last executing test programs:

36.621773926s ago: executing program 3 (id=552):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100e8ffffff00000000260000002000018008000100", @ANYRES32], 0x34}}, 0x0)

36.542852139s ago: executing program 3 (id=554):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00'}, 0x70)
r1 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r1, 0x29, 0x39, &(0x7f0000000040)="ff0204000000000100000000000000000000000000000205", 0x18)
getsockopt$inet6_opts(r1, 0x29, 0x39, 0x0, &(0x7f0000000080)=0x35)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r2, r3, 0x2, 0x2}, 0x10)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x7c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x54, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DREG={0x8}, @NFTA_IMMEDIATE_DATA={0x8, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x4}]}]}}}, {0x28, 0x1, 0x0, 0x1, @objref={{0xb}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_OBJREF_IMM_TYPE={0x8}, @NFTA_OBJREF_IMM_NAME={0x9, 0x2, 'syz1\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xf0}}, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r4, r5, 0x2, 0x2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz1\x00', 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)={@cgroup=r7, r0, 0x2, 0x0, 0x4000}, 0x10)

36.388782853s ago: executing program 3 (id=556):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@ipv4_newroute={0x1c}, 0x1c}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x24, r4, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x24}}, 0x0)
sendmsg$FOU_CMD_DEL(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r4, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x2}]}, 0x1c}}, 0x0)
listen(r0, 0x0)
socket$nl_crypto(0x10, 0x3, 0x15)
syz_emit_ethernet(0x82, &(0x7f0000000140)={@broadcast, @random="17043a73dbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414aa, @rand_addr, {[@lsrr={0x83, 0x3}, @rr={0x7, 0x3}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@private=0xa010102, 0x10000}, {@private}, {@local}, {@remote}, {@private}, {@remote}, {@private}]}]}}}}}}}, 0x0)
sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@get={0xe0, 0x13, 0x0, 0x0, 0x0, {{'streebog512-generic\x00'}}}, 0xe0}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x40, 0x0, 0x0, 0x0, 0x0, {}, [@DEVLINK_ATTR_RATE_TX_SHARE={0xc}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x40}}, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa08004c00006c0000000000069078ac1414bbac1414aa030000000000000000000000ac14140000000000ac1414000000000000004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="fcc20000907800000512000000060000000500000003000000070512000000060000bba1000000040000000502048000"], 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r5 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000340), 0x4)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000015c0)=ANY=[@ANYBLOB="300000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000008000400699b000008001b"], 0x30}, 0x1, 0x0, 0x0, 0x60004050}, 0x0)

35.844722127s ago: executing program 3 (id=560):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYRES8=r0], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="1800000076000907000000000000000007020200f80b708d22834f7eb535f9e7e948396df783e8f33d5032321abd84386a5ed2f15058c4f6b9b769b50ad8faa70fb30bd4e232f5a120c86b32ba3d5d4e3aa40500000068ec7c3cf73e3dd0637fc849fe5f73cc9f6e390f9e8734001b51c91b21b0b0cba43193f74f9a76898024f1af413e3e402654bcadcf9af83f52793b06a90253da45d6b5b896faf0eced83ba0eccddeea38958df88eb", @ANYRES32=0x0], 0x18}, 0x1, 0x5502000000000000}, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bpf$ENABLE_STATS(0x20, &(0x7f0000000440), 0x4)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000000040)={'wg1\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000080)={&(0x7f0000000a40)="63d719522ba00183ec370649c931f93760f1e666a84b2480471c4ba34f41bb74a766ec3cd3ff36fdeb54ebd1ad58d03607fa1aa399a143be1ccd298cdd6ff1accaf2577b724f9110c7ebcbb1232152d5eebfafca9b1d1b301abd8032d12e826ba59b453ee90488f7cf0914394387a8e1dc47d9d92bcda1d25aac2aff2c8d7e8ee1c41f4788293ae69b7a29505071f9226730fa541946c850ee79fc57444dab17ec3cb12ff3de4920843a514f8a6b98282837966232f38ef7a3af7a26ba", &(0x7f0000000b00)=""/242, &(0x7f0000000c00)="73f9ddf78f5d3ad4933d69cdc49b3917c9ec6dd025b664732b31045f1bb8f70b463c087512724b578daf0596915baa3f327ed693368ba6b6928d86ff7ad599091d01fd74a050288826ed6bcd4f16fbff89b72e3e9336362aa426d5ae8bae8a461055f84105f6151a3803cb292569cc3d3623a2a3fdfc1d3aff1a19edb1edf3d155e0a6cafe9c5fc1f3", &(0x7f0000000cc0)="d00a202d82e01adf07f38cff3c7e95179ed439b5f243e6b27980f855868d248f39899b8abbf5d9d7483cb816e6c649565c19d0e637ebdd991c1ac71f8f6956da84ca1b4a947ced0ee2e3dd68bd5f549cc743bf26f547d1bacb6eae142f6724cdde786e48e6b661ee1a57f0e8f86afcab0cfdd9e44c185f07efcf1698bbfd73809d1dd91819d3d59cddbe0475a5b52148cbe70c0d934ac0f4cd3a464153f059373a4025a797e6ce44b3dcd5a7ea129ec369643414ee12a9ae92625b85dbeb3f251a0e1e5f41", 0x3}, 0x38)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000e80)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r10, @ANYBLOB="300033003a00000008021100000108021100000050505050505000617a0000008c1000000262c8020000094c1f2501e02962"], 0x4c}}, 0x0)
sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r7, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000340)={&(0x7f00000008c0)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$WG_CMD_SET_DEVICE(r11, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000f00)=ANY=[@ANYBLOB="04010000502e686277c9a70900000000000000a1a68374002fc5967dcf777e96faf9727bf78ed4fe1d32c00e43a20ded001b0fd17d84f0db4b", @ANYRES16=r6, @ANYBLOB="050400000000000000000100000024000300000000000000000000000000000000000000000000000000000000000000000008000100", @ANYRES32=r5, @ANYBLOB="bc0008809cff00800800030000000000240002005577e9880050c7f502e96f1152ac2aa4cd9a9de7aa3f159b65412d9b8c39cac41400040002000000ac1414aa000000000000000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b392250000080200004000a00000000000000fe8000000000000000000000000000aa0000000008000300000000002400010000000000000000000000000000000000000000000000000000000000000000000600060000000000"], 0x104}}, 0x0)
getsockopt$rose(r3, 0x104, 0x6, 0x0, &(0x7f00000002c0))
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x3, &(0x7f0000000580)=@framed, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r12, 0x0, 0x8, 0x7, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r13 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
r14 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r14, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0x18, 0x30, 0x1, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)

24.928050718s ago: executing program 3 (id=560):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYRES8=r0], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="1800000076000907000000000000000007020200f80b708d22834f7eb535f9e7e948396df783e8f33d5032321abd84386a5ed2f15058c4f6b9b769b50ad8faa70fb30bd4e232f5a120c86b32ba3d5d4e3aa40500000068ec7c3cf73e3dd0637fc849fe5f73cc9f6e390f9e8734001b51c91b21b0b0cba43193f74f9a76898024f1af413e3e402654bcadcf9af83f52793b06a90253da45d6b5b896faf0eced83ba0eccddeea38958df88eb", @ANYRES32=0x0], 0x18}, 0x1, 0x5502000000000000}, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bpf$ENABLE_STATS(0x20, &(0x7f0000000440), 0x4)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000000040)={'wg1\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000080)={&(0x7f0000000a40)="63d719522ba00183ec370649c931f93760f1e666a84b2480471c4ba34f41bb74a766ec3cd3ff36fdeb54ebd1ad58d03607fa1aa399a143be1ccd298cdd6ff1accaf2577b724f9110c7ebcbb1232152d5eebfafca9b1d1b301abd8032d12e826ba59b453ee90488f7cf0914394387a8e1dc47d9d92bcda1d25aac2aff2c8d7e8ee1c41f4788293ae69b7a29505071f9226730fa541946c850ee79fc57444dab17ec3cb12ff3de4920843a514f8a6b98282837966232f38ef7a3af7a26ba", &(0x7f0000000b00)=""/242, &(0x7f0000000c00)="73f9ddf78f5d3ad4933d69cdc49b3917c9ec6dd025b664732b31045f1bb8f70b463c087512724b578daf0596915baa3f327ed693368ba6b6928d86ff7ad599091d01fd74a050288826ed6bcd4f16fbff89b72e3e9336362aa426d5ae8bae8a461055f84105f6151a3803cb292569cc3d3623a2a3fdfc1d3aff1a19edb1edf3d155e0a6cafe9c5fc1f3", &(0x7f0000000cc0)="d00a202d82e01adf07f38cff3c7e95179ed439b5f243e6b27980f855868d248f39899b8abbf5d9d7483cb816e6c649565c19d0e637ebdd991c1ac71f8f6956da84ca1b4a947ced0ee2e3dd68bd5f549cc743bf26f547d1bacb6eae142f6724cdde786e48e6b661ee1a57f0e8f86afcab0cfdd9e44c185f07efcf1698bbfd73809d1dd91819d3d59cddbe0475a5b52148cbe70c0d934ac0f4cd3a464153f059373a4025a797e6ce44b3dcd5a7ea129ec369643414ee12a9ae92625b85dbeb3f251a0e1e5f41", 0x3}, 0x38)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000e80)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r10, @ANYBLOB="300033003a00000008021100000108021100000050505050505000617a0000008c1000000262c8020000094c1f2501e02962"], 0x4c}}, 0x0)
sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r7, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000340)={&(0x7f00000008c0)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$WG_CMD_SET_DEVICE(r11, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000f00)=ANY=[@ANYBLOB="04010000502e686277c9a70900000000000000a1a68374002fc5967dcf777e96faf9727bf78ed4fe1d32c00e43a20ded001b0fd17d84f0db4b", @ANYRES16=r6, @ANYBLOB="050400000000000000000100000024000300000000000000000000000000000000000000000000000000000000000000000008000100", @ANYRES32=r5, @ANYBLOB="bc0008809cff00800800030000000000240002005577e9880050c7f502e96f1152ac2aa4cd9a9de7aa3f159b65412d9b8c39cac41400040002000000ac1414aa000000000000000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b392250000080200004000a00000000000000fe8000000000000000000000000000aa0000000008000300000000002400010000000000000000000000000000000000000000000000000000000000000000000600060000000000"], 0x104}}, 0x0)
getsockopt$rose(r3, 0x104, 0x6, 0x0, &(0x7f00000002c0))
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x3, &(0x7f0000000580)=@framed, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r12, 0x0, 0x8, 0x7, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r13 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
r14 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r14, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0x18, 0x30, 0x1, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)

11.052828929s ago: executing program 3 (id=560):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYRES8=r0], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="1800000076000907000000000000000007020200f80b708d22834f7eb535f9e7e948396df783e8f33d5032321abd84386a5ed2f15058c4f6b9b769b50ad8faa70fb30bd4e232f5a120c86b32ba3d5d4e3aa40500000068ec7c3cf73e3dd0637fc849fe5f73cc9f6e390f9e8734001b51c91b21b0b0cba43193f74f9a76898024f1af413e3e402654bcadcf9af83f52793b06a90253da45d6b5b896faf0eced83ba0eccddeea38958df88eb", @ANYRES32=0x0], 0x18}, 0x1, 0x5502000000000000}, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bpf$ENABLE_STATS(0x20, &(0x7f0000000440), 0x4)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000000040)={'wg1\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000080)={&(0x7f0000000a40)="63d719522ba00183ec370649c931f93760f1e666a84b2480471c4ba34f41bb74a766ec3cd3ff36fdeb54ebd1ad58d03607fa1aa399a143be1ccd298cdd6ff1accaf2577b724f9110c7ebcbb1232152d5eebfafca9b1d1b301abd8032d12e826ba59b453ee90488f7cf0914394387a8e1dc47d9d92bcda1d25aac2aff2c8d7e8ee1c41f4788293ae69b7a29505071f9226730fa541946c850ee79fc57444dab17ec3cb12ff3de4920843a514f8a6b98282837966232f38ef7a3af7a26ba", &(0x7f0000000b00)=""/242, &(0x7f0000000c00)="73f9ddf78f5d3ad4933d69cdc49b3917c9ec6dd025b664732b31045f1bb8f70b463c087512724b578daf0596915baa3f327ed693368ba6b6928d86ff7ad599091d01fd74a050288826ed6bcd4f16fbff89b72e3e9336362aa426d5ae8bae8a461055f84105f6151a3803cb292569cc3d3623a2a3fdfc1d3aff1a19edb1edf3d155e0a6cafe9c5fc1f3", &(0x7f0000000cc0)="d00a202d82e01adf07f38cff3c7e95179ed439b5f243e6b27980f855868d248f39899b8abbf5d9d7483cb816e6c649565c19d0e637ebdd991c1ac71f8f6956da84ca1b4a947ced0ee2e3dd68bd5f549cc743bf26f547d1bacb6eae142f6724cdde786e48e6b661ee1a57f0e8f86afcab0cfdd9e44c185f07efcf1698bbfd73809d1dd91819d3d59cddbe0475a5b52148cbe70c0d934ac0f4cd3a464153f059373a4025a797e6ce44b3dcd5a7ea129ec369643414ee12a9ae92625b85dbeb3f251a0e1e5f41", 0x3}, 0x38)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000e80)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r10, @ANYBLOB="300033003a00000008021100000108021100000050505050505000617a0000008c1000000262c8020000094c1f2501e02962"], 0x4c}}, 0x0)
sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r7, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000340)={&(0x7f00000008c0)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$WG_CMD_SET_DEVICE(r11, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000f00)=ANY=[@ANYBLOB="04010000502e686277c9a70900000000000000a1a68374002fc5967dcf777e96faf9727bf78ed4fe1d32c00e43a20ded001b0fd17d84f0db4b", @ANYRES16=r6, @ANYBLOB="050400000000000000000100000024000300000000000000000000000000000000000000000000000000000000000000000008000100", @ANYRES32=r5, @ANYBLOB="bc0008809cff00800800030000000000240002005577e9880050c7f502e96f1152ac2aa4cd9a9de7aa3f159b65412d9b8c39cac41400040002000000ac1414aa000000000000000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b392250000080200004000a00000000000000fe8000000000000000000000000000aa0000000008000300000000002400010000000000000000000000000000000000000000000000000000000000000000000600060000000000"], 0x104}}, 0x0)
getsockopt$rose(r3, 0x104, 0x6, 0x0, &(0x7f00000002c0))
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x3, &(0x7f0000000580)=@framed, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r12, 0x0, 0x8, 0x7, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r13 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
r14 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r14, &(0x7f0000005c40)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0x18, 0x30, 0x1, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)

4.26538718s ago: executing program 4 (id=871):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14}, 0x14}}, 0x20040000)
unshare(0xc040400)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb010018000000005300f40c0000220c000000020000000000000000000006040000000000"], 0x0, 0x26}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={r2, 0x58, &(0x7f0000000040)}, 0x10)
r3 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r4=>0x0})
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r4}, 0x90)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'veth0\x00'}, @IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r5}]}]}, 0x40}}, 0x0)
sendmsg$kcm(r1, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1, 0x4, 0x0, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCSIFBR(r8, 0x890c, &(0x7f0000000000)=@generic={0x0, 0x2})
r9 = socket$kcm(0x29, 0x7, 0x0)
r10 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r10, 0x8932, 0x0)
getsockopt$SO_TIMESTAMP(r9, 0x1, 0x23, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
unshare(0x22020400)
r11 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x5, 0x13, 0x5, 0x7c}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@map_fd={0x18, 0x0, 0x2, 0x0, r11, 0x0, 0x0, 0x0, 0xa}]}, &(0x7f0000000000)='GPL\x00'}, 0x90)
socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000013c0)={'veth1_macvtap\x00'})
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)

4.018135949s ago: executing program 4 (id=873):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x20001400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1503"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x67000000}, 0x90)
ioctl$TUNSETOFFLOAD(r2, 0x4010744d, 0x20000000)
ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000180)={0x1, 0x1})

3.794202082s ago: executing program 4 (id=875):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
socket$inet6_sctp(0xa, 0x1, 0x84)
unshare(0x22020600)
poll(0x0, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x5000, 0x4)
sendmmsg$inet(r0, &(0x7f0000001980)=[{{&(0x7f00000002c0)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}}], 0x1, 0x240080e4)
write(r0, &(0x7f0000003000)='\t', 0x1)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
socket$xdp(0x2c, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$rxrpc(0x21, 0x2, 0xa)
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r1, 0x110, 0x4, &(0x7f0000000180)=0x4, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
writev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000340)="4fc3706c842e18179fa17c8baff0defd4fa94641cddecaedb1ffc14795120bb90473b3cc8e289c94148cdf2dcbe8d2b48421750d72fbb48b34c3ec996f417b30c94b9ffc20f3bed2f218d9a4d0a7b5c5cd346aeb85e3e3b149773b2bbacc5a4ef4c07c6031775f17dd4a7102651fa4a87170317cca08c61b8c39019b875b0df28f1ec45c9c35d33e6e27fb1dd5a06576f64a9688cbda16c8827c1b527f45d01f37771edfa7f75c39ae19d7d005badba2560b35100c59e39d7ecf6d91ad928d692b6226254a4fe718b38f1b96eb439a8acb439faec6c2a7a4d3620da40c34750f97b2d4a323252009a5805493c06d516fa59c601ec57a737496a10c2eeb40169d3c204f768c63355fe331", 0x10a}], 0x1)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r5, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}, 0x2, 0x2}}, 0x26)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
connect$inet6(r6, &(0x7f0000000300)={0xa, 0x4e20, 0x2, @loopback, 0xfff}, 0x62)
close(r2)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write(r7, &(0x7f0000000600)='1', 0x1)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r8, &(0x7f0000000200)=0x4, 0x12)
write$binfmt_script(r6, &(0x7f00000005c0), 0x10e)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYRESHEX], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

3.545738282s ago: executing program 4 (id=879):
r0 = socket(0x2, 0x3, 0xff)
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000000)=0x97b, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@private1, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x2000000000}, {0x3, 0x0, 0x0, 0x7fff}, 0x0, 0xffffffff}, {{@in6=@private2, 0x4d6, 0x6c}, 0x0, @in=@dev, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5}}, 0xe8)
listen(r1, 0x0)
syz_emit_ethernet(0x9a, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6000000000640600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="94"], 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg$unix(r0, &(0x7f0000002fc0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)="643c87cf2bd21d995e613d73613b1e78334efea0", 0x14}], 0x1}}], 0x1, 0xccec)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000061105b000000000095000000000016d8a87a5b5189d61e3cfeef"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="760a0000000000006102500000000000180000000000000000000000000000000500000000000000911f5c0d6031a13e27fa07ef8c09beb0a233c4e236551a7c02b763653e9e9d5ad7ad4d720ef03dbf0b000d2e77a904c3c21b8e285f6724ad2df15906419fba6b7fb1d77ae41be25c060fea375e6eba7044fb0be8470bce6ca1100bc808f62aa42c3531ef77"], &(0x7f0000000000)='GPL\x00'}, 0x80)
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000040)={'wlan1\x00', 0x400})
r3 = socket$packet(0x11, 0x2, 0x300)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xa, 0x4, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r5}, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'rose0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x4)

3.262594945s ago: executing program 4 (id=881):
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'stdrng\x00'}, 0x58)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuacct.usage_percpu_user\x00', 0x0, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x58, r1, 0x100, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x2, 0x52}}}}, [@NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x2}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x1}, @NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x4}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xc}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x2}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000080}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_DISASSOCIATE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x40, r1, 0x300, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x10000, 0x6f}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x6}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x20044040)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r3, 0x1, 0x19, &(0x7f0000000380)='wg1\x00', 0x4)
openat$cgroup_int(r0, &(0x7f00000003c0)='blkio.throttle.write_bps_device\x00', 0x2, 0x0)
ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f0000000400))
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r3, 0x8982, &(0x7f0000000440)={0x6, 'nr0\x00', {0xe}, 0xa9f4})
ioctl$sock_SIOCGPGRP(r4, 0x8904, &(0x7f0000000480))
r5 = accept4$x25(r0, &(0x7f00000004c0)={0x9, @remote}, &(0x7f0000000500)=0x12, 0x80800)
ioctl$sock_x25_SIOCADDRT(r5, 0x890b, &(0x7f0000000540)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x2}, 0xc, 'veth1_macvtap\x00'})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000800)={0x0, <r6=>0x0}, 0x8)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x9, 0x12, &(0x7f0000000640)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfcd, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x6, 0x4, 0x0, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000700)='syzkaller\x00', 0xae, 0x2a, &(0x7f0000000740)=""/42, 0x40f00, 0x60, '\x00', 0x0, 0x2b, r0, 0x8, &(0x7f0000000780)={0x3, 0x4}, 0x8, 0x10, &(0x7f00000007c0)={0x3, 0x8, 0x6, 0x2d9}, 0x10, r6, r0, 0x8, 0x0, &(0x7f0000000840)=[{0x0, 0x3, 0x6, 0xb}, {0x2, 0x3, 0x5, 0x9}, {0x3, 0x1, 0x5, 0x4}, {0x0, 0x4, 0x5}, {0x1, 0x3, 0x1}, {0x0, 0x4, 0x6, 0x6}, {0x5, 0x1, 0x0, 0x5}, {0x2, 0x4, 0xf, 0x6}], 0x10, 0x7}, 0x90)
sendmsg$nl_route(r3, &(0x7f0000000a40)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)=@ipv4_getrule={0x1c, 0x22, 0x300, 0x70bd2d, 0x25dfdbfb, {0x2, 0xda955ed2aa899c24, 0x10, 0xfd, 0x2, 0x0, 0x0, 0x3, 0x10}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x80)
setsockopt$RDS_RECVERR(r0, 0x114, 0x5, &(0x7f0000000a80)=0x1, 0x4)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000ac0), r8)
socket$rds(0x15, 0x5, 0x0)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000b00), 0x200800, 0x0)
ioctl$TUNSETSNDBUF(r9, 0x400454d4, &(0x7f0000000b40)=0x3)
setsockopt$rose(r0, 0x104, 0x6, &(0x7f0000000b80), 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000bc0), r0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000c00)={<r10=>0x0, @in={{0x2, 0x4e22, @multicast2}}, 0x3, 0x7f, 0x10001, 0x9, 0x80, 0x578}, &(0x7f0000000cc0)=0x9c)
getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000d00)={r10, 0x0, 0x7, 0x3}, &(0x7f0000000d40)=0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001240)={r7, 0xe0, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000f40)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, &(0x7f0000000f80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001000)=[0x0, 0x0], <r11=>0x0, 0xcc, &(0x7f0000001040)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000001080), &(0x7f00000010c0), 0x8, 0xd5, 0x8, 0x8, &(0x7f0000001100)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001440)={0x5, 0x1, &(0x7f0000000d80)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}], &(0x7f0000000dc0)='GPL\x00', 0x8001, 0xb2, &(0x7f0000000e00)=""/178, 0x41100, 0x18, '\x00', 0x0, 0x9, r0, 0x8, &(0x7f0000000ec0)={0x9, 0x3}, 0x8, 0x10, &(0x7f0000000f00)={0x3, 0x3, 0x8, 0x6}, 0x10, r11, r0, 0x1, &(0x7f00000013c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1, r0, r0, r0, 0xffffffffffffffff], &(0x7f0000001400)=[{0x2, 0x4, 0x4, 0x5}], 0x10, 0x8}, 0x90)

