 Not tainted 6.14.0-rc5-syzkaller-00142-g77b2ab31fc65 #0
[  281.204189][T14814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  281.204212][T14814] Call Trace:
[  281.204226][T14814]  <TASK>
[  281.204241][T14814]  dump_stack_lvl+0x241/0x360
[  281.204294][T14814]  ? __pfx_dump_stack_lvl+0x10/0x10
[  281.204327][T14814]  ? __pfx__printk+0x10/0x10
[  281.204350][T14814]  ? __kmalloc_cache_node_noprof+0x47/0x3a0
[  281.204383][T14814]  ? __pfx___might_resched+0x10/0x10
[  281.204417][T14814]  should_fail_ex+0x40a/0x550
[  281.204454][T14814]  should_failslab+0xac/0x100
[  281.204483][T14814]  ? bdi_alloc+0x4f/0x140
[  281.204512][T14814]  __kmalloc_cache_node_noprof+0x6f/0x3a0
[  281.204550][T14814]  bdi_alloc+0x4f/0x140
[  281.204580][T14814]  __alloc_disk_node+0xb8/0x580
[  281.204608][T14814]  __blk_mq_alloc_disk+0x218/0x370
[  281.204645][T14814]  ? __pfx___blk_mq_alloc_disk+0x10/0x10
[  281.204699][T14814]  ? __pfx_idr_alloc+0x10/0x10
[  281.204738][T14814]  nbd_dev_add+0x50f/0xc60
[  281.204768][T14814]  ? __mutex_lock+0x397/0x1010
[  281.204797][T14814]  ? aa_get_newest_label+0xff/0x6f0
[  281.204828][T14814]  ? __pfx_nbd_dev_add+0x10/0x10
[  281.204877][T14814]  ? bpf_lsm_capable+0x9/0x10
[  281.204907][T14814]  ? security_capable+0x7e/0x2d0
[  281.204938][T14814]  ? radix_tree_lookup+0x253/0x290
[  281.204967][T14814]  nbd_genl_connect+0xc01/0x1c80
[  281.205006][T14814]  ? __pfx_nbd_genl_connect+0x10/0x10
[  281.205046][T14814]  ? __nla_parse+0x40/0x60
[  281.205071][T14814]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  281.205112][T14814]  genl_rcv_msg+0xb1f/0xec0
[  281.205150][T14814]  ? __pfx_genl_rcv_msg+0x10/0x10
[  281.205211][T14814]  ? __pfx_lock_acquire+0x10/0x10
[  281.205241][T14814]  ? __pfx_nbd_genl_connect+0x10/0x10
[  281.205267][T14814]  ? __pfx___might_resched+0x10/0x10
[  281.205306][T14814]  netlink_rcv_skb+0x206/0x480
[  281.205336][T14814]  ? __pfx_genl_rcv_msg+0x10/0x10
[  281.205366][T14814]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  281.205423][T14814]  genl_rcv+0x28/0x40
[  281.205449][T14814]  netlink_unicast+0x7f6/0x990
[  281.205496][T14814]  ? __pfx_netlink_unicast+0x10/0x10
[  281.205527][T14814]  ? __virt_addr_valid+0x45f/0x530
[  281.205548][T14814]  ? __phys_addr_symbol+0x2f/0x70
[  281.205566][T14814]  ? __check_object_size+0x47a/0x730
[  281.205600][T14814]  netlink_sendmsg+0x8de/0xcb0
[  281.205637][T14814]  ? __pfx_netlink_sendmsg+0x10/0x10
[  281.205665][T14814]  ? aa_sock_msg_perm+0x91/0x160
[  281.205702][T14814]  ? __pfx_netlink_sendmsg+0x10/0x10
[  281.205723][T14814]  __sock_sendmsg+0x221/0x270
[  281.205751][T14814]  ____sys_sendmsg+0x53a/0x860
[  281.205780][T14814]  ? __pfx_____sys_sendmsg+0x10/0x10
[  281.205798][T14814]  ? __fget_files+0x2a/0x410
[  281.205832][T14814]  ? __fget_files+0x2a/0x410
[  281.205874][T14814]  __sys_sendmsg+0x269/0x350
[  281.205902][T14814]  ? __pfx___sys_sendmsg+0x10/0x10
[  281.205939][T14814]  ? do_sys_openat2+0x17a/0x1d0
[  281.205994][T14814]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  281.206026][T14814]  ? do_syscall_64+0x100/0x230
[  281.206057][T14814]  ? do_syscall_64+0xb6/0x230
[  281.206091][T14814]  do_syscall_64+0xf3/0x230
[  281.206121][T14814]  ? clear_bhb_loop+0x35/0x90
[  281.206155][T14814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.206184][T14814] RIP: 0033:0x7f898518d169
[  281.206203][T14814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  281.206221][T14814] RSP: 002b:00007f8985fdb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  281.206244][T14814] RAX: ffffffffffffffda RBX: 00007f89853a5fa0 RCX: 00007f898518d169
[  281.206260][T14814] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000004
[  281.206273][T14814] RBP: 00007f8985fdb090 R08: 0000000000000000 R09: 0000000000000000
[  281.206286][T14814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  281.206298][T14814] R13: 0000000000000000 R14: 00007f89853a5fa0 R15: 00007ffdeb62de08
[  281.206338][T14814]  </TASK>
[  281.606630][ T5833] Bluetooth: hci5: command tx timeout
[  281.625178][T14674] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  281.649424][T14814] nbd: failed to add new device
[  281.685970][T14819] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2971'.
[  281.697386][T14819] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2971'.
[  281.747400][T14816] lo speed is unknown, defaulting to 1000
[  281.856521][T14816] lo speed is unknown, defaulting to 1000
[  281.857975][T14674] 8021q: adding VLAN 0 to HW filter on device bond0
[  281.888449][T14674] 8021q: adding VLAN 0 to HW filter on device team0
[  281.935349][T14021] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.942615][T14021] bridge0: port 1(bridge_slave_0) entered forwarding state
[  281.995666][T14021] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.002872][T14021] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.140040][T14829] lo speed is unknown, defaulting to 1000
[  282.224171][T14829] lo speed is unknown, defaulting to 1000
[  282.470895][T14674] 8021q: adding VLAN 0 to HW filter on device batadv0
[  282.933162][T14854] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2979'.
[  283.042826][T14674] veth0_vlan: entered promiscuous mode
[  283.116553][T14860] netlink: 'syz.0.2980': attribute type 4 has an invalid length.
[  283.155184][T14861] netlink: 516 bytes leftover after parsing attributes in process `syz.2.2981'.
[  283.187451][T14674] veth1_vlan: entered promiscuous mode
[  283.264700][T14864] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2982'.
[  283.296924][T14674] veth0_macvtap: entered promiscuous mode
[  283.314713][T14864] FAULT_INJECTION: forcing a failure.
[  283.314713][T14864] name failslab, interval 1, probability 0, space 0, times 0
[  283.335519][T14674] veth1_macvtap: entered promiscuous mode
[  283.373438][T14864] CPU: 1 UID: 0 PID: 14864 Comm: syz.1.2982 Not tainted 6.14.0-rc5-syzkaller-00142-g77b2ab31fc65 #0
[  283.373467][T14864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  283.373478][T14864] Call Trace:
[  283.373485][T14864]  <TASK>
[  283.373493][T14864]  dump_stack_lvl+0x241/0x360
[  283.373520][T14864]  ? __pfx_dump_stack_lvl+0x10/0x10
[  283.373540][T14864]  ? __pfx__printk+0x10/0x10
[  283.373559][T14864]  ? kmem_cache_alloc_lru_noprof+0x4d/0x390
[  283.373585][T14864]  ? __pfx___might_resched+0x10/0x10
[  283.373614][T14864]  should_fail_ex+0x40a/0x550
[  283.373645][T14864]  should_failslab+0xac/0x100
[  283.373670][T14864]  ? bdev_alloc_inode+0x29/0x90
[  283.373687][T14864]  kmem_cache_alloc_lru_noprof+0x75/0x390
[  283.373717][T14864]  bdev_alloc_inode+0x29/0x90
[  283.373731][T14864]  ? __pfx_bdev_alloc_inode+0x10/0x10
[  283.373747][T14864]  alloc_inode+0x65/0x1a0
[  283.373774][T14864]  new_inode+0x22/0x1d0
[  283.373805][T14864]  bdev_alloc+0x26/0x380
[  283.373836][T14864]  __alloc_disk_node+0x12b/0x580
[  283.373861][T14864]  __blk_mq_alloc_disk+0x218/0x370
[  283.373893][T14864]  ? __pfx___blk_mq_alloc_disk+0x10/0x10
[  283.373941][T14864]  ? __pfx_idr_alloc+0x10/0x10
[  283.373978][T14864]  nbd_dev_add+0x50f/0xc60
[  283.374006][T14864]  ? __mutex_lock+0x397/0x1010
[  283.374045][T14864]  ? aa_get_newest_label+0xff/0x6f0
[  283.374076][T14864]  ? __pfx_nbd_dev_add+0x10/0x10
[  283.374125][T14864]  ? bpf_lsm_capable+0x9/0x10
[  283.374155][T14864]  ? security_capable+0x7e/0x2d0
[  283.374186][T14864]  ? radix_tree_lookup+0x253/0x290
[  283.374216][T14864]  nbd_genl_connect+0xc01/0x1c80
[  283.374255][T14864]  ? __pfx_nbd_genl_connect+0x10/0x10
[  283.374293][T14864]  ? __nla_parse+0x40/0x60
[  283.374317][T14864]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  283.374354][T14864]  genl_rcv_msg+0xb1f/0xec0
[  283.374390][T14864]  ? __pfx_genl_rcv_msg+0x10/0x10
[  283.374447][T14864]  ? __pfx_lock_acquire+0x10/0x10
[  283.374482][T14864]  ? __pfx_nbd_genl_connect+0x10/0x10
[  283.374508][T14864]  ? __pfx___might_resched+0x10/0x10
[  283.374547][T14864]  netlink_rcv_skb+0x206/0x480
[  283.374570][T14864]  ? __pfx_genl_rcv_msg+0x10/0x10
[  283.374599][T14864]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  283.374651][T14864]  genl_rcv+0x28/0x40
[  283.374676][T14864]  netlink_unicast+0x7f6/0x990
[  283.374716][T14864]  ? __pfx_netlink_unicast+0x10/0x10
[  283.374744][T14864]  ? __virt_addr_valid+0x45f/0x530
[  283.374765][T14864]  ? __phys_addr_symbol+0x2f/0x70
[  283.374783][T14864]  ? __check_object_size+0x47a/0x730
[  283.374815][T14864]  netlink_sendmsg+0x8de/0xcb0
[  283.374850][T14864]  ? __pfx_netlink_sendmsg+0x10/0x10
[  283.374875][T14864]  ? aa_sock_msg_perm+0x91/0x160
[  283.374910][T14864]  ? __pfx_netlink_sendmsg+0x10/0x10
[  283.374930][T14864]  __sock_sendmsg+0x221/0x270
[  283.374958][T14864]  ____sys_sendmsg+0x53a/0x860
[  283.374987][T14864]  ? __pfx_____sys_sendmsg+0x10/0x10
[  283.375005][T14864]  ? __fget_files+0x2a/0x410
[  283.375046][T14864]  ? __fget_files+0x2a/0x410
[  283.375083][T14864]  __sys_sendmsg+0x269/0x350
[  283.375109][T14864]  ? __pfx___sys_sendmsg+0x10/0x10
[  283.375141][T14864]  ? do_sys_openat2+0x17a/0x1d0
[  283.375197][T14864]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  283.375229][T14864]  ? do_syscall_64+0x100/0x230
[  283.375261][T14864]  ? do_syscall_64+0xb6/0x230
[  283.375292][T14864]  do_syscall_64+0xf3/0x230
[  283.375319][T14864]  ? clear_bhb_loop+0x35/0x90
[  283.375351][T14864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.375380][T14864] RIP: 0033:0x7f9fc0d8d169
[  283.375401][T14864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.375419][T14864] RSP: 002b:00007f9fc1c15038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  283.375442][T14864] RAX: ffffffffffffffda RBX: 00007f9fc0fa5fa0 RCX: 00007f9fc0d8d169
[  283.375458][T14864] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000004
[  283.375471][T14864] RBP: 00007f9fc1c15090 R08: 0000000000000000 R09: 0000000000000000
[  283.375483][T14864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  283.375496][T14864] R13: 0000000000000000 R14: 00007f9fc0fa5fa0 R15: 00007ffd0d48cec8
[  283.375526][T14864]  </TASK>
[  283.815061][ T5833] Bluetooth: hci5: command tx timeout
[  283.845233][T14866] siw: device registration error -23
[  283.854349][T14864] nbd: failed to add new device
[  283.920413][T14872] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2986'.
[  283.932583][T14872] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2986'.
[  284.047668][T14674] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  284.087654][T14674] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.099282][T14674] batman_adv: batadv0: Interface activated: batadv_slave_0
[  284.167151][T14674] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.183150][T14674] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.196908][T14674] batman_adv: batadv0: Interface activated: batadv_slave_1
[  284.220193][T14674] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  284.229309][T14674] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  284.238823][T14674] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  284.249210][T14674] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  284.334836][T14886] netlink: 'syz.0.2988': attribute type 15 has an invalid length.
[  284.472809][ T1333] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  284.504717][ T1333] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  284.568798][T14009] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  284.585255][T14009] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  284.757990][T14912] IPVS: set_ctl: invalid protocol: 60 0.0.0.0:20000
[  284.911717][T14907] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  285.258537][T14930] __nla_validate_parse: 4 callbacks suppressed
[  285.258556][T14930] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2999'.
[  285.276126][T14932] bond1: entered promiscuous mode
[  285.288240][T14932] bond1: entered allmulticast mode
[  285.294008][T14932] 8021q: adding VLAN 0 to HW filter on device bond1
[  285.453254][T14940] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3001'.
