last executing test programs:

1m7.452469721s ago: executing program 1 (id=447):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x40000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x4, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0xa)
sendmsg$nl_route_sched(r2, &(0x7f0000006280)={0x0, 0xa0003b40, &(0x7f00000000c0)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{}, 0x2, r4}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
r5 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r5, &(0x7f00000000c0)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000007000000890704e068000000110000000000000000dbc790ad000000fc000000000000001400000000000000000000000200000004000000000000001c"], 0x68}, 0x0)

56.658172601s ago: executing program 1 (id=447):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x40000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x4, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0xa)
sendmsg$nl_route_sched(r2, &(0x7f0000006280)={0x0, 0xa0003b40, &(0x7f00000000c0)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{}, 0x2, r4}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
r5 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r5, &(0x7f00000000c0)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000007000000890704e068000000110000000000000000dbc790ad000000fc000000000000001400000000000000000000000200000004000000000000001c"], 0x68}, 0x0)

45.564377658s ago: executing program 1 (id=447):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x40000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x4, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0xa)
sendmsg$nl_route_sched(r2, &(0x7f0000006280)={0x0, 0xa0003b40, &(0x7f00000000c0)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{}, 0x2, r4}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
r5 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r5, &(0x7f00000000c0)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000007000000890704e068000000110000000000000000dbc790ad000000fc000000000000001400000000000000000000000200000004000000000000001c"], 0x68}, 0x0)

30.874048533s ago: executing program 1 (id=447):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x40000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x4, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0xa)
sendmsg$nl_route_sched(r2, &(0x7f0000006280)={0x0, 0xa0003b40, &(0x7f00000000c0)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{}, 0x2, r4}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
r5 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r5, &(0x7f00000000c0)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000007000000890704e068000000110000000000000000dbc790ad000000fc000000000000001400000000000000000000000200000004000000000000001c"], 0x68}, 0x0)

17.617674698s ago: executing program 1 (id=447):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x40000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x4, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0xa)
sendmsg$nl_route_sched(r2, &(0x7f0000006280)={0x0, 0xa0003b40, &(0x7f00000000c0)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{}, 0x2, r4}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
r5 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r5, &(0x7f00000000c0)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000007000000890704e068000000110000000000000000dbc790ad000000fc000000000000001400000000000000000000000200000004000000000000001c"], 0x68}, 0x0)

6.301003123s ago: executing program 1 (id=447):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x40000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x4, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0xa)
sendmsg$nl_route_sched(r2, &(0x7f0000006280)={0x0, 0xa0003b40, &(0x7f00000000c0)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{}, 0x2, r4}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
r5 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r5, &(0x7f00000000c0)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000007000000890704e068000000110000000000000000dbc790ad000000fc000000000000001400000000000000000000000200000004000000000000001c"], 0x68}, 0x0)

4.101582916s ago: executing program 2 (id=1166):
r0 = socket$netlink(0x10, 0x3, 0x0)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000480)="3900000013000318680d07070000000f1801ff3f04000000170a001700000000040037000d00400001312564aa58b9a64411f6bbf44dc48f57", 0x39}], 0x1)
r1 = socket(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @remote, 0x34}]}, &(0x7f0000002100)=0x10)
setsockopt$inet6_mreq(r1, 0x29, 0x1c, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x3, 0x0, 0x0, {0x3}}, @NFT_MSG_NEWCHAIN={0x4c, 0x3, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x4}, @NFTA_CHAIN_COUNTERS={0x1c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc}, @NFTA_COUNTER_BYTES={0xc}]}]}], {0x14}}, 0x88}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[], 0xcc}}, 0x0)

3.456302686s ago: executing program 0 (id=1174):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x3, 0x0, 0x0, {0x3}}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x4}, @NFTA_CHAIN_COUNTERS={0x4}]}], {0x14}}, 0x70}}, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x73, 0x11, 0x41}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r2}, 0x10)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8)
close(r4)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={r1, 0x0, 0x0}, 0x10)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @random="ff0feef6177a", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0xffff, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x0, 0x0, 0x0, 0x3}}}}}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[], 0xcc}}, 0x0)

3.116962711s ago: executing program 2 (id=1177):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x2, 0xe}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}, @TCA_RATE={0x6, 0x5, {0x8, 0x7}}]}, 0x3c}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
unshare(0x40600)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000680)={0x0, r0}, 0x8)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0x16, 0x0, 0x8, 0xfffe, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r3, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_RTHDR(r5, 0x29, 0x39, &(0x7f0000000500)={0x1, 0x0, 0x0, 0x50}, 0x8)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x1, r4}, 0x38)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x40000)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180800001bc81a000000000000001e00851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x3c, 0x72, &(0x7f0000000040)="976d9023d56482cd284a63da539706d7009be646625bd75b025352ebe557df463106baeed6c2d75549b140f143fb8bb67bfe5b308b8d05758115c7ad", &(0x7f0000000180)=""/114, 0x0, 0x0, 0x0, 0x90, 0x0, &(0x7f0000000280)="bf049fd184f7b03c21d9bcddc4eef9ebb6a0da3eb91c56454e873dd7336ccf21a1eeb8da7adf80d6e06ef46c7f36222fadaed2103c286468b3f44adee51445bd1bedf8fcc1c0b9fdc8b3829b1bf0c9d2d409cdecb12ad033e299c029331993ae9760345bf7feb91ee96b0eee19454ad3dbce5019b68c114ff1921a9b4665744c7784ac6736101a70592d83c448a84c31", 0x0, 0x8000}, 0x50)
r8 = socket$inet6(0xa, 0x3, 0x87)
setsockopt$inet6_IPV6_XFRM_POLICY(r8, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@empty, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x1000000000, 0x53e5, 0x20}, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x32}, 0x2, @in6=@private0, 0x3502, 0x1, 0x0, 0x0, 0x0, 0xfffffffd}}, 0xe8)
sendmsg$nl_xfrm(r7, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1010}, 0x84)

2.420048391s ago: executing program 0 (id=1179):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000080)=ANY=[@ANYBLOB="400e0000", @ANYBLOB="cf0400000000000000001300", @ANYBLOB="0400130006001200000000000600b500850100000a0006"], 0x40}}, 0x0)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="140100001f00f9ffff7f00000000000001"], 0x114}], 0x1}, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
connect$pppl2tp(r2, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
writev(r2, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1)
sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x44, 0xb, 0x6, 0x801, 0x0, 0x0, {0x6, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @loopback}}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x44}}, 0x4800)

2.319004288s ago: executing program 0 (id=1181):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x34, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x800)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB], 0x34}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2.159017234s ago: executing program 4 (id=1184):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x34, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x800)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x34}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.627115079s ago: executing program 0 (id=1185):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x34, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x800)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32=r1, @ANYBLOB], 0x34}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.575800782s ago: executing program 2 (id=1186):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000009500b400000000"], &(0x7f0000000000)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r1}, 0x10)
getsockopt$IP_VS_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x481, &(0x7f0000000380), &(0x7f00000003c0)=0xc) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)={0x30, 0x3, 0x8, 0x301, 0x0, 0x0, {}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x84}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_COOKIE_ECHOED={0x8}, @CTA_TIMEOUT_SCTP_COOKIE_WAIT={0x8}]}]}, 0x30}}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000007c0)={0xac, r3, 0x400, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7, 0x18}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x17b}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x188}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x15}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x20}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}], @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0xd7}, @chandef_params, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xb}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1707}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x60000000}], @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16df}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}], @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}]}, 0xac}, 0x1, 0x0, 0x0, 0x4841}, 0x40080) (async)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000006c0)='./cgroup.net/syz0\x00', 0x200002, 0x0) (async)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000200)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha512\x00'}, 0x58) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000410007010000000000000000800a4e0000"], 0x1c}}, 0x0) (async)
accept4(r4, 0x0, 0x0, 0x0) (async)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'team0\x00'}}]}, 0x38}}, 0x0) (async)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_emit_ethernet(0x4a, &(0x7f0000000640)=ANY=[@ANYBLOB="aad342888a89ef4914293048d36fd6bcaaaaaaaaaa0180c200000008004500003c000000000021907809000000ffffffff050090780a010102480000000000000000000000ac1e0001ff"], 0x0) (async)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wpan0\x00', <r7=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x40, 0x0, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_SEC_DEVKEY={0x24, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0xffffffff}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}]}]}, 0x40}}, 0x20000050) (async)
sendmsg$NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f00000000c0), 0xc, &(0x7f0000000500)={&(0x7f0000000400)={0x28, 0x0, 0x20, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x28}}, 0x2004080) (async)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, 0x0, 0x0) (async)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000640)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)={0x30, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random="8b"}, @NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x25}]}, 0x30}}, 0x0)
r10 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r10, &(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10)

1.552012274s ago: executing program 4 (id=1188):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cast6)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f00000002c0), r1)
sendmmsg(r1, &(0x7f0000000940)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000200)}, {&(0x7f0000000300)="84987bcd9d020dadd2b23a99d8690c4f55c11bb027bd444ae5003f5081ca2ff0c28020366b20", 0x26}, {&(0x7f0000000440)="38a53d4fc0d4e5cb2711811c910a6c2ad88f5106a7a951a1d5f7d40f3753d323bdf5632249de41182f13f39ae76d9976842bd50806158e7f8609cf23891543b514691c1491acc1492f0a616f", 0x4c}], 0x3}}], 0x1, 0x4008881)

1.326264286s ago: executing program 0 (id=1189):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cast6)\x00'}, 0x58)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000100)=@vsock={0x28, 0x0, 0x2711, @hyper}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000180)="1be8686b202c7e45e8c6f47ed9c64db02d61822eb3f3e6037e9bc651e21ae86940771ed01dae136dbd6e93c3effb9d15c36b7e69ade935ce8105cc15cecb0693d10c3f57f73f9bdc01eb950db69b5c816386e4c83b248296024174548e65507aa0a436d46d6a9205858c898819b3e2f72fc61ce783631af8909a11e987bfa2bdfd393413e60c544b8a58e1ed4d6ca628ff016d868ffd943ed222a58b4ebca9b62f9537d4698c74020dcf871dc15cabda87fbf909f3e0cd78727c87d95e7e4e6b82e9ff902b73abc5a2a09adc71032d7cd01c904514d1f3d5e10044d98d340d6db854a214c32e23342a1f8389e6abe55b4c8303e8c490c5", 0xf7}, {&(0x7f0000000280)="748d62576ffbd72e9cccf01e4f7685217c8ecfff47e3dc486154544ad341523549003be1390c4ba9393d76b327745d5f96362f984f61a6bd671631e16eb6498d1efed403bec5495c6e4e448b0afd977d3a78d89823ea0ba775707b776746e71f5cc8ad043a15bd7b7898a917559573df7ed41e50143f72a06158abfb47cc443d4f", 0x81}, {&(0x7f0000000340)="d91ae2813cd1a3d7f0c416ca3dea30d6eded3801f009d22fb7f18b94a7d85ac5719678b6568bde5e7ee272d51b97404562a2ccc14b78fa3c59b045e565dfa796719eb3", 0x43}, {&(0x7f00000003c0)="eb269866bd26f5244a09062dea04a0c5c5ddef4bfc17a3d1031140ef2c29adb2f5fda58e09c8d444fba84cad5a1b1f6a218ba40443bad466928aa42fd951555ff6fc6d85e437c4b59bdab850698697c84a6d28f80d66d3d4533130e0d58246803c7030c467006ec19d2e46770c06066a7d744964c9a72e47ace5c0fac047b0af5a4a2a10e0ab3476f99be3d7b6c197aa0647456b236957f37669903ed27413959cf9bd500ddb9e358ffbb4677740a92b8c8f1ad330393060ee06b954b790707f06bf69053bd8003e7c71599d8561ebeabad8a571cae2e00cb5376abefa7859e7486e0cb8dc20a15e74b747d41d5c7e92b061f58024e6", 0xf6}, {&(0x7f00000004c0)="91c003470296b8e28d42de3cce6e7e92898ea064cf32e659061f2900ce0f7ce3ecc704671e1786d11a2979a3de05f03daa3940f199af3db0893b77b0ae532300a55e7b4291f088f7968db1d3cbd895c33e652c2bd35b483fc375df026b112333e9463b396916c23bf533ca98a74245d881ad01fc65c85b51304612c5acd9fcf5ab9cffccae1bca99a1a974834c3115f291410c7dc330753f20cadc91553896ce6996bb06528e88c856beca8ca0f726f3be4c6c8633c968e0703b108556dcd917c907ff11b07e20deb3037733c6705ff93e685f121fa6a2607475b29259d6d5423b36a3f9f4af2f76c5d63cef045bb8a5d921756670e9d45fb0b4f3d7", 0xfc}, {&(0x7f00000005c0)="62afcd055095f527aa05f6685fa2ba48f911d032a4a85a42b32a59861c8c4f42c16ca37022a1a0d5bd4aca35f43eb94053d0da00055727eab6890bb50e4bb75fb5ae40b1f647258d9b2e6cae4dcb", 0x4e}, {&(0x7f0000000640)="63482a3d8d0aebc55046d39739ab7f2c34dc18778dc9466fd82a3206f78f5b2d3a173040da2fdc9f2b412fe23b7946561971da2aaa18be58f7be50da9af0d5a44158f61aeb193d563ea6ed2e57b3c39f96c11b5dd2232671aca6ae14560bd47187b900419d1bd9f6f0", 0x69}, {&(0x7f00000006c0)="60754b58249e22efcdb405d81135a310f4187a085d401306171bfc952817cc1f620d1c45ba3828a7c2ce01ed8b85555dc7", 0x31}, {&(0x7f0000000700)="2512ed64919eb677bb30f9a646f8d2223517f4e9790686ce1d00c1cf756e784917164446fac081b6c4d926a29003a94eb36688c2142760011c2f955f1dcbccb41a0929d20d8c5bae63bb9418d44b6f78bd8fd5785f3e7058c341e8d6afa92b16fd835e0e75dad6ee90af909477754325", 0x70}], 0x9}, 0x20008000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYRES8], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x4000000)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000640)=@newtaction={0x64, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x50, 0x1, [@m_bpf={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1}}, @TCA_ACT_BPF_FD={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newlink={0x58, 0x10, 0x421, 0x4, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad, 0x26d2}, [@IFLA_VFINFO_LIST={0x18, 0x16, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@IFLA_VF_VLAN={0x10, 0x2, {0x3, 0x92d, 0x1}}]}]}, @IFLA_ADDRESS={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2b}}, @IFLA_ALT_IFNAME={0x14, 0x35, 'vlan0\x00'}]}, 0x58}}, 0xc080)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r6, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = socket(0xa, 0x2, 0x3a)
sendmsg$NL80211_CMD_SET_STATION(r7, &(0x7f0000000240)={&(0x7f0000000000)={0xa, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYRESOCT=r1, @ANYRES16=r7, @ANYBLOB="000099c9f4fb41335ec70000000000000000", @ANYRES32=0x0, @ANYBLOB="0c009900000000000000000500e400000000000600140100ffffffffffff00121c001180040004000400020004000500060214010000000006003600000400000500c2000000000000000000000000000000000000000000000000007fffffff00000016725f623b3f025b01df5276b2d3bf8f6050c56a41a9285fd860731fc33466afee00402b8cd8327c6719fe10fb970820c5176d6b3dff178a5d9a752a047923bf0a0510015133ec1efd8e4c3b66b06a0e744141"], 0x5dc}, 0x5, 0x0, 0x0, 0x40000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0x200000000000002e, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000001080021850000006d00000018110000", @ANYRES32, @ANYRES32], &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xff8f)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r8, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x24, 0x4, 0x8, 0x201, 0x0, 0x0, {}, [@CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_L4PROTO={0x5}]}, 0x24}}, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ad56b6c5820f5a0e000000000000cabeef32b89844b3799d71ab8837740336269f3dc1b0589122afe8d49a33e7d3ff221a18a0ec62cac80cc775e00e8fb4e308a4f94a7d05d15b0d37dcbf648643410d7861e16eae682c7d7d09a896e0b258c5613098f1a5fe1fe71ce5f126ad38789cf2643dffbb5d3140fd", 0x79)

1.255855681s ago: executing program 3 (id=1190):
socket(0x2a, 0x2, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r1}, 0x10) (async)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYRESDEC], 0x20}}, 0x40)
socket(0x840000000002, 0x3, 0xff) (async, rerun: 32)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='mm_page_alloc\x00', r3}, 0x10) (async)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) (async)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
syz_emit_ethernet(0x1ae, &(0x7f00000002c0)={@empty, @link_local, @void, {@ipv6={0x86dd, @dccp_packet={0x0, 0x6, "922ff5", 0x178, 0x21, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, @local, {[@fragment={0x3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64}, @hopopts={0x11, 0x20, '\x00', [@enc_lim={0x4, 0x1, 0x3}, @calipso={0x7, 0x18, {0x0, 0x4, 0x0, 0x0, [0x0, 0x0]}}, @generic={0x0, 0xe3, "9a406896431cf8cebb1379b1cfca3ce3334fb0cd81c12766ff8351be2d961c40ce922dd8423e2de93ba96a5c90f772216e5e60c7d2a67cbcbc1d3b195d538eb920fc058775cc06baf8a87b4736fa0cf5161d47d4416aa6a1099c3aa4a927c4d93bcf1f4a781cbde0ee829f1276818415e192376437a6d4854c3c3ad346c7df7dfea9cd0463aa441a1b9cd514fedb8172d54cbf1353cf5f63fe58465c2d0e165df05ada44174919aaffc29df43606f9d49bcc571525c7aecc77ad523da96156400a63d03f15e4254c95ecb66cda9310041006d9d10e6b8a38bbdcac75348fe624c73bd8"}]}, @hopopts={0x0, 0x0, '\x00', [@enc_lim]}], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "114f84", 0x0, "8e269c"}, "c52104e4fbd8be11e86055d5cec119bfa161827fb675e43744d104b96e26ecb84a318c4c1d7b4f70305e74abd64694eddc8e552b811b2a1c63e32b811f4e8296"}}}}}}, 0x0) (async, rerun: 32)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) (rerun: 32)
bind$packet(r4, &(0x7f0000000000)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @link_local}, 0x14) (async)
sendto$inet6(r4, &(0x7f0000000280)="02042800ec074802010e0200c52cf7c20675e005b02f0800eb2b2ff0dac8897c6b112002faffffff3066090cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f) (async)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r7, &(0x7f0000000340)="07000000010000", 0x7)
r8 = socket$phonet_pipe(0x23, 0x5, 0x2)
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-avx2\x00'}, 0x58)
r10 = accept$alg(r9, 0x0, 0x0)
sendmsg$alg(r10, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000010c0)="961fdadf9dc47c7fbaedaf5ba72a4d9473715b23122421ad72be5188b3cbe8c3738d0b4282c540648c5f8cf23d987a7fb344abaff4e5bb6d020007722225fbbc53662adb86c71e639f7637", 0x4b}, {&(0x7f0000000500)="0939bf288b2c972bfbc2e5e907f1f1f0c15020f10f2d8727743d6892b66ca0503406de6b9b08dfc4f460c46b22d7225d0b7518d112", 0x35}], 0x2}, 0x0) (async, rerun: 32)
setsockopt$PNPIPE_ENCAP(r8, 0x113, 0x1, &(0x7f0000000100)=0x1, 0x4) (async, rerun: 32)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) (async, rerun: 32)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f00000008c0)={'wlan0\x00'}) (rerun: 32)
socket$nl_generic(0x10, 0x3, 0x10)

1.037784723s ago: executing program 3 (id=1191):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x34, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x800)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/110, 0x14b}, {&(0x7f0000000280)=""/85, 0x53}, {&(0x7f0000000fc0)=""/4096, 0x534}, {&(0x7f0000000400)=""/106, 0x500}, {&(0x7f0000000000)=""/66, 0x6a}, {&(0x7f0000000300)=""/83, 0x63c}, {&(0x7f00000007c0)=""/154, 0x4a}, {&(0x7f0000000100)=""/16, 0x158}], 0x208, &(0x7f0000000600)=""/191, 0x41}}], 0x3fffffffffffc30, 0x0, &(0x7f0000003700)={0x77359400})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000014001a"], 0x34}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x0, 0x4000)
socket$inet_sctp(0x2, 0x1, 0x84)

882.354858ms ago: executing program 0 (id=1192):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cast6)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000dc0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f00000002c0), r1)
sendmmsg(r1, &(0x7f0000000940)=[{{0x0, 0x0, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000300)="84987bcd9d020dadd2b23a99d8690c4f55c11bb027bd444ae5003f5081ca2ff0c28020366b20cf", 0x27}, {&(0x7f0000000440)="38a53d4fc0d4e5cb2711811c910a6c2ad88f5106a7a951a1d5f7d40f3753d323bdf5632249de41182f13f39ae76d9976842bd50806158e7f8609cf23891543b514691c1491acc1492f0a616f032feb431f840d61613a06e9f7958150d5d5b5f68c65db1e6fa35232d730e3033547cceee402acf3fb8ae2cfa049085fdce77323c1928f347a2d87f909ffb2bb8854df14b04017127b5118d173e5045af1ea29f8bf8455b820b714c0ccb7578a576c28ab4d72b07e3878e8d024e802e231285987532cc2285b6c179506d1c1", 0xcb}], 0x3}}], 0x1, 0x4008881)

792.056574ms ago: executing program 2 (id=1193):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="2c385aa3d49100dc6626c892", 0xc)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
sendto$inet6(r1, &(0x7f0000000a80)="c4", 0x1, 0x20000840, &(0x7f0000b63fe4)={0xa, 0x5, 0x0, @rand_addr=' \x01\x00'}, 0x1c)
recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001680)=""/4084, 0xff4}], 0x1}, 0x12041)