2.958263808s ago: executing program 4 (id=882):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000080)={0x4, 0x0, "9c5952", 0x0, 0x1})

2.090217749s ago: executing program 2 (id=893):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r0, &(0x7f0000003a80)={&(0x7f00000004c0)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000003a00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xd}, @multicast1}}}], 0x20}, 0x4008804)
sendmsg$inet(r0, &(0x7f0000000c00)={&(0x7f0000000540)={0x2, 0x0, @empty}, 0x10, &(0x7f00000005c0)=[{&(0x7f0000000580)="6e4602e2", 0x4}], 0x1}, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f0000000580), 0xffffffffffffffff)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x20, 0x4, &(0x7f0000000d40)=ANY=[@ANYBLOB="18000000010000000000000000000000911204000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000680), 0x4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000940)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000030000000e0000000000990700000000005f008a6ce372d926e60002697fa740cf6f3c44bf93bad3075e8ad5bd29ccabea6b0a0463ff7bbc5372e403f903f3c21248fb46d6a8f58ebc5c3626b67a3e38b8a289c7f51e653b60f29de13475f6edebeb0db2d172bb1cbd1dd1a14ee9401d43fd5ef7adde17dbc849ef7d649b087448cbdb3242bf95e93d660c0ecfcf7fa64f7fe8375f691683f515fb5eab70a316a2e070b5f104e9141a0582e8301a1b769191b74fd26d9ead03503bb8595848bfdb73b233411e0cd919fb3cac894afa"], &(0x7f00000008c0)=""/95, 0x27, 0x5f, 0x1}, 0x20)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x4f)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x48)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004b80)=[{{0x0, 0x0, &(0x7f0000000200)=[{0x0}, {&(0x7f0000000140)="06", 0x1}], 0x2}}], 0x1, 0x0)
socket$rds(0x15, 0x5, 0x0)
syz_80211_inject_frame(0x0, 0x0, 0x404)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_SERVICE(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="18000000", @ANYRES16=r2, @ANYBLOB="01e7000000000000000004"], 0x18}}, 0x0)

2.08964643s ago: executing program 0 (id=894):
r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
connect$llc(r0, &(0x7f0000000000)={0x1a, 0x30b, 0x1, 0x8, 0xd7, 0x10, @random="e9ad0739c099"}, 0x10)
r1 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)=@o_path={&(0x7f0000000040)='./file0\x00', 0x0, 0x0, r0}, 0x18)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000140)={'syztnl1\x00', &(0x7f00000000c0)={'ip6tnl0\x00', <r2=>0x0, 0x4, 0x9, 0x1, 0x4, 0x20, @remote, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8000, 0x8, 0x40000000, 0x7}})
pipe(&(0x7f0000000180)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x81, '\x00', r2, r4, 0x2, 0x1, 0x3}, 0x48)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f0000000240)={<r5=>0x0, 0x3, 0xb8}, &(0x7f0000000280)=0x8)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f00000002c0)={r5, 0x9, 0x1, [0xd92]}, &(0x7f0000000300)=0xa)
socket$alg(0x26, 0x5, 0x0)
r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f0000000340)={'wg0\x00', <r7=>0x0})
r8 = socket$can_j1939(0x1d, 0x2, 0x7)
sendto(r8, &(0x7f0000000380)="a2fc425b07f08d3893465452f731555ad34d4b70927ad9c2f28bf637d066803f4f9be224bb939eba8c8d8e5f71ba8d20ef3ba98482ddee41df264334fe46fc0b79ebf5bf74a77bcff362d2238694e3cc93729e495ff3e305c9964ae23c60c22b2ed9e1a8c7eef7daff1845edb9643c8143e5389485b49fdbcc3fa0ecc59c7aa1642e3b9b18d821c2971062b8fb9a5d90e263952c0aea2945594256226fe1737a1074abc0a3cad14a0c3782a88aea0d9b26b9d8a73a8ab9d9a194151d9005b4b6fa70ab402aa4a229416d8eef1a8237d713f318e30d4b701a06707600a22e8e17e92031", 0xe3, 0x4000000, &(0x7f0000000480)=@pppoe={0x18, 0x0, {0x4, @empty, 'gre0\x00'}}, 0x80)
ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f0000000500)='veth1\x00')
r9 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000580), r3)
sendmsg$IPVS_CMD_GET_SERVICE(r3, &(0x7f0000000640)={&(0x7f0000000540), 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x28, r9, 0x10, 0x70bd27, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xffff0001}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x4)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r3, &(0x7f0000000900)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000008c0)={&(0x7f00000006c0)={0x1fc, 0x0, 0x20, 0x70bd2d, 0x25dfdbfb, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x1}, {0x6, 0x11, 0xfff}, {0x8, 0x13, 0x5}, {0x5, 0x14, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x7}, {0x6, 0x11, 0x2}, {0x8}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x3a}, {0x6, 0x11, 0x8}, {0x8, 0x13, 0xfffffff8}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x8}, {0x6, 0x11, 0x2}, {0x8, 0x13, 0xff}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x7}, {0x6, 0x11, 0x10}, {0x8, 0x13, 0x5}, {0x5, 0x14, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x25}, {0x6, 0x11, 0x2}, {0x8, 0x13, 0x9}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0x6}, {0x8, 0x13, 0x9ba}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x3000}, {0x6, 0x11, 0x3}, {0x8, 0x13, 0x80000000}, {0x5}}]}, 0x1fc}, 0x1, 0x0, 0x0, 0x4000010}, 0x8000)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r3, 0x84, 0x6b, &(0x7f0000000940)=[@in6={0xa, 0x4e24, 0x800, @ipv4={'\x00', '\xff\xff', @loopback}, 0xc}, @in6={0xa, 0x4e24, 0x8000, @private1, 0x1}, @in6={0xa, 0x4e23, 0x2, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x40eb}, @in6={0xa, 0x4e20, 0x8be, @empty, 0x878}], 0x70)
r10 = syz_genetlink_get_family_id$batadv(&(0x7f0000000a00), r3)
sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r4, &(0x7f0000000ac0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x1c, r10, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004000}, 0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000b00)=@assoc_value={<r11=>0x0}, &(0x7f0000000b40)=0x8)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000b80)='./cgroup/syz1\x00', 0x1ff)
socket$packet(0x11, 0x3, 0x300)
recvfrom$ax25(r4, &(0x7f0000000bc0)=""/4096, 0x1000, 0x2, 0x0, 0x0)
sendfile(r3, r8, &(0x7f0000001bc0)=0x7, 0x2)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f0000001c00)={r11, 0x8}, &(0x7f0000001c40)=0x8)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001c80)=0xffffffffffffffff, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000001cc0)=@base={0x11, 0x10001, 0x2, 0x6, 0x140, r4, 0x0, '\x00', r7, r12, 0x0, 0x5, 0x2}, 0x48)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000001d40)={r11, 0x7f, 0x3}, 0x8)
socket$inet6(0xa, 0x80000, 0x6)

1.919225593s ago: executing program 0 (id=895):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_MSG_GETFLOWTABLE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000006c0)=ANY=[@ANYBLOB="2c000000170a0102000000000000400002"], 0x2c}}, 0x0)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000240)=ANY=[@ANYBLOB="d8010000", @ANYRES16, @ANYBLOB="010000000000fbdbdf25010000000800050001000000060006004e220000140002007767320000000000000000000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5427c0108800c01008006000500070000002400020086650b35f0b4c2dc04a95e352f55e8204db1e72262099a4daa6bd5d598d1ecdb24000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b1400040002004e24ac1e0001000000000000000008000300000000009c0009801c"], 0x1d8}}, 0x0)
r2 = socket$kcm(0xa, 0x3, 0x73)
r3 = socket$unix(0x1, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0x0, &(0x7f0000000240)=0x8000, 0x4)
write$binfmt_script(r3, &(0x7f0000001500)={'#! ', '\xe9\x1fq\x89Y\x1e\x923aK', [{0x20, 'GPL\x00'}, {}, {}], 0xa, "1072ab46e61f0d0319236fcccee94ea4e4505d98b420cbecde81989ecbf50ba8ef76f2585b9713f3402c3b30ef5327d0d0666052117477db3d07e8b579508546d77c18c89739077d788701cb1c52fc5c95e8f482e2c198bf59be6036f226bc2d69cb9c5200fd9797d4dc0b86d7812124575dd9245730ffcfa9d5477a37"}, 0x92)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r4, 0x0)
connect$unix(r3, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="1808000038000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100000000009500000000000000b7020000000000007b9af8ff00000000b509020008000000dbaaf8fff1000000bf8200000000000007080000f8ffffffbfa400000000000007090000f0ffffffc70200000800000018220000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7050000080000004608f1ff76000000bf9800000000004056080000000000008500ddff06004000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(r5)
r8 = accept4(r2, &(0x7f00000010c0)=@qipcrtr, &(0x7f00000012c0)=0x80, 0x0)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000001300)={<r9=>0x0, 0xaaaa}, &(0x7f0000001340)=0x8)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r8, 0x84, 0x7c, &(0x7f0000001380)={r9, 0x9, 0x4}, &(0x7f00000013c0)=0x8)
socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r5, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000001400)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd60ff00f500380600fe8000000000000000000000000000aafe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="e0c20000907800001e0aa500ac1414aa00001e181f4074c01ff5132cf07cdcb6e5c2a6a5225a8d972a4e000084f8cc40e1509fe5d1ee189feffecbafb41722077de4edb2a0f3550de550fc13ca1491ca6dfa77d1931bafcf3613cc0d55103ce23bbb2c2bab8b2ef978da0f996668d92e2afbc4659596a306701f69be50b5f2bd30cf97c5ba5d2662a16b6ad5059f74ac0b02b6b812a62b1a181429937d6bbc55b18b7aef8ff235f50b386923104f49e9c4b20e3a"], 0x0)
r10 = accept(r4, 0x0, 0x0)
sendto$inet6(r10, &(0x7f0000000000), 0xffffffffffffffe6, 0x0, 0x0, 0x18fae6fad8906d26)
recvmmsg(r3, &(0x7f0000000700)=[{{&(0x7f0000000000)=@x25={0x9, @remote}, 0x80, &(0x7f0000000800)=[{&(0x7f0000000080)=""/54}, {&(0x7f0000000780)=""/111}], 0x0, &(0x7f0000000280)=""/173, 0xbb}}, {{&(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @initdev}}}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000840)=""/150, 0xfffffd8c}, {&(0x7f0000000400)=""/119, 0x77}, {&(0x7f0000000480)=""/148, 0x94}, {&(0x7f0000000540)=""/59, 0x3b}, {&(0x7f0000000580)=""/42, 0x2a}, {&(0x7f00000005c0)=""/61, 0x3d}], 0x6, &(0x7f0000000680)=""/127, 0x7f}}], 0x2, 0x0, 0x0)
sendmsg$inet(r2, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty=0x2000000}, 0x10, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}], 0x1, &(0x7f0000001240)=[@ip_tos_int={{0x14, 0x29, 0x34}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010101, @multicast2}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @loopback}}}], 0x58, 0x2000}, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)

1.551031579s ago: executing program 2 (id=897):
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
unshare(0x24020400)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000280)={@val={0x0, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x0, 0x0, 0x1c, {[@window={0xb, 0x3}, @timestamp={0x5, 0x2, 0xfffe}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e)

1.426208062s ago: executing program 1 (id=899):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000025c0)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000cb000000000000000000000000000000009500"/40], &(0x7f0000000340)='syzkaller\x00', 0xfffffffa, 0x0, 0x0, 0x41100, 0x30, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000380)={0x5, 0x7, 0x1ff, 0x4}, 0x10, 0x0, 0x0, 0x1, &(0x7f00000003c0)=[0xffffffffffffffff, 0x1, 0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1], &(0x7f0000000400)=[{0x2, 0x3, 0xe, 0xc}], 0x10, 0x8b3}, 0x90)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000500)={"4e2769c3f179fc88e50d4281b6dcc448", <r1=>0x0, 0x0, {0x1, 0x4}, {0x3, 0x6}, 0x8, [0x3, 0x1f0, 0x7, 0x1, 0x0, 0x9, 0xfff, 0x8, 0x400, 0x8, 0xfffffffffffffffe, 0xbe7, 0x7, 0x4, 0x9, 0x2]})
r2 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000040)='memory.pressure\x00', 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300"/3601], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r3}, 0x10)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x4, 0x0, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000300)=0x208)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x12, &(0x7f0000000180)=0x4000000, 0x4)
sendto$inet6(0xffffffffffffffff, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090011006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000002a80)={@ifindex, 0xffffffffffffffff, 0xd}, 0x20)
shutdown(0xffffffffffffffff, 0x1)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000003c80)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r4=>0x0}})
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000640)={r4, 0x9, 0x0, [0x0, 0x0, 0x0, 0x400], [0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfef8, 0x6, 0x0, 0x0, 0x0, 0x8, 0x0, 0x7, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1f, 0x0, 0x0, 0x0, 0xd74e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3f, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x4000000000000, 0x40000, 0x0, 0x0, 0x0, 0x0, 0xb062, 0x8, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x44f7, 0x0, 0xfffffffffffffffd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x3, 0x1, 0x1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]})
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000000)='highspeed\x00', 0xa)
setsockopt$inet_int(r5, 0x0, 0x18, &(0x7f0000000040)=0x6, 0x4)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000840)={{}, 0x0, 0x0, @unused, @devid=r4})
ioctl$BTRFS_IOC_RESIZE(0xffffffffffffffff, 0x50009403, &(0x7f00000023c0)=ANY=[@ANYRES32, @ANYBLOB='\x00\x00\x00\x00', @ANYRESDEC=r4, @ANYBLOB="3a6de7283d627562124d161fd524c8563675b78d82ec1a32caba625f29f567d43ba75cab2e37cdd9b38a91367feda82a05f46fe786e10f55be540a551dffc8666f1b0766a6a4b19b46bf4d36b1ef5fbe1c9e7e05982ec043765197540b5a5815c9f165e7b352e560385ba4870face5b94c933645aed158a01556e9335da06ccc62f8d876bc391c6d54c14f86ce8a2ee91b061757e3da72b808a25c32e81c26ac0df494e8f7dbed0d49ec9f29acf7bca755dc9e13d83967b968957aa0cd00893a4b98e7eb1a553b9fb6d57518e1b6d9b250200153d68c4dfadc9cde9b144e9659af3177235fbbb47a98df47baea572a124aa61f17de378c26e288588c68ac972b63f0bdd11e06d72e8672d89670003b03a9c7c80b3d1ecc5e892314fba47051c6c3344038fc94548146aa774bc2f1261ca9f580f7480b87cd791df8af12e14a865a17c62a0ea670b9d5433d79106675485a2be2d14d609d9946139d0391ede66dea1c884e74fe55b85f486aa958f8eac37f60"])
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r6, &(0x7f0000000140), 0x9)
ioctl$SIOCX25SDTEFACILITIES(r6, 0x89eb, &(0x7f0000002580)={0x1000, 0x90, 0x401, 0xb9, 0x9, 0xa, 0x12, "e973d1f44ca0ca0d2e1fa0c443863cc34643cf40", "58b609dcc25b778e9f46ad536a5bcb112c1c0511"})
ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000000200)={r4, 0x9, 0x8, 0x1})
ioctl$BTRFS_IOC_DEV_INFO(r3, 0xd000941e, &(0x7f00000013c0)={r4, "9125587169283e8e19a9c00264ea2b63"})
ioctl$BTRFS_IOC_GET_DEV_STATS(r2, 0xc4089434, &(0x7f0000000240)={r4, 0x5, 0x1, [0x7f, 0x7fffffff, 0x2, 0x4, 0x9], [0x5a0, 0xade, 0x3, 0x4, 0x2, 0x8000000000000001, 0x4, 0xfff, 0x6, 0x7ff, 0x0, 0x3, 0x1, 0x50bb9b80, 0x22a4, 0x7ff, 0x9, 0x203, 0x531, 0x6, 0x0, 0x8001, 0x80000, 0xe, 0x9, 0x8, 0x5, 0x0, 0x8, 0x8, 0x6, 0xdfd6, 0x3, 0x9bb7, 0x7, 0x8, 0x8, 0xfffffffffffffff7, 0x2, 0x8, 0x10000, 0x7f, 0x3c41, 0xf52, 0x10000, 0xffffffffffffeecc, 0xd33, 0xff, 0x2fa2, 0x5, 0x5, 0x1, 0x2, 0x8, 0x2, 0x2000000000008, 0x400, 0x2, 0x1, 0x438e000, 0x321, 0x8b2a, 0x80, 0x3069, 0x9721, 0x4, 0x9, 0x40, 0x100000000, 0x81, 0xf9d, 0x7, 0x100000001, 0x5, 0x4, 0x840c, 0x5, 0x4, 0x4, 0x5, 0x1, 0x202000000000000, 0x1, 0x7, 0xfff, 0xffff, 0x9, 0x9, 0x3, 0x3f, 0x6, 0xafdf, 0x1, 0x3, 0x5, 0x4, 0xffffffff00000000, 0x3, 0x6, 0x6, 0x4, 0x3, 0x2, 0x2, 0x3, 0x6, 0x10001, 0xfffffffffffeffff, 0x1, 0x4, 0x0, 0x80, 0xfffffffffffffffd, 0xc, 0x4, 0xfffffffffffffe01, 0x101, 0x6, 0x6, 0x20, 0x2]})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r0, 0x50009417, &(0x7f0000000600)={{}, r1, 0x2, @unused=[0x0, 0x1, 0x400, 0x6], @devid=r4})
ioctl$sock_inet6_SIOCDIFADDR(0xffffffffffffffff, 0x8936, &(0x7f00000001c0)={@mcast1, 0x76})
r7 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
ioctl$SIOCAX25CTLCON(r7, 0x89e8, &(0x7f0000000080)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x63, 0xffffffffffffffff, 0x0, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @default, @null]})

1.365343615s ago: executing program 1 (id=900):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000800)={'xfrm0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)={0x244, 0x0, 0x400, 0x70bd29, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0xa2e}, @NL80211_ATTR_BSSID={0xa, 0xf5, @random="0a380e5bb6b3"}, @NL80211_ATTR_IE={0x1ab, 0x2a, [@fast_bss_trans={0x37, 0xc2, {0x9, 0x6, "8a4589d8f26fe897e199d72a4fc5b9ff", "69b6b5a3b84c9245572d4e06a7225795f3bcae10cc187f1dfd25bd85297003d2", "1677de8b6089666ce6d4564c7606b8dc1be57e21f3fbafd4aa289c66a49a0591", [{0x2, 0x16, "ce77367042c52e19d3370103f01dead6c80b85822760"}, {0x3, 0x1, '\t'}, {0x3, 0xc, "35f53076d8be2536ad331542"}, {0x3, 0x25, "1ee44f38eb06fbb42ad63604000885f460d3d5a7640cf651edd9d9c3e3a5e592068096dea0"}, {0x3, 0x15, "af126b117456d524fa2921863fb2f286ecd4ff506f"}, {0x4, 0x7, "0a0f7d83aea5e2"}]}}, @mic={0x8c, 0x10, {0x52c, "41a3754759da", @short="378c17d6a8e13a8b"}}, @tim={0x5, 0xcc, {0x9, 0x39, 0x4, "3f1c2b25ffafb53526d0ade8f306bf2ddc4da6bc0a7b8f7b43d0cf1ae99fdbe131e167e9fb46de4591e1ed80494c67e48e85e346d846b9b6e278ef7ee551fbac492822b88d161edbc106f9ebe7e7e732e791bb4d283c2cdbbca8cc3e5b2621ad36f1362e98db14c90af95f819fdbbf3443b2fd22dd5ba9f41fbb86f3e7c8b9d7da0362d714e46f102e2cf40a6eae5b0c9a213a2cbfa737ea4ec3c505808a0cd95998b8db7a0b5b51da46f8137d6fb0a3e5faf5751c47c4695aed11c0043613759653c4fe61207d54bc"}}, @challenge={0x10, 0x1, 0xd4}]}, @NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x202}, @NL80211_ATTR_SCAN_FLAGS={0x8}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0x1}, @NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0xfffffff8}, @NL80211_ATTR_BSSID={0xa, 0xf5, @from_mac=@broadcast}, @NL80211_ATTR_SCAN_SSIDS={0x44, 0x2d, 0x0, 0x1, [{0x19, 0x0, @random="3c89443d0259085388ba3d44acb704eb06b8a710f8"}, {0xa, 0x0, @default_ibss_ssid}, {0xa, 0x0, @default_ibss_ssid}, {0xa, 0x0, @default_ap_ssid}]}]}, 0x244}, 0x1, 0x0, 0x0, 0x8880}, 0x20002854)
r3 = socket(0x11, 0x3, 0x0)
sendto$packet(r3, &(0x7f0000000380)="6fa4bf90aa8a2fa38a8f6c8fa168f069adfc79fefab38d472b35afef1abf5976aa851156780bb0fe39e1880b", 0x2c, 0x0, &(0x7f00000000c0)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @random="0786dbd848f5"}, 0x14)

1.349563126s ago: executing program 2 (id=901):
r0 = socket(0x40000000015, 0x5, 0x0)
getsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0), 0x4)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000000))
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb08004500001c0000000000029078ac1414000000000012009078000000008b0233563a69b67b16d9989c6823308e1323ad3286bdc6f18e6f734525"], 0x0)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140100001f000504000000000000000002"], 0x114}], 0x1}, 0x0)

1.282154405s ago: executing program 1 (id=902):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(0xffffffffffffffff, 0x80049367, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$nl_route(0x10, 0x3, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'sit0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r1)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000580)={'wg1\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r1, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=r2, @ANYBLOB="0100e8ffffff00000000260000002000018008000100", @ANYRES32=r3, @ANYBLOB="14000200776731"], 0x34}}, 0x0)

1.262602302s ago: executing program 2 (id=903):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) (async)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async, rerun: 32)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70) (rerun: 32)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r0, r1, 0x2, 0x2}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r2, 0x0) (async)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040), 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0xd, 0x3, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0xc8}}, &(0x7f0000000000)='GPL\x00'}, 0x90) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)=@ipv4_newroute={0x30, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP_DST={0x8, 0x2, @multicast1}}]}, 0x30}}, 0x0) (async, rerun: 32)
socket$nl_route(0x10, 0x3, 0x0) (rerun: 32)