[  285.887696][ T5833] Bluetooth: hci5: command tx timeout
[  286.116669][T14964] GUP no longer grows the stack in syz.4.3007 (14964): 400000004000-40000000a000 (400000003000)
[  286.127798][T14964] CPU: 0 UID: 0 PID: 14964 Comm: syz.4.3007 Not tainted 6.14.0-rc5-syzkaller-00142-g77b2ab31fc65 #0
[  286.127828][T14964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  286.127842][T14964] Call Trace:
[  286.127850][T14964]  <TASK>
[  286.127859][T14964]  dump_stack_lvl+0x241/0x360
[  286.127893][T14964]  ? __pfx_dump_stack_lvl+0x10/0x10
[  286.127918][T14964]  ? __pfx__printk+0x10/0x10
[  286.127935][T14964]  ? find_vma+0xf9/0x170
[  286.127983][T14964]  __get_user_pages+0x3b07/0x4140
[  286.128030][T14964]  ? mark_lock+0x9a/0x360
[  286.128078][T14964]  ? __pfx___get_user_pages+0x10/0x10
[  286.128110][T14964]  ? __gup_longterm_locked+0xd2f/0x17f0
[  286.128135][T14964]  ? __pfx_down_read_killable+0x10/0x10
[  286.128173][T14964]  ? __pfx_lock_acquire+0x10/0x10
[  286.128206][T14964]  ? try_get_folio+0xf1/0x6f0
[  286.128229][T14964]  ? __pfx_lock_release+0x10/0x10
[  286.128270][T14964]  __gup_longterm_locked+0xe64/0x17f0
[  286.128326][T14964]  ? mark_lock+0x9a/0x360
[  286.128351][T14964]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  286.128385][T14964]  ? __pfx___gup_longterm_locked+0x10/0x10
[  286.128409][T14964]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  286.128448][T14964]  ? gup_fast_fallback+0x207e/0x29c0
[  286.128473][T14964]  gup_fast_fallback+0x2266/0x29c0
[  286.128530][T14964]  ? __pfx_gup_fast_fallback+0x10/0x10
[  286.128588][T14964]  ? __mutex_trylock_common+0x183/0x2e0
[  286.128613][T14964]  ? __pfx___might_resched+0x10/0x10
[  286.128639][T14964]  ? is_valid_gup_args+0x124/0x200
[  286.128673][T14964]  get_user_pages_fast+0xcc/0x160
[  286.128699][T14964]  ? __pfx_get_user_pages_fast+0x10/0x10
[  286.128718][T14964]  ? rcu_is_watching+0x15/0xb0
[  286.128742][T14964]  ? trace_contention_end+0x3c/0x120
[  286.128768][T14964]  ? __mutex_lock+0x397/0x1010
[  286.128802][T14964]  __iov_iter_get_pages_alloc+0x3b4/0x8e0
[  286.128837][T14964]  ? __se_sys_vmsplice+0x4b7/0x14a0
[  286.128870][T14964]  iov_iter_get_pages2+0xcf/0x130
[  286.128901][T14964]  ? __pfx_iov_iter_get_pages2+0x10/0x10
[  286.128941][T14964]  __se_sys_vmsplice+0x739/0x14a0
[  286.128968][T14964]  ? plist_del+0x3f1/0x410
[  286.129012][T14964]  ? __pfx___se_sys_vmsplice+0x10/0x10
[  286.129044][T14964]  ? __pfx_futex_wake+0x10/0x10
[  286.129125][T14964]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  286.129167][T14964]  ? do_syscall_64+0x100/0x230
[  286.129201][T14964]  ? do_syscall_64+0xb6/0x230
[  286.129234][T14964]  do_syscall_64+0xf3/0x230
[  286.129264][T14964]  ? clear_bhb_loop+0x35/0x90
[  286.129298][T14964]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.129328][T14964] RIP: 0033:0x7f877f58d169
[  286.129348][T14964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.129366][T14964] RSP: 002b:00007f878046c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[  286.129390][T14964] RAX: ffffffffffffffda RBX: 00007f877f7a5fa0 RCX: 00007f877f58d169
[  286.129406][T14964] RDX: 0000000000000001 RSI: 00004000000000c0 RDI: 000000000000000a
[  286.129417][T14964] RBP: 00007f877f60e2a0 R08: 0000000000000000 R09: 0000000000000000
[  286.129429][T14964] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  286.129441][T14964] R13: 0000000000000000 R14: 00007f877f7a5fa0 R15: 00007fff2f55d808
[  286.129472][T14964]  </TASK>
[  287.046506][   T55] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  287.058918][   T55] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  287.067466][   T55] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  287.107905][   T55] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  287.117860][   T55] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  287.126058][   T55] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  287.248965][   T82] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.340749][T14981] lo speed is unknown, defaulting to 1000
[  287.415002][   T82] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.452593][T14990] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3014'.
[  287.452616][T14981] lo speed is unknown, defaulting to 1000
[  287.609516][T15001] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3021'.
[  287.715944][   T82] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.792123][   T82] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.859950][T15015] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  287.916556][T15020] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3026'.
[  287.944840][T15020] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3026'.
[  287.955376][T15020] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3026'.
[  287.974005][T15017] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3026'.
[  288.120203][T15026] team0: Mode "ø?õ)balance" not found
[  288.254969][T15036] xfrm0 speed is unknown, defaulting to 1000
[  288.297241][T15036] xfrm0 speed is unknown, defaulting to 1000
[  288.298668][T15040] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3029'.
[  288.351608][   T82] team0: left allmulticast mode
[  288.367922][   T82] team_slave_0: left allmulticast mode
[  288.378548][   T82] team_slave_1: left allmulticast mode
[  288.389867][   T82] team0: left promiscuous mode
[  288.402120][   T82] team_slave_0: left promiscuous mode
[  288.419138][   T82] team_slave_1: left promiscuous mode
[  288.431101][   T82] bridge0: port 3(team0) entered disabled state
[  288.469888][   T82] bridge_slave_1: left allmulticast mode
[  288.483091][   T82] bridge_slave_1: left promiscuous mode
[  288.496932][   T82] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.511350][   T82] bridge_slave_0: left promiscuous mode
[  288.530052][   T82] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.084392][   T82] bond3 (unregistering): (slave gretap3): Releasing active interface
[  289.161615][ T5833] Bluetooth: hci2: command tx timeout
[  289.455534][   T82] bond1 (unregistering): Released all slaves
[  289.602437][   T82] bond2 (unregistering): Released all slaves
[  289.737051][   T82] bond0 (unregistering): Released all slaves
[  289.890206][   T82] bond3 (unregistering): Released all slaves
[  289.905652][   T82] bond4 (unregistering): Released all slaves
[  289.919202][T15036] xfrm0 speed is unknown, defaulting to 1000
[  289.925613][T14981] chnl_net:caif_netlink_parms(): no params data found
[  289.944242][T15036] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  290.122891][T15036] xfrm0 speed is unknown, defaulting to 1000
[  290.155423][T15036] xfrm0 speed is unknown, defaulting to 1000
[  290.205527][T15067] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3038'.
[  290.291302][T15036] xfrm0 speed is unknown, defaulting to 1000
[  290.366931][T14981] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.374529][T14981] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.381922][T14981] bridge_slave_0: entered allmulticast mode
[  290.391270][T14981] bridge_slave_0: entered promiscuous mode
[  290.401398][T15036] xfrm0 speed is unknown, defaulting to 1000
[  290.401494][T15073] netlink: 'syz.4.3040': attribute type 10 has an invalid length.
[  290.408976][T14981] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.409070][T14981] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.409288][T14981] bridge_slave_1: entered allmulticast mode
[  290.455599][T14981] bridge_slave_1: entered promiscuous mode
[  290.469129][T15036] xfrm0 speed is unknown, defaulting to 1000
[  290.477435][T15036] xfrm0 speed is unknown, defaulting to 1000
[  290.565806][T15073] veth0_vlan: left promiscuous mode
[  290.585526][T15073] veth0_vlan: entered promiscuous mode
[  290.600924][T15073] team0: Device veth0_vlan failed to register rx_handler
[  290.847384][T15036] xfrm0 speed is unknown, defaulting to 1000
[  290.934605][T14981] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  290.980364][T14981] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  291.238438][ T5833] Bluetooth: hci2: command tx timeout
[  291.422205][T14981] team0: Port device team_slave_0 added
[  291.516369][T14981] team0: Port device team_slave_1 added
[  291.548553][T15111] xfrm2: entered allmulticast mode
[  291.710746][T14981] batman_adv: batadv0: Adding interface: batadv_slave_0
[  291.734630][T14981] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  291.776531][T15121] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3052'.
[  291.803960][T14981] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  291.899930][   T82] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  291.925060][   T82] batman_adv: batadv0: Removing interface: batadv_slave_0
[  291.954711][   T82] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  291.971426][   T82] batman_adv: batadv0: Removing interface: batadv_slave_1
[  292.268473][T15148] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3061'.
[  292.289254][T15148] FAULT_INJECTION: forcing a failure.
[  292.289254][T15148] name failslab, interval 1, probability 0, space 0, times 0
[  292.364712][T15148] CPU: 1 UID: 0 PID: 15148 Comm: syz.4.3061 Not tainted 6.14.0-rc5-syzkaller-00142-g77b2ab31fc65 #0
[  292.364744][T15148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  292.364758][T15148] Call Trace:
[  292.364765][T15148]  <TASK>
[  292.364774][T15148]  dump_stack_lvl+0x241/0x360
[  292.364807][T15148]  ? __pfx_dump_stack_lvl+0x10/0x10
[  292.364831][T15148]  ? __pfx__printk+0x10/0x10
[  292.364854][T15148]  ? __kmalloc_cache_noprof+0x48/0x390
[  292.364885][T15148]  ? __pfx___might_resched+0x10/0x10
[  292.364918][T15148]  should_fail_ex+0x40a/0x550
[  292.364955][T15148]  should_failslab+0xac/0x100
[  292.364984][T15148]  __kmalloc_cache_noprof+0x70/0x390
[  292.365012][T15148]  ? __alloc_workqueue+0x179/0x1bb0
[  292.365058][T15148]  __alloc_workqueue+0x179/0x1bb0
[  292.365093][T15148]  ? __blk_mq_alloc_disk+0x239/0x370
[  292.365129][T15148]  ? __pfx___blk_mq_alloc_disk+0x10/0x10
[  292.365170][T15148]  alloc_workqueue+0xd6/0x210
[  292.365210][T15148]  ? __pfx_alloc_workqueue+0x10/0x10
[  292.365258][T15148]  nbd_dev_add+0x5c3/0xc60
[  292.365287][T15148]  ? __mutex_lock+0x397/0x1010
[  292.365318][T15148]  ? aa_get_newest_label+0xff/0x6f0
[  292.365349][T15148]  ? __pfx_nbd_dev_add+0x10/0x10
[  292.365399][T15148]  ? bpf_lsm_capable+0x9/0x10
[  292.365429][T15148]  ? security_capable+0x7e/0x2d0
[  292.365460][T15148]  ? radix_tree_lookup+0x253/0x290
[  292.365489][T15148]  nbd_genl_connect+0xc01/0x1c80
[  292.365527][T15148]  ? __pfx_nbd_genl_connect+0x10/0x10
[  292.365567][T15148]  ? __nla_parse+0x40/0x60
[  292.365593][T15148]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  292.365632][T15148]  genl_rcv_msg+0xb1f/0xec0
[  292.365672][T15148]  ? __pfx_genl_rcv_msg+0x10/0x10
[  292.365731][T15148]  ? __pfx_lock_acquire+0x10/0x10
[  292.365762][T15148]  ? __pfx_nbd_genl_connect+0x10/0x10
[  292.365788][T15148]  ? __pfx___might_resched+0x10/0x10
[  292.365828][T15148]  netlink_rcv_skb+0x206/0x480
[  292.365852][T15148]  ? __pfx_genl_rcv_msg+0x10/0x10
[  292.365883][T15148]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  292.365939][T15148]  genl_rcv+0x28/0x40
[  292.365965][T15148]  netlink_unicast+0x7f6/0x990
[  292.366008][T15148]  ? __pfx_netlink_unicast+0x10/0x10
[  292.366045][T15148]  ? __virt_addr_valid+0x45f/0x530
[  292.366067][T15148]  ? __phys_addr_symbol+0x2f/0x70
[  292.366085][T15148]  ? __check_object_size+0x47a/0x730
[  292.366119][T15148]  netlink_sendmsg+0x8de/0xcb0
[  292.366156][T15148]  ? __pfx_netlink_sendmsg+0x10/0x10
[  292.366184][T15148]  ? aa_sock_msg_perm+0x91/0x160
[  292.366221][T15148]  ? __pfx_netlink_sendmsg+0x10/0x10
[  292.366242][T15148]  __sock_sendmsg+0x221/0x270
[  292.366272][T15148]  ____sys_sendmsg+0x53a/0x860
[  292.366303][T15148]  ? __pfx_____sys_sendmsg+0x10/0x10
[  292.366321][T15148]  ? __fget_files+0x2a/0x410
[  292.366354][T15148]  ? __fget_files+0x2a/0x410
[  292.366394][T15148]  __sys_sendmsg+0x269/0x350
[  292.366421][T15148]  ? __pfx___sys_sendmsg+0x10/0x10
[  292.366457][T15148]  ? do_sys_openat2+0x17a/0x1d0
[  292.366518][T15148]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  292.366551][T15148]  ? do_syscall_64+0x100/0x230
[  292.366584][T15148]  ? do_syscall_64+0xb6/0x230
[  292.366616][T15148]  do_syscall_64+0xf3/0x230
[  292.366645][T15148]  ? clear_bhb_loop+0x35/0x90
[  292.366678][T15148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.366706][T15148] RIP: 0033:0x7f877f58d169
[  292.366725][T15148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.366742][T15148] RSP: 002b:00007f878046c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  292.366764][T15148] RAX: ffffffffffffffda RBX: 00007f877f7a5fa0 RCX: 00007f877f58d169
[  292.366780][T15148] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000004
[  292.366792][T15148] RBP: 00007f878046c090 R08: 0000000000000000 R09: 0000000000000000
[  292.366805][T15148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  292.366817][T15148] R13: 0000000000000000 R14: 00007f877f7a5fa0 R15: 00007fff2f55d808
[  292.366850][T15148]  </TASK>
[  292.366882][T15148] block (null): Could not allocate knbd recv work queue.
[  292.788597][T15148] nbd: failed to add new device
[  292.904339][   T82] pim6reg (unregistering): left allmulticast mode
[  292.983166][T15158] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input5
[  293.312905][   T82] team0 (unregistering): Port device team_slave_1 removed
[  293.320431][ T5833] Bluetooth: hci2: command tx timeout
[  293.371805][   T82] team0 (unregistering): Port device team_slave_0 removed
[  293.766821][T14981] batman_adv: batadv0: Adding interface: batadv_slave_1
[  293.780473][T14981] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  293.817138][T14981] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  293.878862][T15143] netlink: 11562 bytes leftover after parsing attributes in process `syz.2.3059'.
[  293.903397][T10858] lo speed is unknown, defaulting to 1000
[  293.913787][T10858] infiniband syz0: ib_query_port failed (-19)
[  293.997690][T15166] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3064'.
[  294.057502][T14981] hsr_slave_0: entered promiscuous mode
[  294.064881][T15169] netlink: 'syz.2.3067': attribute type 1 has an invalid length.
[  294.084754][T14981] hsr_slave_1: entered promiscuous mode
[  294.091187][T14981] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  294.109984][T14981] Cannot create hsr debugfs directory
[  294.203852][T15169] 8021q: adding VLAN 0 to HW filter on device bond7
[  294.219196][T15179] netlink: 'syz.0.3070': attribute type 29 has an invalid length.
[  294.291282][T15173] bond7: (slave gretap1): making interface the new active one
[  294.305385][T15173] bond7: (slave gretap1): Enslaving as an active interface with an up link
[  294.329386][T15178] netlink: 'syz.0.3070': attribute type 29 has an invalid length.