791.462953ms ago: executing program 3 (id=1194):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r0, 0x0}, 0x20)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000002c0)={'syztnl0\x00', &(0x7f0000000240)={'ip6gre0\x00', <r2=>0x0, 0x29, 0x4, 0x7, 0x1, 0x0, @empty, @mcast1, 0x700, 0x1, 0x3, 0x9}})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000240)={0x0, 0x3, &(0x7f00000001c0)={&(0x7f0000000040)={0x2c, r4, 0x1, 0x0, 0x0, {0x27}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x2c}}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000002f00), &(0x7f0000002f40)=0xc)
ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000003280))
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000032c0)={{{@in, @in=@initdev}}, {{@in=@empty}, 0x0, @in6=@ipv4={""/10, ""/2, @loopback}}}, &(0x7f00000033c0)=0xe8)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280)={<r5=>0x0}, &(0x7f00000013c0)=0xc)
r6 = socket$pptp(0x18, 0x1, 0x2)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000014c0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000140)}], 0x1, &(0x7f0000000180)=[@cred={{0x1c, 0x1, 0x2, {r5, 0x0, 0xee01}}}, @rights={{0x14, 0x1, 0x1, [r6]}}], 0x38}}], 0x1, 0x4044041)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001540)={{{@in6=@dev, @in6=@ipv4={""/10, ""/2, @multicast1}}}, {{@in=@dev}, 0x0, @in6=@mcast1}}, &(0x7f0000001640)=0xe8)
r7 = socket(0x2b, 0x1, 0x1)
setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r7, 0x84, 0x7, &(0x7f0000000000)={0x6}, 0x4)
getsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f00000002c0)={{{@in6, @in6=@private2}}, {{@in=@multicast1}, 0x0, @in6=@initdev}}, &(0x7f00000003c0)=0xe8)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f00000004c0), 0x0)
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r7, 0x8983, &(0x7f0000000d40)={0x1, 'ipvlan1\x00', {}, 0x7})
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000800)=@delpolicy={0x380, 0x14, 0x200, 0x70bd27, 0x25dfdbfe, {{@in=@loopback, @in=@remote, 0x4e24, 0x237, 0x4e20, 0x0, 0xa, 0x80, 0x0, 0x32, r2}, 0x6e6bbc, 0x2}, [@migrate={0x9c, 0x11, [{@in=@multicast2, @in6=@rand_addr=' \x01\x00', @in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@local, 0x3c, 0x4, 0x0, 0x3504, 0x2, 0x2}, {@in6=@loopback, @in=@private=0xa010101, @in6=@mcast1, @in=@rand_addr=0x64010101, 0x2b, 0x4, 0x0, 0x0, 0x2, 0x2}]}, @sa={0xe4, 0x6, {{@in6=@loopback, @in6=@local, 0x4e23, 0x0, 0x4e24, 0x0, 0x2, 0x20, 0xa0, 0x11}, {@in6=@loopback, 0x4d6, 0x6c}, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, {0x350e, 0x3, 0x4, 0x6, 0x4, 0x8000, 0x9, 0x4}, {0x3, 0x10001, 0x6, 0x7}, {0x1, 0x39, 0xcb5}, 0x70bd26, 0x3507, 0x3, 0x2, 0x6, 0x59}}, @policy_type={0xa, 0x10, {0x3}}, @srcaddr={0x14, 0xd, @in6=@private1={0xfc, 0x1, '\x00', 0x1}}, @algo_crypt={0x116, 0x2, {{'ecb-aes-ce\x00'}, 0x670, "dc60f4557f1108ea0bae049b0bb94f60d616bb519c56e091bb6c3af1237b1fa375968a0e0824e5c9d32ee5e9717724e9a4f5d49e39d32a4a3a0fe30ce570220d105af8a17d970b44a05d541d22f0db4c3b6bec64d9bf1053c93c979d12249aa06d72951a7bad7f68fab095fe25234b6efaa57b0e424800cafd6533ad9e9b978713c4a59b8d1b0428887cf8d968db6ea64e3fde45790627fd63201d31c6962a14642af59b0ddb9b269db6be85c9cf67eb15600db5fec0e767b8c65ca31a43a022a0b0205131c59be4aca1440f0c61"}}, @algo_auth_trunc={0x75, 0x14, {{'sha224-generic\x00'}, 0x148, 0x180, "44ffc380b5dbf93c264c68c8bc88e15af24423a09182f9ec2d0e38cd973ffa423e652e0b604a241155"}}]}, 0x380}}, 0x0)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r8, &(0x7f000000b0c0)={0xa, 0x0, 0x0, @mcast2, 0x20}, 0x1c)
setsockopt$sock_int(r8, 0x1, 0x20, &(0x7f0000000040), 0x4)
sendmmsg$inet(r8, &(0x7f0000001080)=[{{&(0x7f0000000340)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000640)=[{&(0x7f0000001240)="fe73fef280c33791efb6652fdf876730f136505ae295394af5fccdc1cde6de369b25dccb1211aec1fd09a46ec0f5dce993628542b7e3cb5194652e67e892d0a0c9ad1036b4473ca415ebf316a8b4bb8d20c65efabf74563bbe58173fb4738db46a296262e2c0f33cbd1fc93db960040a2431e1ea81e062104edb406d5332b176e70b2041b51e268b2e38121d5742846a6c9c94b35f66bdc2ae9fba2d4fc895f4bb40036915469b6aa180221ac65b1d5951bb5b8f8066ee98a46cfb4c1a1d0b058e3cb0d694505ab5d0bbe48dbdad0059cac5a8cca1dc4b06075da8d35f6548487ade776e041711b6176fea79d78ae3e141ac4a44c6bb828445d1baa6f84662753c9fbf263a25a30e59a26f7f5aee187c9611398a2680542f57314f53bbbadf5b0aeb11e2d20dd0e6bb07201313d09bf9c812a6cb8e2ec3e7b66b1c1cb4dcb641f293e188e0e5426b59c40305e4caa3414aadd53640ff7d2527aac0eaac0b5848299be2665e6754c550a3bc62690850b1d62bcb390e599ff26c9af11aadce55ae8aa72a2ce19353fb8850cedc93122ef763fe795831a9a4ccdae9d68053d6a5d6eb64a43fd8ed73cab960cd903131de49e9672b4541297b860807893f3269d7cc1a4bf7c8c9a488dfb37ded524a5a154c372b00c321d307beb18fce2c583cca614fa24f4ee42c2a92594e2271ed236ad9c15640be86be5e639e468cc7cf861cf38f51d5f43837c59953248cd74396e5aa14790c0468d5f0d91edfef5f85e202d16346fb7f029cc2f17b7cb6a7f0b50a8cddf65d0eec29723223addfbcf7dd9b294e9bec8d4ed0c88bbd1a4626773682d4ad56a5c238572e68a950ef48a97084a1b549a056fa77916cdb8dd99f71133b497f7af5c5fc98b149c11d648949483eebd7b3f6de4bbc1b9cfc1009b20f8ab8e81110e9e20face5e760b7b7b66e64b3f7a574352e9f6e4dbab8cdff7e350f63c59c495e63b32e293223d19f8203bee648724bc90d06346639a5d145439f3674fcfefb3679a82cb4d7baf3eb4085fbd0fc57586cb5e1485f35f6c3ad266fdda737fde356aeb5a2eed932137c713a8317251ac5bf56042128ffe3c0615222ede06eaeeae1555a26d06a064f70a7f54e9c74e7c54fa155c28bc095026dad0d863bcc970b139d5b4da3ca4e2450150c38fd846b55646226fde089a20d26b646dbbfddd598e0b349d1540d5d77c13f6cd9acbf746d7ce0e8dc65870a19cf4937c2ed1ab3efd3c7d64fa6e89e2ae09559516f4535905dc7d2cc7e6d51e231775ae54207fd7d7f850c0ea4d108182cbd8ec6cbaa7bf298c9c751183fac63bc9c8012a6fda57aaa752e1c93746578b7ab8a8d578d617eb0bdca07f479d5df34098a5470bd743e85d767a526d2d397ebf311f4e5fea32827170dfc283d2788d07e53b4f334fbd0b09d5f8614391fcc4400fc14b3929ba2232e9c296da839ffa4ada318cd008d450a00807fa831076dff93bcfab9fab9a6b3abfae30683e8f3a2ba010a9ad49fe78871745c803c50642fc5e9d8e78a6fe65af8c986dffc1970953e397712bfdaab13ea2084617ed02fd5f53d63ce4f2eaa8d18ea0f6aa831e94f04d55184c1388072e5b5d8b58367fa79552b39945061af6fd5639940226554d1d14b63dd4d3b929f4af144ffa11b309e2955f50e90a2ea0bcd55d59962eb4e3ea4f4119a790121b5d121f5bac28f9bac660c05b45b4646d1a5ecbf896e023f1729bfc5d7d7075743ad567c51b5973a697d52c94047706a1cd094824222e3dd49fb7dcaddf60f8d0b37c3f2e488f5df3f3fe206ab98a930ff4f0cac41cd071f4b7a0f60da50dbfa05d65dc55c9079d981a86b89603f4c56531034e6b84d024cb09fca30f6b7f6f01f5bd8afbac076d33428b6d207f12c0c9c6ab9d3927700fd8a9ea3900fe56ec694109ab85f111095e2cfc1509c2c849a02180c4984453e3182f7e31dd17d3a1000e73fbb7970f7a290445372c56b868821c7a841984a86d4a786db67062b5c754ccb2206638f46b56ade0a48e848a3a0f5c548d2cea1af41e7e40415d3e429839d549eaae3f6daad8eaa7ea1d00ee67d019dad877dc4db5ee4e428f920674b1a0da8f493a82799e2d4717b2f0b0c68641f1679d4eaa297c9b1c36294d03ec5f0f029de39534b3b109bd8c1497559e9a757d289dc3290ecb17bc0518804511354a62d6c9f21a645bfcad60767ed3bcf8cb8d0dd513f316fade20cfcdc47d57dd12ebbb65bb88ce5ee3fc294b02f9ae01d072c5700ede249475287dca90703c2dcaafcf1ce0db24444fe86b35623aa8791f4313908609911b44285e78e5129728e9a8297b47a8bb33ec53ef29c188b23edbbfbcb453e62639a5c924fed4665520ffa9624287de9aeb599915fc3f17611b76d165102027dffdcf4a3551c08c3f4b78b164aa9519fd084372547d364028fb69b8863095314e02ab263fc0362098f5963b775620be4bf55b4101dbc4a8117baef704134b50d7c6ab41fd5587d469e08ae105b797605d236f207b970247328d0be45fe789b3f9a79b58fe95cc2767b9e7978c8439ec12b991787c506e44b97e4f992ecf60e23e65de88a9bdf3ff49212390e4d2e07d66bd92b34d53c23b83f9aa1c33ef87e9b6a2eeabd8d72a73e27ec55cb1f3c89e2c28886358e8841b033c12cb6a8339b14d190be0ee68ea7ffa48d6751f69598da72935cae0f48ce9d80c69fcf6850027dd863dd8f6ee8540e7b434993ab8506b53598c2126557df7371ef7ab36ab7a07de739543c226fa85f3ca6c708ceb0141212e2acb5f4f2498d5df7cf9760ceee8fd0527c1a4218519f128f9edb43dd7a4bb7706f05d6c26ee891b1200bf80ead91b866dc8f7824e8a6f763851276a5c4fcc3e649be68bda120e694cdf6e3291b2547ba1af71c8c554df6c6245df0e16e76ed28243331ba6aa9f37d3c26ff46087920107d4081e56d3065a48cee26951da705bace63baa6eba859b129b3e337d09ea01d9d8dc9a67ae8a82fc480fc9144b9ab0506ac0602cb90e67ebfdfa752cc76933d49d8be92d95504daee9955c9dae1d39c66c676d4c9768b5d5d44a335c70888549f588a561d4c6fae81552b21dde76c1726723f9e82352c8270a19499684ffc871f9ebb6d5aa1501beb6b82776ae5c2e5c00893451930f030d701102e4925c655679444451cbb1cf87a674cda59a1ce95916eb75aa3748cce8b6921823fdde51303bef31c27c1f88c47453476f85c4751f83b53699af95e6479d6147922c4d8b78a9edb718196d772aa17a034c8ebaa7fdf62ca818ee404924f876643f64fa09f8c213793c3f9025635b1880b2ac7cfd4219bfccb6785ea5514ce23dca29a12badaa3bc37ed8ab008c2842c5a3da3d5922456feed19a3b86775c2f898d1de336095f008c878472f5ff788224513f70fabc50fdea2dd703afe6cdb8f63edc03ebc2602a6b5c95b89c56baa73aa0c33e1b3897595ae0f5de61172bf4ea9bd471656d4b3e4e6dcaa21814e90dd1e7c2ad883bcad26fd1d8e637dd1949f1e8c3b7681f4a6963a44bebd5882ce97a809bbb8230377dd13e39c81bbc8e3b74e583105ac2500570c691eb8d66236ef27377476a7256816d29098b17240b2fdd4f3df959c8e1aaafcc9d6a0256d4887298b35a6856d7e9124fede8da7090ae68fc4993e2699227a1b20a174a26e9265e08eadc00fa462e3a57b55ab23622ec0369ce22eab6499bfe5715ee970678b74e7d866805b7843615e58d41e7effa5ae477f845def8a41e2533b1069dcc466a4670ebf075794c6aa72726cc46b85f6ce2bbf34088deb46f44cd24314c6ec9370ad0bf37a0d20e1a8915d230db2784ee24449ac507e41521b1096b88daa916e519262694c1d02dab5b077c229e160f5e2a9940f68225b7a3f005322685216275e79ff60d7dc476a7b5fb0cf1b1b9c25045eb09110587c8ecefb5f534b0310f3049536c5492c1e659eda4195a12977f6d0577734fc9546e1d57074e0b49ddec22967bab6c455a4225fc42cb90778277d77d14e528a0e19b2c4ade01ad7080e56e54031932fcf94517d1e90ad6fff0b8f15a4be73c1c3cd977f0a6774e1f26996a4b892e43427e6b8025adfcfc363477c0497abb11d0bfa53b4e2f43046c9969fda77332a033d5155c3713840a3b8642aa99bb6ae5e9378cb596e6c74c2fa1d0e01f8f38e092928e8115cd1bd9829950f6f13471dad55b0dd18951b0e2bcf36a5a81fe71e3f75d43f4035b34f1f036d8a07237096cae20d0aa32df8a6212069833af6a1a4bb2d313a1d1d708d20d52ea68b4b393e1cfedfee2044bb3a9487c510cf119192459acd113cdd584664bdc25e9cc1dc4d1c1edf034b7a846317efb954144c8250b7b9426ddff3ffd85d86327de1b6a23037b8fc3b5da483e9118a47be26808d07758e85f6c5a84a62d59febc6a53e72363f55d0ec5de63d4983d136fab74c19341be72ce46a0fa319e621a4666b98972880c34191b4cc317ff530abcfa590cc51378b898b78b2c182d74fd47c2f9e1072509d5fcc71e412ace2114bc90b384876bd03f55c71d5c317982528dd449eda22396ec2e8cd83baba2effb40af6487ac8782599123b71693a8c2b75e4ed28a4450dc9b7b7937b451c2be36912f215e278ed5ea8b87d1599bd11a71737affa2ba931a6742586f06085540d699f53963eb44b3ddf877f7e67c9ec0dd5a85418bde21186ece921d395e6f1f52c14f0ff2a296a1ff995b4c33dad4478e59cfea95ceb731334826d3316682a74ad90f6e0167a0d7f23779b0e739f05aeb04b1dd7129e60f11c54f125fb9665e592ef5bdb03bb635eba6ec69f7cdf72fac806522f8116ca62c90255dfef58b7c4e4cecd254e5c7d25e5a155e08538f81cad22a0f4e2575f503d4e3859cd988ae6a6babc60314042e5eedceb019281abeea1606ec9ac0a3a8b9b7466d949a50a01bbcd96d7820f492026c543ac537d1d757cb8a2a1fa98d372794ef430a2af0422cb4f5b2152a7825f1e7a29cbbce9d5900e13ada9c4400b662a0126e98a5cb72fb6192fa28835d25a8e858158aef9aeea1cd8b29bb4eb0afc1af81d9b8c939823b27ec83b37fd57e6c62c1ed522b5ea5e8033376195f40b782a9dc2ac695fceadfc1f939f4d1718a44e52a0dec0363d581a39db2f1e3378ec6d44bc57480826cbbf7f5cae6957382d0359314a6b5f5428442fb138281fda426106e94a0293ce2c4fdc53d48039cf0cd0a8f654b74ddee942c584705686157a604245d9ca97c33fdbd4a32efc58e5e54703f683bba23875ad4bf82e97719512d14bc3284b1552e2e859ad87fec8f1676f05830af230c6af6726652eff03d28ab1da91742c48adc94422486ff331235dfef201b6b27affd89efaee6c93a345e22c8f5f3b779efb215a194bf620814300c29cd7e9012281df0dfbb70ac5c2a395435b093c13dcf963f413212d632c11a30e556987d618be0e07a0a76c8144c60e9d59a864f24e985370724919d98353b330a7b35c697b06e5e5ab1abf497fbd8dcad54200631443a6f76ed01ae46a705874ecc223203416fc7313981a917ade2517252cc7315c55813c352fdc62933fd3d715c926f8470cb3c94d86afc0f34d048f3ddc0cbce1c18c7938a59bea640539f2fc50b878cf46738bf8abb5cd5c4a02393828f2192188ca650926fceafacf4f8197eb3f07bd101ae93b892e9dc82aba69c4e47363aaf4aa7d354cb48b7d28b72b07ba17ac24655bebe5162bc6538161ab374bce4e3d60a5925b5b20acd58833bf1791f1bd23", 0x1000}, {&(0x7f0000002240)="c8e3f7005a0dde752975218f0b243daca3d23a190ee2ca5b86075cb93051751c96b41bc5369f8af103860c36da3b895d63c1f91403a4e589c724644dc7dea6671e1b0d59e5e97eb556913db920aabdfe144ea3f41cda4c134c2df1fa12fe607faa098406ee668b5091884fb6b857c97a3b4fcf17e861a45135fa4e7c1bbbd5b47397c5d16d0b69709ac13286c6f508d35cedd3c6d9989b562f1c9c43fa3adcc55568c4ce6351727dae5399c19f9a06f3e7a6150d058a4d5b6b8393526e49cdfa16414f1cc43d31556ae2edd3d6ea60f73c100a676dd5fa635f199cc04193366f02a5a33aa0f889fa70e085af7064402f8e141384ac38c864a2ba067086b30df08a89f29141e8597f823fdc07100675f62f4fe1bff1c17ce4f934685155ba8b6312d2d23eeb9994a4edfa34a567f996976405a74ce9939e7df2b9388636b2d9844cd0549c59e6d075e8039c0348e838bfb2143b8f9de6ab1a8d4092603a00b7b8b61e136597b11da71c8840cdf375f373a0d76db1179174e1ba185e6775c75f6921a8d014def7fefdfa99ec9d156f2c48fe8c714825213b1023f72bad8dabdab3ee1b36538466627099307fb187a1314b95704c2f3fbbc55f3fd173cdd79b0e198c023790eb2aa1738833b4f0a8ef850229f3a3e25b9715461e91db35df8ab3ae7debd0fdb47165383f6cd67e82ce0d6f159d90073fdaea854a295954f6e3ef38da43e170ceae72018c95d427f9511816178773ec619169f16ac2479a172befb07f5deda9eaac2b41c96c9713460038c0b0c65d5067a2c59b5f04a7580bc2e57cae90ccface4a3fd5c8c00776e6dc4434df6d7c2a258da5e706d9c0c090e56a00a2aa15959c7c5bd590aecf9e8478ad5b8af1372248610ca4af7842711f68918928bc9da350a2837767c64f38a2ff25c32a1bbdd4b9c481c6225fe7b47bbbd64a630ce65632a3d792a161b04b584aaaee01910f522dd079ae9e8a2a92afe721dc541a763a95cb0b57e78e882c25a01649695b1920f18f7cd76dd7b0cfab7ea4f99aeec411eec408af085018a12ae75e109b51b2a99550c79454dbafd1b85e9463d7da6cf358b25798d8e4ebf8effcd6d7dfef51e6fb1c0add8520e84271c64b2f5867a3382992e6d4d358951d8578222cc089c55a7fe50f8a5b652dd9a67d703b665300fe48f09d367ce4b417bd4bf27390c114783397afe18fcf318e29f4cdcfbed1ffbe127e0d2827e3e0d0c606db9950846a065719615509f9ff255910dbbf2d5d2f23bbdd06f99ee31eaa6bb6fff68fd0088737ef1f7531a04c86ea7c8371937eb816ba893969c9bf622f9cb47b885f9e9b843cdebe64d334c2eb4c1002600d15f7a7044a779537df581d07a25ac2b4c1cb8dcb0aacc66f45f6fef3850a38f23970f818f08d76705974c53ed7c6a2860b37e93329d52ca734fea54d049b4c2cd2a4360ff8c060c5d48c3672eaa92ad32309acaf1d11976a4cb1c393fd1662d9177f3c119c8f921139109031f6c97522fc4afecf3ed90565ae8d75a83826a01891877acbe41d4ff631e3afa7b4ec85d9f75a40d83276e85fd539abfaac84ccb77131e327a5993c7764f62be0410be55632be60507b6f78ea6e7ef8fbb6b65bf73d2e54b3825a2ac2a00c462591d18c868bae96c6817866fe463c296d5132ad875ccbd6d176c4e736381633622fb163de10a8dda45f713f43897ff31507b41e337434370098b34f12a3d24663f96b8d5245373f0911ee270e7a507786992c837e52651c2f4e82138cbf7e99fd18483454af0e29bc99b6b0d6580eef81152229ae6d62698d0abc778d577f57eff8f39ddd3b24d20688a75febf0663c1d94c6fe44495d9f77ba75f925f278d764aa477fbef23870cc8d74fd69c109bc0ed5f06363e70e38c3d8eee2567d50b85c0649c2f2ca3a1dcb9379722ba6029c0d3c17c36046eab3f22fcb4ecc4bcd28a7d18364bc09582c0031831e5d5fa667f22c71644cf96ae8f3364f43d0808c03711ee277e5bd97ad39c20db590ef7ab3c396cd37df8789f68763b7f54bb35df9755fc4c26f9cd5fe6e815854b668c73f2830fe7035decebb5cb2879823245a45f9f1a005a39d7b8c5062eebc4812c92b573fb999eb8168f31c100a8d0b2d24bc2e868fbc5386d99c0b4fc4b3b4d9456816818adcb30cc6c8b3f5037f6f3987aba3fd9d81c849f19e474b6e90ab4f43cc67f25900b2d4e3291d7e1edf3e430e6edf78567bc00fd729a92480e43f1cf16c5c6ee239b92fea50605a04e557de874894d578776f9ad141629804961655239ebcf8527594970049168cf43e46b8dc7586b766ebe76af29ad104c6359b7d0e6126be345c7b3c4569c990c395586eefd85ebba1946096f83a27cd3cb5f15ef5343c97bffa086d376391571104e7749e2267af1ca62f3ac76129fd4b17ca845e58a6fa2b7c34a07ffca407becfb8ad93a881331554a2f43e1f37cc2a7207a11d56fbb04c9842d1f22e0fab8cb05c5458efbd28cb3f2499182e74957609d34756910d603417191e5daa13cf37faecca0ca897c7e469ec5cea6a2824354608", 0x719}], 0x2}}], 0x1, 0x0)
ioctl$sock_TIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000040))
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x6, <r9=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="b40500000000000071109f000000000006000000000000009500000000000000f0dddf0d9281486c3634170203fcdea09f2fc8a395b772c536d64582d0f8575d7e8ec5849a37575877a910fbe21013256f54323411b55878d245a52e724bbe23c2a044020cc2147a1f91d38125137a4e1c6f6d9b7c07538a320acd14bc9d0ab383ab943a560bdd39bd3da0eeccbcf3f8858464"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, r9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x5)