1.243803464s ago: executing program 1 (id=904):
r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000004380), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
r3 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f00000000c0)={r4}, 0x8)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x27d3f)
r5 = socket(0xa, 0x3, 0x3a)
getsockopt$nfc_llcp(r5, 0x3a, 0x0, 0x0, 0x20000000)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004700)={&(0x7f0000004600)={0x40, r0, 0x1, 0x70bd2d, 0x0, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x4}, {0x6, 0x11, 0x7}}]}, 0x40}}, 0x8880)

1.122131163s ago: executing program 1 (id=905):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1, 0x3, 0x5, 0x5}, 0x48)
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r2, @ANYBLOB="000000000000000024001280110001006272696467655f736c617665000000000c0005800500010001000000d960bd419aed8834f9b9c235e42518098ab14e6f7e6f166e49c27321db31e66da59580a9cd11aa96308a801aca7ca6711ed6dee2edf8"], 0x44}}, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b700000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
ppoll(&(0x7f0000000500)=[{r5}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x2, 0x3}, 0x0, 0x0)
bind$inet(r4, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_lsm={0x5, 0x5, &(0x7f00000000c0)=@framed={{0x5d, 0xa, 0xa, 0x0, 0x0, 0x79, 0x10, 0xa8}, [@map_fd={0x18, 0x0, 0x1, 0x0, r0}]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
mmap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00'})
r8 = socket$inet6(0xa, 0x6, 0x0)
listen(r8, 0x101)
setsockopt(0xffffffffffffffff, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)

1.121011915s ago: executing program 2 (id=906):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000ff00000018010000204e6a2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000040)='syzkaller\x00', 0x1, 0xfe7, &(0x7f0000001e00)=""/4071}, 0x90)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
recvmsg$kcm(r2, &(0x7f0000006480)={0x0, 0x0, &(0x7f0000000440)=[{0x0}, {&(0x7f00000008c0)=""/200, 0xc8}, {0x0}, {0x0}], 0x4}, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xe, 0x16, &(0x7f0000000340)=ANY=[@ANYRESDEC], &(0x7f0000000100)='GPL\x00'}, 0x90)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_route_sched(r4, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x17, 0xf, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000f1cdf3b2dc", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000ba000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000000000000b7000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0}, 0x90)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000b00), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r6, @ANYBLOB="11000000000000000000070000000c00604ad515300932a00000"], 0x20}}, 0x0)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r0, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000640)={&(0x7f00000009c0)=ANY=[@ANYRES32=0x0, @ANYRES16=r6, @ANYBLOB="000427bd7000ffdbdf25050000000800020003000000480001800800060001000000050002005a000000080003007f0000010600010039d600000800060010000000080006000000000014000400fc0100000000000000000000000000010800040001000000"], 0x6c}, 0x1, 0x0, 0x0, 0x8000}, 0xc090)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000004c0)='contention_begin\x00', r5}, 0x10)
r7 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000400)={'wlan0\x00', &(0x7f00000003c0)=@ethtool_stats})
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r9=>0x0})
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_INTERFACE(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="01000000000000000000070000000c0017000000000000000000080005000000000008000100000000000a0004"], 0x3c}}, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000240), r3)
sendmsg$nl_route(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="5800000010000100"/20, @ANYRES32=r9, @ANYBLOB="0000000058c40000300016802c00018028000100feffff7febc7a00e38a88000000000000000000000000000000000000000000000000000080028"], 0x58}}, 0x0)

1.07313147s ago: executing program 2 (id=907):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r0, &(0x7f0000003a80)={&(0x7f00000004c0)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000003a00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xd}, @multicast1}}}], 0x20}, 0x4008804)
sendmsg$inet(r0, &(0x7f0000000c00)={&(0x7f0000000540)={0x2, 0x0, @empty}, 0x10, &(0x7f00000005c0)=[{&(0x7f0000000580)="6e4602e2", 0x4}], 0x1}, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f0000000580), 0xffffffffffffffff)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x20, 0x4, &(0x7f0000000d40)=ANY=[@ANYBLOB="18000000010000000000000000000000911204000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1a, &(0x7f0000000d80)=ANY=[@ANYBLOB="180000000600000000000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000faffffff8500000006000000872300000100000085100000fbffffffb7080000000000007b8af8ff00000000b7080000040000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085511bd8178772301c8e0997667aca4e000000a50000009500000000000000e981375b6a61090d1d8e094016df505d7ea00e8090d9ca8300dd58d0f78f89be3a5c04e601d0bb9de03565318f4ede4b819349285f5c8955b9131c793c8c6285a46ac82358c100e7c332026456aa404e35e148077d8ea207b6b15ca8b71d35158b2a8f69ca4b2f62a53d766e9dc71fe240900817bd95d8db7240bd8a8b181133c30eab13b8971f8b1bdab65f970612c7e78353c31fdf9600902e2c9c837edfc1cfe579c52ada7417048f60cbf9a205807a02c6ab53c51f6b1b08c63d9c0da582fdf55d5e83c1765458b86a63af8349e25aa7afb96e27a4f40d72967dab7d"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000680), 0x4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000940)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000030000000e0000000000990700000000005f008a6ce372d926e60002697fa740cf6f3c44bf93bad3075e8ad5bd29ccabea6b0a0463ff7bbc5372e403f903f3c21248fb46d6a8f58ebc5c3626b67a3e38b8a289c7f51e653b60f29de13475f6edebeb0db2d172bb1cbd1dd1a14ee9401d43fd5ef7adde17dbc849ef7d649b087448cbdb3242bf95e93d660c0ecfcf7fa64f7fe8375f691683f515fb5eab70a316a2e070b5f104e9141a0582e8301a1b769191b74fd26d9ead03503bb8595848bfdb73b233411e0cd919fb3cac894afa"], &(0x7f00000008c0)=""/95, 0x27, 0x5f, 0x1}, 0x20)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x4f)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x48)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004b80)=[{{0x0, 0x0, &(0x7f0000000200)=[{0x0}, {&(0x7f0000000140)="06", 0x1}], 0x2}}], 0x1, 0x0)
socket$rds(0x15, 0x5, 0x0)
syz_80211_inject_frame(0x0, 0x0, 0x404)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_SERVICE(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="18000000", @ANYRES16=r2, @ANYBLOB="01e7000000000000000004"], 0x18}}, 0x0)

898.329849ms ago: executing program 0 (id=908):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14}, 0x14}}, 0x20040000)
unshare(0xc040400)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb010018000000005300f40c0000220c000000020000000000000000000006040000000000"], 0x0, 0x26}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={r2, 0x58, &(0x7f0000000040)}, 0x10)
r3 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r4=>0x0})
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r4}, 0x90)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'veth0\x00'}, @IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r5}]}]}, 0x40}}, 0x0)
sendmsg$kcm(r1, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1, 0x4, 0x0, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCSIFBR(r8, 0x890c, &(0x7f0000000000)=@generic={0x0, 0x2})
r9 = socket$kcm(0x29, 0x7, 0x0)
r10 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r10, 0x8932, 0x0)
getsockopt$SO_TIMESTAMP(r9, 0x1, 0x23, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
unshare(0x22020400)
r11 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x5, 0x13, 0x5, 0x7c}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@map_fd={0x18, 0x0, 0x2, 0x0, r11, 0x0, 0x0, 0x0, 0xa}]}, &(0x7f0000000000)='GPL\x00'}, 0x90)
socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000013c0)={'veth1_macvtap\x00'})
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)

799.546261ms ago: executing program 0 (id=909):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010100000000000000000100000009000100737900005c000000030a01010000000000000000010000000900010073797a300000000028000480080002400000000008000140000000051400040076657468315f746f5f626174616476000900030073797a300000000008000a4000000002140000001000010000000000000000000000000a00000000"], 0xa4}}, 0x0)
sendmsg$ETHTOOL_MSG_PAUSE_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16, @ANYBLOB="00002abd70003f000000150000003000018008000000", @ANYRES32, @ANYBLOB="14000200626f6e645f736c6176655f300000000000000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="20000180000002007866726d3000000000000000000000001400020076657468315f766c616e0000000000000c000180"], 0x70}}, 0x20000004)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(r3, 0x6, 0x1f, &(0x7f0000000380)="3e7b1c86295f0cc4f4cf9402d29db99b6e55ebdf9d262e109e2addad4f65ac5ae7cb068cd7144d354cb3f1279ef7a5dd129ed9af07ab9354e4346ac433cca3ab452e3c4ca995ec598ad418077d72f0c5ca354f0bd18475afefd3a785d8443c998d6ba70f4cb3b7e0d3e0e6f2d2e314372a42306062dd6efa295de61c93170ead163bd3437e8385360eaf72825577a03818cb2d38d302e15c391337132d979c2325168b9979f23af38de58bded7535a14e1406e89b8e5", 0xb6)
setsockopt$inet6_int(r3, 0x29, 0x43, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000020018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000100)={'veth0_to_team\x00', &(0x7f00000000c0)=@ethtool_sset_info={0x37, 0x0, 0x100000000}})
write$binfmt_script(r6, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r6, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000100)={'veth0_vlan\x00', 0x0})
r8 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r8, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e)
unshare(0x2c060000)
unshare(0x60020000)
connect$unix(r4, &(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'hsr0\x00'})

482.197767ms ago: executing program 0 (id=910):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000002000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='mm_page_alloc\x00', r5}, 0x10)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540), &(0x7f0000001240), 0x7, r4}, 0x38)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="850000002a00000084000000000000009500000000000000"], &(0x7f0000000180)='GPL\x00'}, 0x48)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000040)=r6, 0x4)
write$binfmt_misc(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="72b9800007"], 0xd)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)={0x84, r8, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1720}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1000}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}], @NL80211_ATTR_FRAME={0x50, 0x33, @probe_response={{{}, {}, @broadcast, @device_a, @from_mac=@device_b}, 0x0, @default, 0x0, @void, @void, @void, @val={0x4, 0x6}, @val={0x6, 0x2}, @val={0x2d, 0x1a}, @void, @void}}]}, 0x84}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@migrate={0xec, 0x21, 0xd39, 0x0, 0x0, {{@in, @in=@empty}}, [@migrate={0x9c, 0x11, [{@in6=@mcast1, @in=@broadcast, @in=@multicast1, @in=@dev}, {@in6=@mcast1, @in=@broadcast, @in6=@remote, @in=@remote}]}]}, 0xec}}, 0x0)

32.665695ms ago: executing program 0 (id=911):
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
unshare(0x24020400)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000280)={@val={0x0, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x0, 0x0, 0x1c, {[@window={0xb, 0x3}, @timestamp={0x5, 0x2, 0xfffe}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e)

0s ago: executing program 1 (id=912):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
socket$inet6_sctp(0xa, 0x1, 0x84)
unshare(0x22020600)
poll(0x0, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x5000, 0x4)
sendmmsg$inet(r0, &(0x7f0000001980)=[{{&(0x7f00000002c0)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}}], 0x1, 0x240080e4)
write(r0, &(0x7f0000003000)='\t', 0x1)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
socket$xdp(0x2c, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$rxrpc(0x21, 0x2, 0xa)
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r1, 0x110, 0x4, &(0x7f0000000180)=0x4, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
writev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000340)="4fc3706c842e18179fa17c8baff0defd4fa94641cddecaedb1ffc14795120bb90473b3cc8e289c94148cdf2dcbe8d2b48421750d72fbb48b34c3ec996f417b30c94b9ffc20f3bed2f218d9a4d0a7b5c5cd346aeb85e3e3b149773b2bbacc5a4ef4c07c6031775f17dd4a7102651fa4a87170317cca08c61b8c39019b875b0df28f1ec45c9c35d33e6e27fb1dd5a06576f64a9688cbda16c8827c1b527f45d01f37771edfa7f75c39ae19d7d005badba2560b35100c59e39d7ecf6d91ad928d692b6226254a4fe718b38f1b96eb439a8acb439faec6c2a7a4d3620da40c34750f97b2d4a323252009a5805493c06d516fa59c601ec57a737496a10c2eeb40169d3c204f768c63355fe331", 0x10a}], 0x1)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r5, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}, 0x2, 0x2}}, 0x26)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
connect$inet6(r6, &(0x7f0000000300)={0xa, 0x4e20, 0x2, @loopback, 0xfff}, 0x62)
close(r2)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0)
write(r7, &(0x7f0000000600)='1', 0x1)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r8, &(0x7f0000000200)=0x4, 0x12)
write$binfmt_script(r6, &(0x7f00000005c0), 0x10e)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYRESHEX], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

kernel console output (not intermixed with test programs):