[  294.387763][T15185] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3071'.
[  294.409422][T15185] FAULT_INJECTION: forcing a failure.
[  294.409422][T15185] name failslab, interval 1, probability 0, space 0, times 0
[  294.447811][T15185] CPU: 0 UID: 0 PID: 15185 Comm: syz.4.3071 Not tainted 6.14.0-rc5-syzkaller-00142-g77b2ab31fc65 #0
[  294.447842][T15185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  294.447855][T15185] Call Trace:
[  294.447862][T15185]  <TASK>
[  294.447871][T15185]  dump_stack_lvl+0x241/0x360
[  294.447903][T15185]  ? __pfx_dump_stack_lvl+0x10/0x10
[  294.447928][T15185]  ? __pfx__printk+0x10/0x10
[  294.447951][T15185]  ? __kmalloc_cache_node_noprof+0x47/0x3a0
[  294.447984][T15185]  ? __pfx___might_resched+0x10/0x10
[  294.448011][T15185]  ? lockdep_init_map_type+0xa1/0x910
[  294.448047][T15185]  should_fail_ex+0x40a/0x550
[  294.448084][T15185]  should_failslab+0xac/0x100
[  294.448112][T15185]  ? __alloc_workqueue+0x6ad/0x1bb0
[  294.448144][T15185]  __kmalloc_cache_node_noprof+0x6f/0x3a0
[  294.448182][T15185]  __alloc_workqueue+0x6ad/0x1bb0
[  294.448231][T15185]  alloc_workqueue+0xd6/0x210
[  294.448269][T15185]  ? __pfx_alloc_workqueue+0x10/0x10
[  294.448317][T15185]  nbd_dev_add+0x5c3/0xc60
[  294.448346][T15185]  ? __mutex_lock+0x397/0x1010
[  294.448376][T15185]  ? aa_get_newest_label+0xff/0x6f0
[  294.448407][T15185]  ? __pfx_nbd_dev_add+0x10/0x10
[  294.448454][T15185]  ? bpf_lsm_capable+0x9/0x10
[  294.448484][T15185]  ? security_capable+0x7e/0x2d0
[  294.448515][T15185]  ? radix_tree_lookup+0x253/0x290
[  294.448545][T15185]  nbd_genl_connect+0xc01/0x1c80
[  294.448593][T15185]  ? __pfx_nbd_genl_connect+0x10/0x10
[  294.448632][T15185]  ? __nla_parse+0x40/0x60
[  294.448657][T15185]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  294.448697][T15185]  genl_rcv_msg+0xb1f/0xec0
[  294.448736][T15185]  ? __pfx_genl_rcv_msg+0x10/0x10
[  294.448797][T15185]  ? __pfx_lock_acquire+0x10/0x10
[  294.448828][T15185]  ? __pfx_nbd_genl_connect+0x10/0x10
[  294.448855][T15185]  ? __pfx___might_resched+0x10/0x10
[  294.448893][T15185]  netlink_rcv_skb+0x206/0x480
[  294.448917][T15185]  ? __pfx_genl_rcv_msg+0x10/0x10
[  294.448947][T15185]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  294.449002][T15185]  genl_rcv+0x28/0x40
[  294.449028][T15185]  netlink_unicast+0x7f6/0x990
[  294.449071][T15185]  ? __pfx_netlink_unicast+0x10/0x10
[  294.449102][T15185]  ? __virt_addr_valid+0x45f/0x530
[  294.449123][T15185]  ? __phys_addr_symbol+0x2f/0x70
[  294.449142][T15185]  ? __check_object_size+0x47a/0x730
[  294.449175][T15185]  netlink_sendmsg+0x8de/0xcb0
[  294.449207][T15185]  ? __pfx_netlink_sendmsg+0x10/0x10
[  294.449230][T15185]  ? aa_sock_msg_perm+0x91/0x160
[  294.449265][T15185]  ? __pfx_netlink_sendmsg+0x10/0x10
[  294.449283][T15185]  __sock_sendmsg+0x221/0x270
[  294.449312][T15185]  ____sys_sendmsg+0x53a/0x860
[  294.449342][T15185]  ? __pfx_____sys_sendmsg+0x10/0x10
[  294.449361][T15185]  ? __fget_files+0x2a/0x410
[  294.449395][T15185]  ? __fget_files+0x2a/0x410
[  294.449433][T15185]  __sys_sendmsg+0x269/0x350
[  294.449459][T15185]  ? __pfx___sys_sendmsg+0x10/0x10
[  294.449492][T15185]  ? do_sys_openat2+0x17a/0x1d0
[  294.449552][T15185]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  294.449593][T15185]  ? do_syscall_64+0x100/0x230
[  294.449626][T15185]  ? do_syscall_64+0xb6/0x230
[  294.449658][T15185]  do_syscall_64+0xf3/0x230
[  294.449685][T15185]  ? clear_bhb_loop+0x35/0x90
[  294.449719][T15185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.449747][T15185] RIP: 0033:0x7f877f58d169
[  294.449766][T15185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.449783][T15185] RSP: 002b:00007f878046c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  294.449807][T15185] RAX: ffffffffffffffda RBX: 00007f877f7a5fa0 RCX: 00007f877f58d169
[  294.449822][T15185] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000004
[  294.449835][T15185] RBP: 00007f878046c090 R08: 0000000000000000 R09: 0000000000000000
[  294.449848][T15185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  294.449860][T15185] R13: 0000000000000000 R14: 00007f877f7a5fa0 R15: 00007fff2f55d808
[  294.449892][T15185]  </TASK>
[  294.839880][T15185] block (null): Could not allocate knbd recv work queue.
[  294.848333][T15185] nbd: failed to add new device
[  294.936080][   T82] IPVS: stop unused estimator thread 0...
[  295.130125][T15206] netlink: 288 bytes leftover after parsing attributes in process `syz.2.3077'.
[  295.142914][T15205] netlink: 'syz.4.3075': attribute type 1 has an invalid length.
[  295.183613][T15205] netlink: 'syz.4.3075': attribute type 1 has an invalid length.
[  295.393797][ T5833] Bluetooth: hci2: command tx timeout
[  295.479902][T15218] netlink: 156 bytes leftover after parsing attributes in process `syz.2.3079'.
[  295.658575][T15228] netlink: 'syz.0.3084': attribute type 8 has an invalid length.
[  296.156473][T15248] netlink: 'syz.3.3092': attribute type 1 has an invalid length.
[  296.174008][T14981] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  296.200416][T14981] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  296.297860][T15248] 8021q: adding VLAN 0 to HW filter on device bond6
[  296.321427][T14981] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  296.369389][T14981] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  296.398033][T15251] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3093'.
[  296.557738][T14981] 8021q: adding VLAN 0 to HW filter on device bond0
[  296.634115][T14981] 8021q: adding VLAN 0 to HW filter on device team0
[  296.710165][T14021] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.717484][T14021] bridge0: port 1(bridge_slave_0) entered forwarding state
[  296.767693][T14009] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.775110][T14009] bridge0: port 2(bridge_slave_1) entered forwarding state
[  296.796057][T15278] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3100'.
[  296.807004][T15278] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3100'.
[  297.069774][T15290] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  297.271462][T15301] netlink: 'syz.3.3106': attribute type 29 has an invalid length.
[  297.314553][T15301] netlink: 'syz.3.3106': attribute type 29 has an invalid length.
[  297.385920][T14981] 8021q: adding VLAN 0 to HW filter on device batadv0
[  297.496991][T14981] veth0_vlan: entered promiscuous mode
[  297.541610][T14981] veth1_vlan: entered promiscuous mode
[  297.625720][T14981] veth0_macvtap: entered promiscuous mode
[  297.651180][T14981] veth1_macvtap: entered promiscuous mode
[  297.698276][T14981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.715161][T14981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.733418][T15319] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3113'.
[  297.743683][T15319] nbd: illegal input index -8454144
[  297.826205][T14981] batman_adv: batadv0: Interface activated: batadv_slave_0
[  297.877839][T14981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.913512][T14981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.952764][T14981] batman_adv: batadv0: Interface activated: batadv_slave_1
[  298.002364][T14981] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  298.021618][T14981] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  298.052139][T14981] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  298.073385][T14981] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  298.111602][T15336] netlink: 'syz.3.3119': attribute type 4 has an invalid length.
[  298.125036][T15332] netlink: 108 bytes leftover after parsing attributes in process `syz.4.3118'.
[  298.202884][T15341] netlink: 248 bytes leftover after parsing attributes in process `syz.0.3121'.
[  298.224630][T15339] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3120'.
[  298.239396][T15339] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3120'.
[  298.357607][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  298.393754][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  298.449328][T15348] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3118'.
[  298.509792][T14021] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  298.525074][T14021] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  298.598187][T15354] netlink: 'syz.2.3124': attribute type 2 has an invalid length.
[  298.770043][T15360] netlink: 'syz.3.3126': attribute type 10 has an invalid length.
[  298.852234][T15365] netlink: 'syz.4.3128': attribute type 1 has an invalid length.
[  299.310628][T15378] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3134'.
[  299.383506][T15384] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3136'.
[  299.389355][T15378] netlink: 'syz.3.3134': attribute type 15 has an invalid length.
[  299.715197][   T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  299.728326][   T55] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  299.743184][   T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  299.755697][   T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  299.765886][   T55] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  299.784136][   T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  300.086286][T15397] lo speed is unknown, defaulting to 1000
[  300.098588][T15397] xfrm0 speed is unknown, defaulting to 1000
[  300.132052][T15417] wg2: entered promiscuous mode
[  300.151925][T15417] wg2: entered allmulticast mode
[  300.324897][T15428] FAULT_INJECTION: forcing a failure.
[  300.324897][T15428] name failslab, interval 1, probability 0, space 0, times 0
[  300.379917][T15428] CPU: 1 UID: 0 PID: 15428 Comm: syz.1.3151 Not tainted 6.14.0-rc5-syzkaller-00142-g77b2ab31fc65 #0
[  300.379948][T15428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  300.379962][T15428] Call Trace:
[  300.379969][T15428]  <TASK>
[  300.379978][T15428]  dump_stack_lvl+0x241/0x360
[  300.380010][T15428]  ? __pfx_dump_stack_lvl+0x10/0x10
[  300.380034][T15428]  ? __pfx__printk+0x10/0x10
[  300.380057][T15428]  ? __kmalloc_cache_noprof+0x48/0x390
[  300.380090][T15428]  ? __pfx___might_resched+0x10/0x10
[  300.380122][T15428]  should_fail_ex+0x40a/0x550
[  300.380158][T15428]  should_failslab+0xac/0x100
[  300.380189][T15428]  __kmalloc_cache_noprof+0x70/0x390
[  300.380217][T15428]  ? apply_wqattrs_prepare+0x133/0xef0
[  300.380250][T15428]  apply_wqattrs_prepare+0x133/0xef0
[  300.380276][T15428]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  300.380313][T15428]  ? __alloc_workqueue+0xa80/0x1bb0
[  300.380347][T15428]  ? pcpu_alloc_noprof+0xfb8/0x1760
[  300.380385][T15428]  apply_workqueue_attrs_locked+0x63/0x200
[  300.380424][T15428]  __alloc_workqueue+0xf7e/0x1bb0
[  300.380478][T15428]  alloc_workqueue+0xd6/0x210
[  300.380518][T15428]  ? __pfx_alloc_workqueue+0x10/0x10
[  300.380567][T15428]  nbd_dev_add+0x5c3/0xc60
[  300.380597][T15428]  ? __mutex_lock+0x397/0x1010
[  300.380627][T15428]  ? aa_get_newest_label+0xff/0x6f0
[  300.380658][T15428]  ? __pfx_nbd_dev_add+0x10/0x10
[  300.380708][T15428]  ? bpf_lsm_capable+0x9/0x10
[  300.380738][T15428]  ? security_capable+0x7e/0x2d0
[  300.380769][T15428]  ? radix_tree_lookup+0x253/0x290
[  300.380799][T15428]  nbd_genl_connect+0xc01/0x1c80
[  300.380838][T15428]  ? __pfx_nbd_genl_connect+0x10/0x10
[  300.380878][T15428]  ? __nla_parse+0x40/0x60
[  300.380918][T15428]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  300.380959][T15428]  genl_rcv_msg+0xb1f/0xec0
[  300.380998][T15428]  ? __pfx_genl_rcv_msg+0x10/0x10
[  300.381059][T15428]  ? __pfx_lock_acquire+0x10/0x10
[  300.381091][T15428]  ? __pfx_nbd_genl_connect+0x10/0x10
[  300.381117][T15428]  ? __pfx___might_resched+0x10/0x10
[  300.381154][T15428]  netlink_rcv_skb+0x206/0x480
[  300.381178][T15428]  ? __pfx_genl_rcv_msg+0x10/0x10
[  300.381209][T15428]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  300.381266][T15428]  genl_rcv+0x28/0x40
[  300.381292][T15428]  netlink_unicast+0x7f6/0x990
[  300.381336][T15428]  ? __pfx_netlink_unicast+0x10/0x10
[  300.381366][T15428]  ? __virt_addr_valid+0x45f/0x530
[  300.381388][T15428]  ? __phys_addr_symbol+0x2f/0x70
[  300.381406][T15428]  ? __check_object_size+0x47a/0x730
[  300.381440][T15428]  netlink_sendmsg+0x8de/0xcb0
[  300.381478][T15428]  ? __pfx_netlink_sendmsg+0x10/0x10
[  300.381506][T15428]  ? aa_sock_msg_perm+0x91/0x160
[  300.381545][T15428]  ? __pfx_netlink_sendmsg+0x10/0x10
[  300.381566][T15428]  __sock_sendmsg+0x221/0x270
[  300.381597][T15428]  ____sys_sendmsg+0x53a/0x860
[  300.381628][T15428]  ? __pfx_____sys_sendmsg+0x10/0x10
[  300.381646][T15428]  ? __fget_files+0x2a/0x410
[  300.381679][T15428]  ? __fget_files+0x2a/0x410
[  300.381729][T15428]  __sys_sendmsg+0x269/0x350
[  300.381756][T15428]  ? __pfx___sys_sendmsg+0x10/0x10
[  300.381792][T15428]  ? do_sys_openat2+0x17a/0x1d0
[  300.381853][T15428]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  300.381887][T15428]  ? do_syscall_64+0x100/0x230
[  300.381926][T15428]  ? do_syscall_64+0xb6/0x230
[  300.381958][T15428]  do_syscall_64+0xf3/0x230
[  300.381988][T15428]  ? clear_bhb_loop+0x35/0x90
[  300.382022][T15428]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.382050][T15428] RIP: 0033:0x7f7f5618d169
[  300.382069][T15428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.382086][T15428] RSP: 002b:00007f7f56f42038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  300.382109][T15428] RAX: ffffffffffffffda RBX: 00007f7f563a5fa0 RCX: 00007f7f5618d169
[  300.382125][T15428] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000004
[  300.382138][T15428] RBP: 00007f7f56f42090 R08: 0000000000000000 R09: 0000000000000000
[  300.382151][T15428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  300.382163][T15428] R13: 0000000000000000 R14: 00007f7f563a5fa0 R15: 00007ffca2b22d38
[  300.382197][T15428]  </TASK>
[  300.860561][T15428] block (null): Could not allocate knbd recv work queue.