714.520988ms ago: executing program 2 (id=1195):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x34, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x800)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000013000100"], 0x34}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

603.930707ms ago: executing program 4 (id=1196):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x2, 0xe}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}, @TCA_RATE={0x6, 0x5, {0x8, 0x7}}]}, 0x3c}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
unshare(0x40600)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000680)={0x0, r0}, 0x8)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0x16, 0x0, 0x8, 0xfffe, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r3, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_RTHDR(r5, 0x29, 0x39, &(0x7f0000000500)={0x1, 0x0, 0x0, 0x50}, 0x8)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x1, r4}, 0x38)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x40000)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180800001bc81a000000000000001e00851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x3c, 0x72, &(0x7f0000000040)="976d9023d56482cd284a63da539706d7009be646625bd75b025352ebe557df463106baeed6c2d75549b140f143fb8bb67bfe5b308b8d05758115c7ad", &(0x7f0000000180)=""/114, 0x0, 0x0, 0x0, 0x90, 0x0, &(0x7f0000000280)="bf049fd184f7b03c21d9bcddc4eef9ebb6a0da3eb91c56454e873dd7336ccf21a1eeb8da7adf80d6e06ef46c7f36222fadaed2103c286468b3f44adee51445bd1bedf8fcc1c0b9fdc8b3829b1bf0c9d2d409cdecb12ad033e299c029331993ae9760345bf7feb91ee96b0eee19454ad3dbce5019b68c114ff1921a9b4665744c7784ac6736101a70592d83c448a84c31", 0x0, 0x8000}, 0x50)
r8 = socket$inet6(0xa, 0x3, 0x87)
setsockopt$inet6_IPV6_XFRM_POLICY(r8, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@empty, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x1000000000, 0x53e5, 0x20}, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x32}, 0x2, @in6=@private0, 0x3502, 0x1, 0x0, 0x0, 0x0, 0xfffffffd}}, 0xe8)
sendmsg$nl_xfrm(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x1010}, 0x84)

527.844726ms ago: executing program 2 (id=1197):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r1 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000100)=0x14, 0x80000)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0x2c, &(0x7f00000002c0)=0x6, 0x4)
setsockopt$sock_attach_bpf(r3, 0x1, 0x34, &(0x7f00000000c0), 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00', <r4=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r4, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x41, &(0x7f0000000080)=0x654a, 0x4)
bind$inet(r5, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x61)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', r4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
setsockopt$packet_drop_memb(r1, 0x107, 0x2, &(0x7f0000000180)={r4, 0x1, 0x6, @multicast}, 0x10)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@ccm_128={{0x303}, "f091030000003477", "4ee9f0420448f5ac45a8b1af8a3d7b75", "0697b948", "c191885fdda84d32"}, 0x28)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000400)="07280b01844f576d1eda1dc0c04343c65895644789733334cd057c33607966a82b0446dcf825c685be42cb4a7379e1b1953dd6a413af539dbef634b6f4dab74fe33bf9ff785ed031ce8e090f8d7e1ef2262d65fabf5fb6cc191d209ea1d5000000fb35fb2786d0a07826570e74235932f4d7f02578fa4896596926aad0b8ca52d6dedab905517df1ea088fbf8ca23d13cb0e88256b1902d43306805cbe1856332673d40fe12e1e7c07e06aacbfcd03c7c0a8833e722417d37013d44759469bd467d75da53b7b87013df6d762de5dbc665a16fd071448633ed5e174a97ad3d6b2a84225d24e5c119442d929b0a444edca", 0xffffffec, 0x20004091, 0x0, 0x0)
close(r0)
r6 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r6, &(0x7f0000000240)={0x0, 0xf0ffffff, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec0012100001400d0c0c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
r7 = socket$igmp(0x2, 0x3, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x5, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x6d}, @call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$MRT_ADD_VIF(r7, 0x0, 0xca, &(0x7f00000002c0)={0x1, 0x4, 0x0, 0x0, @vifc_lcl_addr=@initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
unshare(0x22020400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000002c00000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x2f21b000)

494.808134ms ago: executing program 3 (id=1198):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x34, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x800)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYBLOB="000000000000000014"], 0x34}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

367.042905ms ago: executing program 3 (id=1199):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x34, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x800)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], 0x34}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

340.401196ms ago: executing program 4 (id=1200):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000000000)=ANY=[@ANYBLOB="6b00000010", @ANYRES16=0x0, @ANYBLOB="010000000000000000001b000000070021006161000008009a0000000000"], 0x24}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000000000)=ANY=[@ANYBLOB="6b00000010", @ANYRES16=0x0, @ANYBLOB="010000000000000000001b000000070021006161000008009a0000000000"], 0x24}}, 0x0) (async)

175.167356ms ago: executing program 3 (id=1201):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000020000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r1}, 0x10) (async, rerun: 32)
r2 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00'}) (async, rerun: 64)
socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000071119100000000008510000002000000850000000000000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async, rerun: 64)
r3 = socket$netlink(0x10, 0x3, 0x4) (async, rerun: 64)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DISCONNECT(r3, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r4, 0x400, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x20}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x22}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x14}]}, 0x34}}, 0x80)

119.991932ms ago: executing program 4 (id=1202):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0xfffffffc, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88bd9edace00000002000000002100000002ff02000000000000000000000000000104004e20004d03"], 0x0)

0s ago: executing program 4 (id=1203):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni-avx2\x00'}, 0x58)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={<r2=>0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
r4 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r4, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c000000060a010400000000000000000200000028000480240001800b000100657874686472ffff14000280080006400000000208000140000000130900010073797a30000000000900020073797a320000000007000740d3d2fe00140000001100010000000000000000000000000a1fe52ccd8e73e7a0673475c5340c5ed2c752d39f18a994a67166da89684300816568b780cecfa6eeaeb2dea482d15ff4975afd1d3ae4284bc18cb443d6ec7f461464a8f0bc34fba499dd37c8f15db321d957dce703bd17809d49c7776200ad92541b899b3eee1b33aa0baf1e75622aa4f16591a3455d949de78f3ddd9baf1b4eba7da468739582"], 0x84}}, 0x0)
setsockopt$SO_TIMESTAMP(r4, 0x1, 0x3f, &(0x7f0000000000)=0x3500, 0x4)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001380)={{{@in=@broadcast, @in6=@private2, 0x3, 0x0, 0x0, 0xf9b7, 0x0, 0xa0, 0x80, 0x33}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x2}, 0x0, 0x0, 0x0, 0x0, 0x1}, {{@in=@rand_addr=0x64010102}, 0x0, @in=@multicast1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0xe8)
bind$inet(r4, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)
sendmsg$xdp(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r4, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/11, 0xb}}], 0x5df, 0x2, 0x0)
setsockopt$inet_sctp_SCTP_RESET_ASSOC(r3, 0x84, 0x78, &(0x7f0000000100)=r2, 0x4)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r6 = accept4(r0, 0x0, 0x0, 0x80000)
sendmsg$alg(r6, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x4004800)
recvmsg(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001680)=""/4084, 0xff4}], 0x1}, 0x12041)

kernel console output (not intermixed with test programs):