.664967][ T5587] bridge0: port 3(team0) entered blocking state
[   70.671648][ T5587] bridge0: port 3(team0) entered forwarding state
[   70.775144][ T5591] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[   70.887464][ T5602] xt_bpf: check failed: parse error
[   70.965113][ T5605] netlink: 'syz.4.89': attribute type 10 has an invalid length.
[   70.991791][ T5605] team0: left allmulticast mode
[   71.012649][ T5605] team_slave_0: left allmulticast mode
[   71.029626][ T5605] team_slave_1: left allmulticast mode
[   71.042274][ T5605] team0: left promiscuous mode
[   71.054959][ T5605] team_slave_0: left promiscuous mode
[   71.092535][ T5605] team_slave_1: left promiscuous mode
[   71.099566][ T5605] bridge0: port 3(team0) entered disabled state
[   71.114251][ T5605] 8021q: adding VLAN 0 to HW filter on device team0
[   71.129504][ T5605] team0: entered promiscuous mode
[   71.134637][ T5605] team_slave_0: entered promiscuous mode
[   71.158623][ T5605] team_slave_1: entered promiscuous mode
[   71.169608][ T5605] bond0: (slave team0): Enslaving as an active interface with an up link
[   71.193274][ T5612] netlink: 'syz.4.89': attribute type 10 has an invalid length.
[   71.213369][ T5612] bond0: (slave team0): Releasing backup interface
[   71.419728][ T5612] team0: left promiscuous mode
[   71.432198][ T5612] team_slave_0: left promiscuous mode
[   71.450120][ T5612] team_slave_1: left promiscuous mode
[   71.472933][ T5612] bridge0: port 3(team0) entered blocking state
[   71.482348][ T5612] bridge0: port 3(team0) entered disabled state
[   71.493584][ T5612] team0: entered allmulticast mode
[   71.500074][ T5612] team_slave_0: entered allmulticast mode
[   71.505922][ T5612] team_slave_1: entered allmulticast mode
[   71.506152][ T5629] ieee802154 phy0 wpan0: encryption failed: -22
[   71.522236][ T5612] team0: entered promiscuous mode
[   71.535506][ T5612] team_slave_0: entered promiscuous mode
[   71.542661][ T5612] team_slave_1: entered promiscuous mode
[   71.553688][ T5611] bridge0: port 2(bridge_slave_1) entered listening state
[   71.564854][ T5626] netlink: 8 bytes leftover after parsing attributes in process `syz.2.94'.
[   71.704590][ T5631] netlink: 20 bytes leftover after parsing attributes in process `syz.0.96'.
[   71.766654][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[   71.773329][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[   71.844560][ T5641] netlink: 'syz.4.97': attribute type 10 has an invalid length.
[   71.865264][ T5641] team0: left allmulticast mode
[   71.879003][ T5641] team_slave_0: left allmulticast mode
[   71.887315][ T5641] team_slave_1: left allmulticast mode
[   71.898181][ T5641] team0: left promiscuous mode
[   71.902991][ T5641] team_slave_0: left promiscuous mode
[   71.915463][ T5641] team_slave_1: left promiscuous mode
[   71.924813][ T5641] bridge0: port 3(team0) entered disabled state
[   71.949530][ T5641] batman_adv: batadv0: Adding interface: team0
[   71.964847][ T5641] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.998364][ T5641] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   72.012664][ T5647] netlink: 'syz.4.97': attribute type 10 has an invalid length.
[   72.023061][ T5647] netlink: 2 bytes leftover after parsing attributes in process `syz.4.97'.
[   72.032473][ T5647] team0: entered promiscuous mode
[   72.038590][ T5647] team_slave_0: entered promiscuous mode
[   72.044638][ T5647] team_slave_1: entered promiscuous mode
[   72.083646][ T5647] 8021q: adding VLAN 0 to HW filter on device team0
[   72.109821][ T5647] batman_adv: batadv0: Interface activated: team0
[   72.110271][ T5641] netlink: 68 bytes leftover after parsing attributes in process `syz.4.97'.
[   72.142023][ T5647] batman_adv: batadv0: Interface deactivated: team0
[   72.192619][ T5647] batman_adv: batadv0: Removing interface: team0
[   72.227429][ T5647] bridge0: port 3(team0) entered blocking state
[   72.234002][ T5647] bridge0: port 3(team0) entered disabled state
[   72.254744][ T5647] team0: entered allmulticast mode
[   72.260842][ T5647] team_slave_0: entered allmulticast mode
[   72.275937][ T5647] team_slave_1: entered allmulticast mode
[   72.291869][ T5647] bridge0: port 3(team0) entered blocking state
[   72.298322][ T5647] bridge0: port 3(team0) entered forwarding state
[   72.604391][ T5673] FAULT_INJECTION: forcing a failure.
[   72.604391][ T5673] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   72.625436][ T5650] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[   72.649513][ T5673] CPU: 1 UID: 0 PID: 5673 Comm: syz.2.105 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[   72.659844][ T5673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   72.669921][ T5673] Call Trace:
[   72.673223][ T5673]  <TASK>
[   72.676168][ T5673]  dump_stack_lvl+0x241/0x360
[   72.680876][ T5673]  ? __pfx_dump_stack_lvl+0x10/0x10
[   72.686099][ T5673]  ? __pfx__printk+0x10/0x10
[   72.690719][ T5673]  ? __pfx_lock_release+0x10/0x10
[   72.695772][ T5673]  should_fail_ex+0x3b0/0x4e0
[   72.700484][ T5673]  _copy_from_user+0x2f/0xe0
[   72.705102][ T5673]  generic_map_update_batch+0x5ba/0x900
[   72.710690][ T5673]  ? __pfx_generic_map_update_batch+0x10/0x10
[   72.716784][ T5673]  ? __pfx_generic_map_update_batch+0x10/0x10
[   72.722876][ T5673]  bpf_map_do_batch+0x3e0/0x690
[   72.727764][ T5673]  __sys_bpf+0x377/0x810
[   72.732039][ T5673]  ? __pfx___sys_bpf+0x10/0x10
[   72.736845][ T5673]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   72.742854][ T5673]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   72.749213][ T5673]  ? do_syscall_64+0x100/0x230
[   72.754006][ T5673]  __x64_sys_bpf+0x7c/0x90
[   72.758448][ T5673]  do_syscall_64+0xf3/0x230
[   72.762984][ T5673]  ? clear_bhb_loop+0x35/0x90
[   72.767702][ T5673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.773702][ T5673] RIP: 0033:0x7f18ac1773b9
[   72.778148][ T5673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.797782][ T5673] RSP: 002b:00007f18acfd5048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   72.806228][ T5673] RAX: ffffffffffffffda RBX: 00007f18ac306058 RCX: 00007f18ac1773b9
[   72.814227][ T5673] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[   72.822315][ T5673] RBP: 00007f18acfd50a0 R08: 0000000000000000 R09: 0000000000000000
[   72.830405][ T5673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   72.838505][ T5673] R13: 000000000000006e R14: 00007f18ac306058 R15: 00007ffd76b28768
[   72.846523][ T5673]  </TASK>
[   73.328958][ T5712] netlink: 'syz.2.120': attribute type 10 has an invalid length.
[   73.375017][ T5712] batman_adv: batadv0: Adding interface: team0
[   73.384762][ T5714] netlink: 'syz.1.121': attribute type 1 has an invalid length.
[   73.398899][ T5712] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   73.477323][ T5712] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   73.549508][ T5720] netlink: 'syz.2.120': attribute type 10 has an invalid length.
[   73.583537][ T5720] team0: entered promiscuous mode
[   73.591735][ T5730] ieee802154 phy0 wpan0: encryption failed: -22
[   73.599215][ T5720] team_slave_0: entered promiscuous mode
[   73.605071][ T5720] team_slave_1: entered promiscuous mode
[   73.626794][ T5720] 8021q: adding VLAN 0 to HW filter on device team0
[   73.656133][ T5720] batman_adv: batadv0: Interface activated: team0
[   73.676294][ T5720] batman_adv: batadv0: Interface deactivated: team0
[   73.696280][ T5720] batman_adv: batadv0: Removing interface: team0
[   73.705563][ T5720] bridge0: port 3(team0) entered blocking state
[   73.712160][ T5720] bridge0: port 3(team0) entered disabled state
[   73.721022][ T5720] team0: entered allmulticast mode
[   73.732137][ T5720] team_slave_0: entered allmulticast mode
[   73.738247][ T5720] team_slave_1: entered allmulticast mode
[   73.746924][ T5720] bridge0: port 3(team0) entered blocking state
[   73.753358][ T5720] bridge0: port 3(team0) entered forwarding state
[   74.021697][ T5744] FAULT_INJECTION: forcing a failure.
[   74.021697][ T5744] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   74.070246][ T5744] CPU: 0 UID: 0 PID: 5744 Comm: syz.0.126 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[   74.080550][ T5744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   74.090634][ T5744] Call Trace:
[   74.093928][ T5744]  <TASK>
[   74.096872][ T5744]  dump_stack_lvl+0x241/0x360
[   74.101579][ T5744]  ? __pfx_dump_stack_lvl+0x10/0x10
[   74.106799][ T5744]  ? __pfx__printk+0x10/0x10
[   74.111412][ T5744]  ? __pfx_lock_release+0x10/0x10
[   74.116468][ T5744]  should_fail_ex+0x3b0/0x4e0
[   74.121179][ T5744]  _copy_from_user+0x2f/0xe0
[   74.125797][ T5744]  generic_map_update_batch+0x567/0x900
[   74.131386][ T5744]  ? __pfx_generic_map_update_batch+0x10/0x10
[   74.137483][ T5744]  ? __pfx_generic_map_update_batch+0x10/0x10
[   74.143581][ T5744]  bpf_map_do_batch+0x3e0/0x690
[   74.148466][ T5744]  __sys_bpf+0x377/0x810
[   74.152742][ T5744]  ? __pfx___sys_bpf+0x10/0x10
[   74.157552][ T5744]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   74.163564][ T5744]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   74.169924][ T5744]  ? do_syscall_64+0x100/0x230
[   74.174729][ T5744]  __x64_sys_bpf+0x7c/0x90
[   74.177610][ T5725] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[   74.179153][ T5744]  do_syscall_64+0xf3/0x230
[   74.179182][ T5744]  ? clear_bhb_loop+0x35/0x90
[   74.179208][ T5744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.200161][ T5744] RIP: 0033:0x7f8b2f3773b9
[   74.204599][ T5744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.224231][ T5744] RSP: 002b:00007f8b30104048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   74.232683][ T5744] RAX: ffffffffffffffda RBX: 00007f8b2f506058 RCX: 00007f8b2f3773b9
[   74.240687][ T5744] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[   74.248688][ T5744] RBP: 00007f8b301040a0 R08: 0000000000000000 R09: 0000000000000000
[   74.256681][ T5744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   74.264676][ T5744] R13: 000000000000006e R14: 00007f8b2f506058 R15: 00007ffc9aad40a8
[   74.272695][ T5744]  </TASK>
[   74.440000][ T5755] netlink: 'syz.4.129': attribute type 2 has an invalid length.
[   74.477067][ T5755] netlink: 'syz.4.129': attribute type 1 has an invalid length.
[   74.499372][ T5757] bridge0: port 3(team0) entered disabled state
[   74.505867][ T5757] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.514587][ T5757] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.551712][ T5761] Driver unsupported XDP return value 0 on prog  (id 46) dev N/A, expect packet loss!
[   74.619781][ T5757] netlink: 'syz.0.128': attribute type 1 has an invalid length.
[   74.648336][ T5757] netlink: 'syz.0.128': attribute type 1 has an invalid length.
[   74.688854][ T5757] bond0: option miimon: invalid value (18446744073072082944)
[   74.717398][ T5757] bond0: option miimon: allowed values 0 - 2147483647
[   74.735277][ T5765] netlink: 'syz.4.132': attribute type 1 has an invalid length.
[   75.226953][ T5784] netlink: 'syz.4.138': attribute type 10 has an invalid length.
[   75.272466][ T5782] FAULT_INJECTION: forcing a failure.
[   75.272466][ T5782] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.301209][ T5784] bridge0: port 3(team0) entered disabled state
[   75.304657][ T5782] CPU: 1 UID: 0 PID: 5782 Comm: syz.2.137 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[   75.317741][ T5782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   75.327820][ T5782] Call Trace:
[   75.331121][ T5782]  <TASK>
[   75.334152][ T5782]  dump_stack_lvl+0x241/0x360
[   75.338869][ T5782]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.344094][ T5782]  ? __pfx__printk+0x10/0x10
[   75.348705][ T5782]  ? __pfx_lock_release+0x10/0x10
[   75.353759][ T5782]  should_fail_ex+0x3b0/0x4e0
[   75.358464][ T5782]  _copy_from_user+0x2f/0xe0
[   75.363078][ T5782]  generic_map_update_batch+0x567/0x900
[   75.368655][ T5782]  ? __pfx_generic_map_update_batch+0x10/0x10
[   75.374739][ T5782]  ? __pfx_generic_map_update_batch+0x10/0x10
[   75.380807][ T5782]  bpf_map_do_batch+0x3e0/0x690
[   75.385659][ T5782]  __sys_bpf+0x377/0x810
[   75.389899][ T5782]  ? __pfx___sys_bpf+0x10/0x10
[   75.394665][ T5782]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   75.400643][ T5782]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   75.406972][ T5782]  ? do_syscall_64+0x100/0x230
[   75.411737][ T5782]  __x64_sys_bpf+0x7c/0x90
[   75.416150][ T5782]  do_syscall_64+0xf3/0x230
[   75.420654][ T5782]  ? clear_bhb_loop+0x35/0x90
[   75.425333][ T5782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.431225][ T5782] RIP: 0033:0x7f18ac1773b9
[   75.435637][ T5782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.455242][ T5782] RSP: 002b:00007f18acff6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   75.463656][ T5782] RAX: ffffffffffffffda RBX: 00007f18ac305f80 RCX: 00007f18ac1773b9
[   75.471623][ T5782] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[   75.479587][ T5782] RBP: 00007f18acff60a0 R08: 0000000000000000 R09: 0000000000000000
[   75.487550][ T5782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   75.495515][ T5782] R13: 000000000000000b R14: 00007f18ac305f80 R15: 00007ffd76b28768
[   75.503491][ T5782]  </TASK>
[   75.558145][ T5793] __nla_validate_parse: 11 callbacks suppressed
[   75.558167][ T5793] netlink: 68 bytes leftover after parsing attributes in process `syz.4.138'.
[   75.565212][ T5784] team0: left allmulticast mode
[   75.583725][ T5784] team_slave_0: left allmulticast mode
[   75.594524][ T5790] FAULT_INJECTION: forcing a failure.
[   75.594524][ T5790] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.612864][    C0] bridge0: port 2(bridge_slave_1) entered learning state
[   75.614043][    C0] bridge0: port 2(bridge_slave_1) entered learning state
[   75.619725][    C1] bridge0: port 2(bridge_slave_1) entered learning state
[   75.648950][ T5784] team_slave_1: left allmulticast mode
[   75.664908][ T5784] team0: left promiscuous mode
[   75.672182][ T5790] CPU: 0 UID: 0 PID: 5790 Comm: syz.1.139 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[   75.682466][ T5790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   75.692545][ T5790] Call Trace:
[   75.695845][ T5790]  <TASK>
[   75.698792][ T5790]  dump_stack_lvl+0x241/0x360
[   75.703503][ T5790]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.708727][ T5790]  ? __pfx__printk+0x10/0x10
[   75.713355][ T5790]  ? __pfx_lock_release+0x10/0x10
[   75.718428][ T5790]  should_fail_ex+0x3b0/0x4e0
[   75.723143][ T5790]  _copy_from_user+0x2f/0xe0
[   75.727500][ T5784] team_slave_0: left promiscuous mode
[   75.727741][ T5790]  generic_map_update_batch+0x5ba/0x900
[   75.738171][ T5784] team_slave_1: left promiscuous mode
[   75.738632][ T5790]  ? __pfx_generic_map_update_batch+0x10/0x10
[   75.738662][ T5790]  ? __pfx_generic_map_update_batch+0x10/0x10
[   75.754687][ T5784] bridge0: port 3(team0) entered disabled state
[   75.756097][ T5790]  bpf_map_do_batch+0x3e0/0x690
[   75.756134][ T5790]  __sys_bpf+0x377/0x810
[   75.771533][ T5790]  ? __pfx___sys_bpf+0x10/0x10
[   75.776337][ T5790]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   75.782360][ T5790]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   75.788721][ T5790]  ? do_syscall_64+0x100/0x230
[   75.793518][ T5790]  __x64_sys_bpf+0x7c/0x90
[   75.797961][ T5790]  do_syscall_64+0xf3/0x230
[   75.802496][ T5790]  ? clear_bhb_loop+0x35/0x90
[   75.807201][ T5790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.813121][ T5790] RIP: 0033:0x7fb8a3b773b9
[   75.817555][ T5790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.837187][ T5790] RSP: 002b:00007fb8a49f6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   75.845626][ T5790] RAX: ffffffffffffffda RBX: 00007fb8a3d06058 RCX: 00007fb8a3b773b9
[   75.853624][ T5790] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[   75.861614][ T5790] RBP: 00007fb8a49f60a0 R08: 0000000000000000 R09: 0000000000000000
[   75.869591][ T5790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   75.877567][ T5790] R13: 000000000000006e R14: 00007fb8a3d06058 R15: 00007ffda1b2db28
[   75.885566][ T5790]  </TASK>
[   75.900358][ T5784] batman_adv: batadv0: Adding interface: team0
[   75.908042][ T5784] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.941323][ T5784] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   75.952320][ T5786] netlink: 'syz.4.138': attribute type 10 has an invalid length.
[   75.963086][ T5786] netlink: 2 bytes leftover after parsing attributes in process `syz.4.138'.
[   75.982080][ T5786] team0: entered promiscuous mode
[   75.992595][ T5786] team_slave_0: entered promiscuous mode
[   76.001528][ T5786] team_slave_1: entered promiscuous mode
[   76.016688][ T5786] 8021q: adding VLAN 0 to HW filter on device team0
[   76.043074][ T5786] batman_adv: batadv0: Interface activated: team0
[   76.057513][ T5786] batman_adv: batadv0: Interface deactivated: team0
[   76.066696][ T5786] batman_adv: batadv0: Removing interface: team0
[   76.068543][ T5789] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[   76.083079][ T5786] bridge0: port 3(team0) entered blocking state
[   76.096190][ T5786] bridge0: port 3(team0) entered disabled state
[   76.106630][ T5786] team0: entered allmulticast mode
[   76.114736][ T5786] team_slave_0: entered allmulticast mode
[   76.121403][ T5786] team_slave_1: entered allmulticast mode
[   76.131949][ T5786] bridge0: port 3(team0) entered blocking state
[   76.138353][ T5786] bridge0: port 3(team0) entered forwarding state
[   76.148122][ T5794] bridge0: port 2(bridge_slave_1) entered listening state
[   76.264610][ T5806] netlink: 'syz.0.144': attribute type 27 has an invalid length.
[   76.296283][ T5803] netlink: 'syz.2.143': attribute type 14 has an invalid length.
[   76.787350][ T5853] bridge0: port 3(team0) entered disabled state
[   76.794055][ T5853] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.801718][ T5853] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.857050][ T5860] netlink: 'syz.2.151': attribute type 1 has an invalid length.
[   76.898236][    T8] cfg80211: failed to load regulatory.db
[   76.958465][ T5860] netlink: 112860 bytes leftover after parsing attributes in process `syz.2.151'.
[   77.003003][ T5868] netlink: 8 bytes leftover after parsing attributes in process `syz.4.152'.
[   77.019991][ T5869] FAULT_INJECTION: forcing a failure.
[   77.019991][ T5869] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   77.062124][ T5867] bond0: option miimon: invalid value (18446744073072082944)
[   77.078355][ T5869] CPU: 1 UID: 0 PID: 5869 Comm: syz.3.154 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[   77.088652][ T5869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   77.098728][ T5869] Call Trace:
[   77.102025][ T5869]  <TASK>
[   77.104969][ T5869]  dump_stack_lvl+0x241/0x360
[   77.109670][ T5869]  ? __pfx_dump_stack_lvl+0x10/0x10
[   77.111771][ T5867] bond0: option miimon: allowed values 0 - 2147483647
[   77.114872][ T5869]  ? __pfx__printk+0x10/0x10
[   77.126231][ T5869]  ? __pfx_lock_release+0x10/0x10
[   77.131287][ T5869]  should_fail_ex+0x3b0/0x4e0
[   77.135999][ T5869]  _copy_from_user+0x2f/0xe0
[   77.140619][ T5869]  generic_map_update_batch+0x5ba/0x900
[   77.146207][ T5869]  ? __pfx_generic_map_update_batch+0x10/0x10
[   77.152386][ T5869]  ? __pfx_generic_map_update_batch+0x10/0x10
[   77.158472][ T5869]  bpf_map_do_batch+0x3e0/0x690
[   77.163330][ T5869]  __sys_bpf+0x377/0x810
[   77.167572][ T5869]  ? __pfx___sys_bpf+0x10/0x10
[   77.172343][ T5869]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   77.178325][ T5869]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   77.184652][ T5869]  ? do_syscall_64+0x100/0x230
[   77.189416][ T5869]  __x64_sys_bpf+0x7c/0x90
[   77.193831][ T5869]  do_syscall_64+0xf3/0x230
[   77.198344][ T5869]  ? clear_bhb_loop+0x35/0x90
[   77.203044][ T5869]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.208945][ T5869] RIP: 0033:0x7f660c3773b9
[   77.213353][ T5869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.232956][ T5869] RSP: 002b:00007f660d109048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   77.241363][ T5869] RAX: ffffffffffffffda RBX: 00007f660c505f80 RCX: 00007f660c3773b9
[   77.249325][ T5869] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[   77.257295][ T5869] RBP: 00007f660d1090a0 R08: 0000000000000000 R09: 0000000000000000
[   77.265273][ T5869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   77.273239][ T5869] R13: 000000000000000b R14: 00007f660c505f80 R15: 00007ffe95dbb088
[   77.281216][ T5869]  </TASK>
[   77.702804][ T5891] team0: left allmulticast mode
[   77.719083][ T5891] team_slave_0: left allmulticast mode
[   77.724601][ T5891] team_slave_1: left allmulticast mode
[   77.751552][ T5891] team0: left promiscuous mode
[   77.756381][ T5891] team_slave_0: left promiscuous mode
[   77.818573][ T5891] team_slave_1: left promiscuous mode
[   77.824389][ T5891] bridge0: port 3(team0) entered disabled state
[   77.911658][ T5907] netlink: 68 bytes leftover after parsing attributes in process `syz.0.158'.
[   77.914024][ T5891] batman_adv: batadv0: Adding interface: team0
[   77.959995][ T5233] IPVS: starting estimator thread 0...
[   77.988664][ T5891] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.057892][ T5891] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   78.087426][ T5912] IPVS: using max 23 ests per chain, 55200 per kthread
[   78.102508][ T5896] netlink: 2 bytes leftover after parsing attributes in process `syz.0.158'.
[   78.118745][ T5896] team0: entered promiscuous mode
[   78.126136][ T5896] team_slave_0: entered promiscuous mode
[   78.152216][ T5896] team_slave_1: entered promiscuous mode
[   78.184386][ T5896] 8021q: adding VLAN 0 to HW filter on device team0
[   78.193013][ T5896] batman_adv: batadv0: Interface activated: team0
[   78.199807][ T5896] batman_adv: batadv0: Interface deactivated: team0
[   78.206711][ T5896] batman_adv: batadv0: Removing interface: team0
[   78.229501][ T5896] bridge0: port 3(team0) entered blocking state
[   78.237095][ T5896] bridge0: port 3(team0) entered disabled state
[   78.244166][ T5896] team0: entered allmulticast mode
[   78.249712][ T5896] team_slave_0: entered allmulticast mode
[   78.255720][ T5896] team_slave_1: entered allmulticast mode
[   78.279434][ T5898] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[   78.301260][ T5898] macvlan2: entered promiscuous mode
[   78.315854][ T5898] mac80211_hwsim hwsim2 wlan0: left promiscuous mode
[   78.442336][ T5903] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[   78.645525][ T5940] xt_bpf: check failed: parse error
[   78.817793][ T5949] FAULT_INJECTION: forcing a failure.
[   78.817793][ T5949] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   78.851265][ T5949] CPU: 1 UID: 0 PID: 5949 Comm: syz.3.167 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[   78.861561][ T5949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   78.871640][ T5949] Call Trace:
[   78.874943][ T5949]  <TASK>
[   78.877891][ T5949]  dump_stack_lvl+0x241/0x360
[   78.882607][ T5949]  ? __pfx_dump_stack_lvl+0x10/0x10
[   78.887836][ T5949]  ? __pfx__printk+0x10/0x10
[   78.892458][ T5949]  ? __pfx_lock_release+0x10/0x10
[   78.897526][ T5949]  should_fail_ex+0x3b0/0x4e0
[   78.902239][ T5949]  _copy_from_user+0x2f/0xe0
[   78.906856][ T5949]  generic_map_update_batch+0x567/0x900
[   78.912446][ T5949]  ? __pfx_generic_map_update_batch+0x10/0x10
[   78.918543][ T5949]  ? __pfx_generic_map_update_batch+0x10/0x10
[   78.924639][ T5949]  bpf_map_do_batch+0x3e0/0x690
[   78.929528][ T5949]  __sys_bpf+0x377/0x810
[   78.930383][ T5947] netlink: 8 bytes leftover after parsing attributes in process `syz.0.168'.
[   78.933780][ T5949]  ? __pfx___sys_bpf+0x10/0x10
[   78.947315][ T5949]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   78.953322][ T5949]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   78.959683][ T5949]  ? do_syscall_64+0x100/0x230
[   78.964476][ T5949]  __x64_sys_bpf+0x7c/0x90
[   78.968926][ T5949]  do_syscall_64+0xf3/0x230
[   78.973458][ T5949]  ? clear_bhb_loop+0x35/0x90
[   78.978167][ T5949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.984090][ T5949] RIP: 0033:0x7f660c3773b9
[   78.988534][ T5949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.008169][ T5949] RSP: 002b:00007f660d109048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   79.016621][ T5949] RAX: ffffffffffffffda RBX: 00007f660c505f80 RCX: 00007f660c3773b9
[   79.024621][ T5949] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[   79.032623][ T5949] RBP: 00007f660d1090a0 R08: 0000000000000000 R09: 0000000000000000
[   79.040620][ T5949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   79.048618][ T5949] R13: 000000000000000b R14: 00007f660c505f80 R15: 00007ffe95dbb088