[  300.874630][T15428] nbd: failed to add new device
[  300.900824][T15437] pim6reg: entered allmulticast mode
[  301.151185][T15397] chnl_net:caif_netlink_parms(): no params data found
[  301.237343][ T1333] bridge_slave_1: left allmulticast mode
[  301.243901][ T1333] bridge_slave_1: left promiscuous mode
[  301.250693][ T1333] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.262249][ T1333] bridge_slave_0: left allmulticast mode
[  301.269322][ T1333] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.874114][   T55] Bluetooth: hci0: command tx timeout
[  302.284470][ T1333] bond0 (unregistering): (slave 
01ªÃøÂFNð¡): Releasing backup interface
[  302.295015][ T1333] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  302.309869][ T1333] bond0 (unregistering): (slave bond1): Releasing backup interface
[  302.319111][ T1333] bond0 (unregistering): Released all slaves
[  302.489594][ T1333] bond1 (unregistering): Released all slaves
[  302.640300][ T1333] bond2 (unregistering): Released all slaves
[  302.819677][ T1333] bond3 (unregistering): Released all slaves
[  302.981935][ T1333] bond4 (unregistering): Released all slaves
[  303.236295][T15397] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.258454][T15397] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.274920][T15397] bridge_slave_0: entered allmulticast mode
[  303.282560][T15397] bridge_slave_0: entered promiscuous mode
[  303.367406][T15488] dvmrp0: left allmulticast mode
[  303.372588][T15488] dvmrp1: left allmulticast mode
[  303.484509][T15397] bridge0: port 2(bridge_slave_1) entered blocking state
[  303.512217][T15397] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.555649][T15397] bridge_slave_1: entered allmulticast mode
[  303.562619][T15397] bridge_slave_1: entered promiscuous mode
[  303.846481][T15397] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  303.869306][T15397] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  303.953958][   T55] Bluetooth: hci0: command tx timeout
[  303.982050][T15522] __nla_validate_parse: 7 callbacks suppressed
[  303.982071][T15522] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3176'.
[  304.052855][T15524] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3178'.
[  304.079243][ T1333] hsr_slave_0: left promiscuous mode
[  304.092394][ T1333] hsr_slave_1: left promiscuous mode
[  304.098607][ T1333] batman_adv: batadv0: Removing interface: batadv_slave_0
[  304.126641][ T1333] pim6reg (unregistering): left allmulticast mode
[  304.134051][T15528] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3177'.
[  304.186330][T15531] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3177'.
[  304.531223][ T1333] team0 (unregistering): Port device team_slave_1 removed
[  304.577604][ T1333] team0 (unregistering): Port device team_slave_0 removed
[  305.072374][T15521] veth0: entered promiscuous mode
[  305.084137][T15397] team0: Port device team_slave_0 added
[  305.114557][T15397] team0: Port device team_slave_1 added
[  305.183853][T15525] veth0: left promiscuous mode
[  305.371487][T15397] batman_adv: batadv0: Adding interface: batadv_slave_0
[  305.379523][T15397] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.427820][T15397] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  305.446466][T15397] batman_adv: batadv0: Adding interface: batadv_slave_1
[  305.459755][T15397] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.491876][T15397] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  305.526611][T15545] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3184'.
[  305.556645][T15550] netlink: 'syz.1.3182': attribute type 2 has an invalid length.
[  305.579282][T15550] netlink: 176 bytes leftover after parsing attributes in process `syz.1.3182'.
[  305.587181][T15551] netlink: 1256 bytes leftover after parsing attributes in process `syz.4.3185'.
[  305.654355][T15551] openvswitch: netlink: Unexpected mask (mask=4, allowed=10048)
[  305.697966][ T1333] IPVS: stop unused estimator thread 0...
[  305.725110][T15397] hsr_slave_0: entered promiscuous mode
[  305.731688][T15397] hsr_slave_1: entered promiscuous mode
[  305.774809][T15397] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  305.782817][T15397] Cannot create hsr debugfs directory
[  306.033775][   T55] Bluetooth: hci0: command tx timeout
[  306.830950][T15397] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  306.878975][T15397] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  306.920081][T15397] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  306.956552][T15397] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  307.117712][T15615] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3210'.
[  307.127196][T15615] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3210'.
[  307.194295][T15397] 8021q: adding VLAN 0 to HW filter on device bond0
[  307.258204][T15397] 8021q: adding VLAN 0 to HW filter on device team0
[  307.284843][T14008] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.292061][T14008] bridge0: port 1(bridge_slave_0) entered forwarding state
[  307.395788][T14008] bridge0: port 2(bridge_slave_1) entered blocking state
[  307.402954][T14008] bridge0: port 2(bridge_slave_1) entered forwarding state
[  307.797297][T15646] sctp: [Deprecated]: syz.4.3219 (pid 15646) Use of struct sctp_assoc_value in delayed_ack socket option.
[  307.797297][T15646] Use struct sctp_sack_info instead
[  308.079084][T15397] 8021q: adding VLAN 0 to HW filter on device batadv0
[  308.115293][   T55] Bluetooth: hci0: command tx timeout
[  308.172714][T15397] veth0_vlan: entered promiscuous mode
[  308.221968][T15397] veth1_vlan: entered promiscuous mode
[  308.325878][T15397] veth0_macvtap: entered promiscuous mode
[  308.349623][T15397] veth1_macvtap: entered promiscuous mode
[  308.390422][T15674] netlink: 'syz.4.3228': attribute type 13 has an invalid length.
[  308.394082][T15673] netlink: 'syz.4.3228': attribute type 13 has an invalid length.
[  308.399376][T15397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  308.430786][T15397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.448474][T15397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  308.452466][T15677] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3230'.
[  308.460116][T15397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.500049][T15397] batman_adv: batadv0: Interface activated: batadv_slave_0
[  308.510069][T15673] veth0_macvtap: left promiscuous mode
[  308.518212][T15673] macvtap0: entered allmulticast mode
[  308.545087][T15673] macvtap0: refused to change device tx_queue_len
[  308.566750][T15674] macvtap0: refused to change device tx_queue_len
[  308.613095][T15397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  308.653332][T15397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.669930][T15397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  308.695127][T15397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.726194][T15397] batman_adv: batadv0: Interface activated: batadv_slave_1
[  308.755025][T15683] : entered promiscuous mode
[  308.780785][T15397] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  308.791292][T15397] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  308.800871][T15397] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  308.810760][T15397] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  308.861919][T15685] bond9: entered promiscuous mode
[  308.872043][T15685] 8021q: adding VLAN 0 to HW filter on device bond9
[  309.017025][   T82] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  309.056114][   T82] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  309.145916][T14008] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  309.182636][T14008] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  309.219671][T15710] pim6reg: entered allmulticast mode
[  309.370653][T15712] __nla_validate_parse: 1 callbacks suppressed
[  309.370674][T15712] netlink: 192 bytes leftover after parsing attributes in process `syz.2.3239'.
[  309.553813][T15724] netlink: 10 bytes leftover after parsing attributes in process `syz.4.3242'.
[  309.577222][T15723] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3243'.
[  309.604968][T15723] netlink: 256 bytes leftover after parsing attributes in process `syz.1.3243'.
[  310.618482][T15740] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3250'.
[  310.642571][T15740] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3250'.
[  310.817849][T15745] netlink: 72 bytes leftover after parsing attributes in process `syz.0.3251'.
[  310.922158][ T5833] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  310.933822][ T5833] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  310.942173][T15745] openvswitch: netlink: IP tunnel dst address not specified
[  310.951702][ T5833] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  310.970221][ T5833] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  310.981991][ T5833] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  310.989556][ T5833] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  311.090870][T15752] lo speed is unknown, defaulting to 1000
[  311.116622][T15752] xfrm0 speed is unknown, defaulting to 1000
[  311.308357][T15752] chnl_net:caif_netlink_parms(): no params data found
[  311.541476][T15752] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.558456][T15752] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.570184][T15752] bridge_slave_0: entered allmulticast mode
[  311.579047][T15752] bridge_slave_0: entered promiscuous mode
[  311.621279][T15752] bridge0: port 2(bridge_slave_1) entered blocking state
[  311.621463][T15777] sctp: [Deprecated]: syz.4.3258 (pid 15777) Use of int in max_burst socket option deprecated.
[  311.621463][T15777] Use struct sctp_assoc_value instead
[  311.629020][T15752] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.669471][T15752] bridge_slave_1: entered allmulticast mode
[  311.682501][T15752] bridge_slave_1: entered promiscuous mode
[  311.719350][T15792] netlink: 'syz.0.3262': attribute type 4 has an invalid length.
[  311.731855][T15792] netlink: 'syz.0.3262': attribute type 11 has an invalid length.
[  311.745731][T15792] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3262'.
[  311.796241][T15752] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  311.819247][T15792] netlink: 'syz.0.3262': attribute type 21 has an invalid length.
[  311.828019][T15792] netlink: 128 bytes leftover after parsing attributes in process `syz.0.3262'.
[  311.838872][T15792] netlink: 'syz.0.3262': attribute type 4 has an invalid length.
[  311.855926][T15792] netlink: 'syz.0.3262': attribute type 5 has an invalid length.
[  311.865122][T15792] netlink: 3 bytes leftover after parsing attributes in process `syz.0.3262'.
[  311.878385][T15752] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  311.906852][T15792] netlink: 'syz.0.3262': attribute type 21 has an invalid length.
[  311.915315][T15792] netlink: 'syz.0.3262': attribute type 4 has an invalid length.
[  311.923080][T15792] netlink: 'syz.0.3262': attribute type 5 has an invalid length.
[  311.999971][T15752] team0: Port device team_slave_0 added
[  312.044953][T15752] team0: Port device team_slave_1 added
[  312.127872][T15752] batman_adv: batadv0: Adding interface: batadv_slave_0
[  312.154728][T15752] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  312.187182][T15752] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  312.205950][T15752] batman_adv: batadv0: Adding interface: batadv_slave_1
[  312.214050][T15752] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  312.240753][T15752] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  312.267249][T15809] netlink: 'syz.0.3269': attribute type 1 has an invalid length.
[  312.281087][T15811] ieee802154 phy1 wpan1: encryption failed: -22
[  312.319897][T15752] hsr_slave_0: entered promiscuous mode
[  312.327101][T15752] hsr_slave_1: entered promiscuous mode
[  312.336508][T15752] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  312.347353][T15752] Cannot create hsr debugfs directory
[  312.452787][T15814] netlink: 'syz.0.3270': attribute type 10 has an invalid length.
[  312.510391][T15814] veth0_vlan: left promiscuous mode
[  312.550583][T15814] veth0_vlan: entered promiscuous mode
[  312.590121][T15814] team0: Device veth0_vlan failed to register rx_handler
[  312.898565][T15752] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  312.913177][T15752] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.015513][T15832] FAULT_INJECTION: forcing a failure.
[  313.015513][T15832] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  313.049379][T15752] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  313.073405][T15832] CPU: 1 UID: 0 PID: 15832 Comm: syz.0.3276 Not tainted 6.14.0-rc5-syzkaller-00142-g77b2ab31fc65 #0
[  313.073437][T15832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  313.073463][T15832] Call Trace:
[  313.073471][T15832]  <TASK>
[  313.073479][T15832]  dump_stack_lvl+0x241/0x360
[  313.073512][T15832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  313.073536][T15832]  ? __pfx__printk+0x10/0x10
[  313.073558][T15832]  ? __pfx_lock_release+0x10/0x10
[  313.073600][T15832]  should_fail_ex+0x40a/0x550
[  313.073644][T15832]  _copy_from_user+0x2d/0xb0
[  313.073672][T15832]  do_sock_getsockopt+0x1d1/0x740
[  313.073713][T15832]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  313.073743][T15832]  ? __fget_files+0x2a/0x410
[  313.073774][T15832]  ? __fget_files+0x395/0x410
[  313.073802][T15832]  ? __fget_files+0x2a/0x410
[  313.073837][T15832]  __x64_sys_getsockopt+0x2a1/0x370
[  313.073875][T15832]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  313.073908][T15832]  ? do_syscall_64+0x100/0x230
[  313.073939][T15832]  ? do_syscall_64+0xb6/0x230
[  313.073971][T15832]  do_syscall_64+0xf3/0x230
[  313.074000][T15832]  ? clear_bhb_loop+0x35/0x90
[  313.074033][T15832]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.074070][T15832] RIP: 0033:0x7fbd3598d169
[  313.074088][T15832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.074106][T15832] RSP: 002b:00007fbd367f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  313.074128][T15832] RAX: ffffffffffffffda RBX: 00007fbd35ba5fa0 RCX: 00007fbd3598d169
[  313.074144][T15832] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000003
[  313.074156][T15832] RBP: 00007fbd367f0090 R08: 0000400000000100 R09: 0000000000000000
[  313.074170][T15832] R10: 0000400000000280 R11: 0000000000000246 R12: 0000000000000001
[  313.074183][T15832] R13: 0000000000000000 R14: 00007fbd35ba5fa0 R15: 00007fffd249ac68
[  313.074214][T15832]  </TASK>
[  313.079252][ T5833] Bluetooth: hci1: command tx timeout
[  313.289300][T15752] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.435098][T15752] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  313.446973][T15752] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.688588][T15752] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  313.702567][T15752] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  314.007054][T15752] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  314.092279][T15752] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  314.166603][T15752] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  314.216312][T15752] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  314.262275][T15887] netlink: 'syz.1.3294': attribute type 15 has an invalid length.
[  314.451971][T15752] 8021q: adding VLAN 0 to HW filter on device bond0
[  314.519385][T15752] 8021q: adding VLAN 0 to HW filter on device team0
[  314.552613][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.559906][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  314.639362][T14008] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.646593][T14008] bridge0: port 2(bridge_slave_1) entered forwarding state
[  315.044995][T15917] FAULT_INJECTION: forcing a failure.