5.911162][ T7039]  netlink_unicast+0x39d/0x990
[  145.915935][ T7039]  ? __asan_memcpy+0x40/0x70
[  145.920545][ T7039]  ? __pfx_netlink_unicast+0x10/0x10
[  145.925882][ T7039]  nfnetlink_rcv+0x26b6/0x2ab0
[  145.930712][ T7039]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  145.935884][ T7039]  ? netlink_deliver_tap+0x2e/0x1b0
[  145.941093][ T7039]  ? skb_clone+0x240/0x390
[  145.945530][ T7039]  ? __pfx_lock_release+0x10/0x10
[  145.950581][ T7039]  ? netlink_deliver_tap+0x2e/0x1b0
[  145.955788][ T7039]  netlink_unicast+0x7f6/0x990
[  145.960564][ T7039]  ? __pfx_netlink_unicast+0x10/0x10
[  145.965861][ T7039]  ? __virt_addr_valid+0x183/0x530
[  145.970984][ T7039]  ? __check_object_size+0x48e/0x900
[  145.976302][ T7039]  netlink_sendmsg+0x8e4/0xcb0
[  145.981079][ T7039]  ? __pfx_netlink_sendmsg+0x10/0x10
[  145.986371][ T7039]  ? aa_sock_msg_perm+0x91/0x160
[  145.991312][ T7039]  ? __pfx_netlink_sendmsg+0x10/0x10
[  145.996593][ T7039]  __sock_sendmsg+0x221/0x270
[  146.001276][ T7039]  ____sys_sendmsg+0x52a/0x7e0
[  146.006051][ T7039]  ? __pfx_____sys_sendmsg+0x10/0x10
[  146.011352][ T7039]  __sys_sendmsg+0x292/0x380
[  146.015953][ T7039]  ? __pfx___sys_sendmsg+0x10/0x10
[  146.021086][ T7039]  ? __pfx_vfs_write+0x10/0x10
[  146.025869][ T7039]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  146.032226][ T7039]  ? do_syscall_64+0x100/0x230
[  146.037009][ T7039]  ? do_syscall_64+0xb6/0x230
[  146.041698][ T7039]  do_syscall_64+0xf3/0x230
[  146.046208][ T7039]  ? clear_bhb_loop+0x35/0x90
[  146.050892][ T7039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.056788][ T7039] RIP: 0033:0x7f32b357dff9
[  146.061203][ T7039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.080808][ T7039] RSP: 002b:00007f32b43d1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  146.089235][ T7039] RAX: ffffffffffffffda RBX: 00007f32b3735f80 RCX: 00007f32b357dff9
[  146.097230][ T7039] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  146.105201][ T7039] RBP: 00007f32b43d1090 R08: 0000000000000000 R09: 0000000000000000
[  146.113171][ T7039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  146.121144][ T7039] R13: 0000000000000000 R14: 00007f32b3735f80 R15: 00007ffc938ced38
[  146.129134][ T7039]  </TASK>
[  146.158552][ T5243] Bluetooth: hci2: command tx timeout
[  146.198478][ T6908] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  146.316453][ T6908] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  146.423056][ T7046] x_tables: duplicate underflow at hook 2
[  146.454275][ T7046] Cannot find map_set index 0 as target
[  146.564982][ T6908] team0: Port device team_slave_0 added
[  146.614736][ T6908] team0: Port device team_slave_1 added
[  146.690550][ T6908] batman_adv: batadv0: Adding interface: batadv_slave_0
[  146.698559][ T6908] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.745288][ T6908] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  146.760585][ T6908] batman_adv: batadv0: Adding interface: batadv_slave_1
[  146.767809][ T6908] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.800310][ T6908] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  146.823605][ T7064] netlink: 4 bytes leftover after parsing attributes in process `syz.4.487'.
[  146.917294][ T6908] hsr_slave_0: entered promiscuous mode
[  146.944001][ T6908] hsr_slave_1: entered promiscuous mode
[  146.959858][ T6908] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  146.989391][ T6908] Cannot create hsr debugfs directory
[  147.808720][ T7106] netlink: 64 bytes leftover after parsing attributes in process `syz.2.495'.
[  148.036086][ T7102] bridge_slave_0: left allmulticast mode
[  148.054511][ T7102] bridge_slave_0: left promiscuous mode
[  148.076270][ T7102] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.103670][ T7102] bridge_slave_1: left allmulticast mode
[  148.111164][ T7102] bridge_slave_1: left promiscuous mode
[  148.155186][ T7102] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.178111][ T7102] bond0: (slave bond_slave_0): Releasing backup interface
[  148.193708][ T5243] Bluetooth: hci2: command tx timeout
[  148.223020][ T7102] bond0: (slave bond_slave_1): Releasing backup interface
[  148.322879][ T7102] team0: Port device team_slave_0 removed
[  148.359990][ T7102] team0: Port device team_slave_1 removed
[  148.376597][ T7102] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  148.386222][ T7102] batman_adv: batadv0: Removing interface: batadv_slave_0
[  148.399508][ T7102] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  148.409260][ T7102] batman_adv: batadv0: Removing interface: batadv_slave_1
[  148.434808][ T7106] wg2: entered promiscuous mode
[  148.474491][ T7106] team0: Port device wg2 added
[  148.513809][ T7129] netlink: 12 bytes leftover after parsing attributes in process `syz.0.501'.
[  148.787502][ T6908] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  148.838004][ T6908] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  148.879380][ T6908] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  148.896356][ T6908] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  149.168221][ T6908] 8021q: adding VLAN 0 to HW filter on device bond0
[  149.210334][ T6908] 8021q: adding VLAN 0 to HW filter on device team0
[  149.245880][ T3023] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.253078][ T3023] bridge0: port 1(bridge_slave_0) entered forwarding state
[  149.331742][ T3023] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.339036][ T3023] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.458962][ T7176] x_tables: duplicate underflow at hook 2
[  149.476578][ T7176] Cannot find map_set index 0 as target
[  149.673341][ T7185] syzkaller0: entered promiscuous mode
[  149.699355][ T7185] syzkaller0: entered allmulticast mode
[  149.838328][ T7193] netlink: 4 bytes leftover after parsing attributes in process `syz.4.517'.
[  150.277949][ T5243] Bluetooth: hci2: command tx timeout
[  151.929084][ T6908] 8021q: adding VLAN 0 to HW filter on device batadv0
[  152.136046][ T6908] veth0_vlan: entered promiscuous mode
[  152.178116][ T6908] veth1_vlan: entered promiscuous mode
[  152.324630][ T6908] veth0_macvtap: entered promiscuous mode
[  152.358643][ T6908] veth1_macvtap: entered promiscuous mode
[  152.490880][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  152.532833][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.552777][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  152.585191][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.597840][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  152.609302][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.620495][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  152.641417][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.664926][ T6908] batman_adv: batadv0: Interface activated: batadv_slave_0
[  152.766819][ T7275] syzkaller0: entered promiscuous mode
[  152.775580][ T7275] syzkaller0: entered allmulticast mode
[  152.789422][ T7281] netlink: 4068 bytes leftover after parsing attributes in process `syz.4.530'.
[  152.976903][ T7291] netlink: 8 bytes leftover after parsing attributes in process `syz.4.533'.
[  154.902581][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.942728][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.994581][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  155.052825][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.070078][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  155.080941][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.090953][ T6908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  155.101649][ T6908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.113232][ T6908] batman_adv: batadv0: Interface activated: batadv_slave_1
[  155.134863][ T7316] dvmrp5: entered allmulticast mode
[  155.170907][ T7309] dvmrp5: left allmulticast mode
[  155.225820][ T6908] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  155.236466][ T6908] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  155.252229][ T6908] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  155.269170][ T6908] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  155.303304][ T7320] tipc: Failed to remove unknown binding: 66,1,1/0:2745864377/2745864379
[  155.336704][ T7320] netlink: 8 bytes leftover after parsing attributes in process `syz.0.541'.
[  155.352498][ T7320] netlink: 5 bytes leftover after parsing attributes in process `syz.0.541'.
[  155.462482][ T2944] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  155.493736][ T2944] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  155.532124][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  155.547063][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  155.782384][ T7338] x_tables: duplicate underflow at hook 2
[  155.948818][ T7344] netlink: 16 bytes leftover after parsing attributes in process `syz.2.549'.
[  156.505083][ T3023] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.631388][ T3023] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.703592][ T7373] netlink: 12 bytes leftover after parsing attributes in process `syz.0.556'.
[  156.713187][ T7374] x_tables: duplicate underflow at hook 2
[  157.092324][ T3023] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.177309][ T7386] netlink: 8 bytes leftover after parsing attributes in process `syz.2.561'.
[  157.192294][ T4626] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  157.206060][ T4626] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  157.214016][ T4626] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  157.253738][ T4626] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  157.262595][ T4626] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  157.270586][ T4626] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  157.346691][ T3023] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.474108][ T7401] netlink: 20 bytes leftover after parsing attributes in process `syz.0.565'.
[  157.495470][ T7400] FAULT_INJECTION: forcing a failure.
[  157.495470][ T7400] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.522184][ T7400] CPU: 1 UID: 0 PID: 7400 Comm: syz.2.566 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  157.530390][ T7401] netlink: 4 bytes leftover after parsing attributes in process `syz.0.565'.
[  157.532838][ T7400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  157.532855][ T7400] Call Trace:
[  157.532865][ T7400]  <TASK>
[  157.532874][ T7400]  dump_stack_lvl+0x241/0x360
[  157.562654][ T7400]  ? __pfx_dump_stack_lvl+0x10/0x10
[  157.567902][ T7400]  ? __pfx__printk+0x10/0x10
[  157.572544][ T7400]  ? __pfx_lock_release+0x10/0x10
[  157.577629][ T7400]  should_fail_ex+0x3b0/0x4e0
[  157.582358][ T7400]  _copy_from_user+0x2f/0xe0
[  157.586985][ T7400]  __sys_bpf+0x1a4/0x810
[  157.591238][ T7400]  ? __pfx___sys_bpf+0x10/0x10
[  157.596016][ T7400]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  157.602006][ T7400]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  157.608356][ T7400]  ? do_syscall_64+0x100/0x230
[  157.613164][ T7400]  __x64_sys_bpf+0x7c/0x90
[  157.617604][ T7400]  do_syscall_64+0xf3/0x230
[  157.622119][ T7400]  ? clear_bhb_loop+0x35/0x90
[  157.626796][ T7400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.632737][ T7400] RIP: 0033:0x7f5af477dff9
[  157.637196][ T7400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.656816][ T7400] RSP: 002b:00007f5af552e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  157.665253][ T7400] RAX: ffffffffffffffda RBX: 00007f5af4935f80 RCX: 00007f5af477dff9
[  157.673261][ T7400] RDX: 0000000000000010 RSI: 0000000020000100 RDI: 0000000000000011
[  157.681257][ T7400] RBP: 00007f5af552e090 R08: 0000000000000000 R09: 0000000000000000
[  157.689242][ T7400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.697221][ T7400] R13: 0000000000000000 R14: 00007f5af4935f80 R15: 00007ffecf420b88
[  157.705211][ T7400]  </TASK>
[  157.963398][ T7411] x_tables: duplicate underflow at hook 2
[  158.039929][ T3023] bridge_slave_1: left allmulticast mode
[  158.052697][ T3023] bridge_slave_1: left promiscuous mode
[  158.088006][ T3023] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.154483][ T3023] bridge_slave_0: left allmulticast mode
[  158.160196][ T3023] bridge_slave_0: left promiscuous mode
[  158.178827][ T3023] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.570077][ T3023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  158.587258][ T3023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  158.599482][ T3023] bond0 (unregistering): Released all slaves
[  158.617772][ T7419] netlink: 4 bytes leftover after parsing attributes in process `syz.2.571'.
[  158.630882][ T7419] netlink: 1 bytes leftover after parsing attributes in process `syz.2.571'.
[  158.641316][ T7419] netlink: 8 bytes leftover after parsing attributes in process `syz.2.571'.
[  158.673671][    C1] Unknown status report in ack skb
[  158.996316][ T7435] FAULT_INJECTION: forcing a failure.
[  158.996316][ T7435] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.082198][ T7435] CPU: 1 UID: 0 PID: 7435 Comm: syz.4.576 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  159.092857][ T7435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  159.102951][ T7435] Call Trace:
[  159.106261][ T7435]  <TASK>
[  159.109236][ T7435]  dump_stack_lvl+0x241/0x360
[  159.113984][ T7435]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.119240][ T7435]  ? __pfx__printk+0x10/0x10
[  159.123886][ T7435]  ? __pfx_lock_release+0x10/0x10
[  159.128967][ T7435]  should_fail_ex+0x3b0/0x4e0
[  159.133696][ T7435]  _copy_from_iter+0x434/0x1d60
[  159.138605][ T7435]  ? __pfx__copy_from_iter+0x10/0x10
[  159.143932][ T7435]  ? __local_bh_enable_ip+0x168/0x200
[  159.149345][ T7435]  ? __pfx__copy_from_iter+0x10/0x10
[  159.154676][ T7435]  ? __netdev_alloc_frag_align+0x1a2/0x1f0
[  159.160524][ T7435]  ? page_copy_sane+0x154/0x260
[  159.165410][ T7435]  copy_page_from_iter+0x7a/0x100
[  159.170471][ T7435]  skb_copy_datagram_from_iter+0x2d9/0x6a0
[  159.176328][ T7435]  tun_get_user+0xec3/0x47e0
[  159.180975][ T7435]  ? __pfx_tun_get_user+0x10/0x10
[  159.186073][ T7435]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  159.191572][ T7435]  ? tun_get+0x1e/0x2f0
[  159.195773][ T7435]  ? __pfx_lock_release+0x10/0x10
[  159.200873][ T7435]  ? tun_get+0x1e/0x2f0
[  159.205064][ T7435]  ? tun_get+0x27d/0x2f0
[  159.209359][ T7435]  tun_chr_write_iter+0x10d/0x1f0
[  159.214435][ T7435]  do_iter_readv_writev+0x600/0x880
[  159.219678][ T7435]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  159.225443][ T7435]  ? bpf_lsm_file_permission+0x9/0x10
[  159.230860][ T7435]  ? security_file_permission+0x74/0x280
[  159.233741][ T7430] syzkaller0: entered promiscuous mode
[  159.236513][ T7435]  ? rw_verify_area+0x1c3/0x6f0
[  159.246858][ T7435]  vfs_writev+0x376/0xba0
[  159.250586][ T7430] syzkaller0: entered allmulticast mode
[  159.251221][ T7435]  ? __pfx_vfs_writev+0x10/0x10
[  159.261665][ T7435]  ? fdget_pos+0x19a/0x320
[  159.266123][ T7435]  do_writev+0x1b1/0x350
[  159.270433][ T7435]  ? __pfx_do_writev+0x10/0x10
[  159.275243][ T7435]  ? do_syscall_64+0x100/0x230
[  159.280054][ T7435]  ? do_syscall_64+0xb6/0x230
[  159.284780][ T7435]  do_syscall_64+0xf3/0x230
[  159.289332][ T7435]  ? clear_bhb_loop+0x35/0x90
[  159.294044][ T7435]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.299967][ T7435] RIP: 0033:0x7f32b357dff9
[  159.304405][ T7435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.324042][ T7435] RSP: 002b:00007f32b43b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  159.332500][ T7435] RAX: ffffffffffffffda RBX: 00007f32b3736058 RCX: 00007f32b357dff9
[  159.340510][ T7435] RDX: 0000000000000002 RSI: 0000000020000d00 RDI: 0000000000000003
[  159.348518][ T7435] RBP: 00007f32b43b0090 R08: 0000000000000000 R09: 0000000000000000
[  159.356526][ T7435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.364530][ T7435] R13: 0000000000000000 R14: 00007f32b3736058 R15: 00007ffc938ced38
[  159.372553][ T7435]  </TASK>
[  159.397211][ T4626] Bluetooth: hci2: command tx timeout
[  159.657361][ T7463] Cannot find del_set index 2416 as target
[  160.366581][ T7470] FAULT_INJECTION: forcing a failure.
[  160.366581][ T7470] name failslab, interval 1, probability 0, space 0, times 0
[  160.383081][ T7470] CPU: 0 UID: 0 PID: 7470 Comm: syz.2.586 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  160.393734][ T7470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  160.403800][ T7470] Call Trace:
[  160.407085][ T7470]  <TASK>
[  160.410023][ T7470]  dump_stack_lvl+0x241/0x360
[  160.414726][ T7470]  ? __pfx_dump_stack_lvl+0x10/0x10
[  160.419957][ T7470]  ? __pfx__printk+0x10/0x10
[  160.424560][ T7470]  ? ref_tracker_alloc+0x332/0x490
[  160.429681][ T7470]  should_fail_ex+0x3b0/0x4e0
[  160.434381][ T7470]  ? skb_clone+0x20c/0x390
[  160.438809][ T7470]  should_failslab+0xac/0x100
[  160.443509][ T7470]  ? skb_clone+0x20c/0x390
[  160.447949][ T7470]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  160.453342][ T7470]  skb_clone+0x20c/0x390
[  160.457597][ T7470]  __netlink_deliver_tap+0x3cc/0x7c0
[  160.462904][ T7470]  ? netlink_deliver_tap+0x2e/0x1b0
[  160.468126][ T7470]  netlink_deliver_tap+0x19d/0x1b0
[  160.473250][ T7470]  netlink_sendskb+0x68/0x140
[  160.477962][ T7470]  netlink_unicast+0x39d/0x990
[  160.482751][ T7470]  ? __asan_memcpy+0x40/0x70
[  160.487379][ T7470]  ? __pfx_netlink_unicast+0x10/0x10
[  160.492700][ T7470]  nfnetlink_rcv+0x26b6/0x2ab0
[  160.497516][ T7470]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  160.502684][ T7470]  ? netlink_deliver_tap+0x2e/0x1b0
[  160.507901][ T7470]  ? skb_clone+0x240/0x390
[  160.512331][ T7470]  ? __pfx_lock_release+0x10/0x10
[  160.517385][ T7470]  ? netlink_deliver_tap+0x2e/0x1b0
[  160.522597][ T7470]  netlink_unicast+0x7f6/0x990
[  160.527397][ T7470]  ? __pfx_netlink_unicast+0x10/0x10
[  160.532696][ T7470]  ? __virt_addr_valid+0x183/0x530
[  160.537828][ T7470]  ? __check_object_size+0x48e/0x900
[  160.543119][ T7470]  netlink_sendmsg+0x8e4/0xcb0
[  160.547892][ T7470]  ? __pfx_netlink_sendmsg+0x10/0x10
[  160.553188][ T7470]  ? aa_sock_msg_perm+0x91/0x160
[  160.558139][ T7470]  ? __pfx_netlink_sendmsg+0x10/0x10
[  160.563452][ T7470]  __sock_sendmsg+0x221/0x270
[  160.568151][ T7470]  ____sys_sendmsg+0x52a/0x7e0
[  160.572941][ T7470]  ? __pfx_____sys_sendmsg+0x10/0x10
[  160.578252][ T7470]  __sys_sendmsg+0x292/0x380
[  160.582862][ T7470]  ? __pfx___sys_sendmsg+0x10/0x10
[  160.588001][ T7470]  ? __pfx_vfs_write+0x10/0x10
[  160.592817][ T7470]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  160.599175][ T7470]  ? do_syscall_64+0x100/0x230
[  160.603966][ T7470]  ? do_syscall_64+0xb6/0x230
[  160.608657][ T7470]  do_syscall_64+0xf3/0x230
[  160.613180][ T7470]  ? clear_bhb_loop+0x35/0x90
[  160.617880][ T7470]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.623780][ T7470] RIP: 0033:0x7f5af477dff9
[  160.628205][ T7470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.647821][ T7470] RSP: 002b:00007f5af552e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  160.656245][ T7470] RAX: ffffffffffffffda RBX: 00007f5af4935f80 RCX: 00007f5af477dff9
[  160.664224][ T7470] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  160.672204][ T7470] RBP: 00007f5af552e090 R08: 0000000000000000 R09: 0000000000000000
[  160.680194][ T7470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  160.688186][ T7470] R13: 0000000000000000 R14: 00007f5af4935f80 R15: 00007ffecf420b88
[  160.696180][ T7470]  </TASK>
[  161.472314][ T7465] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  161.474312][ T4626] Bluetooth: hci2: command tx timeout
[  161.481671][ T7465] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  161.503678][ T7465] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  161.527875][ T7465] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  161.593121][ T7476] batman_adv: batadv0: Adding interface: virt_wifi0
[  161.610122][ T7476] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  161.634034][ T7479] RDS: rds_bind could not find a transport for fe88::4, load rds_tcp or rds_rdma?
[  161.647634][ T7476] batman_adv: batadv0: Not using interface virt_wifi0 (retrying later): interface not active
[  161.659598][ T7393] chnl_net:caif_netlink_parms(): no params data found
[  161.753791][ T3023] hsr_slave_0: left promiscuous mode
[  161.759920][ T3023] hsr_slave_1: left promiscuous mode
[  161.783685][ T3023] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  161.804343][ T3023] batman_adv: batadv0: Removing interface: batadv_slave_0
[  161.824253][ T3023] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  161.835731][ T3023] batman_adv: batadv0: Removing interface: batadv_slave_1
[  161.880037][ T3023] veth1_macvtap: left promiscuous mode
[  161.901127][ T3023] veth0_macvtap: left promiscuous mode
[  161.921344][ T3023] veth1_vlan: left promiscuous mode
[  161.929995][ T3023] veth0_vlan: left promiscuous mode
[  162.596386][ T3023] team0 (unregistering): Port device team_slave_1 removed
[  162.637240][ T3023] team0 (unregistering): Port device team_slave_0 removed
[  163.101137][ T7509] pim6reg1: entered promiscuous mode
[  163.114214][ T7509] pim6reg1: entered allmulticast mode
[  163.556371][ T4626] Bluetooth: hci2: command tx timeout
[  163.615207][ T7541] netlink: 'syz.3.607': attribute type 3 has an invalid length.
[  163.626440][ T7533] netlink: 'syz.4.603': attribute type 11 has an invalid length.
[  163.628753][ T7393] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.645875][ T7393] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.667429][ T7393] bridge_slave_0: entered allmulticast mode
[  163.694243][ T7393] bridge_slave_0: entered promiscuous mode
[  163.749476][ T7549] netlink: 32 bytes leftover after parsing attributes in process `syz.4.603'.
[  163.771987][ T7393] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.788908][ T7393] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.800934][ T7393] bridge_slave_1: entered allmulticast mode
[  163.815486][ T7393] bridge_slave_1: entered promiscuous mode
[  164.004658][ T7393] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  164.042573][ T7393] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  164.092268][ T7393] team0: Port device team_slave_0 added
[  164.102483][ T7393] team0: Port device team_slave_1 added
[  164.197420][ T7393] batman_adv: batadv0: Adding interface: batadv_slave_0
[  164.219108][ T7393] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  164.255835][ T7393] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  164.286621][ T7393] batman_adv: batadv0: Adding interface: batadv_slave_1
[  164.303606][ T7393] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  164.398183][ T7393] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  164.519331][ T7393] hsr_slave_0: entered promiscuous mode
[  164.533592][ T7393] hsr_slave_1: entered promiscuous mode
[  164.576328][ T7393] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  164.594884][ T7393] Cannot create hsr debugfs directory
[  165.312363][ T7607] FAULT_INJECTION: forcing a failure.
[  165.312363][ T7607] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.348086][ T7607] CPU: 1 UID: 0 PID: 7607 Comm: syz.3.624 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  165.358755][ T7607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  165.368849][ T7607] Call Trace:
[  165.372174][ T7607]  <TASK>
[  165.375137][ T7607]  dump_stack_lvl+0x241/0x360
[  165.379854][ T7607]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.385088][ T7607]  ? __pfx__printk+0x10/0x10
[  165.389719][ T7607]  ? __pfx_lock_release+0x10/0x10
[  165.394798][ T7607]  should_fail_ex+0x3b0/0x4e0
[  165.399610][ T7607]  strncpy_from_user+0x36/0x250
[  165.404498][ T7607]  bpf_raw_tp_link_attach+0x21d/0x6e0
[  165.409916][ T7607]  ? __pfx_bpf_raw_tp_link_attach+0x10/0x10
[  165.415869][ T7607]  ? fput+0x1a8/0x230
[  165.419890][ T7607]  bpf_raw_tracepoint_open+0x177/0x1f0
[  165.425404][ T7607]  __sys_bpf+0x3c0/0x810
[  165.429680][ T7607]  ? __pfx___sys_bpf+0x10/0x10
[  165.434497][ T7607]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  165.440515][ T7607]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  165.446860][ T7607]  ? do_syscall_64+0x100/0x230
[  165.451640][ T7607]  __x64_sys_bpf+0x7c/0x90
[  165.456085][ T7607]  do_syscall_64+0xf3/0x230
[  165.460688][ T7607]  ? clear_bhb_loop+0x35/0x90
[  165.465402][ T7607]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.471315][ T7607] RIP: 0033:0x7feac717dff9
[  165.475781][ T7607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.495394][ T7607] RSP: 002b:00007feac7ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  165.503828][ T7607] RAX: ffffffffffffffda RBX: 00007feac7335f80 RCX: 00007feac717dff9
[  165.511814][ T7607] RDX: 0000000000000010 RSI: 0000000020000100 RDI: 0000000000000011