[   79.056631][ T5949]  </TASK>
[   79.341444][ T5970] netlink: 12 bytes leftover after parsing attributes in process `syz.1.172'.
[   79.456801][ T5982] bridge0: port 2(bridge_slave_1) entered listening state
[   79.579678][ T5986] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   79.591368][ T5988] mac80211_hwsim hwsim7 wlan0: entered promiscuous mode
[   79.606465][ T5988] macvlan2: entered promiscuous mode
[   79.618170][ T5988] mac80211_hwsim hwsim7 wlan0: left promiscuous mode
[   79.664011][ T5990] bridge0: port 2(bridge_slave_1) entered listening state
[   79.682218][ T5977] validate_nla: 3 callbacks suppressed
[   79.682240][ T5977] netlink: 'syz.3.175': attribute type 4 has an invalid length.
[   79.739281][ T5274] IPVS: starting estimator thread 0...
[   79.745044][ T5983] netlink: 'syz.3.175': attribute type 4 has an invalid length.
[   79.833839][ T5993] IPVS: using max 20 ests per chain, 48000 per kthread
[   79.999147][ T6010] FAULT_INJECTION: forcing a failure.
[   79.999147][ T6010] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.024869][ T6013] netlink: 8 bytes leftover after parsing attributes in process `syz.2.181'.
[   80.039333][ T6010] CPU: 1 UID: 0 PID: 6010 Comm: syz.3.182 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[   80.049622][ T6010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   80.059705][ T6010] Call Trace:
[   80.062997][ T6010]  <TASK>
[   80.065940][ T6010]  dump_stack_lvl+0x241/0x360
[   80.070646][ T6010]  ? __pfx_dump_stack_lvl+0x10/0x10
[   80.075876][ T6010]  ? __pfx__printk+0x10/0x10
[   80.080495][ T6010]  ? __pfx_lock_release+0x10/0x10
[   80.085556][ T6010]  should_fail_ex+0x3b0/0x4e0
[   80.090269][ T6010]  _copy_from_user+0x2f/0xe0
[   80.094889][ T6010]  generic_map_update_batch+0x5ba/0x900
[   80.100476][ T6010]  ? __pfx_generic_map_update_batch+0x10/0x10
[   80.106569][ T6010]  ? __pfx_generic_map_update_batch+0x10/0x10
[   80.112664][ T6010]  bpf_map_do_batch+0x3e0/0x690
[   80.117550][ T6010]  __sys_bpf+0x377/0x810
[   80.121819][ T6010]  ? __pfx___sys_bpf+0x10/0x10
[   80.126616][ T6010]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   80.132619][ T6010]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   80.138979][ T6010]  ? do_syscall_64+0x100/0x230
[   80.143776][ T6010]  __x64_sys_bpf+0x7c/0x90
[   80.148216][ T6010]  do_syscall_64+0xf3/0x230
[   80.152749][ T6010]  ? clear_bhb_loop+0x35/0x90
[   80.157462][ T6010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.163384][ T6010] RIP: 0033:0x7f660c3773b9
[   80.167826][ T6010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.187458][ T6010] RSP: 002b:00007f660d109048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   80.195903][ T6010] RAX: ffffffffffffffda RBX: 00007f660c505f80 RCX: 00007f660c3773b9
[   80.203901][ T6010] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[   80.211901][ T6010] RBP: 00007f660d1090a0 R08: 0000000000000000 R09: 0000000000000000
[   80.219900][ T6010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   80.227899][ T6010] R13: 000000000000000b R14: 00007f660c505f80 R15: 00007ffe95dbb088
[   80.235916][ T6010]  </TASK>
[   80.449519][ T6034] netlink: 4 bytes leftover after parsing attributes in process `syz.0.188'.
[   80.542652][ T6036] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   80.638856][ T6045] bridge0: port 2(bridge_slave_1) entered listening state
[   80.866280][ T6057] __nla_validate_parse: 1 callbacks suppressed
[   80.866300][ T6057] netlink: 24 bytes leftover after parsing attributes in process `syz.0.196'.
[   80.936298][ T6066] netlink: 8 bytes leftover after parsing attributes in process `syz.3.195'.
[   81.143848][ T6082] netlink: 8 bytes leftover after parsing attributes in process `syz.4.197'.
[   81.416595][ T6087] FAULT_INJECTION: forcing a failure.
[   81.416595][ T6087] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.439909][ T6092] xt_bpf: check failed: parse error
[   81.480984][ T6087] CPU: 1 UID: 0 PID: 6087 Comm: syz.0.200 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[   81.491286][ T6087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   81.501355][ T6087] Call Trace:
[   81.504633][ T6087]  <TASK>
[   81.507558][ T6087]  dump_stack_lvl+0x241/0x360
[   81.512237][ T6087]  ? __pfx_dump_stack_lvl+0x10/0x10
[   81.517430][ T6087]  ? __pfx__printk+0x10/0x10
[   81.522017][ T6087]  ? __pfx_lock_release+0x10/0x10
[   81.527044][ T6087]  should_fail_ex+0x3b0/0x4e0
[   81.531728][ T6087]  _copy_from_user+0x2f/0xe0
[   81.536333][ T6087]  generic_map_update_batch+0x567/0x900
[   81.541909][ T6087]  ? __pfx_generic_map_update_batch+0x10/0x10
[   81.547985][ T6087]  ? __pfx_generic_map_update_batch+0x10/0x10
[   81.554051][ T6087]  bpf_map_do_batch+0x3e0/0x690
[   81.558906][ T6087]  __sys_bpf+0x377/0x810
[   81.563148][ T6087]  ? __pfx___sys_bpf+0x10/0x10
[   81.567917][ T6087]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   81.573900][ T6087]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   81.580227][ T6087]  ? do_syscall_64+0x100/0x230
[   81.584989][ T6087]  __x64_sys_bpf+0x7c/0x90
[   81.589407][ T6087]  do_syscall_64+0xf3/0x230
[   81.593905][ T6087]  ? clear_bhb_loop+0x35/0x90
[   81.598585][ T6087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.604478][ T6087] RIP: 0033:0x7f8b2f3773b9
[   81.608891][ T6087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.628491][ T6087] RSP: 002b:00007f8b30125048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   81.636901][ T6087] RAX: ffffffffffffffda RBX: 00007f8b2f505f80 RCX: 00007f8b2f3773b9
[   81.644867][ T6087] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[   81.652832][ T6087] RBP: 00007f8b301250a0 R08: 0000000000000000 R09: 0000000000000000
[   81.660801][ T6087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   81.668766][ T6087] R13: 000000000000000b R14: 00007f8b2f505f80 R15: 00007ffc9aad40a8
[   81.676746][ T6087]  </TASK>
[   81.741565][ T6098] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   81.886824][ T6047] netlink: 8 bytes leftover after parsing attributes in process `syz.2.191'.
[   81.892046][ T6100] syzkaller0: entered promiscuous mode
[   81.909964][ T6100] syzkaller0: entered allmulticast mode
[   81.923709][ T6103] bridge0: port 2(bridge_slave_1) entered listening state
[   82.022763][ T6108] macvlan2: entered allmulticast mode
[   82.096886][ T6111] bond0: entered promiscuous mode
[   82.105798][ T6111] bond_slave_0: entered promiscuous mode
[   82.113501][ T6111] bond_slave_1: entered promiscuous mode
[   82.274617][ T6114] 8021q: VLANs not supported on hsr0
[   82.283086][ T6124] netlink: 'syz.2.209': attribute type 21 has an invalid length.
[   82.296490][ T6124] netlink: 132 bytes leftover after parsing attributes in process `syz.2.209'.
[   82.306358][ T6125] sch_tbf: burst 0 is lower than device lo mtu (39799) !
[   83.105442][ T6136] xt_bpf: check failed: parse error
[   83.249706][ T6139] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[   83.465286][ T6143] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not security
[   83.482713][ T6153] netlink: 84 bytes leftover after parsing attributes in process `syz.1.219'.
[   83.512438][ T6154] netlink: 'syz.3.217': attribute type 1 has an invalid length.
[   83.568333][ T6154] 8021q: adding VLAN 0 to HW filter on device bond1
[   83.576065][ T6149] bridge0: port 2(bridge_slave_1) entered listening state
[   83.585996][ T6156] netlink: 52 bytes leftover after parsing attributes in process `syz.4.220'.
[   83.599537][ T6153] netlink: 84 bytes leftover after parsing attributes in process `syz.1.219'.
[   83.679226][ T6147] bond1: (slave ip6gretap1): making interface the new active one
[   83.712314][ T6147] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[   83.751547][ T6169] netlink: 20 bytes leftover after parsing attributes in process `syz.2.221'.
[   83.870551][ T6176] FAULT_INJECTION: forcing a failure.
[   83.870551][ T6176] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   83.903970][ T6176] CPU: 0 UID: 0 PID: 6176 Comm: syz.3.226 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[   83.906817][ T6178] netlink: 'syz.4.227': attribute type 3 has an invalid length.
[   83.914243][ T6176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   83.914264][ T6176] Call Trace:
[   83.914274][ T6176]  <TASK>
[   83.914283][ T6176]  dump_stack_lvl+0x241/0x360
[   83.914313][ T6176]  ? __pfx_dump_stack_lvl+0x10/0x10
[   83.914332][ T6176]  ? __pfx__printk+0x10/0x10
[   83.914352][ T6176]  ? __pfx_lock_release+0x10/0x10
[   83.914383][ T6176]  should_fail_ex+0x3b0/0x4e0
[   83.914411][ T6176]  _copy_from_user+0x2f/0xe0
[   83.914432][ T6176]  generic_map_update_batch+0x567/0x900
[   83.914468][ T6176]  ? __pfx_generic_map_update_batch+0x10/0x10
[   83.914490][ T6176]  ? __pfx_generic_map_update_batch+0x10/0x10
[   83.914508][ T6176]  bpf_map_do_batch+0x3e0/0x690
[   83.914535][ T6176]  __sys_bpf+0x377/0x810
[   83.914560][ T6176]  ? __pfx___sys_bpf+0x10/0x10
[   83.914593][ T6176]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   83.914619][ T6176]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   83.914643][ T6176]  ? do_syscall_64+0x100/0x230
[   83.914668][ T6176]  __x64_sys_bpf+0x7c/0x90
[   83.914691][ T6176]  do_syscall_64+0xf3/0x230
[   83.914711][ T6176]  ? clear_bhb_loop+0x35/0x90
[   83.914738][ T6176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.914767][ T6176] RIP: 0033:0x7f660c3773b9
[   83.914786][ T6176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.914801][ T6176] RSP: 002b:00007f660d109048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   83.914823][ T6176] RAX: ffffffffffffffda RBX: 00007f660c505f80 RCX: 00007f660c3773b9
[   83.914838][ T6176] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[   83.914851][ T6176] RBP: 00007f660d1090a0 R08: 0000000000000000 R09: 0000000000000000
[   83.914863][ T6176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   83.914875][ T6176] R13: 000000000000000b R14: 00007f660c505f80 R15: 00007ffe95dbb088
[   83.914905][ T6176]  </TASK>
[   84.135514][ T6178] netlink: 224 bytes leftover after parsing attributes in process `syz.4.227'.
[   84.597553][ T6206] bridge0: port 2(bridge_slave_1) entered listening state
[   84.757642][ T6218] warning: `syz.1.238' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   84.899059][ T6228] FAULT_INJECTION: forcing a failure.
[   84.899059][ T6228] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   84.899452][ T6229] IPVS: rr: TCP 172.20.20.170:0 - no destination available
[   84.915144][ T6228] CPU: 1 UID: 0 PID: 6228 Comm: syz.4.240 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[   84.930440][ T6228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   84.940525][ T6228] Call Trace:
[   84.943827][ T6228]  <TASK>
[   84.946769][ T6228]  dump_stack_lvl+0x241/0x360
[   84.951475][ T6228]  ? __pfx_dump_stack_lvl+0x10/0x10
[   84.956715][ T6228]  ? __pfx__printk+0x10/0x10
[   84.961431][ T6228]  ? __pfx_lock_release+0x10/0x10
[   84.966505][ T6228]  should_fail_ex+0x3b0/0x4e0
[   84.971220][ T6228]  _copy_from_user+0x2f/0xe0
[   84.975838][ T6228]  generic_map_update_batch+0x5ba/0x900
[   84.981405][ T6228]  ? __pfx_generic_map_update_batch+0x10/0x10
[   84.987505][ T6228]  ? __pfx_generic_map_update_batch+0x10/0x10
[   84.993610][ T6228]  bpf_map_do_batch+0x3e0/0x690
[   84.998506][ T6228]  __sys_bpf+0x377/0x810
[   85.002787][ T6228]  ? __pfx___sys_bpf+0x10/0x10
[   85.007610][ T6228]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   85.013625][ T6228]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   85.019978][ T6228]  ? do_syscall_64+0x100/0x230
[   85.024765][ T6228]  __x64_sys_bpf+0x7c/0x90
[   85.029211][ T6228]  do_syscall_64+0xf3/0x230
[   85.033745][ T6228]  ? clear_bhb_loop+0x35/0x90
[   85.038461][ T6228]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.044392][ T6228] RIP: 0033:0x7fe69f3773b9
[   85.048845][ T6228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.057377][ T6236] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[   85.068496][ T6228] RSP: 002b:00007fe6a00a8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   85.068530][ T6228] RAX: ffffffffffffffda RBX: 00007fe69f505f80 RCX: 00007fe69f3773b9
[   85.068543][ T6228] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[   85.068554][ T6228] RBP: 00007fe6a00a80a0 R08: 0000000000000000 R09: 0000000000000000
[   85.068565][ T6228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   85.068577][ T6228] R13: 000000000000000b R14: 00007fe69f505f80 R15: 00007ffd6464edc8
[   85.068602][ T6228]  </TASK>
[   85.293642][ T6248] bridge0: port 2(bridge_slave_1) entered listening state
[   85.462824][ T6256] netlink: 'syz.3.250': attribute type 3 has an invalid length.
[   85.606104][ T6266] netlink: 'syz.2.252': attribute type 3 has an invalid length.
[   85.885877][ T6276] bridge0: port 2(bridge_slave_1) entered listening state
[   86.050780][ T6284] FAULT_INJECTION: forcing a failure.
[   86.050780][ T6284] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   86.065570][ T6284] CPU: 0 UID: 0 PID: 6284 Comm: syz.0.257 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[   86.075861][ T6284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   86.085946][ T6284] Call Trace:
[   86.089246][ T6284]  <TASK>
[   86.092201][ T6284]  dump_stack_lvl+0x241/0x360
[   86.096919][ T6284]  ? __pfx_dump_stack_lvl+0x10/0x10
[   86.100076][ T6281] __nla_validate_parse: 8 callbacks suppressed
[   86.100091][ T6281] netlink: 132 bytes leftover after parsing attributes in process `syz.1.256'.
[   86.102210][ T6284]  ? __pfx__printk+0x10/0x10
[   86.102239][ T6284]  ? __pfx_lock_release+0x10/0x10
[   86.126963][ T6284]  should_fail_ex+0x3b0/0x4e0
[   86.131676][ T6284]  _copy_from_user+0x2f/0xe0
[   86.136290][ T6284]  generic_map_update_batch+0x567/0x900
[   86.142050][ T6284]  ? __pfx_generic_map_update_batch+0x10/0x10
[   86.148150][ T6284]  ? __pfx_generic_map_update_batch+0x10/0x10
[   86.154246][ T6284]  bpf_map_do_batch+0x3e0/0x690
[   86.159130][ T6284]  __sys_bpf+0x377/0x810
[   86.163413][ T6284]  ? __pfx___sys_bpf+0x10/0x10
[   86.168306][ T6284]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   86.174310][ T6284]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   86.180644][ T6284]  ? do_syscall_64+0x100/0x230
[   86.185411][ T6284]  __x64_sys_bpf+0x7c/0x90
[   86.189836][ T6284]  do_syscall_64+0xf3/0x230
[   86.194337][ T6284]  ? clear_bhb_loop+0x35/0x90
[   86.199019][ T6284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.204912][ T6284] RIP: 0033:0x7f8b2f3773b9
[   86.209323][ T6284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.228929][ T6284] RSP: 002b:00007f8b30125048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   86.237345][ T6284] RAX: ffffffffffffffda RBX: 00007f8b2f505f80 RCX: 00007f8b2f3773b9
[   86.245315][ T6284] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[   86.253280][ T6284] RBP: 00007f8b301250a0 R08: 0000000000000000 R09: 0000000000000000
[   86.261244][ T6284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   86.269218][ T6284] R13: 000000000000000b R14: 00007f8b2f505f80 R15: 00007ffc9aad40a8
[   86.277199][ T6284]  </TASK>
[   86.487557][ T6293] netlink: 20 bytes leftover after parsing attributes in process `syz.4.260'.
[   86.514795][ T6295] netlink: 20 bytes leftover after parsing attributes in process `syz.4.260'.
[   86.713276][ T6310] netlink: 'syz.0.265': attribute type 12 has an invalid length.
[   86.738338][ T6304] netlink: 20 bytes leftover after parsing attributes in process `syz.2.264'.
[   86.822615][ T6315] netlink: 100 bytes leftover after parsing attributes in process `syz.3.268'.
[   87.017992][ T6333] sctp: [Deprecated]: syz.1.271 (pid 6333) Use of int in max_burst socket option deprecated.
[   87.017992][ T6333] Use struct sctp_assoc_value instead
[   87.410021][ T6351] sctp: [Deprecated]: syz.4.277 (pid 6351) Use of int in max_burst socket option deprecated.
[   87.410021][ T6351] Use struct sctp_assoc_value instead
[   87.638905][ T6363] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[   87.667145][ T6370] netlink: 8 bytes leftover after parsing attributes in process `syz.3.280'.
[   87.708861][ T6367] bridge0: port 2(bridge_slave_1) entered listening state
[   87.885534][ T6375] netlink: 'syz.4.283': attribute type 10 has an invalid length.
[   87.910713][ T6375] bridge0: port 3(team0) entered disabled state
[   87.934711][ T6375] team0: left allmulticast mode
[   87.945914][ T6375] team_slave_0: left allmulticast mode
[   87.953695][ T6375] team_slave_1: left allmulticast mode
[   87.965481][ T6375] team0: left promiscuous mode
[   87.971050][ T6375] team_slave_0: left promiscuous mode
[   87.976615][ T6375] team_slave_1: left promiscuous mode
[   87.989016][ T6375] bridge0: port 3(team0) entered disabled state
[   87.998892][ T6375] team0: Cannot enslave team device to itself
[   88.005358][ T6384] bridge0: port 2(bridge_slave_1) entered listening state
[   88.081489][ T6391] sctp: [Deprecated]: syz.3.288 (pid 6391) Use of int in max_burst socket option deprecated.
[   88.081489][ T6391] Use struct sctp_assoc_value instead
[   88.115954][ T6392] netlink: 52 bytes leftover after parsing attributes in process `syz.1.289'.
[   88.124778][ T6396] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[   88.420424][ T6412] bridge0: port 2(bridge_slave_1) entered listening state
[   88.432182][ T6415] netlink: 'syz.1.293': attribute type 4 has an invalid length.
[   88.642443][ T6421] netlink: 20 bytes leftover after parsing attributes in process `syz.4.297'.
[   88.759493][ T6423] netlink: 'syz.4.298': attribute type 46 has an invalid length.
[   88.769465][ T6423] netlink: 212868 bytes leftover after parsing attributes in process `syz.4.298'.
[   89.023224][ T6433] x_tables: duplicate underflow at hook 1
[   89.046189][ T6433] unsupported nlmsg_type 40
[   89.303456][ T6450] bridge0: port 2(bridge_slave_1) entered listening state
[   89.436657][ T6457] netlink: 20 bytes leftover after parsing attributes in process `syz.0.308'.
[   89.512050][ T6459] bridge0: port 2(bridge_slave_1) entered listening state
[   89.553044][ T6464] netlink: 'syz.1.311': attribute type 46 has an invalid length.
[   89.669782][ T6473] bridge0: port 2(bridge_slave_1) entered listening state
[   90.501422][ T6509] FAULT_INJECTION: forcing a failure.
[   90.501422][ T6509] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   90.538693][ T6509] CPU: 0 UID: 0 PID: 6509 Comm: syz.1.324 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[   90.548986][ T6509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   90.559123][ T6509] Call Trace:
[   90.562414][ T6509]  <TASK>
[   90.565354][ T6509]  dump_stack_lvl+0x241/0x360
[   90.570060][ T6509]  ? __pfx_dump_stack_lvl+0x10/0x10
[   90.575263][ T6509]  ? __pfx__printk+0x10/0x10
[   90.579854][ T6509]  ? __pfx_lock_release+0x10/0x10
[   90.584886][ T6509]  should_fail_ex+0x3b0/0x4e0
[   90.589574][ T6509]  _copy_from_user+0x2f/0xe0
[   90.594168][ T6509]  generic_map_update_batch+0x5ba/0x900
[   90.599727][ T6509]  ? __pfx_generic_map_update_batch+0x10/0x10
[   90.605823][ T6509]  ? __pfx_generic_map_update_batch+0x10/0x10
[   90.611996][ T6509]  bpf_map_do_batch+0x3e0/0x690
[   90.616884][ T6509]  __sys_bpf+0x377/0x810
[   90.621141][ T6509]  ? __pfx___sys_bpf+0x10/0x10
[   90.625920][ T6509]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   90.631910][ T6509]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   90.638243][ T6509]  ? do_syscall_64+0x100/0x230
[   90.643018][ T6509]  __x64_sys_bpf+0x7c/0x90
[   90.647437][ T6509]  do_syscall_64+0xf3/0x230
[   90.651943][ T6509]  ? clear_bhb_loop+0x35/0x90
[   90.656625][ T6509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.662520][ T6509] RIP: 0033:0x7fb8a3b773b9
[   90.666933][ T6509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.686558][ T6509] RSP: 002b:00007fb8a49f6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   90.694987][ T6509] RAX: ffffffffffffffda RBX: 00007fb8a3d06058 RCX: 00007fb8a3b773b9
[   90.702961][ T6509] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[   90.710932][ T6509] RBP: 00007fb8a49f60a0 R08: 0000000000000000 R09: 0000000000000000
[   90.718915][ T6509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   90.726882][ T6509] R13: 000000000000006e R14: 00007fb8a3d06058 R15: 00007ffda1b2db28
[   90.734867][ T6509]  </TASK>
[   90.958197][    C0] bridge0: port 2(bridge_slave_1) entered learning state
[   90.958720][    C1] bridge0: port 2(bridge_slave_1) entered learning state
[   91.008250][ T6527] bridge0: port 2(bridge_slave_1) entered listening state
[   91.058616][ T6532] netlink: 'syz.3.328': attribute type 46 has an invalid length.
[   91.100779][ T6532] __nla_validate_parse: 4 callbacks suppressed
[   91.100799][ T6532] netlink: 212868 bytes leftover after parsing attributes in process `syz.3.328'.
[   91.124570][ T6528] syzkaller1: entered promiscuous mode
[   91.140516][ T6528] syzkaller1: entered allmulticast mode
[   91.276268][ T6541] bridge0: port 2(bridge_slave_1) entered listening state
[   91.353399][ T6546] netlink: 8 bytes leftover after parsing attributes in process `syz.3.335'.
[   91.375756][ T6546] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0)
[   91.393569][ T6546] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535
[   91.407045][ T6546] netlink: 36 bytes leftover after parsing attributes in process `syz.3.335'.
[   91.485125][ T6557] netlink: 20 bytes leftover after parsing attributes in process `syz.3.339'.
[   91.775137][ T6569] FAULT_INJECTION: forcing a failure.
[   91.775137][ T6569] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.796329][ T6569] CPU: 0 UID: 0 PID: 6569 Comm: syz.0.341 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[   91.806631][ T6569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   91.816698][ T6569] Call Trace:
[   91.819994][ T6569]  <TASK>
[   91.822927][ T6569]  dump_stack_lvl+0x241/0x360
[   91.827603][ T6569]  ? __pfx_dump_stack_lvl+0x10/0x10
[   91.832793][ T6569]  ? __pfx__printk+0x10/0x10
[   91.837374][ T6569]  ? __pfx_lock_release+0x10/0x10
[   91.842399][ T6569]  should_fail_ex+0x3b0/0x4e0
[   91.847099][ T6569]  _copy_from_user+0x2f/0xe0
[   91.851718][ T6569]  generic_map_update_batch+0x567/0x900
[   91.857286][ T6569]  ? __pfx_generic_map_update_batch+0x10/0x10
[   91.863357][ T6569]  ? __pfx_generic_map_update_batch+0x10/0x10
[   91.869423][ T6569]  bpf_map_do_batch+0x3e0/0x690
[   91.874280][ T6569]  __sys_bpf+0x377/0x810
[   91.878525][ T6569]  ? __pfx___sys_bpf+0x10/0x10
[   91.883297][ T6569]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   91.889283][ T6569]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   91.895610][ T6569]  ? do_syscall_64+0x100/0x230
[   91.900386][ T6569]  __x64_sys_bpf+0x7c/0x90
[   91.904808][ T6569]  do_syscall_64+0xf3/0x230
[   91.909330][ T6569]  ? clear_bhb_loop+0x35/0x90
[   91.914015][ T6569]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.919911][ T6569] RIP: 0033:0x7f8b2f3773b9
[   91.924326][ T6569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.943937][ T6569] RSP: 002b:00007f8b30104048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   91.952351][ T6569] RAX: ffffffffffffffda RBX: 00007f8b2f506058 RCX: 00007f8b2f3773b9
[   91.960322][ T6569] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[   91.968312][ T6569] RBP: 00007f8b301040a0 R08: 0000000000000000 R09: 0000000000000000
[   91.976282][ T6569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   91.984252][ T6569] R13: 000000000000006e R14: 00007f8b2f506058 R15: 00007ffc9aad40a8
[   91.992240][ T6569]  </TASK>
[   92.180428][ T6571] netlink: 'syz.0.342': attribute type 10 has an invalid length.
[   92.250148][ T6571] dummy0: entered promiscuous mode
[   92.267139][ T6571] dummy0: entered allmulticast mode
[   92.275905][ T6571] team0: Port device dummy0 added
[   92.296490][ T6577] bridge0: port 2(bridge_slave_1) entered listening state
[   92.397649][ T6579] sctp: [Deprecated]: syz.4.345 (pid 6579) Use of int in max_burst socket option deprecated.
[   92.397649][ T6579] Use struct sctp_assoc_value instead
[   92.515647][ T6581] netlink: 'syz.1.346': attribute type 46 has an invalid length.
[   92.527904][ T6581] netlink: 212868 bytes leftover after parsing attributes in process `syz.1.346'.
[   92.556448][ T6589] netlink: 52 bytes leftover after parsing attributes in process `syz.3.348'.
[   92.646070][ T6591] netlink: 20 bytes leftover after parsing attributes in process `syz.2.350'.
[   92.813265][ T6602] FAULT_INJECTION: forcing a failure.
[   92.813265][ T6602] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   92.852923][ T6602] CPU: 0 UID: 0 PID: 6602 Comm: syz.1.352 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[   92.863218][ T6602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   92.873299][ T6602] Call Trace:
[   92.876600][ T6602]  <TASK>
[   92.876927][ T6604] bridge0: port 2(bridge_slave_1) entered listening state
[   92.879532][ T6602]  dump_stack_lvl+0x241/0x360
[   92.879565][ T6602]  ? __pfx_dump_stack_lvl+0x10/0x10
[   92.879586][ T6602]  ? __pfx__printk+0x10/0x10
[   92.879608][ T6602]  ? __pfx_lock_release+0x10/0x10
[   92.879638][ T6602]  should_fail_ex+0x3b0/0x4e0
[   92.910906][ T6602]  _copy_from_user+0x2f/0xe0
[   92.915539][ T6602]  generic_map_update_batch+0x5ba/0x900
[   92.921135][ T6602]  ? __pfx_generic_map_update_batch+0x10/0x10
[   92.927246][ T6602]  ? __pfx_generic_map_update_batch+0x10/0x10
[   92.933333][ T6602]  bpf_map_do_batch+0x3e0/0x690
[   92.938185][ T6602]  __sys_bpf+0x377/0x810
[   92.942430][ T6602]  ? __pfx___sys_bpf+0x10/0x10
[   92.947199][ T6602]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   92.953195][ T6602]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   92.959536][ T6602]  ? do_syscall_64+0x100/0x230
[   92.964320][ T6602]  __x64_sys_bpf+0x7c/0x90
[   92.968751][ T6602]  do_syscall_64+0xf3/0x230
[   92.973288][ T6602]  ? clear_bhb_loop+0x35/0x90
[   92.977974][ T6602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.983870][ T6602] RIP: 0033:0x7fb8a3b773b9
[   92.988279][ T6602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.007895][ T6602] RSP: 002b:00007fb8a49f6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   93.016342][ T6602] RAX: ffffffffffffffda RBX: 00007fb8a3d06058 RCX: 00007fb8a3b773b9
[   93.024346][ T6602] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[   93.032343][ T6602] RBP: 00007fb8a49f60a0 R08: 0000000000000000 R09: 0000000000000000
[   93.040346][ T6602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   93.048343][ T6602] R13: 000000000000006e R14: 00007fb8a3d06058 R15: 00007ffda1b2db28
[   93.056360][ T6602]  </TASK>
[   93.272509][ T6621] bridge0: port 2(bridge_slave_1) entered listening state
[   93.544358][ T6630] netlink: 20 bytes leftover after parsing attributes in process `syz.4.363'.
[   93.978209][ T6650] FAULT_INJECTION: forcing a failure.
[   93.978209][ T6650] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.012001][ T6650] CPU: 1 UID: 0 PID: 6650 Comm: syz.2.367 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[   94.022309][ T6650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   94.032394][ T6650] Call Trace:
[   94.035689][ T6650]  <TASK>
[   94.038631][ T6650]  dump_stack_lvl+0x241/0x360
[   94.043340][ T6650]  ? __pfx_dump_stack_lvl+0x10/0x10
[   94.048566][ T6650]  ? __pfx__printk+0x10/0x10
[   94.053198][ T6650]  ? __pfx_lock_release+0x10/0x10
[   94.058263][ T6650]  should_fail_ex+0x3b0/0x4e0
[   94.062985][ T6650]  _copy_from_user+0x2f/0xe0
[   94.067597][ T6650]  generic_map_update_batch+0x567/0x900
[   94.073181][ T6650]  ? __pfx_generic_map_update_batch+0x10/0x10
[   94.079283][ T6650]  ? __pfx_generic_map_update_batch+0x10/0x10
[   94.085379][ T6650]  bpf_map_do_batch+0x3e0/0x690
[   94.090270][ T6650]  __sys_bpf+0x377/0x810
[   94.094547][ T6650]  ? __pfx___sys_bpf+0x10/0x10
[   94.099353][ T6650]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   94.105374][ T6650]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   94.112084][ T6650]  ? do_syscall_64+0x100/0x230
[   94.116975][ T6650]  __x64_sys_bpf+0x7c/0x90
[   94.121427][ T6650]  do_syscall_64+0xf3/0x230
[   94.125958][ T6650]  ? clear_bhb_loop+0x35/0x90
[   94.130690][ T6650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.136612][ T6650] RIP: 0033:0x7f18ac1773b9
[   94.141056][ T6650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.160772][ T6650] RSP: 002b:00007f18acfd5048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   94.169216][ T6650] RAX: ffffffffffffffda RBX: 00007f18ac306058 RCX: 00007f18ac1773b9
[   94.177218][ T6650] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[   94.185221][ T6650] RBP: 00007f18acfd50a0 R08: 0000000000000000 R09: 0000000000000000
[   94.193223][ T6650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   94.201221][ T6650] R13: 000000000000006e R14: 00007f18ac306058 R15: 00007ffd76b28768
[   94.209237][ T6650]  </TASK>
[   94.421003][ T6668] netlink: 20 bytes leftover after parsing attributes in process `syz.4.374'.
[   94.438154][ T6663] bridge0: port 2(bridge_slave_1) entered listening state
[   94.737580][ T6688] wg2: entered promiscuous mode
[   94.753598][ T6688] wg2: entered allmulticast mode
[   95.038670][ T6708] FAULT_INJECTION: forcing a failure.
[   95.038670][ T6708] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   95.065292][ T6708] CPU: 0 UID: 0 PID: 6708 Comm: syz.4.384 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[   95.075581][ T6708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   95.085642][ T6708] Call Trace:
[   95.088920][ T6708]  <TASK>
[   95.091854][ T6708]  dump_stack_lvl+0x241/0x360
[   95.096533][ T6708]  ? __pfx_dump_stack_lvl+0x10/0x10
[   95.101737][ T6708]  ? __pfx__printk+0x10/0x10
[   95.106373][ T6708]  ? __pfx_lock_release+0x10/0x10
[   95.111421][ T6708]  should_fail_ex+0x3b0/0x4e0
[   95.116106][ T6708]  _copy_from_user+0x2f/0xe0
[   95.120692][ T6708]  generic_map_update_batch+0x5ba/0x900
[   95.126253][ T6708]  ? __pfx_generic_map_update_batch+0x10/0x10
[   95.132339][ T6708]  ? __pfx_generic_map_update_batch+0x10/0x10
[   95.138407][ T6708]  bpf_map_do_batch+0x3e0/0x690
[   95.143265][ T6708]  __sys_bpf+0x377/0x810
[   95.147519][ T6708]  ? __pfx___sys_bpf+0x10/0x10
[   95.152293][ T6708]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   95.158299][ T6708]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   95.164648][ T6708]  ? do_syscall_64+0x100/0x230
[   95.169409][ T6708]  __x64_sys_bpf+0x7c/0x90
[   95.173830][ T6708]  do_syscall_64+0xf3/0x230
[   95.178358][ T6708]  ? clear_bhb_loop+0x35/0x90
[   95.183033][ T6708]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.188927][ T6708] RIP: 0033:0x7fe69f3773b9
[   95.193336][ T6708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.212949][ T6708] RSP: 002b:00007fe6a0087048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   95.221380][ T6708] RAX: ffffffffffffffda RBX: 00007fe69f506058 RCX: 00007fe69f3773b9
[   95.229352][ T6708] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[   95.237330][ T6708] RBP: 00007fe6a00870a0 R08: 0000000000000000 R09: 0000000000000000
[   95.245306][ T6708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   95.253270][ T6708] R13: 000000000000006e R14: 00007fe69f506058 R15: 00007ffd6464edc8
[   95.261255][ T6708]  </TASK>
[   95.485479][ T6717] netlink: 12 bytes leftover after parsing attributes in process `syz.4.386'.
[   95.742224][ T6723] bridge0: port 2(bridge_slave_1) entered listening state
[   96.182671][ T6739] __nla_validate_parse: 1 callbacks suppressed
[   96.182695][ T6739] netlink: 8 bytes leftover after parsing attributes in process `syz.2.395'.
[   96.353872][ T6761] netlink: 'syz.4.401': attribute type 1 has an invalid length.
[   96.438992][ T6761] sctp: [Deprecated]: syz.4.401 (pid 6761) Use of struct sctp_assoc_value in delayed_ack socket option.
[   96.438992][ T6761] Use struct sctp_sack_info instead
[   96.975452][ T6772] bridge0: port 2(bridge_slave_1) entered listening state
[   97.248204][ T6784] netlink: 12 bytes leftover after parsing attributes in process `syz.3.407'.
[   97.468615][ T6793] netlink: 48 bytes leftover after parsing attributes in process `syz.4.406'.
[   97.701433][ T6804] netlink: 8 bytes leftover after parsing attributes in process `syz.1.412'.
[   97.767777][ T6803] netlink: 8 bytes leftover after parsing attributes in process `syz.1.412'.
[   97.790295][ T6807] netlink: 8 bytes leftover after parsing attributes in process `syz.2.413'.
[   98.150879][ T6827] netlink: 'syz.2.418': attribute type 1 has an invalid length.
[   98.172913][ T6827] netlink: 9348 bytes leftover after parsing attributes in process `syz.2.418'.
[   98.176488][ T6832] netlink: 24 bytes leftover after parsing attributes in process `syz.1.419'.
[   98.366378][ T6841] netlink: 48 bytes leftover after parsing attributes in process `syz.0.421'.
[   98.605587][ T6846] syz.0.424[6846] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   98.605850][ T6846] syz.0.424[6846] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   98.722993][ T6852] netlink: 20 bytes leftover after parsing attributes in process `syz.4.427'.
[   98.842811][ T6856] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 80
[   99.496193][ T6909] bridge0: port 2(bridge_slave_1) entered listening state
[   99.686186][ T6911] netlink: 'syz.1.445': attribute type 13 has an invalid length.
[   99.695962][ T6911] syz_tun: refused to change device tx_queue_len
[   99.707951][ T6911] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[   99.801791][ T6921] netlink: 'syz.1.447': attribute type 1 has an invalid length.
[  100.382004][ T6953] pim6reg1: entered promiscuous mode
[  100.400302][ T6953] pim6reg1: entered allmulticast mode
[  100.866062][ T6992] bridge0: port 2(bridge_slave_1) entered listening state
[  100.915764][ T6995] veth1: entered promiscuous mode
[  100.938613][ T6995] bridge0: entered promiscuous mode
[  101.023562][ T7002] skbuff: bad partial csum: csum=65506/2 headroom=144 headlen=65526
[  101.261770][ T7018] __nla_validate_parse: 11 callbacks suppressed
[  101.261790][ T7018] netlink: 20 bytes leftover after parsing attributes in process `syz.3.480'.
[  101.644912][ T7042] netlink: 24 bytes leftover after parsing attributes in process `syz.2.486'.
[  101.669433][ T7046] netlink: 12 bytes leftover after parsing attributes in process `syz.0.483'.
[  101.884231][ T7061] netlink: 20 bytes leftover after parsing attributes in process `syz.4.492'.
[  102.020176][ T7067] netlink: 4 bytes leftover after parsing attributes in process `syz.2.495'.
[  102.032981][ T7067] netlink: 12 bytes leftover after parsing attributes in process `syz.2.495'.
[  102.043874][ T7067] netlink: 20 bytes leftover after parsing attributes in process `syz.2.495'.
[  102.126784][ T7073] xt_bpf: check failed: parse error
[  102.181251][ T7075] netlink: 24 bytes leftover after parsing attributes in process `syz.2.498'.
[  102.407903][ T7084] bridge0: port 2(bridge_slave_1) entered listening state
[  102.528658][ T7092] netlink: 20 bytes leftover after parsing attributes in process `syz.1.504'.
[  102.775445][ T7111] netlink: 8 bytes leftover after parsing attributes in process `syz.0.507'.
[  102.932865][ T7119] netlink: 'syz.4.512': attribute type 5 has an invalid length.
[  103.444356][ T7146] bridge0: port 2(bridge_slave_1) entered listening state
[  103.471908][ T7147] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0x5
[  103.502912][ T7149] bridge0: port 3(veth1_to_bridge) entered blocking state
[  103.516191][ T7149] bridge0: port 3(veth1_to_bridge) entered disabled state
[  103.524019][ T7149] veth1_to_bridge: entered allmulticast mode
[  103.531910][ T7149] veth1_to_bridge: entered promiscuous mode
[  103.538102][ T7149] bridge0: adding interface veth1_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  103.552153][ T7149] bridge0: port 3(veth1_to_bridge) entered blocking state
[  103.559398][ T7149] bridge0: port 3(veth1_to_bridge) entered forwarding state
[  103.598596][ T5235] Bluetooth: hci4: command tx timeout
[  103.866483][ T7162] bridge0: port 2(bridge_slave_1) entered listening state
[  104.246274][ T5226] Bluetooth: hci4: link tx timeout
[  104.252195][ T5226] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  104.263060][ T5235] Bluetooth: hci4: link tx timeout
[  104.268894][ T5235] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  104.276635][ T5235] Bluetooth: hci4: link tx timeout
[  104.282375][ T5235] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  104.291398][ T5235] Bluetooth: hci4: link tx timeout
[  104.296557][ T5235] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  104.477848][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:c2:3c:f8:74:c6:26, vlan:0)
[  104.561454][ T7183] x_tables: duplicate underflow at hook 1
[  104.835581][ T7195] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  104.966187][ T7209] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  105.110137][ T7221] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  105.269274][ T7207] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  105.425843][ T7237] xt_bpf: check failed: parse error
[  105.565850][ T7241] x_tables: duplicate underflow at hook 1
[  105.677851][ T5235] Bluetooth: hci4: command tx timeout
[  105.743278][ T7245] netlink: 'syz.0.549': attribute type 10 has an invalid length.
[  105.761961][ T7245] team0: Device veth1_macvtap failed to register rx_handler
[  106.067744][ T7258] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  106.317321][    C1] bridge0: port 2(bridge_slave_1) entered learning state
[  106.318701][    C0] bridge0: port 2(bridge_slave_1) entered learning state
[  106.723388][ T7284] __nla_validate_parse: 7 callbacks suppressed
[  106.723408][ T7284] netlink: 8 bytes leftover after parsing attributes in process `syz.0.558'.
[  106.774033][ T7285] IPv6: sit1: Disabled Multicast RS
[  106.808809][ T7285] team0: Device sit1 is of different type
[  106.963216][ T2965] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.077068][ T2965] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.252428][ T2965] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.372994][ T2965] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.433256][ T7302] netlink: 277 bytes leftover after parsing attributes in process `syz.4.563'.
[  107.597591][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  107.664297][ T2965] veth1_to_bridge: left allmulticast mode
[  107.677473][ T2965] veth1_to_bridge: left promiscuous mode
[  107.684687][ T2965] bridge0: port 3(veth1_to_bridge) entered disabled state
[  107.713911][ T2965] bridge_slave_1: left allmulticast mode
[  107.727636][ T2965] bridge_slave_1: left promiscuous mode
[  107.740037][ T2965] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.781177][ T2965] bridge_slave_0: left allmulticast mode
[  107.786882][ T2965] bridge_slave_0: left promiscuous mode
[  107.808985][ T2965] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.850043][ T5235] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  107.859940][ T5235] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  107.874808][ T5235] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  107.890465][ T5235] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  107.902225][ T5235] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  107.915797][ T5235] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  108.081283][ T2965] bond1 (unregistering): (slave ip6gretap1): Releasing active interface
[  108.313241][ T2965] bridge0 (unregistering): left promiscuous mode
[  108.494747][ T7314] syz.2.567 (7314) used greatest stack depth: 17392 bytes left
[  108.535444][ T2965] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  108.546900][ T2965] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  108.557887][ T2965] bond0 (unregistering): Released all slaves
[  108.634957][ T2965] bond1 (unregistering): Released all slaves
[  108.647996][ T2965] bond2 (unregistering): Released all slaves
[  108.661175][ T7310] netlink: 'syz.2.567': attribute type 10 has an invalid length.
[  108.685650][ T7310] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.703632][ T7310] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  108.773659][ T7335] netlink: 'syz.4.570': attribute type 2 has an invalid length.
[  108.806535][ T7337] FAULT_INJECTION: forcing a failure.
[  108.806535][ T7337] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  108.821028][ T7335] netlink: 16142 bytes leftover after parsing attributes in process `syz.4.570'.
[  108.834920][ T7337] CPU: 0 UID: 0 PID: 7337 Comm: syz.2.571 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[  108.845201][ T7337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  108.855265][ T7337] Call Trace:
[  108.858547][ T7337]  <TASK>
[  108.861476][ T7337]  dump_stack_lvl+0x241/0x360
[  108.866163][ T7337]  ? __pfx_dump_stack_lvl+0x10/0x10
[  108.871362][ T7337]  ? __pfx__printk+0x10/0x10
[  108.875950][ T7337]  ? __pfx_lock_release+0x10/0x10
[  108.880985][ T7337]  should_fail_ex+0x3b0/0x4e0
[  108.885696][ T7337]  _copy_from_user+0x2f/0xe0
[  108.890286][ T7337]  generic_map_update_batch+0x5ba/0x900
[  108.895844][ T7337]  ? __pfx_generic_map_update_batch+0x10/0x10
[  108.901918][ T7337]  ? __pfx_generic_map_update_batch+0x10/0x10
[  108.907990][ T7337]  bpf_map_do_batch+0x3e0/0x690
[  108.912850][ T7337]  __sys_bpf+0x377/0x810
[  108.917095][ T7337]  ? __pfx___sys_bpf+0x10/0x10
[  108.921873][ T7337]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  108.927861][ T7337]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  108.934195][ T7337]  ? do_syscall_64+0x100/0x230
[  108.938964][ T7337]  __x64_sys_bpf+0x7c/0x90
[  108.943386][ T7337]  do_syscall_64+0xf3/0x230
[  108.947981][ T7337]  ? clear_bhb_loop+0x35/0x90
[  108.952665][ T7337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.958644][ T7337] RIP: 0033:0x7f18ac1773b9
[  108.963058][ T7337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.982668][ T7337] RSP: 002b:00007f18acff6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  108.991098][ T7337] RAX: ffffffffffffffda RBX: 00007f18ac305f80 RCX: 00007f18ac1773b9
[  108.999077][ T7337] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[  109.007050][ T7337] RBP: 00007f18acff60a0 R08: 0000000000000000 R09: 0000000000000000
[  109.015023][ T7337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  109.023006][ T7337] R13: 000000000000000b R14: 00007f18ac305f80 R15: 00007ffd76b28768
[  109.030992][ T7337]  </TASK>
[  109.356971][ T7348] netlink: 8 bytes leftover after parsing attributes in process `syz.1.572'.
[  109.382025][ T7353] x_tables: duplicate underflow at hook 1
[  109.402132][ T7356] sctp: [Deprecated]: syz.2.577 (pid 7356) Use of int in maxseg socket option.
[  109.402132][ T7356] Use struct sctp_assoc_value instead
[  109.428499][ T7354] bridge0: port 2(bridge_slave_1) entered listening state
[  109.593420][ T7362] bridge0: port 2(bridge_slave_1) entered listening state
[  109.768714][ T7370] netlink: 32 bytes leftover after parsing attributes in process `syz.0.581'.
[  109.824912][ T2965] veth1: left promiscuous mode
[  109.869869][ T2965] hsr_slave_0: left promiscuous mode
[  109.876056][ T2965] hsr_slave_1: left promiscuous mode
[  109.882523][ T2965] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  109.890518][ T2965] batman_adv: batadv0: Removing interface: batadv_slave_0
[  109.901719][ T2965] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  109.910922][ T2965] batman_adv: batadv0: Removing interface: batadv_slave_1
[  109.926857][ T7381] netlink: 9412 bytes leftover after parsing attributes in process `syz.0.584'.
[  109.946514][ T2965] veth1_macvtap: left promiscuous mode
[  109.955699][ T2965] veth0_macvtap: left promiscuous mode
[  109.963000][ T2965] veth1_vlan: left promiscuous mode
[  109.969083][ T2965] veth0_vlan: left promiscuous mode
[  109.997382][ T5235] Bluetooth: hci4: command tx timeout
[  110.415340][ T2965] team0 (unregistering): Port device team_slave_1 removed
[  110.457011][ T2965] team0 (unregistering): Port device team_slave_0 removed
[  110.857661][ T7315] chnl_net:caif_netlink_parms(): no params data found
[  110.883697][ T7385] netlink: 'syz.0.585': attribute type 1 has an invalid length.
[  110.933762][ T7385] bond1: entered promiscuous mode
[  110.953769][ T7389] netlink: 'syz.2.586': attribute type 4 has an invalid length.
[  110.970865][ T7389] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.586'.
[  111.026259][ T7393] xt_bpf: check failed: parse error
[  111.045002][ T7385] lo: entered promiscuous mode
[  111.166839][ T7404] netlink: 8 bytes leftover after parsing attributes in process `syz.4.588'.
[  111.283706][ T7315] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.307508][ T7315] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.315848][ T7315] bridge_slave_0: entered allmulticast mode
[  111.357524][ T7315] bridge_slave_0: entered promiscuous mode
[  111.373161][ T7315] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.391092][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  111.395999][ T7315] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.436443][ T7315] bridge_slave_1: entered allmulticast mode
[  111.450024][ T7315] bridge_slave_1: entered promiscuous mode
[  111.457227][ T7413] bridge0: port 2(bridge_slave_1) entered listening state
[  111.560250][ T7315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  111.581917][ T7315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  111.595450][ T7420] netlink: 48 bytes leftover after parsing attributes in process `syz.4.595'.
[  111.607087][ T7420] netlink: 48 bytes leftover after parsing attributes in process `syz.4.595'.
[  111.723890][ T7315] team0: Port device team_slave_0 added
[  111.734845][ T2965] IPVS: stop unused estimator thread 0...
[  111.753188][ T7315] team0: Port device team_slave_1 added
[  111.838106][ T7315] batman_adv: batadv0: Adding interface: batadv_slave_0
[  111.845273][ T7315] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.871892][ T7315] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  111.886431][ T7435] bridge0: port 2(bridge_slave_1) entered listening state
[  111.903610][ T7431] netlink: 8 bytes leftover after parsing attributes in process `syz.0.597'.
[  111.913438][ T7315] batman_adv: batadv0: Adding interface: batadv_slave_1
[  111.922541][ T7315] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.951529][ T7315] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  111.974384][ T7431] netlink: 44 bytes leftover after parsing attributes in process `syz.0.597'.
[  111.983400][ T7431] netlink: 16 bytes leftover after parsing attributes in process `syz.0.597'.
[  111.994240][ T7431] bridge0: port 2(bridge_slave_1) entered listening state
[  112.072430][ T7315] hsr_slave_0: entered promiscuous mode
[  112.079832][ T5235] Bluetooth: hci4: command tx timeout
[  112.088940][ T7315] hsr_slave_1: entered promiscuous mode
[  112.374355][ T7447] netlink: 8 bytes leftover after parsing attributes in process `syz.2.604'.
[  112.516846][ T7463] bridge0: port 2(bridge_slave_1) entered listening state
[  112.680556][ T7467] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  112.688154][ T7467] IPv6: NLM_F_CREATE should be set when creating new route
[  112.695451][ T7467] IPv6: NLM_F_CREATE should be set when creating new route
[  112.717134][ T7473] netlink: 'syz.2.609': attribute type 21 has an invalid length.
[  112.737933][ T7473] netlink: 132 bytes leftover after parsing attributes in process `syz.2.609'.
[  112.782746][ T7315] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  112.821671][ T7315] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  112.844235][ T7315] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  112.876065][ T7315] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  113.099031][ T7315] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.162166][ T7315] 8021q: adding VLAN 0 to HW filter on device team0
[  113.196604][ T5274] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.203849][ T5274] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.257429][ T7500] netlink: 8 bytes leftover after parsing attributes in process `syz.4.616'.
[  113.291766][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.298978][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.453509][ T7507] bridge0: port 2(bridge_slave_1) entered listening state
[  113.514222][ T7510] bridge0: port 2(bridge_slave_1) entered listening state
[  113.835405][ T7315] 8021q: adding VLAN 0 to HW filter on device batadv0
[  113.929043][ T7315] veth0_vlan: entered promiscuous mode
[  113.955063][ T7315] veth1_vlan: entered promiscuous mode
[  114.030733][ T7315] veth0_macvtap: entered promiscuous mode
[  114.052133][ T7315] veth1_macvtap: entered promiscuous mode
[  114.087041][ T7315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  114.112563][ T7315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.122996][ T7315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  114.138462][ T7315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.148463][ T7315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  114.158893][ T5235] Bluetooth: hci4: command tx timeout
[  114.173868][ T7315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.197541][ T7315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  114.217257][ T7315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.238761][ T7315] batman_adv: batadv0: Interface activated: batadv_slave_0