[  315.044995][T15917] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  315.079842][T15920] Cannot find del_set index 65531 as target
[  315.108645][T15917] CPU: 0 UID: 0 PID: 15917 Comm: syz.4.3308 Not tainted 6.14.0-rc5-syzkaller-00142-g77b2ab31fc65 #0
[  315.108677][T15917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  315.108690][T15917] Call Trace:
[  315.108697][T15917]  <TASK>
[  315.108707][T15917]  dump_stack_lvl+0x241/0x360
[  315.108738][T15917]  ? __pfx_dump_stack_lvl+0x10/0x10
[  315.108762][T15917]  ? __pfx__printk+0x10/0x10
[  315.108788][T15917]  ? validate_chain+0x11e/0x5920
[  315.108814][T15917]  should_fail_ex+0x40a/0x550
[  315.108851][T15917]  _copy_from_user+0x2d/0xb0
[  315.108880][T15917]  copy_from_sockptr_offset+0x6b/0xb0
[  315.108911][T15917]  do_tcp_getsockopt+0xf32/0x3650
[  315.108948][T15917]  ? __pfx_do_tcp_getsockopt+0x10/0x10
[  315.108971][T15917]  ? __might_fault+0x70/0x120
[  315.108999][T15917]  ? __pfx_validate_chain+0x10/0x10
[  315.109023][T15917]  ? __lock_acquire+0x1397/0x2100
[  315.109059][T15917]  ? aa_label_sk_perm+0x4f3/0x6c0
[  315.109093][T15917]  ? mark_lock+0x9a/0x360
[  315.109117][T15917]  ? __lock_acquire+0x1397/0x2100
[  315.109184][T15917]  ? __pfx___might_resched+0x10/0x10
[  315.109213][T15917]  ? __might_fault+0xaa/0x120
[  315.109241][T15917]  ? __might_fault+0x70/0x120
[  315.109264][T15917]  tcp_getsockopt+0xfb/0x1c0
[  315.109286][T15917]  ? __might_fault+0x70/0x120
[  315.109310][T15917]  ? __pfx_tcp_getsockopt+0x10/0x10
[  315.109333][T15917]  ? __might_fault+0x70/0x120
[  315.109355][T15917]  ? sock_common_getsockopt+0x2e/0xb0
[  315.109383][T15917]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  315.109413][T15917]  do_sock_getsockopt+0x38e/0x740
[  315.109454][T15917]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  315.109485][T15917]  ? __fget_files+0x2a/0x410
[  315.109518][T15917]  ? __fget_files+0x395/0x410
[  315.109547][T15917]  ? __fget_files+0x2a/0x410
[  315.109584][T15917]  __x64_sys_getsockopt+0x2a1/0x370
[  315.109626][T15917]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  315.109662][T15917]  ? do_syscall_64+0x100/0x230
[  315.109701][T15917]  ? do_syscall_64+0xb6/0x230
[  315.109734][T15917]  do_syscall_64+0xf3/0x230
[  315.109763][T15917]  ? clear_bhb_loop+0x35/0x90
[  315.109797][T15917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.109826][T15917] RIP: 0033:0x7f877f58d169
[  315.109845][T15917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.109864][T15917] RSP: 002b:00007f878046c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  315.109887][T15917] RAX: ffffffffffffffda RBX: 00007f877f7a5fa0 RCX: 00007f877f58d169
[  315.109903][T15917] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000003
[  315.109916][T15917] RBP: 00007f878046c090 R08: 0000400000000100 R09: 0000000000000000
[  315.109930][T15917] R10: 0000400000000280 R11: 0000000000000246 R12: 0000000000000001
[  315.109944][T15917] R13: 0000000000000000 R14: 00007f877f7a5fa0 R15: 00007fff2f55d808
[  315.109973][T15917]  </TASK>
[  315.460341][ T5833] Bluetooth: hci1: command tx timeout
[  315.487934][T15752] 8021q: adding VLAN 0 to HW filter on device batadv0
[  315.532512][T15926] __nla_validate_parse: 5 callbacks suppressed
[  315.532532][T15926] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3309'.
[  315.565739][T15926] FAULT_INJECTION: forcing a failure.
[  315.565739][T15926] name failslab, interval 1, probability 0, space 0, times 0
[  315.584991][T15926] CPU: 0 UID: 0 PID: 15926 Comm: syz.4.3309 Not tainted 6.14.0-rc5-syzkaller-00142-g77b2ab31fc65 #0
[  315.585024][T15926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  315.585038][T15926] Call Trace:
[  315.585045][T15926]  <TASK>
[  315.585055][T15926]  dump_stack_lvl+0x241/0x360
[  315.585087][T15926]  ? __pfx_dump_stack_lvl+0x10/0x10
[  315.585111][T15926]  ? __pfx__printk+0x10/0x10
[  315.585134][T15926]  ? fs_reclaim_acquire+0x93/0x130
[  315.585166][T15926]  ? __pfx___might_resched+0x10/0x10
[  315.585199][T15926]  should_fail_ex+0x40a/0x550
[  315.585235][T15926]  should_failslab+0xac/0x100
[  315.585264][T15926]  ? blk_mq_init_tags+0x84/0x270
[  315.585287][T15926]  __kmalloc_cache_node_noprof+0x6f/0x3a0
[  315.585325][T15926]  blk_mq_init_tags+0x84/0x270
[  315.585355][T15926]  blk_mq_alloc_map_and_rqs+0xb8/0x970
[  315.585398][T15926]  ? __pfx_xa_find_after+0x10/0x10
[  315.585437][T15926]  blk_mq_init_sched+0x2cf/0x830
[  315.585466][T15926]  ? percpu_ref_is_zero+0xe9/0x100
[  315.585499][T15926]  ? __pfx_blk_mq_init_sched+0x10/0x10
[  315.585527][T15926]  ? blk_mq_cancel_work_sync+0xf3/0x140
[  315.585560][T15926]  ? __pfx_blk_mq_cancel_work_sync+0x10/0x10
[  315.585607][T15926]  elevator_init_mq+0x1b7/0x310
[  315.585644][T15926]  add_disk_fwnode+0x1a8/0xfc0
[  315.585681][T15926]  ? __raw_spin_lock_init+0x45/0x100
[  315.585718][T15926]  nbd_dev_add+0x812/0xc60
[  315.585748][T15926]  ? __mutex_lock+0x397/0x1010
[  315.585780][T15926]  ? __pfx_nbd_dev_add+0x10/0x10
[  315.585831][T15926]  ? bpf_lsm_capable+0x9/0x10
[  315.585872][T15926]  ? security_capable+0x7e/0x2d0
[  315.585903][T15926]  ? radix_tree_lookup+0x253/0x290
[  315.585933][T15926]  nbd_genl_connect+0xc01/0x1c80
[  315.585985][T15926]  ? __pfx_nbd_genl_connect+0x10/0x10
[  315.586025][T15926]  ? __nla_parse+0x40/0x60
[  315.586051][T15926]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  315.586092][T15926]  genl_rcv_msg+0xb1f/0xec0
[  315.586132][T15926]  ? __pfx_genl_rcv_msg+0x10/0x10
[  315.586196][T15926]  ? __pfx_lock_acquire+0x10/0x10
[  315.586228][T15926]  ? __pfx_nbd_genl_connect+0x10/0x10
[  315.586255][T15926]  ? __pfx___might_resched+0x10/0x10
[  315.586294][T15926]  netlink_rcv_skb+0x206/0x480
[  315.586318][T15926]  ? __pfx_genl_rcv_msg+0x10/0x10
[  315.586350][T15926]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  315.586408][T15926]  genl_rcv+0x28/0x40
[  315.586434][T15926]  netlink_unicast+0x7f6/0x990
[  315.586477][T15926]  ? __pfx_netlink_unicast+0x10/0x10
[  315.586508][T15926]  ? __virt_addr_valid+0x45f/0x530
[  315.586530][T15926]  ? __phys_addr_symbol+0x2f/0x70
[  315.586549][T15926]  ? __check_object_size+0x47a/0x730
[  315.586583][T15926]  netlink_sendmsg+0x8de/0xcb0
[  315.586621][T15926]  ? __pfx_netlink_sendmsg+0x10/0x10
[  315.586650][T15926]  ? aa_sock_msg_perm+0x91/0x160
[  315.586688][T15926]  ? __pfx_netlink_sendmsg+0x10/0x10
[  315.586710][T15926]  __sock_sendmsg+0x221/0x270
[  315.586740][T15926]  ____sys_sendmsg+0x53a/0x860
[  315.586772][T15926]  ? __pfx_____sys_sendmsg+0x10/0x10
[  315.586790][T15926]  ? __fget_files+0x2a/0x410
[  315.586824][T15926]  ? __fget_files+0x2a/0x410
[  315.586865][T15926]  __sys_sendmsg+0x269/0x350
[  315.586892][T15926]  ? __pfx___sys_sendmsg+0x10/0x10
[  315.586928][T15926]  ? do_sys_openat2+0x17a/0x1d0
[  315.586989][T15926]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  315.587023][T15926]  ? do_syscall_64+0x100/0x230
[  315.587056][T15926]  ? do_syscall_64+0xb6/0x230
[  315.587088][T15926]  do_syscall_64+0xf3/0x230
[  315.587118][T15926]  ? clear_bhb_loop+0x35/0x90
[  315.587160][T15926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.587189][T15926] RIP: 0033:0x7f877f58d169
[  315.587209][T15926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.587227][T15926] RSP: 002b:00007f878046c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  315.587250][T15926] RAX: ffffffffffffffda RBX: 00007f877f7a5fa0 RCX: 00007f877f58d169
[  315.587266][T15926] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000004
[  315.587279][T15926] RBP: 00007f878046c090 R08: 0000000000000000 R09: 0000000000000000
[  315.587293][T15926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  315.587305][T15926] R13: 0000000000000000 R14: 00007f877f7a5fa0 R15: 00007fff2f55d808
[  315.587338][T15926]  </TASK>
[  315.587596][T15926] "mq-deadline" elevator initialization failed, falling back to "none"
[  315.839777][T15752] veth0_vlan: entered promiscuous mode
[  316.085521][T15940] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3312'.
[  316.247517][T15752] veth1_vlan: entered promiscuous mode
[  316.349458][T15752] veth0_macvtap: entered promiscuous mode
[  316.383896][T15752] veth1_macvtap: entered promiscuous mode
[  316.434243][T15959] netlink: 112 bytes leftover after parsing attributes in process `syz.0.3316'.
[  316.445839][T15752] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  316.474315][T15752] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.480234][T15963] FAULT_INJECTION: forcing a failure.
[  316.480234][T15963] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  316.489318][T15960] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3317'.
[  316.504997][T15963] CPU: 1 UID: 0 PID: 15963 Comm: syz.3.3318 Not tainted 6.14.0-rc5-syzkaller-00142-g77b2ab31fc65 #0
[  316.505036][T15963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  316.505051][T15963] Call Trace:
[  316.505061][T15963]  <TASK>
[  316.505071][T15963]  dump_stack_lvl+0x241/0x360
[  316.505106][T15963]  ? __pfx_dump_stack_lvl+0x10/0x10
[  316.505131][T15963]  ? __pfx__printk+0x10/0x10
[  316.505160][T15963]  ? validate_chain+0x11e/0x5920
[  316.505188][T15963]  should_fail_ex+0x40a/0x550
[  316.505226][T15963]  _copy_from_user+0x2d/0xb0
[  316.505256][T15963]  copy_from_sockptr_offset+0x6b/0xb0
[  316.505288][T15963]  do_tcp_getsockopt+0x2166/0x3650
[  316.505333][T15963]  ? __pfx_do_tcp_getsockopt+0x10/0x10
[  316.505358][T15963]  ? __might_fault+0x70/0x120
[  316.505388][T15963]  ? __pfx_validate_chain+0x10/0x10
[  316.505415][T15963]  ? __lock_acquire+0x1397/0x2100
[  316.505454][T15963]  ? aa_label_sk_perm+0x4f3/0x6c0
[  316.505490][T15963]  ? mark_lock+0x9a/0x360
[  316.505515][T15963]  ? __lock_acquire+0x1397/0x2100
[  316.505585][T15963]  ? __pfx___might_resched+0x10/0x10
[  316.505615][T15963]  ? __might_fault+0xaa/0x120
[  316.505634][T15963]  ? __might_fault+0x70/0x120
[  316.505657][T15963]  tcp_getsockopt+0xfb/0x1c0
[  316.505680][T15963]  ? __might_fault+0x70/0x120
[  316.505704][T15963]  ? __pfx_tcp_getsockopt+0x10/0x10
[  316.505729][T15963]  ? __might_fault+0x70/0x120
[  316.505752][T15963]  ? sock_common_getsockopt+0x2e/0xb0
[  316.505782][T15963]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  316.505815][T15963]  do_sock_getsockopt+0x38e/0x740
[  316.505858][T15963]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  316.505890][T15963]  ? __fget_files+0x2a/0x410
[  316.505924][T15963]  ? __fget_files+0x395/0x410
[  316.505954][T15963]  ? __fget_files+0x2a/0x410
[  316.505997][T15963]  __x64_sys_getsockopt+0x2a1/0x370
[  316.506040][T15963]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  316.506076][T15963]  ? do_syscall_64+0x100/0x230
[  316.506112][T15963]  ? do_syscall_64+0xb6/0x230
[  316.506145][T15963]  do_syscall_64+0xf3/0x230
[  316.506176][T15963]  ? clear_bhb_loop+0x35/0x90
[  316.506212][T15963]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.506243][T15963] RIP: 0033:0x7f898518d169
[  316.506263][T15963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.506282][T15963] RSP: 002b:00007f8985fba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  316.506308][T15963] RAX: ffffffffffffffda RBX: 00007f89853a6080 RCX: 00007f898518d169
[  316.506331][T15963] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000003
[  316.506344][T15963] RBP: 00007f8985fba090 R08: 0000400000000100 R09: 0000000000000000
[  316.506360][T15963] R10: 0000400000000280 R11: 0000000000000246 R12: 0000000000000001
[  316.506374][T15963] R13: 0000000000000000 R14: 00007f89853a6080 R15: 00007ffdeb62de08
[  316.506407][T15963]  </TASK>
[  316.718630][T15752] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  316.814588][T15752] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.825339][T15752] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  316.837209][T15752] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.849823][T15752] batman_adv: batadv0: Interface activated: batadv_slave_0
[  316.871750][T15752] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  316.894421][T15752] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.930777][T15752] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  316.961908][T15752] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.980387][T15752] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  316.991589][T15752] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  317.031914][T15752] batman_adv: batadv0: Interface activated: batadv_slave_1
[  317.058674][T15752] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  317.070623][T15752] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  317.103915][T15752] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  317.130825][T15752] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  317.136733][T15982] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3322'.
[  317.167685][T15982] FAULT_INJECTION: forcing a failure.