[  165.519791][ T7607] RBP: 00007feac7ff6090 R08: 0000000000000000 R09: 0000000000000000
[  165.527763][ T7607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.535734][ T7607] R13: 0000000000000000 R14: 00007feac7335f80 R15: 00007ffdd2167ca8
[  165.543732][ T7607]  </TASK>
[  165.632934][ T4626] Bluetooth: hci2: command tx timeout
[  165.811669][ T7621] syz.4.626[7621] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  165.811780][ T7621] syz.4.626[7621] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  165.843549][ T7621] syz.4.626[7621] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  166.120818][ T7641] FAULT_INJECTION: forcing a failure.
[  166.120818][ T7641] name failslab, interval 1, probability 0, space 0, times 0
[  166.209179][ T7393] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  166.213578][ T7643] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  166.218628][ T7641] CPU: 0 UID: 0 PID: 7641 Comm: syz.2.631 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  166.238720][ T7641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  166.248829][ T7641] Call Trace:
[  166.252141][ T7641]  <TASK>
[  166.255101][ T7641]  dump_stack_lvl+0x241/0x360
[  166.259822][ T7641]  ? __pfx_dump_stack_lvl+0x10/0x10
[  166.265069][ T7641]  ? __pfx__printk+0x10/0x10
[  166.269710][ T7641]  ? ref_tracker_alloc+0x332/0x490
[  166.274884][ T7641]  should_fail_ex+0x3b0/0x4e0
[  166.279614][ T7641]  ? skb_clone+0x20c/0x390
[  166.284068][ T7641]  should_failslab+0xac/0x100
[  166.288787][ T7641]  ? skb_clone+0x20c/0x390
[  166.293242][ T7641]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  166.298656][ T7641]  skb_clone+0x20c/0x390
[  166.302945][ T7641]  __netlink_deliver_tap+0x3cc/0x7c0
[  166.308287][ T7641]  ? netlink_deliver_tap+0x2e/0x1b0
[  166.313547][ T7641]  netlink_deliver_tap+0x19d/0x1b0
[  166.318710][ T7641]  netlink_sendskb+0x68/0x140
[  166.323434][ T7641]  netlink_unicast+0x39d/0x990
[  166.328245][ T7641]  ? __asan_memcpy+0x40/0x70
[  166.332876][ T7641]  ? __pfx_netlink_unicast+0x10/0x10
[  166.338223][ T7641]  netlink_rcv_skb+0x262/0x430
[  166.343031][ T7641]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  166.348535][ T7641]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  166.353885][ T7641]  ? netlink_deliver_tap+0x2e/0x1b0
[  166.359138][ T7641]  netlink_unicast+0x7f6/0x990
[  166.363985][ T7641]  ? __pfx_netlink_unicast+0x10/0x10
[  166.369320][ T7641]  ? __virt_addr_valid+0x183/0x530
[  166.374463][ T7641]  ? __check_object_size+0x48e/0x900
[  166.379791][ T7641]  netlink_sendmsg+0x8e4/0xcb0
[  166.384609][ T7641]  ? __pfx_netlink_sendmsg+0x10/0x10
[  166.389941][ T7641]  ? aa_sock_msg_perm+0x91/0x160
[  166.394926][ T7641]  ? __pfx_netlink_sendmsg+0x10/0x10
[  166.400253][ T7641]  __sock_sendmsg+0x221/0x270
[  166.404992][ T7641]  ____sys_sendmsg+0x52a/0x7e0
[  166.409813][ T7641]  ? __pfx_____sys_sendmsg+0x10/0x10
[  166.415161][ T7641]  __sys_sendmmsg+0x3ab/0x730
[  166.419898][ T7641]  ? __pfx___sys_sendmmsg+0x10/0x10
[  166.425167][ T7641]  ? __pfx_lock_release+0x10/0x10
[  166.429045][ T7655] netlink: 60 bytes leftover after parsing attributes in process `syz.0.633'.
[  166.430213][ T7641]  ? kstrtouint_from_user+0x128/0x190
[  166.430266][ T7641]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  166.450409][ T7641]  ? ksys_write+0x229/0x2b0
[  166.454960][ T7641]  ? __pfx_lock_release+0x10/0x10
[  166.460068][ T7641]  ? vfs_write+0x7bf/0xc90
[  166.464520][ T7641]  ? kmem_cache_free+0x1a2/0x420
[  166.469509][ T7641]  ? __mutex_unlock_slowpath+0x21d/0x750
[  166.475187][ T7641]  ? __fget_files+0x3f3/0x470
[  166.479918][ T7641]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  166.485958][ T7641]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  166.492349][ T7641]  ? do_syscall_64+0x100/0x230
[  166.497162][ T7641]  __x64_sys_sendmmsg+0xa0/0xb0
[  166.502065][ T7641]  do_syscall_64+0xf3/0x230
[  166.506611][ T7641]  ? clear_bhb_loop+0x35/0x90
[  166.511330][ T7641]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.517266][ T7641] RIP: 0033:0x7f5af477dff9
[  166.521710][ T7641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.541353][ T7641] RSP: 002b:00007f5af552e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  166.549817][ T7641] RAX: ffffffffffffffda RBX: 00007f5af4935f80 RCX: 00007f5af477dff9
[  166.557832][ T7641] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004
[  166.565889][ T7641] RBP: 00007f5af552e090 R08: 0000000000000000 R09: 0000000000000000
[  166.573889][ T7641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.581947][ T7641] R13: 0000000000000000 R14: 00007f5af4935f80 R15: 00007ffecf420b88
[  166.589973][ T7641]  </TASK>
[  166.622557][ T7643] netlink: 'syz.0.633': attribute type 2 has an invalid length.
[  166.665875][ T7643] netlink: 132 bytes leftover after parsing attributes in process `syz.0.633'.
[  166.718687][ T7393] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  166.776683][ T7393] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  166.834522][ T7393] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  167.008303][ T7671] netlink: 4 bytes leftover after parsing attributes in process `syz.0.639'.
[  167.023758][ T7671] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  167.047053][ T7671] batman_adv: batadv0: Removing interface: batadv_slave_0
[  167.057389][ T7675] FAULT_INJECTION: forcing a failure.
[  167.057389][ T7675] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.071791][ T7671] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  167.088392][ T7671] batman_adv: batadv0: Removing interface: batadv_slave_1
[  167.102806][ T7675] CPU: 0 UID: 0 PID: 7675 Comm: syz.2.640 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  167.113431][ T7675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  167.123532][ T7675] Call Trace:
[  167.126839][ T7675]  <TASK>
[  167.129789][ T7675]  dump_stack_lvl+0x241/0x360
[  167.134520][ T7675]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.139758][ T7675]  ? __pfx__printk+0x10/0x10
[  167.144391][ T7675]  ? snprintf+0xda/0x120
[  167.148675][ T7675]  should_fail_ex+0x3b0/0x4e0
[  167.153395][ T7675]  _copy_to_user+0x2f/0xb0
[  167.157847][ T7675]  simple_read_from_buffer+0xca/0x150
[  167.163258][ T7675]  proc_fail_nth_read+0x1e9/0x250
[  167.168323][ T7675]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  167.173916][ T7675]  ? rw_verify_area+0x55e/0x6f0
[  167.178819][ T7675]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  167.184416][ T7675]  vfs_read+0x201/0xbc0
[  167.188609][ T7675]  ? __pfx_lock_release+0x10/0x10
[  167.193680][ T7675]  ? __pfx_vfs_read+0x10/0x10
[  167.198403][ T7675]  ? __fget_files+0x3f3/0x470
[  167.203115][ T7675]  ? fdget_pos+0x24e/0x320
[  167.207542][ T7675]  ksys_read+0x183/0x2b0
[  167.211792][ T7675]  ? __pfx_ksys_read+0x10/0x10
[  167.216569][ T7675]  ? do_syscall_64+0x100/0x230
[  167.221344][ T7675]  ? do_syscall_64+0xb6/0x230
[  167.226041][ T7675]  do_syscall_64+0xf3/0x230
[  167.230558][ T7675]  ? clear_bhb_loop+0x35/0x90
[  167.235249][ T7675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.241148][ T7675] RIP: 0033:0x7f5af477ca3c
[  167.245573][ T7675] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  167.265197][ T7675] RSP: 002b:00007f5af552e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  167.273628][ T7675] RAX: ffffffffffffffda RBX: 00007f5af4935f80 RCX: 00007f5af477ca3c
[  167.281608][ T7675] RDX: 000000000000000f RSI: 00007f5af552e0a0 RDI: 0000000000000004
[  167.289585][ T7675] RBP: 00007f5af552e090 R08: 0000000000000000 R09: 0000000000000000
[  167.297563][ T7675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  167.305557][ T7675] R13: 0000000000000000 R14: 00007f5af4935f80 R15: 00007ffecf420b88
[  167.313548][ T7675]  </TASK>
[  167.334654][ T7679] FAULT_INJECTION: forcing a failure.
[  167.334654][ T7679] name failslab, interval 1, probability 0, space 0, times 0
[  167.371502][ T7679] CPU: 1 UID: 0 PID: 7679 Comm: syz.3.642 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  167.382172][ T7679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  167.392274][ T7679] Call Trace:
[  167.395591][ T7679]  <TASK>
[  167.398555][ T7679]  dump_stack_lvl+0x241/0x360
[  167.403287][ T7679]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.408532][ T7679]  ? __pfx__printk+0x10/0x10
[  167.413174][ T7679]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[  167.418780][ T7679]  ? __pfx___might_resched+0x10/0x10
[  167.424121][ T7679]  should_fail_ex+0x3b0/0x4e0
[  167.428851][ T7679]  ? skb_clone+0x20c/0x390
[  167.433309][ T7679]  should_failslab+0xac/0x100
[  167.438034][ T7679]  ? skb_clone+0x20c/0x390
[  167.442495][ T7679]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  167.443703][ T7393] 8021q: adding VLAN 0 to HW filter on device bond0
[  167.447896][ T7679]  skb_clone+0x20c/0x390
[  167.447934][ T7679]  nfnetlink_rcv+0x575/0x2ab0
[  167.447968][ T7679]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  167.469234][ T7679]  ? __dev_queue_xmit+0x1758/0x3f30
[  167.474475][ T7679]  ? kasan_save_track+0x51/0x80
[  167.479371][ T7679]  ? do_syscall_64+0xf3/0x230
[  167.484088][ T7679]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  167.489267][ T7679]  ? ref_tracker_free+0x643/0x7e0
[  167.494330][ T7679]  ? __asan_memcpy+0x40/0x70
[  167.498982][ T7679]  ? __pfx_ref_tracker_free+0x10/0x10
[  167.504413][ T7679]  ? netlink_deliver_tap+0x2e/0x1b0
[  167.509653][ T7679]  ? skb_clone+0x240/0x390
[  167.514115][ T7679]  ? __pfx_lock_release+0x10/0x10
[  167.515563][ T7393] 8021q: adding VLAN 0 to HW filter on device team0
[  167.519170][ T7679]  ? __netlink_deliver_tap+0x77e/0x7c0
[  167.519222][ T7679]  ? netlink_deliver_tap+0x2e/0x1b0
[  167.536475][ T7679]  netlink_unicast+0x7f6/0x990
[  167.541283][ T7679]  ? __pfx_netlink_unicast+0x10/0x10
[  167.546599][ T7679]  ? __virt_addr_valid+0x183/0x530
[  167.551745][ T7679]  ? __check_object_size+0x48e/0x900
[  167.557073][ T7679]  netlink_sendmsg+0x8e4/0xcb0
[  167.561907][ T7679]  ? __pfx_netlink_sendmsg+0x10/0x10
[  167.567246][ T7679]  ? aa_sock_msg_perm+0x91/0x160
[  167.572235][ T7679]  ? __pfx_netlink_sendmsg+0x10/0x10
[  167.577556][ T7679]  __sock_sendmsg+0x221/0x270
[  167.582267][ T7679]  ____sys_sendmsg+0x52a/0x7e0
[  167.587071][ T7679]  ? __pfx_____sys_sendmsg+0x10/0x10
[  167.592410][ T7679]  __sys_sendmsg+0x292/0x380
[  167.597042][ T7679]  ? __pfx___sys_sendmsg+0x10/0x10
[  167.602226][ T7679]  ? __pfx_vfs_write+0x10/0x10
[  167.607058][ T7679]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  167.613445][ T7679]  ? do_syscall_64+0x100/0x230
[  167.618254][ T7679]  ? do_syscall_64+0xb6/0x230
[  167.622978][ T7679]  do_syscall_64+0xf3/0x230
[  167.627521][ T7679]  ? clear_bhb_loop+0x35/0x90
[  167.632245][ T7679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.635852][ T7393] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  167.638162][ T7679] RIP: 0033:0x7feac717dff9
[  167.638193][ T7679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.655460][ T7393] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  167.672520][ T7679] RSP: 002b:00007feac7ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  167.672551][ T7679] RAX: ffffffffffffffda RBX: 00007feac7335f80 RCX: 00007feac717dff9
[  167.672568][ T7679] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  167.672582][ T7679] RBP: 00007feac7ff6090 R08: 0000000000000000 R09: 0000000000000000
[  167.672597][ T7679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.672610][ T7679] R13: 0000000000000000 R14: 00007feac7335f80 R15: 00007ffdd2167ca8
[  167.672652][ T7679]  </TASK>
[  167.790361][ T3023] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.797551][ T3023] bridge0: port 1(bridge_slave_0) entered forwarding state
[  167.817053][ T3023] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.824273][ T3023] bridge0: port 2(bridge_slave_1) entered forwarding state
[  168.115874][ T7700] FAULT_INJECTION: forcing a failure.
[  168.115874][ T7700] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  168.159176][ T7700] CPU: 0 UID: 0 PID: 7700 Comm: syz.4.647 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  168.169846][ T7700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  168.179944][ T7700] Call Trace:
[  168.183276][ T7700]  <TASK>
[  168.186073][ T7703] netlink: 276 bytes leftover after parsing attributes in process `syz.0.648'.
[  168.186235][ T7700]  dump_stack_lvl+0x241/0x360
[  168.198122][ T7696] syzkaller0: entered promiscuous mode
[  168.199833][ T7700]  ? __pfx_dump_stack_lvl+0x10/0x10
[  168.199872][ T7700]  ? __pfx__printk+0x10/0x10
[  168.213040][ T7696] syzkaller0: entered allmulticast mode
[  168.215105][ T7700]  ? snprintf+0xda/0x120
[  168.215148][ T7700]  should_fail_ex+0x3b0/0x4e0
[  168.229679][ T7700]  _copy_to_user+0x2f/0xb0
[  168.234134][ T7700]  simple_read_from_buffer+0xca/0x150
[  168.239566][ T7700]  proc_fail_nth_read+0x1e9/0x250
[  168.244653][ T7700]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  168.250258][ T7700]  ? rw_verify_area+0x55e/0x6f0
[  168.255160][ T7700]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  168.255300][ T7393] 8021q: adding VLAN 0 to HW filter on device batadv0
[  168.260732][ T7700]  vfs_read+0x201/0xbc0
[  168.260768][ T7700]  ? __pfx_lock_release+0x10/0x10
[  168.260805][ T7700]  ? __pfx_vfs_read+0x10/0x10
[  168.260840][ T7700]  ? __fget_files+0x3f3/0x470
[  168.260872][ T7700]  ? fdget_pos+0x24e/0x320
[  168.260899][ T7700]  ksys_read+0x183/0x2b0
[  168.260921][ T7700]  ? __pfx_ksys_read+0x10/0x10
[  168.260942][ T7700]  ? do_syscall_64+0x100/0x230
[  168.260972][ T7700]  ? do_syscall_64+0xb6/0x230
[  168.261001][ T7700]  do_syscall_64+0xf3/0x230
[  168.261027][ T7700]  ? clear_bhb_loop+0x35/0x90
[  168.261056][ T7700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.261088][ T7700] RIP: 0033:0x7f32b357ca3c
[  168.261107][ T7700] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  168.261126][ T7700] RSP: 002b:00007f32b43b0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  168.261151][ T7700] RAX: ffffffffffffffda RBX: 00007f32b3736058 RCX: 00007f32b357ca3c
[  168.261167][ T7700] RDX: 000000000000000f RSI: 00007f32b43b00a0 RDI: 0000000000000005
[  168.261182][ T7700] RBP: 00007f32b43b0090 R08: 0000000000000000 R09: 0000000000000000
[  168.261197][ T7700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.261209][ T7700] R13: 0000000000000001 R14: 00007f32b3736058 R15: 00007ffc938ced38
[  168.261239][ T7700]  </TASK>
[  168.610871][ T7709] x_tables: duplicate underflow at hook 2
[  170.347652][ T7727] netlink: 20 bytes leftover after parsing attributes in process `syz.0.657'.
[  170.362735][ T7731] tun0: tun_chr_ioctl cmd 1074025677
[  170.368233][ T7731] tun0: linktype set to 823
[  170.570700][ T7393] veth0_vlan: entered promiscuous mode
[  170.640012][ T7393] veth1_vlan: entered promiscuous mode
[  170.799805][ T7756] bridge0: port 1(syz_tun) entered blocking state
[  170.838597][ T7756] bridge0: port 1(syz_tun) entered disabled state
[  170.856278][ T7756] syz_tun: entered allmulticast mode
[  170.865481][ T7756] syz_tun: entered promiscuous mode
[  170.871899][ T7756] bridge0: port 1(syz_tun) entered blocking state
[  170.878508][ T7756] bridge0: port 1(syz_tun) entered forwarding state
[  170.912958][ T4626] Bluetooth: hci2: command tx timeout
[  170.951955][ T7393] veth0_macvtap: entered promiscuous mode
[  170.987023][ T7393] veth1_macvtap: entered promiscuous mode
[  171.009401][ T7393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.023078][ T7393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.033198][ T7393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.043871][ T7393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.053808][ T7393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.064735][ T7393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.077712][ T7393] batman_adv: batadv0: Interface activated: batadv_slave_0
[  171.087971][ T7393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.107921][ T7393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.117931][ T7393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.129344][ T7393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.139371][ T7393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.149885][ T7393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.164204][ T7393] batman_adv: batadv0: Interface activated: batadv_slave_1
[  171.189477][ T7767] netlink: 'syz.0.663': attribute type 34 has an invalid length.
[  171.281241][ T7393] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  171.318241][ T7393] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  171.334533][ T7393] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  171.393144][ T7393] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  171.426501][  T937] IPVS: starting estimator thread 0...
[  171.543132][ T7784] IPVS: using max 16 ests per chain, 38400 per kthread
[  171.891896][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  171.902334][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  171.930853][ T7797] netlink: 'syz.2.668': attribute type 11 has an invalid length.
[  172.036099][ T7797] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  172.113796][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  172.121686][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  172.581030][ T7820] netlink: 20 bytes leftover after parsing attributes in process `syz.2.673'.
[  172.751137][ T7830] FAULT_INJECTION: forcing a failure.
[  172.751137][ T7830] name failslab, interval 1, probability 0, space 0, times 0
[  172.784432][ T7830] CPU: 0 UID: 0 PID: 7830 Comm: syz.0.676 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  172.795110][ T7830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  172.805212][ T7830] Call Trace:
[  172.808529][ T7830]  <TASK>
[  172.811502][ T7830]  dump_stack_lvl+0x241/0x360
[  172.816236][ T7830]  ? __pfx_dump_stack_lvl+0x10/0x10
[  172.821494][ T7830]  ? __pfx__printk+0x10/0x10
[  172.826126][ T7830]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  172.831639][ T7830]  ? __pfx___might_resched+0x10/0x10
[  172.836971][ T7830]  should_fail_ex+0x3b0/0x4e0
[  172.841699][ T7830]  should_failslab+0xac/0x100
[  172.846424][ T7830]  ? bpf_raw_tp_link_attach+0x2a0/0x6e0
[  172.852043][ T7830]  __kmalloc_cache_noprof+0x6c/0x2c0
[  172.857376][ T7830]  ? bpf_get_raw_tracepoint+0xa5/0x270
[  172.862885][ T7830]  bpf_raw_tp_link_attach+0x2a0/0x6e0
[  172.868312][ T7830]  ? __pfx_bpf_raw_tp_link_attach+0x10/0x10
[  172.874270][ T7830]  ? fput+0x1a8/0x230
[  172.878275][ T7830]  bpf_raw_tracepoint_open+0x177/0x1f0
[  172.883753][ T7830]  __sys_bpf+0x3c0/0x810
[  172.888013][ T7830]  ? __pfx___sys_bpf+0x10/0x10
[  172.892804][ T7830]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  172.898804][ T7830]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  172.905148][ T7830]  ? do_syscall_64+0x100/0x230
[  172.909930][ T7830]  __x64_sys_bpf+0x7c/0x90
[  172.914391][ T7830]  do_syscall_64+0xf3/0x230
[  172.918939][ T7830]  ? clear_bhb_loop+0x35/0x90
[  172.923648][ T7830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.929570][ T7830] RIP: 0033:0x7fc1d897dff9
[  172.934091][ T7830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  172.953708][ T7830] RSP: 002b:00007fc1d9736038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  172.962135][ T7830] RAX: ffffffffffffffda RBX: 00007fc1d8b35f80 RCX: 00007fc1d897dff9
[  172.970118][ T7830] RDX: 0000000000000010 RSI: 0000000020000100 RDI: 0000000000000011
[  172.978107][ T7830] RBP: 00007fc1d9736090 R08: 0000000000000000 R09: 0000000000000000
[  172.986089][ T7830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  172.994080][ T7830] R13: 0000000000000000 R14: 00007fc1d8b35f80 R15: 00007ffcf2479fe8
[  173.002101][ T7830]  </TASK>
[  173.609578][   T80] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.687696][ T7866] x_tables: duplicate underflow at hook 2
[  173.850695][ T5243] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  173.861408][ T5243] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  173.871555][ T5243] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  173.883345][ T5243] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  173.895859][ T5243] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  173.904166][ T5243] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  173.956518][ T7881] FAULT_INJECTION: forcing a failure.
[  173.956518][ T7881] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.976028][   T80] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.987934][ T7881] CPU: 1 UID: 0 PID: 7881 Comm: syz.0.686 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  173.998554][ T7881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  174.008627][ T7881] Call Trace:
[  174.011914][ T7881]  <TASK>
[  174.014852][ T7881]  dump_stack_lvl+0x241/0x360
[  174.019547][ T7881]  ? __pfx_dump_stack_lvl+0x10/0x10
[  174.024770][ T7881]  ? __pfx__printk+0x10/0x10
[  174.029371][ T7881]  ? __pfx_lock_release+0x10/0x10
[  174.034423][ T7881]  should_fail_ex+0x3b0/0x4e0
[  174.039118][ T7881]  _copy_from_user+0x2f/0xe0
[  174.043736][ T7881]  copy_msghdr_from_user+0xae/0x680
[  174.048995][ T7881]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  174.054888][ T7881]  __sys_sendmsg+0x22d/0x380
[  174.059552][ T7881]  ? __pfx___sys_sendmsg+0x10/0x10
[  174.064722][ T7881]  ? __pfx_vfs_write+0x10/0x10
[  174.069537][ T7881]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  174.075891][ T7881]  ? do_syscall_64+0x100/0x230
[  174.080674][ T7881]  ? do_syscall_64+0xb6/0x230
[  174.085363][ T7881]  do_syscall_64+0xf3/0x230
[  174.089883][ T7881]  ? clear_bhb_loop+0x35/0x90
[  174.094599][ T7881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.100526][ T7881] RIP: 0033:0x7fc1d897dff9
[  174.104955][ T7881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.124588][ T7881] RSP: 002b:00007fc1d9736038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  174.133018][ T7881] RAX: ffffffffffffffda RBX: 00007fc1d8b35f80 RCX: 00007fc1d897dff9
[  174.141026][ T7881] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004
[  174.149003][ T7881] RBP: 00007fc1d9736090 R08: 0000000000000000 R09: 0000000000000000
[  174.156983][ T7881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  174.164980][ T7881] R13: 0000000000000000 R14: 00007fc1d8b35f80 R15: 00007ffcf2479fe8
[  174.172979][ T7881]  </TASK>
[  174.552501][ T7896] netlink: 20 bytes leftover after parsing attributes in process `syz.0.688'.
[  174.698092][   T80] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.809910][ T7909] x_tables: duplicate underflow at hook 2
[  174.909511][   T80] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.948697][ T7867] chnl_net:caif_netlink_parms(): no params data found
[  175.174353][ T7867] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.186813][ T7867] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.199257][ T7867] bridge_slave_0: entered allmulticast mode
[  175.216567][ T7867] bridge_slave_0: entered promiscuous mode
[  175.269309][ T7867] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.289203][ T7867] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.325250][ T7867] bridge_slave_1: entered allmulticast mode
[  175.350763][ T7867] bridge_slave_1: entered promiscuous mode
[  175.523581][   T80] bridge_slave_1: left allmulticast mode
[  175.547653][   T80] bridge_slave_1: left promiscuous mode
[  175.563403][   T80] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.593967][   T80] bridge_slave_0: left allmulticast mode
[  175.599698][   T80] bridge_slave_0: left promiscuous mode
[  175.628572][   T80] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.680537][ T7948] FAULT_INJECTION: forcing a failure.
[  175.680537][ T7948] name failslab, interval 1, probability 0, space 0, times 0
[  175.712029][ T7948] CPU: 1 UID: 0 PID: 7948 Comm: syz.0.705 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  175.722694][ T7948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  175.732800][ T7948] Call Trace:
[  175.736118][ T7948]  <TASK>
[  175.739082][ T7948]  dump_stack_lvl+0x241/0x360
[  175.743811][ T7948]  ? __pfx_dump_stack_lvl+0x10/0x10
[  175.749064][ T7948]  ? __pfx__printk+0x10/0x10
[  175.753707][ T7948]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[  175.759318][ T7948]  ? __pfx___might_resched+0x10/0x10
[  175.764708][ T7948]  should_fail_ex+0x3b0/0x4e0
[  175.769437][ T7948]  ? skb_clone+0x20c/0x390
[  175.773906][ T7948]  should_failslab+0xac/0x100
[  175.778631][ T7948]  ? skb_clone+0x20c/0x390
[  175.783094][ T7948]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  175.788519][ T7948]  skb_clone+0x20c/0x390
[  175.792814][ T7948]  nfnetlink_rcv+0x575/0x2ab0
[  175.797543][ T7948]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  175.803322][ T7948]  ? __dev_queue_xmit+0x1758/0x3f30
[  175.808564][ T7948]  ? kasan_save_track+0x51/0x80