[  114.267969][ T7315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  114.294018][ T7315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.314071][ T7315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  114.325229][ T7315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.335503][ T7315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  114.346964][ T7315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.356859][ T7315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  114.387289][ T7315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.409550][ T7315] batman_adv: batadv0: Interface activated: batadv_slave_1
[  114.423380][ T7548] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  114.430703][ T7548] IPv6: NLM_F_CREATE should be set when creating new route
[  114.437995][ T7548] IPv6: NLM_F_CREATE should be set when creating new route
[  114.492977][ T7559] netlink: 8 bytes leftover after parsing attributes in process `syz.1.632'.
[  114.534372][ T7315] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  114.570478][ T7315] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  114.599554][ T7315] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  114.616681][ T7315] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  114.640253][ T7568] bridge0: port 2(bridge_slave_1) entered listening state
[  114.810603][ T2965] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.834928][ T2965] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.835890][ T7575] xt_nfacct: accounting object `syz0' does not exists
[  114.882871][ T7579] xt_nfacct: accounting object `syz0' does not exists
[  114.921259][ T2965] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.936242][ T2965] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.989890][ T7584] netlink: 8 bytes leftover after parsing attributes in process `syz.0.639'.
[  115.112984][ T7586] netlink: 32 bytes leftover after parsing attributes in process `syz.4.640'.
[  115.680338][ T7629] bridge0: port 2(bridge_slave_1) entered listening state
[  115.883417][ T7636] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  115.890734][ T7636] IPv6: NLM_F_CREATE should be set when creating new route
[  115.898056][ T7636] IPv6: NLM_F_CREATE should be set when creating new route
[  116.116262][ T7654] netlink: 12 bytes leftover after parsing attributes in process `syz.0.658'.
[  116.422952][ T7670] bridge0: port 2(bridge_slave_1) entered listening state
[  116.495600][ T7677] sch_fq: defrate 0 ignored.
[  116.629081][ T7693] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744073709551613)
[  116.667522][ T7693] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647
[  116.948236][ T7715] netlink: 'syz.2.675': attribute type 2 has an invalid length.
[  116.956061][ T7715] netlink: 'syz.2.675': attribute type 1 has an invalid length.
[  116.964526][ T7715] __nla_validate_parse: 3 callbacks suppressed
[  116.964542][ T7715] netlink: 128 bytes leftover after parsing attributes in process `syz.2.675'.
[  117.159833][ T7725] macsec1: entered allmulticast mode
[  117.174883][ T7725] macvlan0: entered allmulticast mode
[  117.186635][ T7725] veth1_vlan: entered allmulticast mode
[  117.212422][ T7725] macvlan0: left allmulticast mode
[  117.221129][ T7725] veth1_vlan: left allmulticast mode
[  117.254363][ T7726] bridge0: port 2(bridge_slave_1) entered listening state
[  117.276404][ T7733] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  117.295507][ T7733] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  117.386130][ T7731] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  117.735442][ T1055] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.952197][ T7761] netlink: 28 bytes leftover after parsing attributes in process `syz.2.690'.
[  117.980031][ T7762] netlink: 28 bytes leftover after parsing attributes in process `syz.2.690'.
[  118.027688][ T7766] sch_tbf: burst 0 is lower than device lo mtu (39799) !
[  118.125704][ T7769] bridge0: port 2(bridge_slave_1) entered listening state
[  118.353259][ T7785] netlink: 24 bytes leftover after parsing attributes in process `syz.0.696'.
[  118.392987][ T7785] netlink: 32 bytes leftover after parsing attributes in process `syz.0.696'.
[  118.406079][ T5226] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  118.418663][ T5226] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  118.426571][ T5226] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  118.435082][ T5226] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  118.444736][ T5226] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  118.446595][ T7781] trusted_key: syz.1.697 sent an empty control message without MSG_MORE.
[  118.470032][ T5226] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  118.801241][ T7812] netlink: 8 bytes leftover after parsing attributes in process `syz.0.701'.
[  118.961539][ T1055] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.990530][ T7817] bridge0: port 2(bridge_slave_1) entered listening state
[  119.055921][ T7820] FAULT_INJECTION: forcing a failure.
[  119.055921][ T7820] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  119.077808][ T7820] CPU: 0 UID: 0 PID: 7820 Comm: syz.0.706 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[  119.088105][ T7820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  119.098177][ T7820] Call Trace:
[  119.101466][ T7820]  <TASK>
[  119.104529][ T7820]  dump_stack_lvl+0x241/0x360
[  119.109235][ T7820]  ? __pfx_dump_stack_lvl+0x10/0x10
[  119.114453][ T7820]  ? __pfx__printk+0x10/0x10
[  119.119071][ T7820]  ? __pfx_lock_release+0x10/0x10
[  119.124132][ T7820]  should_fail_ex+0x3b0/0x4e0
[  119.128839][ T7820]  _copy_from_user+0x2f/0xe0
[  119.133448][ T7820]  generic_map_update_batch+0x567/0x900
[  119.139030][ T7820]  ? __pfx_generic_map_update_batch+0x10/0x10
[  119.145131][ T7820]  ? __pfx_generic_map_update_batch+0x10/0x10
[  119.151220][ T7820]  bpf_map_do_batch+0x3e0/0x690
[  119.156098][ T7820]  __sys_bpf+0x377/0x810
[  119.160364][ T7820]  ? __pfx___sys_bpf+0x10/0x10
[  119.165149][ T7820]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  119.171122][ T7820]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  119.177446][ T7820]  ? do_syscall_64+0x100/0x230
[  119.182197][ T7820]  __x64_sys_bpf+0x7c/0x90
[  119.186595][ T7820]  do_syscall_64+0xf3/0x230
[  119.191087][ T7820]  ? clear_bhb_loop+0x35/0x90
[  119.195754][ T7820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.201640][ T7820] RIP: 0033:0x7f8b2f3773b9
[  119.206047][ T7820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.225657][ T7820] RSP: 002b:00007f8b30125048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  119.234080][ T7820] RAX: ffffffffffffffda RBX: 00007f8b2f505f80 RCX: 00007f8b2f3773b9
[  119.242045][ T7820] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[  119.250014][ T7820] RBP: 00007f8b301250a0 R08: 0000000000000000 R09: 0000000000000000
[  119.257970][ T7820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  119.265927][ T7820] R13: 000000000000000b R14: 00007f8b2f505f80 R15: 00007ffc9aad40a8
[  119.273897][ T7820]  </TASK>
[  119.412587][ T1055] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.454264][ T7824] bridge0: port 2(bridge_slave_1) entered listening state
[  119.553606][ T1055] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.670928][ T7787] chnl_net:caif_netlink_parms(): no params data found
[  120.059342][ T7787] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.088617][ T7787] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.123863][ T7787] bridge_slave_0: entered allmulticast mode
[  120.149209][ T7787] bridge_slave_0: entered promiscuous mode
[  120.171938][ T1055] bridge_slave_1: left allmulticast mode
[  120.186874][ T1055] bridge_slave_1: left promiscuous mode
[  120.210600][ T1055] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.249560][ T1055] bridge_slave_0: left allmulticast mode
[  120.266126][ T1055] bridge_slave_0: left promiscuous mode
[  120.282327][ T1055] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.413096][ T7877] netlink: 16 bytes leftover after parsing attributes in process `syz.1.719'.
[  120.510381][ T7880] FAULT_INJECTION: forcing a failure.
[  120.510381][ T7880] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  120.532711][ T7880] CPU: 0 UID: 0 PID: 7880 Comm: syz.4.721 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[  120.543001][ T7880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  120.553055][ T7880] Call Trace:
[  120.556327][ T7880]  <TASK>
[  120.559250][ T7880]  dump_stack_lvl+0x241/0x360
[  120.563927][ T7880]  ? __pfx_dump_stack_lvl+0x10/0x10
[  120.569121][ T7880]  ? __pfx__printk+0x10/0x10
[  120.573731][ T7880]  ? __pfx_lock_release+0x10/0x10
[  120.578775][ T7880]  should_fail_ex+0x3b0/0x4e0
[  120.583469][ T7880]  _copy_from_user+0x2f/0xe0
[  120.588062][ T7880]  generic_map_update_batch+0x5ba/0x900
[  120.593624][ T7880]  ? __pfx_generic_map_update_batch+0x10/0x10
[  120.599690][ T7880]  ? __pfx_generic_map_update_batch+0x10/0x10
[  120.605749][ T7880]  bpf_map_do_batch+0x3e0/0x690
[  120.610599][ T7880]  __sys_bpf+0x377/0x810
[  120.614840][ T7880]  ? __pfx___sys_bpf+0x10/0x10
[  120.619607][ T7880]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  120.625591][ T7880]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  120.631920][ T7880]  ? do_syscall_64+0x100/0x230
[  120.636682][ T7880]  __x64_sys_bpf+0x7c/0x90
[  120.641093][ T7880]  do_syscall_64+0xf3/0x230
[  120.645595][ T7880]  ? clear_bhb_loop+0x35/0x90
[  120.650281][ T7880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.656170][ T7880] RIP: 0033:0x7fe69f3773b9
[  120.660583][ T7880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.680192][ T7880] RSP: 002b:00007fe6a00a8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  120.688621][ T7880] RAX: ffffffffffffffda RBX: 00007fe69f505f80 RCX: 00007fe69f3773b9
[  120.696585][ T7880] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[  120.704574][ T7880] RBP: 00007fe6a00a80a0 R08: 0000000000000000 R09: 0000000000000000
[  120.712549][ T7880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  120.720519][ T7880] R13: 000000000000000b R14: 00007fe69f505f80 R15: 00007ffd6464edc8
[  120.728501][ T7880]  </TASK>
[  120.747792][ T5235] Bluetooth: hci4: command tx timeout
[  120.766513][ T7884] netlink: 20 bytes leftover after parsing attributes in process `syz.0.723'.
[  120.893184][ T7889] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.725'.
[  120.903112][ T7889] openvswitch: netlink: Multiple metadata blocks provided
[  121.097176][ T7899] netlink: 4 bytes leftover after parsing attributes in process `syz.4.727'.
[  121.164921][ T1055] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  121.177140][ T1055] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  121.192012][ T1055] bond0 (unregistering): Released all slaves
[  121.202804][ T7787] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.210346][ T7787] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.218207][ T7787] bridge_slave_1: entered allmulticast mode
[  121.226389][ T7787] bridge_slave_1: entered promiscuous mode
[  121.235777][ T7871] bridge0: port 2(bridge_slave_1) entered listening state
[  121.256307][ T7903] bridge0: port 2(bridge_slave_1) entered listening state
[  121.499899][ T7787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  121.561781][ T7787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  121.677123][ T7787] team0: Port device team_slave_0 added
[  121.677421][    C0] bridge0: port 2(bridge_slave_1) entered learning state
[  121.758565][ T1055] hsr_slave_0: left promiscuous mode
[  121.779295][ T1055] hsr_slave_1: left promiscuous mode
[  121.791812][ T1055] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  121.809164][ T1055] batman_adv: batadv0: Removing interface: batadv_slave_0
[  121.826493][ T1055] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  121.842596][ T1055] batman_adv: batadv0: Removing interface: batadv_slave_1
[  121.887731][ T1055] veth1_macvtap: left promiscuous mode
[  121.893497][ T1055] veth0_macvtap: left promiscuous mode
[  121.902476][ T1055] veth1_vlan: left promiscuous mode
[  121.910158][ T1055] veth0_vlan: left promiscuous mode
[  122.352846][ T1055] team0 (unregistering): Port device team_slave_1 removed
[  122.389271][ T1055] team0 (unregistering): Port device team_slave_0 removed
[  122.807831][ T5235] Bluetooth: hci4: command tx timeout
[  122.850535][ T7787] team0: Port device team_slave_1 added
[  122.856416][ T7919] netlink: 8 bytes leftover after parsing attributes in process `syz.2.732'.
[  122.867850][ T7933] veth0_to_hsr: entered promiscuous mode
[  122.919349][ T7944] tipc: Started in network mode
[  122.930367][ T7944] tipc: Node identity aaaaaaaaaa3, cluster identity 4711
[  122.947691][ T7944] tipc: Enabled bearer <eth:ipvlan0>, priority 0
[  123.010626][ T7948] netlink: 8 bytes leftover after parsing attributes in process `syz.2.740'.
[  123.027632][ T7932] veth0_to_hsr: left promiscuous mode
[  123.034575][ T7946] bridge0: port 2(bridge_slave_1) entered listening state
[  123.049134][ T7787] batman_adv: batadv0: Adding interface: batadv_slave_0
[  123.061342][ T7787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  123.106877][ T7787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  123.136465][ T7951] netlink: 'syz.2.740': attribute type 27 has an invalid length.
[  123.191972][ T7956] netlink: 16 bytes leftover after parsing attributes in process `syz.1.741'.
[  123.232895][ T7959] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  123.853895][ T5226] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  123.865347][ T5226] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  123.876757][ T5226] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  123.886709][ T5226] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  123.894778][ T5226] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  123.902458][ T5226] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  123.960705][ T5274] tipc: Node number set to 10136234
[  124.193288][ T7951] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  124.232213][ T7951] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  124.537974][ T7951] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.547020][ T7951] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.573678][ T7951] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.583403][ T7951] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.694572][ T7787] batman_adv: batadv0: Adding interface: batadv_slave_1
[  124.721372][ T7787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  124.777304][ T7787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  124.890678][ T5226] Bluetooth: hci4: command tx timeout
[  125.015365][ T7787] hsr_slave_0: entered promiscuous mode
[  125.027072][ T7787] hsr_slave_1: entered promiscuous mode
[  125.176699][ T7988] x_tables: duplicate underflow at hook 2
[  125.314924][ T7994] bridge0: port 2(bridge_slave_1) entered listening state
[  125.465502][ T7968] chnl_net:caif_netlink_parms(): no params data found
[  125.561809][ T7968] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.570524][ T7968] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.578129][ T7968] bridge_slave_0: entered allmulticast mode
[  125.585078][ T7968] bridge_slave_0: entered promiscuous mode
[  125.598927][ T7968] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.607508][ T7968] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.614972][ T7968] bridge_slave_1: entered allmulticast mode
[  125.622650][ T7968] bridge_slave_1: entered promiscuous mode
[  125.652386][ T7968] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  125.665576][ T7968] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  125.722916][ T7968] team0: Port device team_slave_0 added
[  125.734614][ T7968] team0: Port device team_slave_1 added
[  125.775583][ T7968] batman_adv: batadv0: Adding interface: batadv_slave_0
[  125.784689][ T7968] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  125.812547][ T7968] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  125.825535][ T7968] batman_adv: batadv0: Adding interface: batadv_slave_1
[  125.833141][ T7968] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  125.871488][ T7968] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  125.937379][ T5226] Bluetooth: hci2: command tx timeout
[  126.023642][ T8006] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  126.030012][ T7968] hsr_slave_0: entered promiscuous mode
[  126.045634][ T7968] hsr_slave_1: entered promiscuous mode
[  126.055281][ T7968] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  126.067415][ T7968] Cannot create hsr debugfs directory
[  126.076184][ T7787] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  126.131443][ T7787] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  126.145928][ T7787] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  126.186369][ T7787] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  126.304494][ T8014] netlink: 20 bytes leftover after parsing attributes in process `syz.2.756'.
[  126.382833][ T7968] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.490765][ T7968] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.533863][ T7787] 8021q: adding VLAN 0 to HW filter on device bond0
[  126.603916][ T7968] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.658206][ T7787] 8021q: adding VLAN 0 to HW filter on device team0
[  126.758862][ T7968] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.776585][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.783815][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  126.810851][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.818041][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  126.872128][ T7787] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  126.957978][ T5226] Bluetooth: hci4: command tx timeout
[  127.101782][ T8039] bridge0: port 2(bridge_slave_1) entered listening state
[  127.153514][ T8045] netlink: 8 bytes leftover after parsing attributes in process `syz.1.764'.
[  127.175398][ T7968] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  127.206008][ T7968] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  127.231513][ T7968] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  127.268515][ T7968] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  127.402108][ T7787] 8021q: adding VLAN 0 to HW filter on device batadv0
[  127.631910][ T7787] veth0_vlan: entered promiscuous mode
[  127.694178][ T7787] veth1_vlan: entered promiscuous mode
[  127.742727][ T7968] 8021q: adding VLAN 0 to HW filter on device bond0
[  127.813322][ T7968] 8021q: adding VLAN 0 to HW filter on device team0
[  127.869068][ T5224] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.876260][ T5224] bridge0: port 1(bridge_slave_0) entered forwarding state
[  127.916943][ T8064] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  127.929050][ T5276] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.936211][ T5276] bridge0: port 2(bridge_slave_1) entered forwarding state
[  127.986051][ T7787] veth0_macvtap: entered promiscuous mode
[  127.997941][ T5226] Bluetooth: hci2: command tx timeout
[  128.048574][ T7787] veth1_macvtap: entered promiscuous mode
[  128.072119][ T7787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.097906][ T7787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.116166][ T7787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.134473][ T7787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.145863][ T7787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.156490][ T7787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.169475][ T7787] batman_adv: batadv0: Interface activated: batadv_slave_0
[  128.185085][ T7787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  128.209140][ T7787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.219242][ T7787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  128.230287][ T7787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.240731][ T7787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  128.252449][ T7787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.269366][ T7787] batman_adv: batadv0: Interface activated: batadv_slave_1
[  128.317893][ T7787] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.333646][ T7787] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.348380][ T7787] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.359570][ T7787] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.372379][ T8082] netlink: 20 bytes leftover after parsing attributes in process `syz.1.775'.
[  128.484313][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.513428][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.586422][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.602430][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.668366][ T7968] 8021q: adding VLAN 0 to HW filter on device batadv0
[  128.857995][ T7968] veth0_vlan: entered promiscuous mode
[  128.885598][ T7968] veth1_vlan: entered promiscuous mode
[  128.976007][ T7968] veth0_macvtap: entered promiscuous mode
[  129.001268][ T7968] veth1_macvtap: entered promiscuous mode
[  129.054627][ T7968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  129.075678][ T7968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  129.094860][ T7968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  129.105472][ T7968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  129.118805][ T7968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  129.129588][ T7968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  129.148512][ T7968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  129.160071][ T7968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  129.182127][ T7968] batman_adv: batadv0: Interface activated: batadv_slave_0
[  129.200325][ T7968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  129.224995][ T7968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  129.236327][ T7968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  129.253333][ T7968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  129.263496][ T7968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  129.291423][ T7968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  129.304705][ T7968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  129.315946][ T7968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  129.333044][ T7968] batman_adv: batadv0: Interface activated: batadv_slave_1
[  129.362586][ T7968] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  129.372820][ T7968] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  129.409298][ T7968] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  129.421980][ T7968] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  129.557937][ T8112] netlink: 4 bytes leftover after parsing attributes in process `syz.1.784'.
[  129.648904][ T8117] netlink: 8 bytes leftover after parsing attributes in process `syz.4.786'.
[  129.663027][ T2965] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.675068][ T2965] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.710161][ T8117] netlink: 32 bytes leftover after parsing attributes in process `syz.4.786'.
[  129.714689][  T148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.727759][  T148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.751039][ T8117] netlink: 80 bytes leftover after parsing attributes in process `syz.4.786'.
[  129.948654][ T8121] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  130.079748][ T5226] Bluetooth: hci2: command tx timeout
[  130.214240][ T8137] netlink: 20 bytes leftover after parsing attributes in process `syz.0.792'.
[  130.248243][ T8137] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  130.680613][ T8150] pim6reg1: entered promiscuous mode
[  130.691836][ T8150] pim6reg1: entered allmulticast mode
[  130.723516][ T8156] Bluetooth: MGMT ver 1.23
[  130.901289][ T8167] netlink: 32 bytes leftover after parsing attributes in process `syz.4.801'.
[  131.270188][ T8185] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  131.371369][ T8189] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  131.561020][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.711342][ T8204] netlink: 32 bytes leftover after parsing attributes in process `syz.2.813'.
[  131.829922][ T8207] netlink: 20 bytes leftover after parsing attributes in process `syz.2.814'.
[  132.066716][ T5235] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  132.078874][ T5235] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  132.087894][ T5235] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  132.097132][ T5235] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  132.112211][ T5235] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  132.120141][ T5235] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  132.157981][ T5226] Bluetooth: hci2: command tx timeout
[  132.533531][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.583369][ T8217] chnl_net:caif_netlink_parms(): no params data found