[  317.167685][T15982] name failslab, interval 1, probability 0, space 0, times 0
[  317.223405][T15982] CPU: 1 UID: 0 PID: 15982 Comm: syz.4.3322 Not tainted 6.14.0-rc5-syzkaller-00142-g77b2ab31fc65 #0
[  317.223438][T15982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  317.223452][T15982] Call Trace:
[  317.223459][T15982]  <TASK>
[  317.223468][T15982]  dump_stack_lvl+0x241/0x360
[  317.223502][T15982]  ? __pfx_dump_stack_lvl+0x10/0x10
[  317.223526][T15982]  ? __pfx__printk+0x10/0x10
[  317.223550][T15982]  ? fs_reclaim_acquire+0x93/0x130
[  317.223573][T15982]  ? __pfx___might_resched+0x10/0x10
[  317.223606][T15982]  should_fail_ex+0x40a/0x550
[  317.223644][T15982]  should_failslab+0xac/0x100
[  317.223672][T15982]  ? sbitmap_queue_init_node+0x1ca/0x4c0
[  317.223695][T15982]  __kmalloc_cache_node_noprof+0x6f/0x3a0
[  317.223725][T15982]  ? sbq_calc_wake_batch+0xff/0x280
[  317.223752][T15982]  sbitmap_queue_init_node+0x1ca/0x4c0
[  317.223779][T15982]  blk_mq_init_tags+0x10e/0x270
[  317.223808][T15982]  blk_mq_alloc_map_and_rqs+0xb8/0x970
[  317.223850][T15982]  ? __pfx_xa_find_after+0x10/0x10
[  317.223890][T15982]  blk_mq_init_sched+0x2cf/0x830
[  317.223918][T15982]  ? percpu_ref_is_zero+0xe9/0x100
[  317.223950][T15982]  ? __pfx_blk_mq_init_sched+0x10/0x10
[  317.223978][T15982]  ? blk_mq_cancel_work_sync+0xf3/0x140
[  317.224011][T15982]  ? __pfx_blk_mq_cancel_work_sync+0x10/0x10
[  317.224114][T15982]  elevator_init_mq+0x1b7/0x310
[  317.224151][T15982]  add_disk_fwnode+0x1a8/0xfc0
[  317.224188][T15982]  ? __raw_spin_lock_init+0x45/0x100
[  317.224224][T15982]  nbd_dev_add+0x812/0xc60
[  317.224254][T15982]  ? __mutex_lock+0x397/0x1010
[  317.224286][T15982]  ? __pfx_nbd_dev_add+0x10/0x10
[  317.224337][T15982]  ? bpf_lsm_capable+0x9/0x10
[  317.224367][T15982]  ? security_capable+0x7e/0x2d0
[  317.224399][T15982]  ? radix_tree_lookup+0x253/0x290
[  317.224434][T15982]  nbd_genl_connect+0xc01/0x1c80
[  317.224473][T15982]  ? __pfx_nbd_genl_connect+0x10/0x10
[  317.224514][T15982]  ? __nla_parse+0x40/0x60
[  317.224540][T15982]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  317.224581][T15982]  genl_rcv_msg+0xb1f/0xec0
[  317.224620][T15982]  ? __pfx_genl_rcv_msg+0x10/0x10
[  317.224681][T15982]  ? __pfx_lock_acquire+0x10/0x10
[  317.224712][T15982]  ? __pfx_nbd_genl_connect+0x10/0x10
[  317.224738][T15982]  ? __pfx___might_resched+0x10/0x10
[  317.224792][T15982]  netlink_rcv_skb+0x206/0x480
[  317.224817][T15982]  ? __pfx_genl_rcv_msg+0x10/0x10
[  317.224848][T15982]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  317.224904][T15982]  genl_rcv+0x28/0x40
[  317.224932][T15982]  netlink_unicast+0x7f6/0x990
[  317.224976][T15982]  ? __pfx_netlink_unicast+0x10/0x10
[  317.225007][T15982]  ? __virt_addr_valid+0x45f/0x530
[  317.225044][T15982]  ? __phys_addr_symbol+0x2f/0x70
[  317.225067][T15982]  ? __check_object_size+0x47a/0x730
[  317.225100][T15982]  netlink_sendmsg+0x8de/0xcb0
[  317.225130][T15982]  ? __pfx_netlink_sendmsg+0x10/0x10
[  317.225149][T15982]  ? aa_sock_msg_perm+0x91/0x160
[  317.225177][T15982]  ? __pfx_netlink_sendmsg+0x10/0x10
[  317.225192][T15982]  __sock_sendmsg+0x221/0x270
[  317.225214][T15982]  ____sys_sendmsg+0x53a/0x860
[  317.225235][T15982]  ? __pfx_____sys_sendmsg+0x10/0x10
[  317.225248][T15982]  ? __fget_files+0x2a/0x410
[  317.225273][T15982]  ? __fget_files+0x2a/0x410
[  317.225305][T15982]  __sys_sendmsg+0x269/0x350
[  317.225324][T15982]  ? __pfx___sys_sendmsg+0x10/0x10
[  317.225349][T15982]  ? do_sys_openat2+0x17a/0x1d0
[  317.225390][T15982]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  317.225415][T15982]  ? do_syscall_64+0x100/0x230
[  317.225438][T15982]  ? do_syscall_64+0xb6/0x230
[  317.225461][T15982]  do_syscall_64+0xf3/0x230
[  317.225483][T15982]  ? clear_bhb_loop+0x35/0x90
[  317.225508][T15982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.225528][T15982] RIP: 0033:0x7f877f58d169
[  317.225542][T15982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.225555][T15982] RSP: 002b:00007f878046c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  317.225572][T15982] RAX: ffffffffffffffda RBX: 00007f877f7a5fa0 RCX: 00007f877f58d169
[  317.225583][T15982] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000004
[  317.225592][T15982] RBP: 00007f878046c090 R08: 0000000000000000 R09: 0000000000000000
[  317.225601][T15982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  317.225610][T15982] R13: 0000000000000000 R14: 00007f877f7a5fa0 R15: 00007fff2f55d808
[  317.225632][T15982]  </TASK>
[  317.225902][T15982] "mq-deadline" elevator initialization failed, falling back to "none"
[  317.477446][ T5833] Bluetooth: hci1: command tx timeout
[  317.584115][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  317.862977][T14021] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  317.897571][T14021] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  318.000703][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  318.021623][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  318.179183][T16012] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3333'.
[  318.357287][T16019] xt_bpf: check failed: parse error
[  318.378031][T16019] netlink: 5 bytes leftover after parsing attributes in process `syz.0.3335'.
[  318.609637][T16023] netlink: 'syz.0.3336': attribute type 10 has an invalid length.
[  318.654195][T16023] veth0_vlan: left promiscuous mode
[  318.665569][T16023] veth0_vlan: entered promiscuous mode
[  318.692036][T16023] team0: Device veth0_vlan failed to register rx_handler
[  318.755436][T16025] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3337'.
[  318.767852][T16025] FAULT_INJECTION: forcing a failure.
[  318.767852][T16025] name failslab, interval 1, probability 0, space 0, times 0
[  318.794318][T16025] CPU: 0 UID: 0 PID: 16025 Comm: syz.1.3337 Not tainted 6.14.0-rc5-syzkaller-00142-g77b2ab31fc65 #0
[  318.794348][T16025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  318.794359][T16025] Call Trace:
[  318.794365][T16025]  <TASK>
[  318.794372][T16025]  dump_stack_lvl+0x241/0x360
[  318.794404][T16025]  ? __pfx_dump_stack_lvl+0x10/0x10
[  318.794426][T16025]  ? __pfx__printk+0x10/0x10
[  318.794449][T16025]  ? fs_reclaim_acquire+0x93/0x130
[  318.794470][T16025]  ? __pfx___might_resched+0x10/0x10
[  318.794501][T16025]  should_fail_ex+0x40a/0x550
[  318.794535][T16025]  should_failslab+0xac/0x100
[  318.794565][T16025]  __kmalloc_node_noprof+0xe1/0x4d0
[  318.794594][T16025]  ? __kvmalloc_node_noprof+0x72/0x190
[  318.794633][T16025]  __kvmalloc_node_noprof+0x72/0x190
[  318.794667][T16025]  sbitmap_init_node+0x2d4/0x670
[  318.794698][T16025]  sbitmap_queue_init_node+0x3b/0x4c0
[  318.794726][T16025]  blk_mq_init_tags+0x10e/0x270
[  318.794753][T16025]  blk_mq_alloc_map_and_rqs+0xb8/0x970
[  318.794795][T16025]  ? __pfx_xa_find_after+0x10/0x10
[  318.794834][T16025]  blk_mq_init_sched+0x2cf/0x830
[  318.794862][T16025]  ? percpu_ref_is_zero+0xe9/0x100
[  318.794894][T16025]  ? __pfx_blk_mq_init_sched+0x10/0x10
[  318.794922][T16025]  ? blk_mq_cancel_work_sync+0xf3/0x140
[  318.794955][T16025]  ? __pfx_blk_mq_cancel_work_sync+0x10/0x10
[  318.795011][T16025]  elevator_init_mq+0x1b7/0x310
[  318.795048][T16025]  add_disk_fwnode+0x1a8/0xfc0
[  318.795084][T16025]  ? __raw_spin_lock_init+0x45/0x100
[  318.795120][T16025]  nbd_dev_add+0x812/0xc60
[  318.795150][T16025]  ? __mutex_lock+0x397/0x1010
[  318.795182][T16025]  ? __pfx_nbd_dev_add+0x10/0x10
[  318.795232][T16025]  ? bpf_lsm_capable+0x9/0x10
[  318.795263][T16025]  ? security_capable+0x7e/0x2d0
[  318.795294][T16025]  ? radix_tree_lookup+0x253/0x290
[  318.795329][T16025]  nbd_genl_connect+0xc01/0x1c80
[  318.795369][T16025]  ? __pfx_nbd_genl_connect+0x10/0x10
[  318.795409][T16025]  ? __nla_parse+0x40/0x60
[  318.795436][T16025]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  318.795476][T16025]  genl_rcv_msg+0xb1f/0xec0
[  318.795521][T16025]  ? __pfx_genl_rcv_msg+0x10/0x10
[  318.795578][T16025]  ? __pfx_lock_acquire+0x10/0x10
[  318.795610][T16025]  ? __pfx_nbd_genl_connect+0x10/0x10
[  318.795635][T16025]  ? __pfx___might_resched+0x10/0x10
[  318.795673][T16025]  netlink_rcv_skb+0x206/0x480
[  318.795696][T16025]  ? __pfx_genl_rcv_msg+0x10/0x10
[  318.795725][T16025]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  318.795779][T16025]  genl_rcv+0x28/0x40
[  318.795806][T16025]  netlink_unicast+0x7f6/0x990
[  318.795849][T16025]  ? __pfx_netlink_unicast+0x10/0x10
[  318.795876][T16025]  ? __virt_addr_valid+0x45f/0x530
[  318.795894][T16025]  ? __phys_addr_symbol+0x2f/0x70
[  318.795911][T16025]  ? __check_object_size+0x47a/0x730
[  318.795942][T16025]  netlink_sendmsg+0x8de/0xcb0
[  318.795978][T16025]  ? __pfx_netlink_sendmsg+0x10/0x10
[  318.796015][T16025]  ? aa_sock_msg_perm+0x91/0x160
[  318.796054][T16025]  ? __pfx_netlink_sendmsg+0x10/0x10
[  318.796074][T16025]  __sock_sendmsg+0x221/0x270
[  318.796105][T16025]  ____sys_sendmsg+0x53a/0x860
[  318.796136][T16025]  ? __pfx_____sys_sendmsg+0x10/0x10
[  318.796155][T16025]  ? __fget_files+0x2a/0x410
[  318.796189][T16025]  ? __fget_files+0x2a/0x410
[  318.796229][T16025]  __sys_sendmsg+0x269/0x350
[  318.796257][T16025]  ? __pfx___sys_sendmsg+0x10/0x10
[  318.796291][T16025]  ? do_sys_openat2+0x17a/0x1d0
[  318.796350][T16025]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  318.796384][T16025]  ? do_syscall_64+0x100/0x230
[  318.796419][T16025]  ? do_syscall_64+0xb6/0x230
[  318.796452][T16025]  do_syscall_64+0xf3/0x230
[  318.796481][T16025]  ? clear_bhb_loop+0x35/0x90
[  318.796516][T16025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.796544][T16025] RIP: 0033:0x7f7f5618d169
[  318.796564][T16025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.796582][T16025] RSP: 002b:00007f7f56f42038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  318.796606][T16025] RAX: ffffffffffffffda RBX: 00007f7f563a5fa0 RCX: 00007f7f5618d169
[  318.796621][T16025] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000004
[  318.796635][T16025] RBP: 00007f7f56f42090 R08: 0000000000000000 R09: 0000000000000000
[  318.796648][T16025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  318.796660][T16025] R13: 0000000000000000 R14: 00007f7f563a5fa0 R15: 00007ffca2b22d38
[  318.796694][T16025]  </TASK>
[  318.800796][T16025] "mq-deadline" elevator initialization failed, falling back to "none"
[  319.072081][T16035] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3340'.
[  319.454674][   T55] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  319.468526][   T55] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  319.494326][   T55] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  319.525545][   T55] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  319.552509][   T55] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  319.557751][T16048] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  319.562157][   T55] Bluetooth: hci1: command tx timeout
[  319.574408][ T5851] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  319.627155][T16044] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3344'.
[  319.755590][T16041] lo speed is unknown, defaulting to 1000
[  319.762453][T16041] xfrm0 speed is unknown, defaulting to 1000
[  320.157261][T16069] netlink: 'syz.2.3350': attribute type 10 has an invalid length.
[  320.265978][T16069] veth0_vlan: left promiscuous mode
[  320.301006][T16069] veth0_vlan: entered promiscuous mode
[  320.312877][T16069] team0: Device veth0_vlan failed to register rx_handler
[  320.381462][T16041] chnl_net:caif_netlink_parms(): no params data found
[  320.537090][T14022] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.550348][T16082] __nla_validate_parse: 2 callbacks suppressed
[  320.550372][T16082] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3354'.
[  320.590631][T16085] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3355'.
[  320.612523][T16085] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3355'.
[  320.732340][T16089] netlink: 'syz.1.3356': attribute type 1 has an invalid length.
[  320.772771][T14022] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.095932][T14022] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.121172][T16111] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3364'.
[  321.132862][T16112] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3365'.
[  321.145139][T16111] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3364'.
[  321.154785][T16041] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.154905][T16041] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.163022][T16112] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3365'.
[  321.179942][T16041] bridge_slave_0: entered allmulticast mode
[  321.188781][T16041] bridge_slave_0: entered promiscuous mode
[  321.242326][T16112] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3365'.
[  321.244347][T14022] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.264211][T16112] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3365'.
[  321.336816][T16041] bridge0: port 2(bridge_slave_1) entered blocking state
[  321.361484][T16041] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.383080][T16041] bridge_slave_1: entered allmulticast mode
[  321.393833][T16122] netlink: 'syz.4.3368': attribute type 7 has an invalid length.
[  321.396581][T16041] bridge_slave_1: entered promiscuous mode
[  321.461122][T16041] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  321.491786][T16041] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  321.579378][T16125] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3369'.