[  175.813476][ T7948]  ? do_syscall_64+0xf3/0x230
[  175.818201][ T7948]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  175.823397][ T7948]  ? ref_tracker_free+0x643/0x7e0
[  175.828474][ T7948]  ? __asan_memcpy+0x40/0x70
[  175.833100][ T7948]  ? __pfx_ref_tracker_free+0x10/0x10
[  175.838531][ T7948]  ? netlink_deliver_tap+0x2e/0x1b0
[  175.843772][ T7948]  ? skb_clone+0x240/0x390
[  175.848241][ T7948]  ? __pfx_lock_release+0x10/0x10
[  175.853317][ T7948]  ? __netlink_deliver_tap+0x77e/0x7c0
[  175.858831][ T7948]  ? netlink_deliver_tap+0x2e/0x1b0
[  175.864077][ T7948]  netlink_unicast+0x7f6/0x990
[  175.868908][ T7948]  ? __pfx_netlink_unicast+0x10/0x10
[  175.874237][ T7948]  ? __virt_addr_valid+0x183/0x530
[  175.879395][ T7948]  ? __check_object_size+0x48e/0x900
[  175.884757][ T7948]  netlink_sendmsg+0x8e4/0xcb0
[  175.889579][ T7948]  ? __pfx_netlink_sendmsg+0x10/0x10
[  175.894911][ T7948]  ? aa_sock_msg_perm+0x91/0x160
[  175.899894][ T7948]  ? __pfx_netlink_sendmsg+0x10/0x10
[  175.905219][ T7948]  __sock_sendmsg+0x221/0x270
[  175.909949][ T7948]  ____sys_sendmsg+0x52a/0x7e0
[  175.914765][ T7948]  ? __pfx_____sys_sendmsg+0x10/0x10
[  175.920111][ T7948]  __sys_sendmsg+0x292/0x380
[  175.924753][ T7948]  ? __pfx___sys_sendmsg+0x10/0x10
[  175.929925][ T7948]  ? __pfx_vfs_write+0x10/0x10
[  175.934761][ T7948]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  175.941152][ T7948]  ? do_syscall_64+0x100/0x230
[  175.945975][ T7948]  ? do_syscall_64+0xb6/0x230
[  175.950702][ T7948]  do_syscall_64+0xf3/0x230
[  175.955256][ T7948]  ? clear_bhb_loop+0x35/0x90
[  175.959993][ T7948]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.965931][ T7948] RIP: 0033:0x7fc1d897dff9
[  175.970383][ T7948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.990047][ T7948] RSP: 002b:00007fc1d9736038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  175.998515][ T7948] RAX: ffffffffffffffda RBX: 00007fc1d8b35f80 RCX: 00007fc1d897dff9
[  176.006536][ T7948] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  176.014546][ T7948] RBP: 00007fc1d9736090 R08: 0000000000000000 R09: 0000000000000000
[  176.022555][ T7948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.030650][ T7948] R13: 0000000000000000 R14: 00007fc1d8b35f80 R15: 00007ffcf2479fe8
[  176.038685][ T7948]  </TASK>
[  176.042508][ T4626] Bluetooth: hci2: command tx timeout
[  176.170244][ T7965] x_tables: duplicate underflow at hook 2
[  176.801290][   T80] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  176.817491][   T80] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  176.829009][   T80] bond0 (unregistering): Released all slaves
[  176.847708][ T7867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  176.858746][ T7942] netlink: 20 bytes leftover after parsing attributes in process `syz.4.702'.
[  176.947420][ T7867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  177.055391][ T7867] team0: Port device team_slave_0 added
[  177.062219][ T7984] netlink: 32 bytes leftover after parsing attributes in process `syz.4.708'.
[  177.078548][ T7987] netlink: 12 bytes leftover after parsing attributes in process `syz.4.708'.
[  177.118189][ T7867] team0: Port device team_slave_1 added
[  177.401013][ T7867] batman_adv: batadv0: Adding interface: batadv_slave_0
[  177.412647][ T7867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.450095][ T7867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  177.720135][ T7867] batman_adv: batadv0: Adding interface: batadv_slave_1
[  177.737405][ T7867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.796266][ T7867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  177.852102][   T80] hsr_slave_0: left promiscuous mode
[  177.866695][   T80] hsr_slave_1: left promiscuous mode
[  177.904494][   T80] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  177.912030][   T80] batman_adv: batadv0: Removing interface: batadv_slave_0
[  177.944414][   T80] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  177.962087][   T80] batman_adv: batadv0: Removing interface: batadv_slave_1
[  177.988851][   T80] veth1_macvtap: left promiscuous mode
[  178.002802][   T80] veth0_macvtap: left promiscuous mode
[  178.008537][   T80] veth1_vlan: left promiscuous mode
[  178.022801][   T80] veth0_vlan: left promiscuous mode
[  178.112879][ T4626] Bluetooth: hci2: command tx timeout
[  178.596580][   T80] team0 (unregistering): Port device team_slave_1 removed
[  178.652485][   T80] team0 (unregistering): Port device team_slave_0 removed
[  179.110275][ T8023] netlink: 20 bytes leftover after parsing attributes in process `syz.3.718'.
[  179.333058][ T7867] hsr_slave_0: entered promiscuous mode
[  179.348262][ T7867] hsr_slave_1: entered promiscuous mode
[  179.364416][ T7867] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  179.372056][ T7867] Cannot create hsr debugfs directory
[  180.037111][ T8067] netlink: 8 bytes leftover after parsing attributes in process `syz.4.728'.
[  180.052713][ T8067] netlink: 5 bytes leftover after parsing attributes in process `syz.4.728'.
[  180.203028][ T5243] Bluetooth: hci2: command tx timeout
[  180.220073][ T8076] netlink: 20 bytes leftover after parsing attributes in process `syz.2.731'.
[  180.613112][ T7867] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  180.631407][ T7867] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  180.681953][ T7867] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  180.720991][ T7867] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  180.869336][ T7867] 8021q: adding VLAN 0 to HW filter on device bond0
[  180.892381][ T7867] 8021q: adding VLAN 0 to HW filter on device team0
[  180.916867][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[  180.924114][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[  180.934014][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[  180.941168][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[  181.087877][ T5243] Bluetooth: hci0: command 0x0406 tx timeout
[  181.306509][ T8115] bridge0: port 4(hsr_slave_1) entered blocking state
[  181.345894][ T8115] bridge0: port 4(hsr_slave_1) entered disabled state
[  181.374102][ T8115] hsr_slave_1: entered allmulticast mode
[  181.382565][ T8115] hsr_slave_1: left allmulticast mode
[  181.508480][ T8124] netlink: 20 bytes leftover after parsing attributes in process `syz.4.743'.
[  181.624166][ T8129] FAULT_INJECTION: forcing a failure.
[  181.624166][ T8129] name failslab, interval 1, probability 0, space 0, times 0
[  181.647935][ T7867] 8021q: adding VLAN 0 to HW filter on device batadv0
[  181.668759][ T8129] CPU: 0 UID: 0 PID: 8129 Comm: syz.0.745 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  181.679434][ T8129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  181.689533][ T8129] Call Trace:
[  181.692875][ T8129]  <TASK>
[  181.695838][ T8129]  dump_stack_lvl+0x241/0x360
[  181.700578][ T8129]  ? __pfx_dump_stack_lvl+0x10/0x10
[  181.705822][ T8129]  ? __pfx__printk+0x10/0x10
[  181.710459][ T8129]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  181.716488][ T8129]  ? __pfx___might_resched+0x10/0x10
[  181.721822][ T8129]  should_fail_ex+0x3b0/0x4e0
[  181.726547][ T8129]  should_failslab+0xac/0x100
[  181.731268][ T8129]  ? __alloc_skb+0x1c3/0x440
[  181.735902][ T8129]  kmem_cache_alloc_node_noprof+0x71/0x320
[  181.741765][ T8129]  __alloc_skb+0x1c3/0x440
[  181.746238][ T8129]  ? __pfx___alloc_skb+0x10/0x10
[  181.751228][ T8129]  ? netlink_autobind+0xd6/0x2f0
[  181.756211][ T8129]  ? netlink_autobind+0x2b0/0x2f0
[  181.761283][ T8129]  netlink_sendmsg+0x638/0xcb0
[  181.766099][ T8129]  ? __pfx_netlink_sendmsg+0x10/0x10
[  181.771427][ T8129]  ? aa_sock_msg_perm+0x91/0x160
[  181.776410][ T8129]  ? __pfx_netlink_sendmsg+0x10/0x10
[  181.781728][ T8129]  __sock_sendmsg+0x221/0x270
[  181.786453][ T8129]  ____sys_sendmsg+0x52a/0x7e0
[  181.791263][ T8129]  ? __pfx_____sys_sendmsg+0x10/0x10
[  181.796605][ T8129]  __sys_sendmsg+0x292/0x380
[  181.801232][ T8129]  ? __pfx___sys_sendmsg+0x10/0x10
[  181.806064][ T7867] veth0_vlan: entered promiscuous mode
[  181.806372][ T8129]  ? __pfx_vfs_write+0x10/0x10
[  181.816649][ T8129]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  181.823048][ T8129]  ? do_syscall_64+0x100/0x230
[  181.827865][ T8129]  ? do_syscall_64+0xb6/0x230
[  181.832592][ T8129]  do_syscall_64+0xf3/0x230
[  181.837126][ T8129]  ? clear_bhb_loop+0x35/0x90
[  181.841891][ T8129]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.847829][ T8129] RIP: 0033:0x7fc1d897dff9
[  181.852289][ T8129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.866150][ T7867] veth1_vlan: entered promiscuous mode
[  181.871922][ T8129] RSP: 002b:00007fc1d9736038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  181.885846][ T8129] RAX: ffffffffffffffda RBX: 00007fc1d8b35f80 RCX: 00007fc1d897dff9
[  181.893853][ T8129] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004
[  181.901864][ T8129] RBP: 00007fc1d9736090 R08: 0000000000000000 R09: 0000000000000000
[  181.909870][ T8129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.917883][ T8129] R13: 0000000000000000 R14: 00007fc1d8b35f80 R15: 00007ffcf2479fe8
[  181.925913][ T8129]  </TASK>
[  181.944364][ T7867] veth0_macvtap: entered promiscuous mode
[  182.055182][ T7867] veth1_macvtap: entered promiscuous mode
[  182.148255][ T8139] x_tables: duplicate underflow at hook 2
[  182.164637][ T7867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  182.196230][ T7867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.217052][ T7867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  182.260713][ T7867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.273233][ T4626] Bluetooth: hci2: command tx timeout
[  182.287831][ T7867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  182.343264][ T7867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.372178][ T7867] batman_adv: batadv0: Interface activated: batadv_slave_0
[  182.398476][ T8160] netlink: 28 bytes leftover after parsing attributes in process `syz.3.753'.
[  182.448231][ T7867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.474013][ T7867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.499406][ T7867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.519196][ T7867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.529879][ T7867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.542219][ T7867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.555282][ T7867] batman_adv: batadv0: Interface activated: batadv_slave_1
[  182.587692][ T7867] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.599250][ T7867] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.608734][ T7867] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.618126][ T7867] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  182.757214][ T8170] netlink: 28 bytes leftover after parsing attributes in process `syz.4.756'.
[  182.814083][ T2918] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  182.831589][ T2918] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  182.894822][ T2918] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  182.913875][ T2918] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  182.975015][ T8176] netlink: 'syz.2.759': attribute type 49 has an invalid length.
[  183.839292][ T2918] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.407745][ T8215] Illegal XDP return value 4294967274 on prog  (id 197) dev N/A, expect packet loss!
[  184.423606][ T8215] netlink: 20 bytes leftover after parsing attributes in process `syz.3.771'.
[  184.479670][ T8220] netlink: 12 bytes leftover after parsing attributes in process `syz.2.770'.
[  184.603860][ T2918] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.785797][ T5243] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  184.808648][ T5243] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  184.823036][ T5243] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  184.834798][ T5243] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  184.844589][ T5243] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  184.853661][ T5243] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  184.958221][ T2918] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.021378][ T8239] netlink: 8 bytes leftover after parsing attributes in process `syz.2.775'.
[  185.042729][ T8239] netlink: 5 bytes leftover after parsing attributes in process `syz.2.775'.
[  185.101353][ T2918] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.277146][ T8229] chnl_net:caif_netlink_parms(): no params data found
[  185.447565][ T8248] syzkaller0: entered promiscuous mode
[  185.459454][ T8248] syzkaller0: entered allmulticast mode
[  185.518004][ T2918] bridge_slave_1: left allmulticast mode
[  185.524863][ T2918] bridge_slave_1: left promiscuous mode
[  185.533667][ T2918] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.552358][ T2918] bridge_slave_0: left allmulticast mode
[  185.559621][ T2918] bridge_slave_0: left promiscuous mode
[  185.577353][ T2918] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.623060][ T8261] netlink: 580 bytes leftover after parsing attributes in process `syz.3.782'.
[  186.067364][ T2918] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  186.087157][ T2918] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  186.099545][ T2918] bond0 (unregistering): Released all slaves
[  186.925872][ T5243] Bluetooth: hci2: command tx timeout
[  188.233089][ T8229] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.250918][ T8229] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.271535][ T8229] bridge_slave_0: entered allmulticast mode
[  188.284123][ T8229] bridge_slave_0: entered promiscuous mode
[  188.312284][ T8291] bridge0: port 3(syz_tun) entered blocking state
[  188.338840][ T8291] bridge0: port 3(syz_tun) entered disabled state
[  188.352217][ T8291] syz_tun: entered allmulticast mode
[  188.360135][ T8291] syz_tun: entered promiscuous mode
[  188.365983][ T8291] bridge0: port 3(syz_tun) entered blocking state
[  188.372577][ T8291] bridge0: port 3(syz_tun) entered forwarding state
[  188.379855][ T8229] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.387670][ T8229] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.395233][ T8229] bridge_slave_1: entered allmulticast mode
[  188.404645][ T8229] bridge_slave_1: entered promiscuous mode
[  188.432766][ T2918] hsr_slave_0: left promiscuous mode
[  188.449649][ T2918] hsr_slave_1: left promiscuous mode
[  188.473492][ T2918] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  188.481316][ T2918] batman_adv: batadv0: Removing interface: batadv_slave_0
[  188.490308][ T2918] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  188.500960][ T2918] batman_adv: batadv0: Removing interface: batadv_slave_1
[  188.537049][ T2918] veth1_macvtap: left promiscuous mode
[  188.543345][ T2918] veth0_macvtap: left promiscuous mode
[  188.549125][ T2918] veth1_vlan: left promiscuous mode
[  188.555189][ T2918] veth0_vlan: left promiscuous mode
[  189.002943][ T5243] Bluetooth: hci2: command tx timeout
[  189.190381][ T2918] team0 (unregistering): Port device team_slave_1 removed
[  189.230880][ T2918] team0 (unregistering): Port device team_slave_0 removed
[  189.681509][ T8293] netlink: 'syz.0.793': attribute type 10 has an invalid length.
[  189.701414][ T8293] bridge0: port 3(syz_tun) entered disabled state
[  189.710477][ T8293] syz_tun: left allmulticast mode
[  189.716541][ T8293] bridge0: port 3(syz_tun) entered disabled state
[  189.729821][ T8293] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  189.778933][ T8229] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  189.797960][ T8229] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  189.815963][ T8315] netlink: 8 bytes leftover after parsing attributes in process `syz.3.795'.
[  189.829207][ T8315] netlink: 5 bytes leftover after parsing attributes in process `syz.3.795'.
[  189.937309][ T8229] team0: Port device team_slave_0 added
[  189.974302][ T8229] team0: Port device team_slave_1 added
[  190.110167][ T8229] batman_adv: batadv0: Adding interface: batadv_slave_0
[  190.135147][ T8229] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  190.176170][ T8229] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  190.202557][ T8229] batman_adv: batadv0: Adding interface: batadv_slave_1
[  190.217955][ T8229] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  190.252993][ T8229] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  190.405753][ T8229] hsr_slave_0: entered promiscuous mode
[  190.427546][ T8229] hsr_slave_1: entered promiscuous mode
[  190.452427][ T8229] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  190.471339][ T8229] Cannot create hsr debugfs directory
[  190.751836][ T8356] netlink: 16 bytes leftover after parsing attributes in process `syz.3.806'.
[  190.783763][ T8356] netlink: 16 bytes leftover after parsing attributes in process `syz.3.806'.
[  191.074682][ T5243] Bluetooth: hci2: command tx timeout
[  191.468119][ T8229] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  191.500603][ T8229] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  191.539034][ T8229] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  191.581952][ T8229] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  191.710375][ T8401] netlink: 'syz.2.818': attribute type 6 has an invalid length.
[  191.906816][ T8229] 8021q: adding VLAN 0 to HW filter on device bond0
[  191.957075][ T8229] 8021q: adding VLAN 0 to HW filter on device team0
[  192.013159][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[  192.020338][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[  192.086868][ T8412] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:1)
[  192.113137][ T2944] bridge0: port 2(bridge_slave_1) entered blocking state
[  192.120336][ T2944] bridge0: port 2(bridge_slave_1) entered forwarding state
[  192.250696][ T8229] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  192.270587][ T8229] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  192.699197][ T8229] 8021q: adding VLAN 0 to HW filter on device batadv0
[  192.829366][ T8229] veth0_vlan: entered promiscuous mode
[  192.845034][ T8229] veth1_vlan: entered promiscuous mode
[  192.868199][ T8229] veth0_macvtap: entered promiscuous mode
[  192.877712][ T8229] veth1_macvtap: entered promiscuous mode
[  192.895274][ T8229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.905914][ T8229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.916254][ T8229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.926842][ T8229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.937416][ T8229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.948474][ T8229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.960119][ T8229] batman_adv: batadv0: Interface activated: batadv_slave_0
[  192.970811][ T8229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.981461][ T8229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.991411][ T8229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.002120][ T8229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.012445][ T8229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.023103][ T8229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.035064][ T8229] batman_adv: batadv0: Interface activated: batadv_slave_1
[  193.046896][ T8229] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  193.055773][ T8229] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  193.064551][ T8229] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  193.076009][ T8229] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  193.157238][ T5243] Bluetooth: hci2: command tx timeout
[  193.288697][ T8451] netlink: 8 bytes leftover after parsing attributes in process `syz.4.832'.
[  193.323225][ T8451] netlink: 24 bytes leftover after parsing attributes in process `syz.4.832'.
[  193.363983][ T8459] netlink: 20 bytes leftover after parsing attributes in process `syz.3.834'.
[  193.379771][ T8459] netlink: 13 bytes leftover after parsing attributes in process `syz.3.834'.
[  193.570648][ T2918] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  193.617944][ T2918] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  193.739761][ T3008] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  193.767470][ T3008] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  194.177745][ T8496] syzkaller0: entered promiscuous mode
[  194.188661][ T8496] syzkaller0: entered allmulticast mode
[  194.345909][ T8508] netlink: 8 bytes leftover after parsing attributes in process `syz.0.843'.
[  194.366403][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  195.080028][ T8532] netlink: 60 bytes leftover after parsing attributes in process `syz.2.845'.
[  195.101101][ T8532] unsupported nlmsg_type 40
[  195.955702][ T4626] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  195.971381][ T4626] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  195.986943][ T4626] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  196.000355][ T4626] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  196.012764][ T4626] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  196.020130][ T4626] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  196.844766][   T35] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.936125][ T8557] netlink: 'syz.0.849': attribute type 10 has an invalid length.
[  197.052204][ T8552] netlink: 12 bytes leftover after parsing attributes in process `syz.3.847'.
[  197.230656][ T8568] netlink: 60 bytes leftover after parsing attributes in process `syz.2.852'.
[  197.245406][   T35] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.402470][ T8547] chnl_net:caif_netlink_parms(): no params data found
[  197.528887][ T8584] netlink: 332 bytes leftover after parsing attributes in process `syz.4.858'.
[  197.589479][ T8590] FAULT_INJECTION: forcing a failure.
[  197.589479][ T8590] name failslab, interval 1, probability 0, space 0, times 0
[  197.615497][ T8590] CPU: 1 UID: 0 PID: 8590 Comm: syz.0.860 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  197.626157][ T8590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  197.636270][ T8590] Call Trace:
[  197.639573][ T8590]  <TASK>
[  197.642544][ T8590]  dump_stack_lvl+0x241/0x360
[  197.647292][ T8590]  ? __pfx_dump_stack_lvl+0x10/0x10
[  197.652538][ T8590]  ? __pfx__printk+0x10/0x10
[  197.657181][ T8590]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  197.663220][ T8590]  ? __pfx___might_resched+0x10/0x10
[  197.668581][ T8590]  should_fail_ex+0x3b0/0x4e0
[  197.673319][ T8590]  should_failslab+0xac/0x100
[  197.678050][ T8590]  ? __alloc_skb+0x1c3/0x440
[  197.682735][ T8590]  kmem_cache_alloc_node_noprof+0x71/0x320
[  197.688597][ T8590]  __alloc_skb+0x1c3/0x440
[  197.693078][ T8590]  ? __pfx___alloc_skb+0x10/0x10
[  197.698066][ T8590]  ? netlink_autobind+0xd6/0x2f0
[  197.703093][ T8590]  ? netlink_autobind+0x2b0/0x2f0
[  197.708388][ T8590]  netlink_sendmsg+0x638/0xcb0
[  197.713217][ T8590]  ? __pfx_netlink_sendmsg+0x10/0x10
[  197.718562][ T8590]  ? aa_sock_msg_perm+0x91/0x160
[  197.723560][ T8590]  ? __pfx_netlink_sendmsg+0x10/0x10
[  197.728895][ T8590]  __sock_sendmsg+0x221/0x270
[  197.733640][ T8590]  ____sys_sendmsg+0x52a/0x7e0
[  197.738436][ T8590]  ? __pfx_____sys_sendmsg+0x10/0x10
[  197.743760][ T8590]  __sys_sendmmsg+0x3ab/0x730
[  197.748501][ T8590]  ? __pfx___sys_sendmmsg+0x10/0x10
[  197.753768][ T8590]  ? __pfx_lock_release+0x10/0x10
[  197.758820][ T8590]  ? kstrtouint_from_user+0x128/0x190
[  197.764227][ T8590]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  197.770135][ T8590]  ? ksys_write+0x229/0x2b0
[  197.774650][ T8590]  ? __pfx_lock_release+0x10/0x10
[  197.779703][ T8590]  ? vfs_write+0x7bf/0xc90
[  197.784131][ T8590]  ? kmem_cache_free+0x1a2/0x420
[  197.789097][ T8590]  ? __mutex_unlock_slowpath+0x21d/0x750
[  197.794764][ T8590]  ? __fget_files+0x3f3/0x470
[  197.799488][ T8590]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  197.805504][ T8590]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  197.811852][ T8590]  ? do_syscall_64+0x100/0x230
[  197.816636][ T8590]  __x64_sys_sendmmsg+0xa0/0xb0
[  197.821510][ T8590]  do_syscall_64+0xf3/0x230
[  197.826034][ T8590]  ? clear_bhb_loop+0x35/0x90
[  197.830734][ T8590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.836640][ T8590] RIP: 0033:0x7fc1d897dff9
[  197.841085][ T8590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.860708][ T8590] RSP: 002b:00007fc1d9736038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  197.869142][ T8590] RAX: ffffffffffffffda RBX: 00007fc1d8b35f80 RCX: 00007fc1d897dff9
[  197.877128][ T8590] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004
[  197.885110][ T8590] RBP: 00007fc1d9736090 R08: 0000000000000000 R09: 0000000000000000
[  197.893090][ T8590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  197.901071][ T8590] R13: 0000000000000000 R14: 00007fc1d8b35f80 R15: 00007ffcf2479fe8