[  132.636845][ T8247] netlink: 32 bytes leftover after parsing attributes in process `syz.1.824'.
[  132.752112][ T8253] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  132.784180][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.802350][ T8245] netlink: 'syz.4.823': attribute type 4 has an invalid length.
[  132.908841][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.022828][ T8217] bridge0: port 1(bridge_slave_0) entered blocking state
[  133.043102][ T8217] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.065471][ T8217] bridge_slave_0: entered allmulticast mode
[  133.091536][ T8217] bridge_slave_0: entered promiscuous mode
[  133.123265][ T8217] bridge0: port 2(bridge_slave_1) entered blocking state
[  133.143126][ T8217] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.152863][ T8217] bridge_slave_1: entered allmulticast mode
[  133.169300][ T8217] bridge_slave_1: entered promiscuous mode
[  133.201152][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  133.308282][ T8217] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  133.456115][ T8217] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  133.582759][   T12] bridge_slave_1: left allmulticast mode
[  133.594232][   T12] bridge_slave_1: left promiscuous mode
[  133.606042][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.628303][   T12] bridge_slave_0: left allmulticast mode
[  133.636719][   T12] bridge_slave_0: left promiscuous mode
[  133.645320][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.015281][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  134.026690][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  134.037874][   T12] bond0 (unregistering): Released all slaves
[  134.054923][ T8217] team0: Port device team_slave_0 added
[  134.091243][ T8217] team0: Port device team_slave_1 added
[  134.160045][ T5226] Bluetooth: hci4: command tx timeout
[  134.278191][ T8217] batman_adv: batadv0: Adding interface: batadv_slave_0
[  134.285183][ T8217] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  134.312325][ T8217] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  134.325452][ T8298] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  134.344521][ T8217] batman_adv: batadv0: Adding interface: batadv_slave_1
[  134.357421][ T8217] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  134.410728][ T8217] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  134.475014][ T8304] netlink: 4 bytes leftover after parsing attributes in process `syz.0.838'.
[  134.490257][ T8304] netlink: 12 bytes leftover after parsing attributes in process `syz.0.838'.
[  134.528109][ T8301] netlink: 'syz.1.839': attribute type 4 has an invalid length.
[  134.638134][ T8313] netlink: 108 bytes leftover after parsing attributes in process `syz.1.843'.
[  134.662512][ T8309] bridge0: port 2(bridge_slave_1) entered listening state
[  134.672163][ T8313] netlink: 4 bytes leftover after parsing attributes in process `syz.1.843'.
[  134.724606][ T8217] hsr_slave_0: entered promiscuous mode
[  134.786349][ T8217] hsr_slave_1: entered promiscuous mode
[  134.814758][ T8217] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  134.826579][ T8322] FAULT_INJECTION: forcing a failure.
[  134.826579][ T8322] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  134.829635][ T8217] Cannot create hsr debugfs directory
[  134.852178][ T8316] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  134.864533][ T8322] CPU: 0 UID: 0 PID: 8322 Comm: syz.2.847 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[  134.874821][ T8322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  134.884900][ T8322] Call Trace:
[  134.888206][ T8322]  <TASK>
[  134.891160][ T8322]  dump_stack_lvl+0x241/0x360
[  134.895880][ T8322]  ? __pfx_dump_stack_lvl+0x10/0x10
[  134.901111][ T8322]  ? __pfx__printk+0x10/0x10
[  134.905743][ T8322]  ? __pfx_lock_release+0x10/0x10
[  134.910807][ T8322]  should_fail_ex+0x3b0/0x4e0
[  134.915523][ T8322]  _copy_from_user+0x2f/0xe0
[  134.920148][ T8322]  generic_map_update_batch+0x567/0x900
[  134.925745][ T8322]  ? __pfx_generic_map_update_batch+0x10/0x10
[  134.931847][ T8322]  ? __pfx_generic_map_update_batch+0x10/0x10
[  134.937944][ T8322]  bpf_map_do_batch+0x3e0/0x690
[  134.942832][ T8322]  __sys_bpf+0x377/0x810
[  134.947112][ T8322]  ? __pfx___sys_bpf+0x10/0x10
[  134.951907][ T8322]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  134.957907][ T8322]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  134.964254][ T8322]  ? do_syscall_64+0x100/0x230
[  134.969016][ T8322]  __x64_sys_bpf+0x7c/0x90
[  134.973428][ T8322]  do_syscall_64+0xf3/0x230
[  134.977931][ T8322]  ? clear_bhb_loop+0x35/0x90
[  134.982605][ T8322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.988495][ T8322] RIP: 0033:0x7f18ac1773b9
[  134.992899][ T8322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.012500][ T8322] RSP: 002b:00007f18acff6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  135.020911][ T8322] RAX: ffffffffffffffda RBX: 00007f18ac305f80 RCX: 00007f18ac1773b9
[  135.028881][ T8322] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[  135.036841][ T8322] RBP: 00007f18acff60a0 R08: 0000000000000000 R09: 0000000000000000
[  135.044808][ T8322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  135.052772][ T8322] R13: 000000000000000b R14: 00007f18ac305f80 R15: 00007ffd76b28768
[  135.060757][ T8322]  </TASK>
[  135.084800][ T8320] netlink: 48 bytes leftover after parsing attributes in process `syz.0.845'.
[  135.223888][   T12] hsr_slave_0: left promiscuous mode
[  135.250023][   T12] hsr_slave_1: left promiscuous mode
[  135.282639][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  135.301081][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  135.325338][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  135.333051][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  135.343375][ T8343] netlink: 'syz.2.853': attribute type 10 has an invalid length.
[  135.396960][   T12] veth1_macvtap: left promiscuous mode
[  135.404173][   T12] veth0_macvtap: left promiscuous mode
[  135.418072][   T12] veth1_vlan: left promiscuous mode
[  135.423456][   T12] veth0_vlan: left promiscuous mode
[  135.564968][ T8358] Cannot find set identified by id 0 to match
[  135.867938][ T8353] atomic_op ffff88802cda2998 conn xmit_atomic 0000000000000000
[  136.144990][   T12] team0 (unregistering): Port device team_slave_1 removed
[  136.186550][   T12] team0 (unregistering): Port device team_slave_0 removed
[  136.237606][ T5226] Bluetooth: hci4: command tx timeout
[  136.584197][ T8356] netlink: 'syz.0.856': attribute type 1 has an invalid length.
[  136.610062][ T8353] netlink: 12 bytes leftover after parsing attributes in process `syz.4.855'.
[  136.637443][ T8353] netlink: 'syz.4.855': attribute type 30 has an invalid length.
[  136.829323][ T8371] netlink: 48 bytes leftover after parsing attributes in process `syz.1.859'.
[  137.037363][    C0] bridge0: port 2(bridge_slave_1) entered learning state
[  137.132654][ T8382] FAULT_INJECTION: forcing a failure.
[  137.132654][ T8382] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.159490][ T8380] netlink: 'syz.4.860': attribute type 4 has an invalid length.
[  137.168447][ T8382] CPU: 0 UID: 0 PID: 8382 Comm: syz.0.861 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[  137.178733][ T8382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  137.188816][ T8382] Call Trace:
[  137.192115][ T8382]  <TASK>
[  137.195063][ T8382]  dump_stack_lvl+0x241/0x360
[  137.199778][ T8382]  ? __pfx_dump_stack_lvl+0x10/0x10
[  137.205010][ T8382]  ? __pfx__printk+0x10/0x10
[  137.209629][ T8382]  ? __pfx_lock_release+0x10/0x10
[  137.214699][ T8382]  should_fail_ex+0x3b0/0x4e0
[  137.219417][ T8382]  _copy_from_user+0x2f/0xe0
[  137.224039][ T8382]  generic_map_update_batch+0x5ba/0x900
[  137.229626][ T8382]  ? __pfx_generic_map_update_batch+0x10/0x10
[  137.235716][ T8382]  ? __pfx_generic_map_update_batch+0x10/0x10
[  137.241784][ T8382]  bpf_map_do_batch+0x3e0/0x690
[  137.246636][ T8382]  __sys_bpf+0x377/0x810
[  137.250879][ T8382]  ? __pfx___sys_bpf+0x10/0x10
[  137.255647][ T8382]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  137.261632][ T8382]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  137.267963][ T8382]  ? do_syscall_64+0x100/0x230
[  137.272729][ T8382]  __x64_sys_bpf+0x7c/0x90
[  137.277145][ T8382]  do_syscall_64+0xf3/0x230
[  137.281649][ T8382]  ? clear_bhb_loop+0x35/0x90
[  137.286336][ T8382]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.292231][ T8382] RIP: 0033:0x7f5b48f773b9
[  137.296640][ T8382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.316245][ T8382] RSP: 002b:00007f5b49e16048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  137.324667][ T8382] RAX: ffffffffffffffda RBX: 00007f5b49105f80 RCX: 00007f5b48f773b9
[  137.332634][ T8382] RDX: 0000000000000038 RSI: 0000000020000040 RDI: 000000000000001a
[  137.340599][ T8382] RBP: 00007f5b49e160a0 R08: 0000000000000000 R09: 0000000000000000
[  137.348566][ T8382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  137.356534][ T8382] R13: 000000000000000b R14: 00007f5b49105f80 R15: 00007ffc06c09ce8
[  137.364519][ T8382]  </TASK>
[  137.598587][ T8392] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  137.609190][ T8398] netlink: 'syz.2.866': attribute type 3 has an invalid length.
[  137.656172][ T8399] netlink: 8 bytes leftover after parsing attributes in process `syz.0.863'.
[  137.686936][ T8399] gtp0: entered promiscuous mode
[  137.708527][ T8399] gtp0: entered allmulticast mode
[  137.914100][ T8217] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  137.949868][ T8217] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  137.991749][ T8217] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  138.010917][ T8217] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  138.075875][ T8408] netlink: 'syz.4.867': attribute type 10 has an invalid length.
[  138.099045][ T8409] netlink: 32 bytes leftover after parsing attributes in process `syz.0.868'.
[  138.195554][ T8412] xt_CT: You must specify a L4 protocol and not use inversions on it
[  138.224168][ T8217] 8021q: adding VLAN 0 to HW filter on device bond0
[  138.266525][ T8415] netlink: 24 bytes leftover after parsing attributes in process `syz.1.870'.
[  138.301358][ T8217] 8021q: adding VLAN 0 to HW filter on device team0
[  138.319523][ T5226] Bluetooth: hci4: command tx timeout
[  138.348561][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.355762][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.405736][ T5275] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.412949][ T5275] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.503997][ T8217] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  138.533754][ T8217] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  138.936247][ T8217] 8021q: adding VLAN 0 to HW filter on device batadv0
[  139.103796][ T8217] veth0_vlan: entered promiscuous mode
[  139.120902][ T8217] veth1_vlan: entered promiscuous mode
[  139.181141][ T8217] veth0_macvtap: entered promiscuous mode
[  139.196178][ T8217] veth1_macvtap: entered promiscuous mode
[  139.234453][ T8217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.248228][ T8443] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  139.259444][ T8217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.271056][ T8217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.292340][ T8217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.312749][ T8217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.328231][ T8217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.341741][ T8217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.353805][ T8217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.369717][ T8217] batman_adv: batadv0: Interface activated: batadv_slave_0
[  139.383180][ T8217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  139.394661][ T8217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.406770][ T8217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  139.418798][ T8217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.429056][ T8217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  139.441106][ T8217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.451272][ T8217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  139.467899][ T8217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.483398][ T8217] batman_adv: batadv0: Interface activated: batadv_slave_1
[  139.521045][ T8217] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  139.542566][ T8217] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  139.552263][ T8217] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  139.561435][ T8217] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  139.662351][ T2940] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.673100][ T2940] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.689422][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.699395][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  140.397390][ T5235] Bluetooth: hci4: command tx timeout
[  140.456540][ T8481] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  140.661499][ T8491] __nla_validate_parse: 3 callbacks suppressed
[  140.661519][ T8491] netlink: 24 bytes leftover after parsing attributes in process `syz.0.895'.
[  140.950416][ T8494] netlink: 168 bytes leftover after parsing attributes in process `syz.1.896'.
[  140.960320][ T8494] netlink: 'syz.1.896': attribute type 2 has an invalid length.
[  140.968377][ T8494] netlink: 60 bytes leftover after parsing attributes in process `syz.1.896'.
[  141.252647][ T8512] netlink: 256 bytes leftover after parsing attributes in process `syz.2.901'.
[  141.441871][ T8520] bridge0: port 2(bridge_slave_1) entered listening state
[  141.946930][ T2940] team0: left allmulticast mode
[  141.957341][ T2940] team_slave_0: left allmulticast mode
[  141.966449][ T2940] team_slave_1: left allmulticast mode
[  141.982702][ T2940] team0: left promiscuous mode
[  141.988782][ T2940] team_slave_0: left promiscuous mode
[  141.994540][ T2940] team_slave_1: left promiscuous mode
[  142.006726][ T2940] bridge0: port 3(team0) entered disabled state
[  142.014593][ T5232] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  142.029561][ T2940] bridge_slave_1: left allmulticast mode
[  142.041205][ T5232] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  142.042230][ T2940] bridge_slave_1: left promiscuous mode
[  142.054578][ T5232] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  142.056631][ T2940] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.081107][ T5232] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  142.089399][ T5232] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  142.098502][ T2940] bridge_slave_0: left allmulticast mode
[  142.104275][ T5232] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  142.111628][ T2940] bridge_slave_0: left promiscuous mode
[  142.117451][ T2940] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.420912][ T2940] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  142.431842][ T2940] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  142.442726][ T2940] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  142.452165][ T2940] bond0 (unregistering): Released all slaves
[  142.478195][ T5232] Bluetooth: hci4: command 0x0405 tx timeout
[  142.598434][ T8451] Bluetooth: hci4: Opcode 0x0401 failed: -4
[  142.605460][ T8451] ------------[ cut here ]------------
[  142.611177][ T8451] ODEBUG: free active (active state 0) object: ffff88807559c978 object type: timer_list hint: hci_cmd_timeout+0x0/0x1e0
[  142.656530][ T8451] WARNING: CPU: 0 PID: 8451 at lib/debugobjects.c:518 debug_print_object+0x17a/0x1f0
[  142.666482][ T8451] Modules linked in:
[  142.670482][ T8451] CPU: 0 UID: 0 PID: 8451 Comm: syz.4.882 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[  142.680816][ T8451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  142.691497][ T8451] RIP: 0010:debug_print_object+0x17a/0x1f0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  142.697933][ T8451] Code: e8 eb 03 43 fd 4c 8b 0b 48 c7 c7 e0 72 60 8c 48 8b 74 24 08 48 89 ea 44 89 e1 4d 89 f8 ff 34 24 e8 9b d9 9d fc 48 83 c4 08 90 <0f> 0b 90 90 ff 05 0c 16 60 0b 48 83 c4 10 5b 41 5c 41 5d 41 5e 41
[  142.717737][ T8451] RSP: 0018:ffffc90003767838 EFLAGS: 00010282
[  142.724323][ T8451] RAX: 01de7cc20743e300 RBX: ffffffff8c0cc480 RCX: 0000000000040000
[  142.732438][ T8451] RDX: ffffc90009c89000 RSI: 000000000000cd96 RDI: 000000000000cd97
[  142.740599][ T8451] RBP: ffffffff8c607460 R08: ffffffff81559432 R09: fffffbfff1cf9f88
[  142.749843][ T8451] R10: dffffc0000000000 R11: fffffbfff1cf9f88 R12: 0000000000000000
[  142.757900][ T8451] R13: ffffffff8c607378 R14: dffffc0000000000 R15: ffff88807559c978
[  142.765907][ T8451] FS:  00007fe6a00a86c0(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000
[  142.774933][ T8451] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  142.781681][ T8451] CR2: 0000001b32414ff8 CR3: 0000000064c52000 CR4: 00000000003506f0
[  142.790272][ T8451] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  142.798855][ T8451] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  142.806880][ T8451] Call Trace:
[  142.813554][ T8451]  <TASK>
[  142.816517][ T8451]  ? __warn+0x163/0x4e0
[  142.820763][ T8451]  ? debug_print_object+0x17a/0x1f0
[  142.826442][ T8451]  ? report_bug+0x2b3/0x500
[  142.831022][ T8451]  ? debug_print_object+0x17a/0x1f0
[  142.836267][ T8451]  ? handle_bug+0x3e/0x70
[  142.840743][ T8451]  ? exc_invalid_op+0x1a/0x50
[  142.845451][ T8451]  ? asm_exc_invalid_op+0x1a/0x20
[  142.850592][ T8451]  ? __warn_printk+0x292/0x360
[  142.855382][ T8451]  ? debug_print_object+0x17a/0x1f0
[  142.860654][ T8451]  ? __pfx_hci_cmd_timeout+0x10/0x10
[  142.865964][ T8451]  ? __pfx_hci_cmd_timeout+0x10/0x10
[  142.871417][ T8451]  debug_check_no_obj_freed+0x45b/0x580
[  142.877001][ T8451]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  142.883253][ T8451]  ? lockdep_hardirqs_on+0x99/0x150
[  142.888531][ T8451]  ? hci_release_dev+0x1525/0x16b0
[  142.894264][ T8451]  kfree+0x10f/0x360
[  142.898809][ T8451]  hci_release_dev+0x1525/0x16b0
[  142.903785][ T8451]  ? devres_release_all+0x1eb/0x250
[  142.909092][ T8451]  ? __pfx_hci_release_dev+0x10/0x10
[  142.914407][ T8451]  ? rcu_is_watching+0x15/0xb0
[  142.919241][ T8451]  ? device_release+0x66/0x1c0
[  142.924030][ T8451]  bt_host_release+0x83/0x90
[  142.928702][ T8451]  ? __pfx_bt_host_release+0x10/0x10
[  142.934007][ T8451]  device_release+0x99/0x1c0
[  142.938658][ T8451]  kobject_put+0x22f/0x480
[  142.943098][ T8451]  hci_inquiry+0x21a/0x810
[  142.947561][ T8451]  ? do_raw_spin_unlock+0x13c/0x8b0
[  142.952781][ T8451]  ? __pfx_hci_inquiry+0x10/0x10
[  142.957824][ T8451]  ? hci_sock_ioctl+0x55e/0xa40
[  142.962700][ T8451]  sock_do_ioctl+0x158/0x460
[  142.967351][ T8451]  ? __pfx_sock_do_ioctl+0x10/0x10
[  142.972498][ T8451]  sock_ioctl+0x629/0x8e0
[  142.976845][ T8451]  ? __pfx_sock_ioctl+0x10/0x10
[  142.981750][ T8451]  ? __fget_files+0x29/0x470
[  142.986370][ T8451]  ? __fget_files+0x3f6/0x470
[  142.991134][ T8451]  ? __fget_files+0x29/0x470
[  142.996342][ T8451]  ? bpf_lsm_file_ioctl+0x9/0x10
[  143.001840][ T8451]  ? security_file_ioctl+0x87/0xb0
[  143.006982][ T8451]  ? __pfx_sock_ioctl+0x10/0x10
[  143.011916][ T8451]  __se_sys_ioctl+0xfc/0x170
[  143.016536][ T8451]  do_syscall_64+0xf3/0x230
[  143.021123][ T8451]  ? clear_bhb_loop+0x35/0x90
[  143.025836][ T8451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.031822][ T8451] RIP: 0033:0x7fe69f3773b9
[  143.036253][ T8451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.056058][ T8451] RSP: 002b:00007fe6a00a8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  143.064602][ T8451] RAX: ffffffffffffffda RBX: 00007fe69f505f80 RCX: 00007fe69f3773b9
[  143.072631][ T8451] RDX: 0000000020000080 RSI: 00000000800448f0 RDI: 0000000000000004
[  143.080674][ T8451] RBP: 00007fe69f3e48e6 R08: 0000000000000000 R09: 0000000000000000
[  143.088755][ T8451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  143.097330][ T8451] R13: 000000000000000b R14: 00007fe69f505f80 R15: 00007ffd6464edc8
[  143.105840][ T8451]  </TASK>
[  143.108927][ T8451] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  143.116210][ T8451] CPU: 0 UID: 0 PID: 8451 Comm: syz.4.882 Not tainted 6.10.0-syzkaller-12642-gb9e7fc0aeda7 #0
[  143.126446][ T8451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  143.136496][ T8451] Call Trace:
[  143.139769][ T8451]  <TASK>
[  143.142694][ T8451]  dump_stack_lvl+0x241/0x360
[  143.147375][ T8451]  ? __pfx_dump_stack_lvl+0x10/0x10
[  143.152569][ T8451]  ? __pfx__printk+0x10/0x10
[  143.157155][ T8451]  ? _printk+0xd5/0x120
[  143.161311][ T8451]  ? vscnprintf+0x5d/0x90
[  143.165639][ T8451]  panic+0x349/0x860
[  143.169531][ T8451]  ? __warn+0x172/0x4e0
[  143.173683][ T8451]  ? __pfx_panic+0x10/0x10
[  143.178090][ T8451]  ? show_trace_log_lvl+0x4e6/0x520
[  143.183304][ T8451]  __warn+0x346/0x4e0
[  143.187284][ T8451]  ? debug_print_object+0x17a/0x1f0
[  143.192488][ T8451]  report_bug+0x2b3/0x500
[  143.196813][ T8451]  ? debug_print_object+0x17a/0x1f0
[  143.202015][ T8451]  handle_bug+0x3e/0x70
[  143.206171][ T8451]  exc_invalid_op+0x1a/0x50
[  143.210673][ T8451]  asm_exc_invalid_op+0x1a/0x20
[  143.215523][ T8451] RIP: 0010:debug_print_object+0x17a/0x1f0
[  143.221329][ T8451] Code: e8 eb 03 43 fd 4c 8b 0b 48 c7 c7 e0 72 60 8c 48 8b 74 24 08 48 89 ea 44 89 e1 4d 89 f8 ff 34 24 e8 9b d9 9d fc 48 83 c4 08 90 <0f> 0b 90 90 ff 05 0c 16 60 0b 48 83 c4 10 5b 41 5c 41 5d 41 5e 41
[  143.240934][ T8451] RSP: 0018:ffffc90003767838 EFLAGS: 00010282
[  143.247001][ T8451] RAX: 01de7cc20743e300 RBX: ffffffff8c0cc480 RCX: 0000000000040000
[  143.254965][ T8451] RDX: ffffc90009c89000 RSI: 000000000000cd96 RDI: 000000000000cd97
[  143.262929][ T8451] RBP: ffffffff8c607460 R08: ffffffff81559432 R09: fffffbfff1cf9f88
[  143.270894][ T8451] R10: dffffc0000000000 R11: fffffbfff1cf9f88 R12: 0000000000000000
[  143.278863][ T8451] R13: ffffffff8c607378 R14: dffffc0000000000 R15: ffff88807559c978
[  143.286844][ T8451]  ? __warn_printk+0x292/0x360
[  143.291611][ T8451]  ? __pfx_hci_cmd_timeout+0x10/0x10
[  143.296892][ T8451]  ? __pfx_hci_cmd_timeout+0x10/0x10
[  143.302179][ T8451]  debug_check_no_obj_freed+0x45b/0x580
[  143.307739][ T8451]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  143.313811][ T8451]  ? lockdep_hardirqs_on+0x99/0x150
[  143.319009][ T8451]  ? hci_release_dev+0x1525/0x16b0
[  143.324123][ T8451]  kfree+0x10f/0x360
[  143.328024][ T8451]  hci_release_dev+0x1525/0x16b0
[  143.332964][ T8451]  ? devres_release_all+0x1eb/0x250
[  143.338166][ T8451]  ? __pfx_hci_release_dev+0x10/0x10
[  143.343452][ T8451]  ? rcu_is_watching+0x15/0xb0
[  143.348216][ T8451]  ? device_release+0x66/0x1c0
[  143.352975][ T8451]  bt_host_release+0x83/0x90
[  143.357561][ T8451]  ? __pfx_bt_host_release+0x10/0x10
[  143.362847][ T8451]  device_release+0x99/0x1c0
[  143.367432][ T8451]  kobject_put+0x22f/0x480
[  143.371850][ T8451]  hci_inquiry+0x21a/0x810
[  143.376266][ T8451]  ? do_raw_spin_unlock+0x13c/0x8b0
[  143.381462][ T8451]  ? __pfx_hci_inquiry+0x10/0x10
[  143.386394][ T8451]  ? hci_sock_ioctl+0x55e/0xa40
[  143.391244][ T8451]  sock_do_ioctl+0x158/0x460
[  143.395834][ T8451]  ? __pfx_sock_do_ioctl+0x10/0x10
[  143.400955][ T8451]  sock_ioctl+0x629/0x8e0
[  143.405284][ T8451]  ? __pfx_sock_ioctl+0x10/0x10
[  143.410135][ T8451]  ? __fget_files+0x29/0x470
[  143.414726][ T8451]  ? __fget_files+0x3f6/0x470
[  143.419398][ T8451]  ? __fget_files+0x29/0x470
[  143.423990][ T8451]  ? bpf_lsm_file_ioctl+0x9/0x10
[  143.428930][ T8451]  ? security_file_ioctl+0x87/0xb0
[  143.434045][ T8451]  ? __pfx_sock_ioctl+0x10/0x10
[  143.438897][ T8451]  __se_sys_ioctl+0xfc/0x170
[  143.443492][ T8451]  do_syscall_64+0xf3/0x230
[  143.447993][ T8451]  ? clear_bhb_loop+0x35/0x90
[  143.452672][ T8451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.458561][ T8451] RIP: 0033:0x7fe69f3773b9
[  143.462970][ T8451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.482574][ T8451] RSP: 002b:00007fe6a00a8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  143.491011][ T8451] RAX: ffffffffffffffda RBX: 00007fe69f505f80 RCX: 00007fe69f3773b9
[  143.499011][ T8451] RDX: 0000000020000080 RSI: 00000000800448f0 RDI: 0000000000000004
[  143.506989][ T8451] RBP: 00007fe69f3e48e6 R08: 0000000000000000 R09: 0000000000000000
[  143.514958][ T8451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  143.522940][ T8451] R13: 000000000000000b R14: 00007fe69f505f80 R15: 00007ffd6464edc8
[  143.530928][ T8451]  </TASK>
[  143.534160][ T8451] Kernel Offset: disabled
[  143.538488][ T8451] Rebooting in 86400 seconds..