[  321.621934][T16041] team0: Port device team_slave_0 added
[  321.633759][ T5833] Bluetooth: hci3: command tx timeout
[  321.733081][T16041] team0: Port device team_slave_1 added
[  322.171468][T14022] bond3: left allmulticast mode
[  322.184266][T14022] ip6gretap1: left allmulticast mode
[  322.191717][T14022] bond3: left promiscuous mode
[  322.207642][T14022] ip6gretap1: left promiscuous mode
[  322.403097][T14022] bond3 (unregistering): (slave ip6gretap1): Releasing active interface
[  322.569186][T14022] bond5 (unregistering): (slave gretap2): Releasing active interface
[  322.622213][T14022] dvmrp1 (unregistering): left allmulticast mode
[  323.032964][T14022] bond0 (unregistering): Released all slaves
[  323.045621][T14022] bond1 (unregistering): Released all slaves
[  323.207344][T14022] bond2 (unregistering): Released all slaves
[  323.379862][T14022] bond3 (unregistering): Released all slaves
[  323.390882][T14022] bond4 (unregistering): Released all slaves
[  323.532723][T14022] bond5 (unregistering): Released all slaves
[  323.682765][T14022] bond6 (unregistering): Released all slaves
[  323.693896][T16041] batman_adv: batadv0: Adding interface: batadv_slave_0
[  323.700906][T16041] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  323.728828][T16041] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  323.734092][ T5833] Bluetooth: hci3: command tx timeout
[  323.773532][T16150] netlink: 'syz.2.3378': attribute type 1 has an invalid length.
[  323.901396][T16041] batman_adv: batadv0: Adding interface: batadv_slave_1
[  323.938522][T16041] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  324.040698][T16041] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  324.071157][T14022] : left promiscuous mode
[  324.141002][T16164] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  324.309211][T16041] hsr_slave_0: entered promiscuous mode
[  324.384268][T16041] hsr_slave_1: entered promiscuous mode
[  324.390635][T16041] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  324.409859][T16041] Cannot create hsr debugfs directory
[  325.027487][T16205] netlink: 'syz.4.3396': attribute type 1 has an invalid length.
[  325.083654][T14022] hsr_slave_0: left promiscuous mode
[  325.201854][T14022] hsr_slave_1: left promiscuous mode
[  325.222839][T16216] netlink: 'syz.4.3400': attribute type 10 has an invalid length.
[  325.243069][T14022] veth1_vlan: left promiscuous mode
[  325.454136][T14022] pim6reg (unregistering): left allmulticast mode
[  325.493656][T14022] pimreg3 (unregistering): left allmulticast mode
[  325.806533][ T5833] Bluetooth: hci3: command tx timeout
[  326.431897][T16216] veth0_vlan: left promiscuous mode
[  326.465070][T16216] veth0_vlan: entered promiscuous mode
[  326.475674][T16216] team0: Device veth0_vlan failed to register rx_handler
[  326.588617][T16227] __nla_validate_parse: 3 callbacks suppressed
[  326.588639][T16227] netlink: 296 bytes leftover after parsing attributes in process `syz.1.3403'.
[  326.634425][T16227] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  326.698301][T16230] netlink: 256 bytes leftover after parsing attributes in process `syz.0.3405'.
[  326.955807][T14022] IPVS: stop unused estimator thread 0...
[  327.016378][T16239] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3408'.
[  327.056723][ T5910] IPVS: starting estimator thread 0...
[  327.183849][T16243] IPVS: using max 19 ests per chain, 45600 per kthread
[  327.301132][T16041] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  327.339648][T16041] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  327.357921][T16041] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  327.373012][T16041] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  327.386782][T16251] netlink: 'syz.0.3414': attribute type 10 has an invalid length.
[  327.400081][T16256] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3413'.
[  327.487511][T16251] veth0_vlan: left promiscuous mode
[  327.509945][T16251] veth0_vlan: entered promiscuous mode
[  327.526992][T16251] team0: Device veth0_vlan failed to register rx_handler
[  327.616712][T16041] 8021q: adding VLAN 0 to HW filter on device bond0
[  327.677398][T16041] 8021q: adding VLAN 0 to HW filter on device team0
[  327.721814][T14021] bridge0: port 1(bridge_slave_0) entered blocking state
[  327.729091][T14021] bridge0: port 1(bridge_slave_0) entered forwarding state
[  327.748106][T14021] bridge0: port 2(bridge_slave_1) entered blocking state
[  327.755400][T14021] bridge0: port 2(bridge_slave_1) entered forwarding state
[  327.765186][T16272] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3419'.
[  327.873919][ T5833] Bluetooth: hci3: command tx timeout
[  328.099218][T16281] syz_tun: tun_net_xmit 86
[  328.159085][T16288] openvswitch: netlink: IP tunnel dst address not specified
[  328.201160][T16288] netlink: 1036 bytes leftover after parsing attributes in process `syz.4.3424'.
[  328.227886][T16288] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  328.256828][T16288] Bluetooth: MGMT ver 1.23
[  328.287309][T16041] 8021q: adding VLAN 0 to HW filter on device batadv0
[  328.344852][T16291] netlink: 'syz.0.3425': attribute type 39 has an invalid length.
[  328.404263][T16294] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3426'.
[  328.491458][T16041] veth0_vlan: entered promiscuous mode
[  328.538748][T16041] veth1_vlan: entered promiscuous mode
[  328.658761][T16041] veth0_macvtap: entered promiscuous mode
[  328.693101][T16041] veth1_macvtap: entered promiscuous mode
[  328.730024][T16041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.749545][T16041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.785392][T16041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.808794][T16041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.833222][T16041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.869264][T16041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.879589][T16041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.901162][T16041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.916427][T16041] batman_adv: batadv0: Interface activated: batadv_slave_0
[  328.950389][T16041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.990987][T16041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.027954][T16041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  329.071038][T16041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.107264][T16325] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3436'.
[  329.116477][T16041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  329.116508][T16041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.116528][T16041] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  329.116545][T16041] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.118163][T16041] batman_adv: batadv0: Interface activated: batadv_slave_1
[  329.163661][    C1] syz_tun: tun_net_xmit 86
[  329.271922][T16041] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  329.290513][T16041] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  329.308098][T16041] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  329.328393][T16330] netlink: 'syz.1.3438': attribute type 4 has an invalid length.
[  329.357251][T16041] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  329.407539][T16334] netlink: 'syz.1.3438': attribute type 4 has an invalid length.
[  329.474987][T16339] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3440'.
[  329.515875][T16335] netlink: 'syz.2.3439': attribute type 1 has an invalid length.
[  329.790231][T16345] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3442'.
[  329.809176][T16345] xt_TPROXY: Can be used only with -p tcp or -p udp
[  329.979876][T14021] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  330.008326][T14021] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  330.066601][T14022] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  330.087903][T14022] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  330.096788][T16358] sch_tbf: peakrate 11304817032084765264 is lower than or equals to rate 18360990880566976145 !
[  330.193617][    C1] syz_tun: tun_net_xmit 86
[  330.532929][T16375] xt_hashlimit: size too large, truncated to 1048576
[  330.540391][T16376] sctp: [Deprecated]: syz.3.3455 (pid 16376) Use of int in max_burst socket option deprecated.
[  330.540391][T16376] Use struct sctp_assoc_value instead
[  330.637862][T16384] xt_hashlimit: size too large, truncated to 1048576
[  330.825385][T16386] bond1: entered promiscuous mode
[  330.830529][T16386] bond1: entered allmulticast mode
[  330.947204][T16386] 8021q: adding VLAN 0 to HW filter on device bond1
[  331.679389][T16426] __nla_validate_parse: 9 callbacks suppressed
[  331.679411][T16426] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3471'.
[  331.867220][T16441] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3473'.
[  332.027891][T16446] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3476'.
[  332.053391][T16446] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3476'.
[  332.241735][T16448] netlink: 'syz.0.3477': attribute type 29 has an invalid length.
[  332.398249][T16455] x_tables: duplicate underflow at hook 2
[  332.552465][T16464] netlink: 'syz.4.3482': attribute type 21 has an invalid length.
[  332.581332][T16464] netlink: 128 bytes leftover after parsing attributes in process `syz.4.3482'.
[  332.594695][T16464] netlink: 3 bytes leftover after parsing attributes in process `syz.4.3482'.
[  332.629888][T16466] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3483'.
[  333.014704][T16490] netlink: 'syz.0.3489': attribute type 4 has an invalid length.
[  333.075330][T16490] netlink: 17 bytes leftover after parsing attributes in process `syz.0.3489'.
[  333.221913][T16496] netlink: 'syz.3.3491': attribute type 29 has an invalid length.
[  333.290995][T16496] netlink: 'syz.3.3491': attribute type 29 has an invalid length.
[  333.331671][T16508] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3491'.
[  333.368490][T16496] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3491'.
[  333.455365][T16512] pimreg3: entered allmulticast mode
[  333.533525][T16516] Bluetooth: MGMT ver 1.23
[  334.022505][T16538] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  334.350500][T16557] unknown channel width for channel at 909000KHz?
[  334.376447][T16557] unknown channel width for channel at 909000KHz?
[  334.445027][T16564] netlink: 'syz.1.3510': attribute type 1 has an invalid length.
[  334.473633][T16562] netlink: 'syz.1.3510': attribute type 1 has an invalid length.
[  334.495792][T16567] xt_hashlimit: size too large, truncated to 1048576
[  334.889087][T16584] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  334.898370][T16585] netlink: zone id is out of range
[  334.903635][T16585] netlink: zone id is out of range
[  334.908828][T16585] netlink: zone id is out of range
[  334.914531][T16585] netlink: zone id is out of range
[  334.919781][T16585] netlink: zone id is out of range
[  334.943389][T16585] netlink: zone id is out of range
[  334.948731][T16585] netlink: zone id is out of range
[  334.958866][T16585] netlink: zone id is out of range
[  335.381798][T16602] netlink: 'syz.0.3522': attribute type 1 has an invalid length.
[  335.392237][T16602] netlink: 'syz.0.3522': attribute type 11 has an invalid length.
[  335.424195][T16603] netlink: 'syz.2.3523': attribute type 3 has an invalid length.
[  335.861092][T16626] veth1_macvtap: left promiscuous mode
[  335.866977][T16626] macsec0: entered promiscuous mode
[  335.894923][T16626] veth1_macvtap: entered promiscuous mode
[  335.900908][T16626] macsec0: left promiscuous mode
[  337.027759][T16695] netlink: 'syz.2.3552': attribute type 10 has an invalid length.
[  337.084397][T16695] veth0_vlan: left promiscuous mode
[  337.090545][T16695] veth0_vlan: entered promiscuous mode
[  337.116099][T16695] team0: Device veth0_vlan failed to register rx_handler
[  337.212884][T16702] __nla_validate_parse: 17 callbacks suppressed
[  337.212908][T16702] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3554'.
[  337.280437][T16710] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3556'.
[  337.325895][T16704] syzkaller1: entered promiscuous mode
[  337.331572][T16704] syzkaller1: entered allmulticast mode
[  337.637321][T16720] netlink: 'syz.3.3560': attribute type 10 has an invalid length.
[  337.674145][T16720] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  337.962394][T16736] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3565'.
[  338.006740][T16735] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3569'.
[  338.262494][T16747] syzkaller1: entered promiscuous mode
[  338.292300][T16747] syzkaller1: entered allmulticast mode
[  338.376541][T16759] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3576'.
[  338.448986][T16764] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3577'.
[  338.615876][T16772] netlink: 'syz.1.3579': attribute type 10 has an invalid length.
[  339.122936][T16795] syzkaller1: entered promiscuous mode
[  339.129923][T16795] syzkaller1: entered allmulticast mode
[  339.371884][T16806] netlink: 'syz.0.3595': attribute type 10 has an invalid length.
[  339.403846][T16806] veth0_vlan: left promiscuous mode
[  339.422417][T16806] veth0_vlan: entered promiscuous mode
[  339.438084][T16806] team0: Device veth0_vlan failed to register rx_handler
[  339.490400][T16813] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  339.658061][T16820] IPv6: addrconf: prefix option has invalid lifetime
[  339.857836][T16830] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3605'.
[  339.919661][T16832] vlan0: entered allmulticast mode
[  339.930081][T16832] mac80211_hwsim hwsim33 wlan0: entered allmulticast mode
[  339.946872][T16832] mac80211_hwsim hwsim33 wlan0: left allmulticast mode
[  340.155280][T16844] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3610'.
[  340.179105][T16844] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3610'.
[  340.198768][T16844] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3610'.
[  340.394230][T16855] openvswitch: netlink: Key 32 has unexpected len 0 expected 2
[  340.489804][T16862] xt_CT: You must specify a L4 protocol and not use inversions on it
[  340.932138][T16886] netlink: 'syz.3.3624': attribute type 10 has an invalid length.
[  341.142735][T16886] veth0_vlan: left promiscuous mode
[  341.195182][T16886] veth0_vlan: entered promiscuous mode
[  341.217456][T16886] team0: Device veth0_vlan failed to register rx_handler
[  341.493670][T16912] wg1 speed is unknown, defaulting to 1000
[  341.506407][T16912] wg1 speed is unknown, defaulting to 1000
[  341.513006][T16912] wg1 speed is unknown, defaulting to 1000
[  341.519803][T16913] tipc: Enabling of bearer <dth:sy> rejected, media not registered
[  341.791025][ T7566] wg1 speed is unknown, defaulting to 1000
[  341.813919][T16912] infiniband syz0: set active
[  341.834698][T16912] infiniband syz0: added wg1
[  341.924930][T16912] RDS/IB: syz0: added
[  341.930072][T16912] smc: adding ib device syz0 with port count 1
[  341.950382][T16912] smc:    ib device syz0 port 1 has pnetid 
[  341.961213][ T5910] wg1 speed is unknown, defaulting to 1000
[  341.972120][T16912] wg1 speed is unknown, defaulting to 1000
[  342.052116][T16933] lo speed is unknown, defaulting to 1000
[  342.101733][T16933] xfrm0 speed is unknown, defaulting to 1000
[  342.117089][T16930] can: request_module (can-proto-5) failed.
[  342.241247][T16933] wg1 speed is unknown, defaulting to 1000
[  342.454622][T16954] netlink: 'syz.4.3643': attribute type 1 has an invalid length.
[  342.474448][T16912] wg1 speed is unknown, defaulting to 1000
[  342.669456][T16912] wg1 speed is unknown, defaulting to 1000
[  342.759635][T16963] netlink: 'syz.1.3646': attribute type 1 has an invalid length.
[  342.788220][T16963] netlink: 'syz.1.3646': attribute type 10 has an invalid length.
[  342.801172][T16963] __nla_validate_parse: 8 callbacks suppressed
[  342.801191][T16963] netlink: 236 bytes leftover after parsing attributes in process `syz.1.3646'.
[  342.860589][T16963] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3646'.
[  342.898400][T16912] wg1 speed is unknown, defaulting to 1000
[  343.035733][T16967] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  343.082322][T16912] wg1 speed is unknown, defaulting to 1000
[  343.226199][T16912] wg1 speed is unknown, defaulting to 1000
[  343.402150][T16912] wg1 speed is unknown, defaulting to 1000
[  344.212739][T16994] tipc: Started in network mode
[  344.218067][T16994] tipc: Node identity ac14140f, cluster identity 4711
[  344.225855][T16994] tipc: New replicast peer: 255.255.255.255
[  344.242664][T16994] tipc: Enabled bearer <udp:syz2>, priority 10
[  344.853778][T17013] netlink: 'syz.3.3664': attribute type 1 has an invalid length.