[  197.909073][ T8590]  </TASK>
[  197.930148][ T8598] xt_bpf: check failed: parse error
[  197.937747][ T8595] netlink: 16 bytes leftover after parsing attributes in process `syz.4.858'.
[  198.041062][ T8547] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.048447][ T8547] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.059070][ T8547] bridge_slave_0: entered allmulticast mode
[  198.067421][ T8547] bridge_slave_0: entered promiscuous mode
[  198.113446][ T4626] Bluetooth: hci2: command tx timeout
[  198.210189][   T35] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.249730][ T8547] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.267798][ T8547] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.281544][ T8547] bridge_slave_1: entered allmulticast mode
[  198.302053][ T8547] bridge_slave_1: entered promiscuous mode
[  198.353412][ T8607] geneve2: entered promiscuous mode
[  198.358705][ T8607] geneve2: entered allmulticast mode
[  198.447657][   T35] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.519869][ T8547] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  198.557938][ T8547] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  198.648877][ T8547] team0: Port device team_slave_0 added
[  198.677969][ T8547] team0: Port device team_slave_1 added
[  198.761085][ T8547] batman_adv: batadv0: Adding interface: batadv_slave_0
[  198.770293][ T8547] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.799485][ T8547] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  198.841861][ T8547] batman_adv: batadv0: Adding interface: batadv_slave_1
[  198.866645][ T8547] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.904384][ T8547] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  199.058441][   T35] bridge_slave_1: left allmulticast mode
[  199.072759][   T35] bridge_slave_1: left promiscuous mode
[  199.083365][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.106666][   T35] bridge_slave_0: left allmulticast mode
[  199.125229][   T35] bridge_slave_0: left promiscuous mode
[  199.133368][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.887913][ T8651] ieee802154 phy1 wpan1: encryption failed: -22
[  199.973289][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  199.994444][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  200.010004][   T35] bond0 (unregistering): Released all slaves
[  200.172079][ T8645] netlink: 'syz.4.873': attribute type 4 has an invalid length.
[  200.193106][ T8646] netlink: 'syz.4.873': attribute type 4 has an invalid length.
[  200.200977][ T5243] Bluetooth: hci2: command tx timeout
[  200.346275][ T8547] hsr_slave_0: entered promiscuous mode
[  200.457522][ T8547] hsr_slave_1: entered promiscuous mode
[  200.477396][ T8547] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  200.500612][ T8547] Cannot create hsr debugfs directory
[  200.942179][   T35] hsr_slave_0: left promiscuous mode
[  200.967337][   T35] hsr_slave_1: left promiscuous mode
[  200.977932][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  200.990375][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  201.003494][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  201.012896][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  201.059029][   T35] veth1_macvtap: left promiscuous mode
[  201.069760][   T35] veth0_macvtap: left promiscuous mode
[  201.079689][   T35] veth1_vlan: left promiscuous mode
[  201.085359][   T35] veth0_vlan: left promiscuous mode
[  201.771590][   T35] team0 (unregistering): Port device team_slave_1 removed
[  201.891237][   T35] team0 (unregistering): Port device team_slave_0 removed
[  202.278855][ T5243] Bluetooth: hci2: command 0x040f tx timeout
[  202.447688][ T8713] Cannot find add_set index 0 as target
[  202.550775][ T8677] netlink: 12 bytes leftover after parsing attributes in process `syz.4.884'.
[  203.105965][ T8729] netlink: 'syz.3.895': attribute type 1 has an invalid length.
[  203.318236][ T8741] batadv0: entered promiscuous mode
[  203.341137][ T8741] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  203.381768][   T35] bridge_slave_1: left allmulticast mode
[  203.399158][   T35] bridge_slave_1: left promiscuous mode
[  203.425152][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.454684][   T35] bridge_slave_0: left allmulticast mode
[  203.460587][   T35] bridge_slave_0: left promiscuous mode
[  203.476675][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.006474][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  204.018799][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  204.031407][   T35] bond0 (unregistering): Released all slaves
[  204.107942][ T8753] netlink: 8 bytes leftover after parsing attributes in process `syz.3.901'.
[  204.303225][ T8547] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  204.353131][ T4626] Bluetooth: hci2: command 0x040f tx timeout
[  204.386241][ T8547] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  204.414740][ T8547] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  204.437946][ T8766] netlink: 20 bytes leftover after parsing attributes in process `syz.4.905'.
[  204.462205][ T8547] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  204.776766][   T35] hsr_slave_0: left promiscuous mode
[  204.808694][   T35] hsr_slave_1: left promiscuous mode
[  204.830105][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  204.848529][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  204.863718][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  204.880976][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  204.933823][   T35] veth1_macvtap: left promiscuous mode
[  204.946450][   T35] veth0_macvtap: left promiscuous mode
[  204.981359][   T35] veth1_vlan: left promiscuous mode
[  204.998187][   T35] veth0_vlan: left promiscuous mode
[  205.879593][   T35] team0 (unregistering): Port device team_slave_1 removed
[  205.921382][   T35] team0 (unregistering): Port device team_slave_0 removed
[  206.380299][ T8800] syzkaller1: entered promiscuous mode
[  206.402861][ T8800] syzkaller1: entered allmulticast mode
[  206.443261][ T4626] Bluetooth: hci2: command 0x040f tx timeout
[  206.596967][ T8547] 8021q: adding VLAN 0 to HW filter on device bond0
[  206.640560][ T8547] 8021q: adding VLAN 0 to HW filter on device team0
[  206.673563][ T2918] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.680811][ T2918] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.706328][ T2918] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.713645][ T2918] bridge0: port 2(bridge_slave_1) entered forwarding state
[  206.965898][ T8819] FAULT_INJECTION: forcing a failure.
[  206.965898][ T8819] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  206.982583][   T35] IPVS: stop unused estimator thread 0...
[  207.032892][ T8819] CPU: 0 UID: 0 PID: 8819 Comm: syz.2.916 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  207.043583][ T8819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  207.053688][ T8819] Call Trace:
[  207.057005][ T8819]  <TASK>
[  207.059960][ T8819]  dump_stack_lvl+0x241/0x360
[  207.064668][ T8819]  ? __pfx_dump_stack_lvl+0x10/0x10
[  207.069885][ T8819]  ? __pfx__printk+0x10/0x10
[  207.074501][ T8819]  ? snprintf+0xda/0x120
[  207.078766][ T8819]  should_fail_ex+0x3b0/0x4e0
[  207.083465][ T8819]  _copy_to_user+0x2f/0xb0
[  207.087900][ T8819]  simple_read_from_buffer+0xca/0x150
[  207.093303][ T8819]  proc_fail_nth_read+0x1e9/0x250
[  207.098349][ T8819]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  207.103918][ T8819]  ? rw_verify_area+0x55e/0x6f0
[  207.108785][ T8819]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  207.114355][ T8819]  vfs_read+0x201/0xbc0
[  207.118532][ T8819]  ? __pfx_lock_release+0x10/0x10
[  207.123584][ T8819]  ? __pfx_vfs_read+0x10/0x10
[  207.128286][ T8819]  ? __fget_files+0x3f3/0x470
[  207.132990][ T8819]  ? fdget_pos+0x24e/0x320
[  207.137423][ T8819]  ksys_read+0x183/0x2b0
[  207.141684][ T8819]  ? __pfx_ksys_read+0x10/0x10
[  207.146458][ T8819]  ? do_syscall_64+0x100/0x230
[  207.151240][ T8819]  ? do_syscall_64+0xb6/0x230
[  207.155931][ T8819]  do_syscall_64+0xf3/0x230
[  207.160469][ T8819]  ? clear_bhb_loop+0x35/0x90
[  207.165169][ T8819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.171076][ T8819] RIP: 0033:0x7f5af477ca3c
[  207.175504][ T8819] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  207.195122][ T8819] RSP: 002b:00007f5af552e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  207.203549][ T8819] RAX: ffffffffffffffda RBX: 00007f5af4935f80 RCX: 00007f5af477ca3c
[  207.211529][ T8819] RDX: 000000000000000f RSI: 00007f5af552e0a0 RDI: 0000000000000004
[  207.219509][ T8819] RBP: 00007f5af552e090 R08: 0000000000000000 R09: 0000000000000000
[  207.227493][ T8819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  207.235471][ T8819] R13: 0000000000000000 R14: 00007f5af4935f80 R15: 00007ffecf420b88
[  207.243465][ T8819]  </TASK>
[  207.422048][ T8547] 8021q: adding VLAN 0 to HW filter on device batadv0
[  207.458570][ T8547] veth0_vlan: entered promiscuous mode
[  207.470486][ T8547] veth1_vlan: entered promiscuous mode
[  207.507300][ T8547] veth0_macvtap: entered promiscuous mode
[  207.549205][ T8547] veth1_macvtap: entered promiscuous mode
[  207.576799][ T8547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  207.594998][ T8547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.604943][ T8547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  207.615470][ T8547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.627075][ T8547] batman_adv: batadv0: Interface activated: batadv_slave_0
[  207.675108][ T8547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  207.695632][ T8547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.762291][ T8547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  207.778288][ T8547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  207.795164][ T8547] batman_adv: batadv0: Interface activated: batadv_slave_1
[  207.806158][ T8547] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  207.825924][ T8547] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  207.835052][ T8547] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  207.843885][ T8547] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  208.063978][ T3008] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  208.071950][ T3008] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  208.157439][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  208.168036][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  208.745107][ T8887] netlink: 8 bytes leftover after parsing attributes in process `syz.0.931'.
[  209.083384][ T8903] netlink: 'syz.0.934': attribute type 4 has an invalid length.
[  209.091105][ T8903] netlink: 17 bytes leftover after parsing attributes in process `syz.0.934'.
[  209.331963][ T8911] netlink: 8 bytes leftover after parsing attributes in process `syz.0.935'.
[  209.651554][ T3008] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.779413][ T3008] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.872906][ T3008] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.889144][ T5243] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  210.898263][ T5243] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  210.911855][ T5243] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  210.921153][ T5243] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  210.931442][ T5243] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  210.942041][ T5243] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  210.984496][ T3008] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.111819][ T3008] bridge_slave_1: left allmulticast mode
[  211.121880][ T3008] bridge_slave_1: left promiscuous mode
[  211.129539][ T3008] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.140067][ T3008] bridge_slave_0: left allmulticast mode
[  211.146380][ T3008] bridge_slave_0: left promiscuous mode
[  211.152372][ T3008] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.567066][ T3008] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  211.581610][ T3008] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  211.608723][ T3008] bond0 (unregistering): Released all slaves
[  211.837649][ T8973] syzkaller0: entered promiscuous mode
[  211.848076][ T8973] syzkaller0: entered allmulticast mode
[  212.996356][ T4626] Bluetooth: hci2: command tx timeout
[  213.691123][ T9002] netlink: 8 bytes leftover after parsing attributes in process `syz.3.955'.
[  213.818738][ T3008] hsr_slave_0: left promiscuous mode
[  213.884298][ T3008] hsr_slave_1: left promiscuous mode
[  213.908545][ T3008] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  213.936155][ T3008] batman_adv: batadv0: Removing interface: batadv_slave_0
[  213.961415][ T3008] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  213.983090][ T3008] batman_adv: batadv0: Removing interface: batadv_slave_1
[  214.021384][ T3008] veth1_macvtap: left promiscuous mode
[  214.027662][ T3008] veth0_macvtap: left promiscuous mode
[  214.041022][ T3008] veth1_vlan: left promiscuous mode
[  214.046772][ T3008] veth0_vlan: left promiscuous mode
[  214.899614][ T3008] team0 (unregistering): Port device team_slave_1 removed
[  214.959003][ T3008] team0 (unregistering): Port device team_slave_0 removed
[  215.072875][ T4626] Bluetooth: hci2: command tx timeout
[  215.405370][ T8959] chnl_net:caif_netlink_parms(): no params data found
[  215.862811][ T9062] netlink: 20 bytes leftover after parsing attributes in process `syz.4.968'.
[  215.916420][ T9059] tipc: Started in network mode
[  215.925498][ T9059] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  215.956945][ T9059] tipc: Enabled bearer <eth:team0>, priority 0
[  216.087690][ T9084] netlink: 16 bytes leftover after parsing attributes in process `syz.0.978'.
[  216.138198][ T8959] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.161114][ T8959] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.187284][ T8959] bridge_slave_0: entered allmulticast mode
[  216.207838][ T8959] bridge_slave_0: entered promiscuous mode
[  216.218827][ T8959] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.229468][ T8959] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.240782][ T8959] bridge_slave_1: entered allmulticast mode
[  216.250753][ T8959] bridge_slave_1: entered promiscuous mode
[  216.411501][ T8959] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  216.441089][ T8959] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  216.532116][ T8959] team0: Port device team_slave_0 added
[  216.621720][ T8959] team0: Port device team_slave_1 added
[  216.766835][ T8959] batman_adv: batadv0: Adding interface: batadv_slave_0
[  216.791233][ T8959] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  216.884200][ T8959] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  216.930384][ T8959] batman_adv: batadv0: Adding interface: batadv_slave_1
[  216.944166][ T8959] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  216.975733][ T5280] tipc: Node number set to 11578026
[  217.033462][ T8959] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  217.153847][ T4626] Bluetooth: hci2: command tx timeout
[  217.224509][ T9138] netlink: 32 bytes leftover after parsing attributes in process `syz.0.990'.
[  217.271775][ T8959] hsr_slave_0: entered promiscuous mode
[  217.309696][ T8959] hsr_slave_1: entered promiscuous mode
[  217.342887][ T8959] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  217.382738][ T8959] Cannot create hsr debugfs directory
[  218.366094][ T9171] FAULT_INJECTION: forcing a failure.
[  218.366094][ T9171] name failslab, interval 1, probability 0, space 0, times 0
[  218.437281][ T9171] CPU: 0 UID: 0 PID: 9171 Comm: syz.3.996 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  218.447966][ T9171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  218.458103][ T9171] Call Trace:
[  218.461419][ T9171]  <TASK>
[  218.464385][ T9171]  dump_stack_lvl+0x241/0x360
[  218.469112][ T9171]  ? __pfx_dump_stack_lvl+0x10/0x10
[  218.474366][ T9171]  ? __pfx__printk+0x10/0x10
[  218.478999][ T9171]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  218.485025][ T9171]  ? __pfx___might_resched+0x10/0x10
[  218.490358][ T9171]  should_fail_ex+0x3b0/0x4e0
[  218.495084][ T9171]  should_failslab+0xac/0x100
[  218.499795][ T9171]  ? __alloc_skb+0x1c3/0x440
[  218.504420][ T9171]  kmem_cache_alloc_node_noprof+0x71/0x320
[  218.510279][ T9171]  __alloc_skb+0x1c3/0x440
[  218.514732][ T9171]  ? __pfx___alloc_skb+0x10/0x10
[  218.519716][ T9171]  ? netlink_autobind+0xd6/0x2f0
[  218.524699][ T9171]  ? netlink_autobind+0x2b0/0x2f0
[  218.529767][ T9171]  netlink_sendmsg+0x638/0xcb0
[  218.534581][ T9171]  ? __pfx_netlink_sendmsg+0x10/0x10
[  218.539915][ T9171]  ? aa_sock_msg_perm+0x91/0x160
[  218.544899][ T9171]  ? __pfx_netlink_sendmsg+0x10/0x10
[  218.550218][ T9171]  __sock_sendmsg+0x221/0x270
[  218.554944][ T9171]  ____sys_sendmsg+0x52a/0x7e0
[  218.559754][ T9171]  ? __pfx_____sys_sendmsg+0x10/0x10
[  218.565093][ T9171]  __sys_sendmmsg+0x3ab/0x730
[  218.569815][ T9171]  ? __pfx___sys_sendmmsg+0x10/0x10
[  218.575067][ T9171]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  218.581464][ T9171]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  218.587843][ T9171]  ? __send_signal_locked+0xb44/0xdc0
[  218.593262][ T9171]  ? __lock_task_sighand+0x2a5/0x2d0
[  218.598586][ T9171]  ? __lock_task_sighand+0x29/0x2d0
[  218.603831][ T9171]  ? group_send_sig_info+0x2e0/0x310
[  218.609177][ T9171]  ? bpf_trace_run2+0x1fc/0x540
[  218.614100][ T9171]  ? bpf_send_signal_common+0x2dd/0x430
[  218.619703][ T9171]  ? __pfx_lock_release+0x10/0x10
[  218.624779][ T9171]  ? __mutex_unlock_slowpath+0x21d/0x750
[  218.630464][ T9171]  ? bpf_trace_run2+0x1fc/0x540
[  218.635367][ T9171]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  218.641407][ T9171]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  218.647795][ T9171]  __x64_sys_sendmmsg+0xa0/0xb0
[  218.652696][ T9171]  do_syscall_64+0xf3/0x230
[  218.657243][ T9171]  ? clear_bhb_loop+0x35/0x90
[  218.661956][ T9171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.667903][ T9171] RIP: 0033:0x7feac717dff9
[  218.672355][ T9171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.684629][ T9176] netlink: 'syz.2.998': attribute type 1 has an invalid length.
[  218.691972][ T9171] RSP: 002b:00007feac7ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  218.708097][ T9171] RAX: ffffffffffffffda RBX: 00007feac7335f80 RCX: 00007feac717dff9
[  218.716113][ T9171] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004
[  218.724127][ T9171] RBP: 00007feac7ff6090 R08: 0000000000000000 R09: 0000000000000000
[  218.732136][ T9171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.740152][ T9171] R13: 0000000000000000 R14: 00007feac7335f80 R15: 00007ffdd2167ca8
[  218.748195][ T9171]  </TASK>
[  218.858953][ T9176] netlink: 36 bytes leftover after parsing attributes in process `syz.2.998'.
[  218.974262][ T9184] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  218.986231][ T9184] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  219.234554][ T4626] Bluetooth: hci2: command tx timeout
[  219.443505][ T8959] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  219.465011][ T8959] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  219.479028][ T9207] xt_TPROXY: Can be used only with -p tcp or -p udp
[  219.480043][ T8959] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  219.506683][ T8959] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  219.620693][ T8959] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.646535][ T8959] 8021q: adding VLAN 0 to HW filter on device team0
[  219.659236][ T3008] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.666497][ T3008] bridge0: port 1(bridge_slave_0) entered forwarding state
[  219.689662][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.696950][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  220.030576][ T9230] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1011'.
[  220.088683][ T8959] 8021q: adding VLAN 0 to HW filter on device batadv0
[  220.190558][ T8959] veth0_vlan: entered promiscuous mode
[  220.219590][ T8959] veth1_vlan: entered promiscuous mode
[  220.287176][ T8959] veth0_macvtap: entered promiscuous mode
[  220.300793][ T8959] veth1_macvtap: entered promiscuous mode
[  220.319897][ T8959] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  220.358442][ T8959] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.393654][ T8959] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  220.428260][ T8959] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.479047][ T8959] batman_adv: batadv0: Interface activated: batadv_slave_0
[  220.538346][ T8959] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  220.570456][ T8959] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.601143][ T8959] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  220.620035][ T8959] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.658904][ T8959] batman_adv: batadv0: Interface activated: batadv_slave_1
[  220.696580][ T8959] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  220.730590][ T8959] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  220.779298][ T8959] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  220.812057][ T8959] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  221.143641][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.143674][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.159516][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.192857][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.901248][   T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.985802][   T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.031948][ T9387] netlink: 'syz.0.1039': attribute type 1 has an invalid length.
[  224.046855][ T9387] netlink: 4088 bytes leftover after parsing attributes in process `syz.0.1039'.
[  224.138166][   T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.171302][ T9384] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1040'.
[  224.295393][   T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.357443][ T5243] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  224.375461][ T5243] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  224.384735][ T5243] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  224.393572][ T5243] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  224.401638][ T5243] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  224.423111][ T5243] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  224.764643][   T11] bridge_slave_1: left allmulticast mode
[  224.770356][   T11] bridge_slave_1: left promiscuous mode
[  224.787231][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.801280][   T11] bridge_slave_0: left allmulticast mode
[  224.811594][   T11] bridge_slave_0: left promiscuous mode
[  224.850826][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  225.812735][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  225.827382][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  225.845510][   T11] bond0 (unregistering): Released all slaves
[  225.867966][ T9418] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1049'.
[  225.909565][ T9434] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1049'.
[  226.454032][ T9453] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1058'.
[  226.507832][ T9394] chnl_net:caif_netlink_parms(): no params data found
[  226.516179][ T5243] Bluetooth: hci2: command tx timeout
[  226.570098][   T11] hsr_slave_0: left promiscuous mode
[  226.612915][   T11] hsr_slave_1: left promiscuous mode
[  226.621441][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  226.645481][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  226.667655][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  226.679207][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  226.741786][   T11] veth1_macvtap: left promiscuous mode
[  226.757889][   T11] veth0_macvtap: left promiscuous mode
[  226.778779][   T11] veth1_vlan: left promiscuous mode
[  226.793272][   T11] veth0_vlan: left promiscuous mode
[  227.488574][   T11] team0 (unregistering): Port device team_slave_1 removed
[  227.531764][   T11] team0 (unregistering): Port device team_slave_0 removed
[  227.986449][ T9491] vlan2: entered promiscuous mode
[  228.253361][ T9511] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1072'.
[  228.268590][ T9394] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.291242][ T9394] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.299549][ T9394] bridge_slave_0: entered allmulticast mode
[  228.307487][ T9394] bridge_slave_0: entered promiscuous mode
[  228.333944][ T9394] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.341069][ T9394] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.363841][ T9394] bridge_slave_1: entered allmulticast mode