[  344.899039][T17015] netlink: 'syz.1.3665': attribute type 21 has an invalid length.
[  344.923520][T17015] netlink: 128 bytes leftover after parsing attributes in process `syz.1.3665'.
[  344.932793][T17015] netlink: 'syz.1.3665': attribute type 5 has an invalid length.
[  344.974069][T17015] netlink: 3 bytes leftover after parsing attributes in process `syz.1.3665'.
[  345.100420][T17019] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3666'.
[  345.140007][T17019] bridge_slave_1: left allmulticast mode
[  345.146148][T17019] bridge_slave_1: left promiscuous mode
[  345.154367][T17019] bridge0: port 2(bridge_slave_1) entered disabled state
[  345.204430][T17019] bridge_slave_0: left allmulticast mode
[  345.236282][T17019] bridge_slave_0: left promiscuous mode
[  345.264145][T17019] bridge0: port 1(bridge_slave_0) entered disabled state
[  345.386626][ T5910] tipc: Node number set to 2886997007
[  345.972635][T17035] netlink: 'syz.2.3671': attribute type 10 has an invalid length.
[  345.982479][T17035] veth0_vlan: left promiscuous mode
[  345.992759][T17035] veth0_vlan: entered promiscuous mode
[  346.000473][T17035] team0: Device veth0_vlan failed to register rx_handler
[  346.075228][T17038] netlink: 'syz.0.3672': attribute type 29 has an invalid length.
[  346.083794][T17039] netlink: 'syz.0.3672': attribute type 29 has an invalid length.
[  346.165378][T17013] netlink: 'syz.3.3664': attribute type 1 has an invalid length.
[  346.256232][T17042] syzkaller1: entered promiscuous mode
[  346.268888][T17042] syzkaller1: entered allmulticast mode
[  346.521307][T17047] syz_tun: tun_net_xmit 86
[  346.568814][T17048] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.3676'.
[  346.751387][T17053] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3678'.
[  347.210489][T17071] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3685'.
[  347.554282][    C0] syz_tun: tun_net_xmit 86
[  347.821294][T17093] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3693'.
[  347.834351][T17093] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3693'.
[  348.415834][    C1] hrtimer: interrupt took 85739744 ns
[  348.435488][T16971] Set syz1 is full, maxelem 65536 reached
[  348.593551][    C0] syz_tun: tun_net_xmit 86
[  457.543221][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  457.550687][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=54461, q=639 ncpus=2)
[  457.558451][    C0] rcu: All QSes seen, last rcu_preempt kthread activity 3848 (4294982839-4294978991), jiffies_till_next_fqs=1, root ->qsmask 0x0
[  457.571854][    C0] rcu: rcu_preempt kthread starved for 3848 jiffies! g54461 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  457.583011][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  457.593015][    C0] rcu: RCU grace-period kthread stack dump:
[  457.598926][    C0] task:rcu_preempt     state:R  running task     stack:24912 pid:17    tgid:17    ppid:2      task_flags:0x208040 flags:0x00004000
[  457.612550][    C0] Call Trace:
[  457.615857][    C0]  <TASK>
[  457.618819][    C0]  __schedule+0x190e/0x4c90
[  457.623666][    C0]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  457.629635][    C0]  ? __pfx___schedule+0x10/0x10
[  457.634538][    C0]  ? __pfx_lock_release+0x10/0x10
[  457.639647][    C0]  ? __pfx___mod_timer+0x10/0x10
[  457.644651][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  457.651035][    C0]  ? schedule+0x90/0x320
[  457.655316][    C0]  schedule+0x14b/0x320
[  457.659578][    C0]  schedule_timeout+0x15a/0x290
[  457.664480][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  457.669977][    C0]  ? __pfx_process_timeout+0x10/0x10
[  457.675332][    C0]  ? prepare_to_swait_event+0x330/0x350
[  457.680939][    C0]  rcu_gp_fqs_loop+0x2df/0x1330
[  457.685840][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  457.691294][    C0]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[  457.697490][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  457.702824][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  457.708962][    C0]  ? finish_swait+0xd4/0x1e0
[  457.713658][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  457.719235][    C0]  rcu_gp_kthread+0xa7/0x3b0
[  457.723887][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  457.729276][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  457.735400][    C0]  ? __kthread_parkme+0x169/0x1d0
[  457.740504][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  457.745762][    C0]  kthread+0x7a9/0x920
[  457.749889][    C0]  ? __pfx_kthread+0x10/0x10
[  457.754613][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  457.759838][    C0]  ? __pfx_kthread+0x10/0x10
[  457.764464][    C0]  ? __pfx_kthread+0x10/0x10
[  457.769100][    C0]  ? __pfx_kthread+0x10/0x10
[  457.773732][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  457.779055][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  457.784375][    C0]  ? __pfx_kthread+0x10/0x10
[  457.789112][    C0]  ret_from_fork+0x4b/0x80
[  457.793625][    C0]  ? __pfx_kthread+0x10/0x10
[  457.798295][    C0]  ret_from_fork_asm+0x1a/0x30
[  457.803131][    C0]  </TASK>
[  457.806197][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  457.812563][    C0] CPU: 0 UID: 0 PID: 10856 Comm: kworker/0:39 Not tainted 6.14.0-rc5-syzkaller-00142-g77b2ab31fc65 #0
[  457.823622][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  457.833723][    C0] Workqueue: events jump_label_update_timeout
[  457.839948][    C0] RIP: 0010:queued_write_lock_slowpath+0x15f/0x44a
[  457.846536][    C0] Code: 77 a5 1d f6 f0 41 81 0f 00 01 00 00 48 8b 5c 24 08 43 0f b6 04 2e 84 c0 0f 85 94 00 00 00 41 8b 07 3d 00 01 00 00 74 27 f3 90 <43> 0f b6 04 2e 84 c0 74 eb 44 89 f9 80 e1 07 80 c1 03 38 c1 7c de
[  457.866222][    C0] RSP: 0018:ffffc90000007480 EFLAGS: 00000206
[  457.872327][    C0] RAX: 00000000000001ff RBX: 1ffff92000000e9a RCX: ffffffff8c0b6729
[  457.880325][    C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff8ffe4fa0
[  457.888503][    C0] RBP: ffffc90000007530 R08: ffffffff8ffe4fa3 R09: 1ffffffff1ffc9f4
[  457.896675][    C0] R10: dffffc0000000000 R11: fffffbfff1ffc9f5 R12: ffffc900000074d0
[  457.904688][    C0] R13: dffffc0000000000 R14: 1ffffffff1ffc9f4 R15: ffffffff8ffe4fa0
[  457.912688][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  457.921730][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  457.928449][    C0] CR2: 00005555790095c8 CR3: 000000000e938000 CR4: 00000000003526f0
[  457.936455][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  457.944472][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  457.952477][    C0] Call Trace:
[  457.955955][    C0]  <IRQ>
[  457.958843][    C0]  ? rcu_check_gp_kthread_starvation+0x278/0x310
[  457.965223][    C0]  ? print_other_cpu_stall+0x1481/0x15c0
[  457.970910][    C0]  ? __pfx_print_other_cpu_stall+0x10/0x10
[  457.976756][    C0]  ? timekeeping_advance+0x5e8/0x770
[  457.982240][    C0]  ? kvm_check_and_clear_guest_paused+0x6a/0xd0
[  457.988603][    C0]  ? rcu_sched_clock_irq+0xa26/0x10e0
[  457.994016][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[  457.999722][    C0]  ? update_process_times+0x242/0x2f0
[  458.005307][    C0]  ? tick_nohz_handler+0x37c/0x500
[  458.010463][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[  458.015967][    C0]  ? __hrtimer_run_queues+0x551/0xd30
[  458.021462][    C0]  ? ktime_get_update_offsets_now+0x2d/0x3b0
[  458.027500][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  458.033252][    C0]  ? read_tsc+0x9/0x20
[  458.037352][    C0]  ? ktime_get_update_offsets_now+0x38e/0x3b0
[  458.043471][    C0]  ? hrtimer_interrupt+0x403/0xa40
[  458.048652][    C0]  ? __sysvec_apic_timer_interrupt+0x110/0x420
[  458.054938][    C0]  ? sysvec_apic_timer_interrupt+0x52/0xc0
[  458.060777][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  458.066984][    C0]  ? queued_write_lock_slowpath+0x139/0x44a
[  458.072914][    C0]  ? queued_write_lock_slowpath+0x15f/0x44a
[  458.078947][    C0]  ? __pfx_queued_write_lock_slowpath+0x10/0x10
[  458.085404][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  458.090491][    C0]  do_raw_write_lock+0x395/0x4f0
[  458.095562][    C0]  ? __pfx_do_raw_write_lock+0x10/0x10
[  458.101135][    C0]  ? __pfx_eth_header_cache+0x10/0x10
[  458.106812][    C0]  ? ___neigh_create+0xf4a/0x2360
[  458.111973][    C0]  ___neigh_create+0xf4a/0x2360
[  458.116968][    C0]  ip6_finish_output2+0xb70/0x17c0
[  458.122115][    C0]  ? ip6_finish_output2+0x63b/0x17c0
[  458.127436][    C0]  ? __pfx_ip6_finish_output2+0x10/0x10
[  458.133022][    C0]  ? ip6_mtu+0x81/0x3f0
[  458.137235][    C0]  ip6_finish_output+0x41e/0x840
[  458.142221][    C0]  ndisc_send_skb+0xb52/0x1530
[  458.147022][    C0]  ? ndisc_send_skb+0x1eb/0x1530
[  458.152114][    C0]  ? __pfx_ndisc_send_skb+0x10/0x10
[  458.157350][    C0]  ? __pfx_dst_output+0x10/0x10
[  458.162280][    C0]  ? __ndisc_fill_addr_option+0xe2/0x130
[  458.167966][    C0]  ? ndisc_send_rs+0x439/0x5c0
[  458.172776][    C0]  addrconf_rs_timer+0x371/0x670
[  458.177762][    C0]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  458.183442][    C0]  ? call_timer_fn+0xa8/0x650
[  458.188171][    C0]  call_timer_fn+0x187/0x650
[  458.192802][    C0]  ? call_timer_fn+0xc0/0x650
[  458.197539][    C0]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  458.203151][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  458.208317][    C0]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  458.213810][    C0]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  458.219301][    C0]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  458.224788][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  458.230109][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  458.235445][    C0]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  458.240938][    C0]  __run_timer_base+0x66a/0x8e0
[  458.245855][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  458.251272][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  458.257639][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  458.263060][    C0]  run_timer_softirq+0xb7/0x170
[  458.268042][    C0]  handle_softirqs+0x2d4/0x9b0
[  458.272889][    C0]  ? __irq_exit_rcu+0xf7/0x220
[  458.277689][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  458.283166][    C0]  ? irqtime_account_irq+0xd1/0x1d0
[  458.288415][    C0]  __irq_exit_rcu+0xf7/0x220
[  458.293041][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  458.298284][    C0]  irq_exit_rcu+0x9/0x30
[  458.302571][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  458.308254][    C0]  </IRQ>
[  458.311231][    C0]  <TASK>
[  458.314199][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  458.320217][    C0] RIP: 0010:smp_call_function_many_cond+0x1bb2/0x2d30
[  458.327013][    C0] Code: 01 31 ff e8 c0 f4 0b 00 41 83 e4 01 4c 8b 64 24 68 75 07 e8 70 f0 0b 00 eb 41 f3 90 48 b8 00 00 00 00 00 fc ff df 0f b6 04 03 <84> c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 4b f0 0b 00 eb db 44
[  458.346659][    C0] RSP: 0018:ffffc90005187740 EFLAGS: 00000293
[  458.352762][    C0] RAX: 0000000000000000 RBX: 1ffff110170e88f9 RCX: ffff8880578e9e00
[  458.360762][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  458.369376][    C0] RBP: ffffc90005187940 R08: ffffffff81b5de30 R09: 1ffffffff28a9708
[  458.377381][    C0] R10: dffffc0000000000 R11: fffffbfff28a9709 R12: ffff8880b863fb48
[  458.385396][    C0] R13: ffff8880b87447c8 R14: ffff8880b863fb40 R15: 0000000000000001
[  458.393470][    C0]  ? smp_call_function_many_cond+0x1b90/0x2d30
[  458.399690][    C0]  ? sctp_v6_get_dst+0x41e/0x1e30
[  458.404941][    C0]  ? sctp_v6_get_dst+0x41e/0x1e30
[  458.410121][    C0]  ? __pfx___text_poke+0x10/0x10
[  458.415160][    C0]  ? __pfx___might_resched+0x10/0x10
[  458.420493][    C0]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  458.426942][    C0]  ? __pfx___might_resched+0x10/0x10
[  458.432275][    C0]  ? __pfx_do_sync_core+0x10/0x10
[  458.437348][    C0]  on_each_cpu_cond_mask+0x3f/0x80
[  458.442493][    C0]  text_poke_bp_batch+0x352/0xb30
[  458.447553][    C0]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  458.453574][    C0]  ? arch_jump_label_transform_apply+0x17/0x30
[  458.459766][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  458.464828][    C0]  ? __pfx_text_poke_bp_batch+0x10/0x10
[  458.470410][    C0]  ? arch_jump_label_transform_queue+0x9b/0x100
[  458.476687][    C0]  ? __jump_label_update+0x379/0x3a0
[  458.482103][    C0]  ? process_scheduled_works+0x9c6/0x18e0
[  458.487946][    C0]  text_poke_finish+0x30/0x50
[  458.492680][    C0]  arch_jump_label_transform_apply+0x1c/0x30
[  458.498711][    C0]  __static_key_slow_dec_cpuslocked+0xc4/0x110
[  458.504996][    C0]  jump_label_update_timeout+0x1e/0x30
[  458.510579][    C0]  process_scheduled_works+0xabe/0x18e0
[  458.516198][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  458.522236][    C0]  ? assign_work+0x364/0x3d0
[  458.526896][    C0]  worker_thread+0x870/0xd30
[  458.531552][    C0]  ? __kthread_parkme+0x169/0x1d0
[  458.536621][    C0]  ? __pfx_worker_thread+0x10/0x10
[  458.541770][    C0]  kthread+0x7a9/0x920
[  458.545877][    C0]  ? __pfx_kthread+0x10/0x10
[  458.550507][    C0]  ? __pfx_worker_thread+0x10/0x10
[  458.555660][    C0]  ? __pfx_kthread+0x10/0x10
[  458.560379][    C0]  ? __pfx_kthread+0x10/0x10
[  458.565097][    C0]  ? __pfx_kthread+0x10/0x10
[  458.569723][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  458.574963][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  458.580215][    C0]  ? __pfx_kthread+0x10/0x10
[  458.584847][    C0]  ret_from_fork+0x4b/0x80
[  458.589301][    C0]  ? __pfx_kthread+0x10/0x10
[  458.593943][    C0]  ret_from_fork_asm+0x1a/0x30
[  458.598760][    C0]  </TASK>
[  458.602961][    C0] sched: DL replenish lagged too much