[  228.382083][ T9394] bridge_slave_1: entered promiscuous mode
[  228.478109][ T9394] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  228.523441][ T9394] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  228.593242][ T5243] Bluetooth: hci2: command tx timeout
[  228.648567][ T9394] team0: Port device team_slave_0 added
[  228.696328][ T9394] team0: Port device team_slave_1 added
[  228.749098][ T9394] batman_adv: batadv0: Adding interface: batadv_slave_0
[  228.761061][ T9394] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  228.818148][ T9394] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  228.844923][ T9394] batman_adv: batadv0: Adding interface: batadv_slave_1
[  228.860059][ T9394] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  228.893167][ T9394] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  229.064691][ T9394] hsr_slave_0: entered promiscuous mode
[  229.074039][ T9394] hsr_slave_1: entered promiscuous mode
[  229.083937][ T9394] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  229.092270][ T9394] Cannot create hsr debugfs directory
[  229.688896][    T9] IPVS: starting estimator thread 0...
[  229.793039][ T9583] IPVS: using max 18 ests per chain, 43200 per kthread
[  230.019302][ T9592] FAULT_INJECTION: forcing a failure.
[  230.019302][ T9592] name failslab, interval 1, probability 0, space 0, times 0
[  230.075592][ T9592] CPU: 1 UID: 0 PID: 9592 Comm: syz.0.1094 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  230.086364][ T9592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  230.096466][ T9592] Call Trace:
[  230.099784][ T9592]  <TASK>
[  230.102763][ T9592]  dump_stack_lvl+0x241/0x360
[  230.107489][ T9592]  ? __pfx_dump_stack_lvl+0x10/0x10
[  230.112757][ T9592]  ? __pfx__printk+0x10/0x10
[  230.117389][ T9592]  ? ref_tracker_alloc+0x332/0x490
[  230.122516][ T9592]  should_fail_ex+0x3b0/0x4e0
[  230.127217][ T9592]  ? skb_clone+0x20c/0x390
[  230.131654][ T9592]  should_failslab+0xac/0x100
[  230.136364][ T9592]  ? skb_clone+0x20c/0x390
[  230.140832][ T9592]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  230.146219][ T9592]  skb_clone+0x20c/0x390
[  230.150474][ T9592]  __netlink_deliver_tap+0x3cc/0x7c0
[  230.155772][ T9592]  ? netlink_deliver_tap+0x2e/0x1b0
[  230.160977][ T9592]  netlink_deliver_tap+0x19d/0x1b0
[  230.166100][ T9592]  netlink_unicast+0x7c4/0x990
[  230.170916][ T9592]  ? __pfx_netlink_unicast+0x10/0x10
[  230.176227][ T9592]  ? __virt_addr_valid+0x183/0x530
[  230.181380][ T9592]  ? __check_object_size+0x48e/0x900
[  230.186694][ T9592]  netlink_sendmsg+0x8e4/0xcb0
[  230.191479][ T9592]  ? __pfx_netlink_sendmsg+0x10/0x10
[  230.196810][ T9592]  ? aa_sock_msg_perm+0x91/0x160
[  230.201853][ T9592]  ? __pfx_netlink_sendmsg+0x10/0x10
[  230.207170][ T9592]  __sock_sendmsg+0x221/0x270
[  230.211908][ T9592]  ____sys_sendmsg+0x52a/0x7e0
[  230.216710][ T9592]  ? __pfx_____sys_sendmsg+0x10/0x10
[  230.222028][ T9592]  __sys_sendmmsg+0x3ab/0x730
[  230.226745][ T9592]  ? __pfx___sys_sendmmsg+0x10/0x10
[  230.231968][ T9592]  ? __pfx_lock_release+0x10/0x10
[  230.237011][ T9592]  ? kstrtouint_from_user+0x128/0x190
[  230.242413][ T9592]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  230.248327][ T9592]  ? ksys_write+0x229/0x2b0
[  230.252843][ T9592]  ? __pfx_lock_release+0x10/0x10
[  230.257919][ T9592]  ? vfs_write+0x7bf/0xc90
[  230.262397][ T9592]  ? kmem_cache_free+0x1a2/0x420
[  230.267353][ T9592]  ? __mutex_unlock_slowpath+0x21d/0x750
[  230.273005][ T9592]  ? __fget_files+0x3f3/0x470
[  230.277707][ T9592]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  230.283707][ T9592]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  230.290052][ T9592]  ? do_syscall_64+0x100/0x230
[  230.294830][ T9592]  __x64_sys_sendmmsg+0xa0/0xb0
[  230.299698][ T9592]  do_syscall_64+0xf3/0x230
[  230.304217][ T9592]  ? clear_bhb_loop+0x35/0x90
[  230.308907][ T9592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.314825][ T9592] RIP: 0033:0x7fc1d897dff9
[  230.319266][ T9592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.338885][ T9592] RSP: 002b:00007fc1d9736038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  230.347319][ T9592] RAX: ffffffffffffffda RBX: 00007fc1d8b35f80 RCX: 00007fc1d897dff9
[  230.355300][ T9592] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004
[  230.363294][ T9592] RBP: 00007fc1d9736090 R08: 0000000000000000 R09: 0000000000000000
[  230.371284][ T9592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  230.379268][ T9592] R13: 0000000000000000 R14: 00007fc1d8b35f80 R15: 00007ffcf2479fe8
[  230.387276][ T9592]  </TASK>
[  230.416593][ T9394] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  230.448844][ T9394] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  230.510589][ T9394] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  230.576835][ T9394] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  230.695374][ T9394] 8021q: adding VLAN 0 to HW filter on device bond0
[  230.714398][ T9394] 8021q: adding VLAN 0 to HW filter on device team0
[  230.716141][ T5243] Bluetooth: hci2: command tx timeout
[  230.739416][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.746639][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  230.757110][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.764366][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.874694][ T9614] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1102'.
[  230.922054][ T9394] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  231.169097][ T9630] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1107'.
[  231.392275][ T9394] 8021q: adding VLAN 0 to HW filter on device batadv0
[  231.525872][ T9394] veth0_vlan: entered promiscuous mode
[  231.573302][ T9394] veth1_vlan: entered promiscuous mode
[  231.652151][ T9394] veth0_macvtap: entered promiscuous mode
[  231.695062][ T9394] veth1_macvtap: entered promiscuous mode
[  231.781075][ T9394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  231.800469][ T9394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  231.812214][ T9394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  231.831535][ T9394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  231.852116][ T9394] batman_adv: batadv0: Interface activated: batadv_slave_0
[  231.884582][ T9394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  231.923138][ T9394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  231.957724][ T9394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  231.988043][ T9394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.000534][ T9394] batman_adv: batadv0: Interface activated: batadv_slave_1
[  232.025287][ T9660] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1115'.
[  232.042539][ T9660] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1115'.
[  232.064926][ T9660] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1115'.
[  232.089277][ T9394] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  232.106662][ T9660] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1115'.
[  232.118870][ T9394] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  232.140144][ T9394] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  232.150012][ T9660] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1115'.
[  232.166487][ T9394] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  232.177430][ T9660] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1115'.
[  232.380490][ T2944] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  232.393150][ T2944] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  232.458792][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  232.502069][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  232.875420][ T9695] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1124'.
[  232.981226][ T9700] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-alb(6)
[  233.149141][ T9710] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1128'.
[  233.584151][ T9739] netlink: 'syz.4.1137': attribute type 4 has an invalid length.
[  233.687564][ T9746] netlink: 'syz.4.1137': attribute type 4 has an invalid length.
[  233.820086][ T9747] delete_channel: no stack
[  234.324445][ T2944] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.352367][ T9777] unknown channel width for channel at 909000KHz?
[  234.363822][ T9782] tun0: tun_chr_ioctl cmd 1074025677
[  234.371106][ T9782] tun0: linktype set to 65534
[  234.376572][ T9777] unknown channel width for channel at 909000KHz?
[  234.386097][ T9775] syz.0.1147 uses old SIOCAX25GETINFO
[  234.393246][ T9777] unknown channel width for channel at 909000KHz?
[  235.122372][ T2944] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.376032][ T4626] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  235.385397][ T4626] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  235.394350][ T4626] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  235.402291][ T4626] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  235.410745][ T4626] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  235.418215][ T4626] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  235.460433][ T2944] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.582059][ T2944] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.903851][ T2944] bridge_slave_1: left allmulticast mode
[  235.909705][ T2944] bridge_slave_1: left promiscuous mode
[  235.915661][ T2944] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.932861][ T2944] bridge_slave_0: left allmulticast mode
[  235.938661][ T2944] bridge_slave_0: left promiscuous mode
[  235.945793][ T2944] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.009482][ T9852] __nla_validate_parse: 3 callbacks suppressed
[  236.009504][ T9852] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1163'.
[  236.611543][ T2944] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  236.626220][ T2944] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  236.637592][ T2944] bond0 (unregistering): Released all slaves
[  236.650017][ T9865] netlink: 'syz.2.1166': attribute type 64 has an invalid length.
[  236.658808][ T9865] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1166'.
[  236.744952][ T9824] chnl_net:caif_netlink_parms(): no params data found
[  237.267465][ T2944] hsr_slave_0: left promiscuous mode
[  237.288517][ T2944] hsr_slave_1: left promiscuous mode
[  237.306178][ T2944] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  237.325681][ T2944] batman_adv: batadv0: Removing interface: batadv_slave_0
[  237.345028][ T2944] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  237.362900][ T2944] batman_adv: batadv0: Removing interface: batadv_slave_1
[  237.407912][ T2944] veth1_macvtap: left promiscuous mode
[  237.422511][ T2944] veth0_macvtap: left promiscuous mode
[  237.428448][ T2944] veth1_vlan: left promiscuous mode
[  237.434028][ T2944] veth0_vlan: left promiscuous mode
[  237.472998][ T4626] Bluetooth: hci2: command tx timeout
[  237.932140][ T9916] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1178'.
[  238.090207][ T2944] team0 (unregistering): Port device team_slave_1 removed
[  238.195154][ T2944] team0 (unregistering): Port device team_slave_0 removed
[  238.262150][ T9927] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1183'.
[  238.308256][ T9928] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  238.700932][ T9824] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.711060][ T9824] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.719007][ T9824] bridge_slave_0: entered allmulticast mode
[  238.727158][ T9824] bridge_slave_0: entered promiscuous mode
[  238.791407][ T9824] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.810526][ T9824] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.821310][ T9824] bridge_slave_1: entered allmulticast mode
[  238.831213][ T9824] bridge_slave_1: entered promiscuous mode
[  238.996891][ T9824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  239.031426][ T9824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  239.120795][ T9934] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  239.164169][ T9934] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  239.184233][ T9824] team0: Port device team_slave_0 added
[  239.223623][ T9824] team0: Port device team_slave_1 added
[  239.274347][ T9955] syz.3.1190[9955] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  239.274459][ T9955] syz.3.1190[9955] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  239.318883][ T9824] batman_adv: batadv0: Adding interface: batadv_slave_0
[  239.371897][ T9824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  239.418140][ T9824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  239.439195][ T9956] vlan0: entered allmulticast mode
[  239.456255][ T9956] veth0_vlan: entered allmulticast mode
[  239.469918][ T9956] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  239.503224][ T9824] batman_adv: batadv0: Adding interface: batadv_slave_1
[  239.510422][ T9824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  239.540767][ T9824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  239.552722][ T4626] Bluetooth: hci2: command tx timeout
[  239.745389][ T9824] hsr_slave_0: entered promiscuous mode
[  239.751964][ T9824] hsr_slave_1: entered promiscuous mode
[  239.758882][ T9824] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  239.768047][ T9824] Cannot create hsr debugfs directory
[  239.832835][ T9977] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1195'.
[  240.182308][ T9990] pimreg: entered allmulticast mode
[  240.434991][   T30] INFO: task syz.0.315:6200 blocked for more than 143 seconds.
[  240.456646][   T30]       Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  240.488418][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  240.530576][   T30] task:syz.0.315       state:D stack:23376 pid:6200  tgid:6199  ppid:5231   flags:0x00004004
[  240.541311][   T30] Call Trace:
[  240.546023][   T30]  <TASK>
[  240.550226][   T30]  __schedule+0x1895/0x4b30
[  240.573044][   T30]  ? __pfx___schedule+0x10/0x10
[  240.588603][   T30]  ? __pfx_lock_release+0x10/0x10
[  240.599476][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  240.606220][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  240.615001][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  240.624006][   T30]  ? schedule+0x90/0x320
[  240.628406][   T30]  schedule+0x14b/0x320
[  240.632847][   T30]  schedule_preempt_disabled+0x13/0x30
[  240.638461][   T30]  rwsem_down_write_slowpath+0xeee/0x13b0
[  240.644663][   T30]  ? rwsem_down_write_slowpath+0xa09/0x13b0
[  240.650766][   T30]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[  240.659881][   T30]  ? __pfx_lock_acquire+0x10/0x10
[  240.666791][   T30]  ? exit_mmap+0x28b/0xc40
[  240.674489][   T30]  down_write+0x1d7/0x220
[  240.679123][   T30]  ? __pfx_down_write+0x10/0x10
[  240.687830][   T30]  exit_mmap+0x2bd/0xc40
[  240.692247][   T30]  ? __mutex_lock+0x2ef/0xd70
[  240.698132][   T30]  ? __pfx_exit_mmap+0x10/0x10
[  240.707517][   T30]  ? __pfx_exit_aio+0x10/0x10
[  240.712425][   T30]  ? uprobe_clear_state+0x271/0x290
[  240.720469][   T30]  ? mm_update_next_owner+0xa4/0x810
[  240.729784][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  240.737886][   T30]  __mmput+0x115/0x390
[  240.742197][   T30]  exit_mm+0x220/0x310
[  240.750819][   T30]  ? __pfx_exit_mm+0x10/0x10
[  240.759446][   T30]  ? taskstats_exit+0x326/0xa60
[  240.768252][   T30]  do_exit+0x9b2/0x28e0
[  240.774931][   T30]  ? __pfx_do_exit+0x10/0x10
[  240.779669][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  240.787584][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  240.794567][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  240.800959][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  240.807028][   T30]  do_group_exit+0x207/0x2c0
[  240.811656][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  240.817552][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  240.822920][   T30]  get_signal+0x16a3/0x1740
[  240.827467][   T30]  ? __pfx_get_signal+0x10/0x10
[  240.832371][   T30]  arch_do_signal_or_restart+0x96/0x860
[  240.838122][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  240.845753][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  240.851776][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  240.860338][   T30]  syscall_exit_to_user_mode+0xc9/0x370
[  240.866119][   T30]  do_syscall_64+0x100/0x230
[  240.870757][   T30]  ? clear_bhb_loop+0x35/0x90
[  240.875630][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.881573][   T30] RIP: 0033:0x7fec44b7dff9
[  240.886178][   T30] RSP: 002b:00007fec458c60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  240.894699][   T30] RAX: fffffffffffffe00 RBX: 00007fec44d35f88 RCX: 00007fec44b7dff9
[  240.902880][   T30] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fec44d35f88
[  240.910897][   T30] RBP: 00007fec44d35f80 R08: 0000000000000000 R09: 0000000000000000
[  240.920299][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fec44d35f8c
[  240.929357][   T30] R13: 0000000000000000 R14: 00007ffdc9eda6e0 R15: 00007ffdc9eda7c8
[  240.937480][   T30]  </TASK>
[  240.940598][   T30] 
[  240.940598][   T30] Showing all locks held in the system:
[  240.969004][   T30] 1 lock held by rcu_exp_gp_kthr/19:
[  240.982273][   T30]  #0: ffff8880b863ead8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  241.002859][   T30] 1 lock held by khungtaskd/30:
[  241.007816][   T30]  #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  241.020312][   T30] 3 locks held by kworker/u8:3/51:
[  241.026170][   T30]  #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  241.038656][   T30]  #1: ffffc90000bc7d00 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  241.050514][   T30]  #2: ffffffff8e93d378 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  241.061580][   T30] 3 locks held by kworker/u8:7/2918:
[  241.068124][   T30] 4 locks held by kworker/u8:8/2944:
[  241.074083][   T30]  #0: ffff8880b863ead8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  241.084214][   T30]  #1: ffff8880b8628948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x41d/0x7a0
[  241.095826][   T30]  #2: ffffffff8e937e40 (rcu_read_lock_bh){....}-{1:2}, at: mod_peer_timer+0x21/0x260
[  241.105616][   T30]  #3: ffff8880b862a718 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x744/0xeb0
[  241.114855][   T30] 3 locks held by kworker/u8:9/3008:
[  241.120173][   T30]  #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  241.132028][   T30]  #1: ffffc90009eb7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  241.144210][   T30]  #2: ffffffff8fcd2fc8 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  241.153461][   T30] 3 locks held by kworker/u9:1/4626:
[  241.158783][   T30]  #0: ffff88807c693148 ((wq_completion)hci5){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  241.170930][   T30]  #1: ffffc9000d6efd00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  241.183736][   T30]  #2: ffff88805d6f4d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400
[  241.193781][   T30] 2 locks held by dhcpcd/4903:
[  241.198573][   T30]  #0: ffff8880586986c8 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: __netlink_dump_start+0x119/0x790
[  241.209221][   T30]  #1: ffffffff8fcd2fc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x99/0x200
[  241.218201][   T30] 2 locks held by getty/4994:
[  241.226891][   T30]  #0: ffff88802f0370a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  241.237601][   T30]  #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  241.251641][   T30] 3 locks held by kworker/u9:2/5233:
[  241.258423][   T30]  #0: ffff88807c691148 ((wq_completion)hci6){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  241.270377][   T30]  #1: ffffc90003cc7d00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  241.283261][   T30]  #2: ffff88805d6f0d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400
[  241.293267][   T30] 3 locks held by kworker/u9:3/5243:
[  241.298581][   T30]  #0: ffff88807c696148 ((wq_completion)hci7){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  241.309682][   T30]  #1: ffffc900041b7d00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  241.322376][   T30]  #2: ffff888032dd4d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400
[  241.332497][   T30] 1 lock held by syz.0.315/6200:
[  241.337496][   T30]  #0: ffff88801ac76a18 (&mm->mmap_lock){++++}-{3:3}, at: exit_mmap+0x2bd/0xc40
[  241.346772][   T30] 7 locks held by syz-executor/9824:
[  241.352101][   T30]  #0: ffff888032e0c420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x224/0xc90
[  241.361170][   T30]  #1: ffff88805d6d8c88 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1ea/0x500
[  241.373479][   T30]  #2: ffff888027ecb788 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20e/0x500
[  241.383783][   T30]  #3: ffffffff8f570608 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480
[  241.394206][   T30]  #4: ffff88802fbf70e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0
[  241.405044][   T30]  #5: ffff88802fbf4250 (&devlink->lock_key#17){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160
[  241.415353][   T30]  #6: ffffffff8fcd2fc8 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0
[  241.424474][   T30] 2 locks held by syz.4.1203/10017:
[  241.429694][   T30]  #0: ffff888066e9d4c8 (&nft_net->commit_mutex){+.+.}-{3:3}, at: nf_tables_valid_genid+0x32/0x100
[  241.440485][   T30]  #1: ffffffff8e93d378 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  241.451606][   T30] 
[  241.458986][   T30] =============================================
[  241.458986][   T30] 
[  241.500579][   T30] NMI backtrace for cpu 1
[  241.504979][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  241.515522][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  241.525621][   T30] Call Trace:
[  241.528939][   T30]  <TASK>
[  241.531927][   T30]  dump_stack_lvl+0x241/0x360
[  241.536660][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  241.541915][   T30]  ? __pfx__printk+0x10/0x10
[  241.546564][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  241.551559][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  241.557075][   T30]  ? _printk+0xd5/0x120
[  241.561254][   T30]  ? __pfx__printk+0x10/0x10
[  241.565880][   T30]  ? __wake_up_klogd+0xcc/0x110
[  241.570735][   T30]  ? __pfx__printk+0x10/0x10
[  241.575327][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  241.580362][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  241.586358][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  241.592354][   T30]  watchdog+0xff4/0x1040
[  241.596614][   T30]  ? watchdog+0x1ea/0x1040
[  241.601049][   T30]  ? __pfx_watchdog+0x10/0x10
[  241.605741][   T30]  kthread+0x2f0/0x390
[  241.609823][   T30]  ? __pfx_watchdog+0x10/0x10
[  241.614519][   T30]  ? __pfx_kthread+0x10/0x10
[  241.619116][   T30]  ret_from_fork+0x4b/0x80
[  241.623544][   T30]  ? __pfx_kthread+0x10/0x10
[  241.628138][   T30]  ret_from_fork_asm+0x1a/0x30
[  241.632928][   T30]  </TASK>
[  241.637013][   T30] Sending NMI from CPU 1 to CPUs 0:
[  241.642294][    C0] NMI backtrace for cpu 0 skipped: idling at acpi_safe_halt+0x21/0x30
[  241.653304][ T6325] Bluetooth: hci2: command tx timeout
[  241.662810][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  241.669702][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0
[  241.680256][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  241.690344][   T30] Call Trace:
[  241.693657][   T30]  <TASK>
[  241.696635][   T30]  dump_stack_lvl+0x241/0x360
[  241.701350][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  241.706610][   T30]  ? __pfx__printk+0x10/0x10
[  241.711247][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  241.717281][   T30]  ? vscnprintf+0x5d/0x90
[  241.721634][   T30]  panic+0x349/0x880
[  241.725556][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  241.731754][   T30]  ? __pfx_panic+0x10/0x10
[  241.736176][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  241.741560][   T30]  ? __irq_work_queue_local+0x137/0x410
[  241.747120][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  241.752498][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  241.758666][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  241.764837][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  241.771010][   T30]  watchdog+0x1033/0x1040
[  241.775370][   T30]  ? watchdog+0x1ea/0x1040
[  241.779826][   T30]  ? __pfx_watchdog+0x10/0x10
[  241.784514][   T30]  kthread+0x2f0/0x390
[  241.788590][   T30]  ? __pfx_watchdog+0x10/0x10
[  241.793281][   T30]  ? __pfx_kthread+0x10/0x10
[  241.797875][   T30]  ret_from_fork+0x4b/0x80
[  241.802306][   T30]  ? __pfx_kthread+0x10/0x10
[  241.806898][   T30]  ret_from_fork_asm+0x1a/0x30
[  241.811681][   T30]  </TASK>
[  241.815076][   T30] Kernel Offset: disabled
[  241.819432][   T30] Rebooting in 86400 seconds..