last executing test programs:

3.391001182s ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='jbd2_handle_stats\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), r2)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x38, r3, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10001}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4004011}, 0x41)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x6, 0x8, 0x8}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='jbd2_handle_stats\x00', r6}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)

3.325017283s ago: executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000386dd0a02100000004000000060ec97000fc888"], 0xffe)

3.248822851s ago: executing program 0:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000140)=0xa7d, 0x4)
sendmmsg$inet6(r0, &(0x7f0000006b80)=[{{&(0x7f0000000040)={0xa, 0x4e24, 0x0, @local}, 0x1c, 0x0}}, {{&(0x7f0000000340)={0xa, 0x4e24, 0x0, @remote}, 0x1c, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="e8020000000000002900000004000000005a"], 0x2e8}}], 0x2, 0x0)
recvfrom$inet6(r0, 0x0, 0xa00000000000000, 0x12020, 0x0, 0x0)

3.069152097s ago: executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)
listen(r1, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a00010076786c616e0000000400028008000a00", @ANYRES32], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)

2.868260458s ago: executing program 0:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
unshare(0x68060200)
socket$netlink(0x10, 0x3, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000000)={0x0, 'netdevsim0\x00', 0x4}, 0x18)
r1 = socket$inet6(0xa, 0x0, 0x0)
bind$inet6(r1, 0x0, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, 0x0}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'vxcan1\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r3}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r4, &(0x7f0000000000), &(0x7f0000000040)=@udp}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d80)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)='%+9llu \x00'}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={r5, &(0x7f00000007c0), &(0x7f0000000400)=@tcp6, 0x2}, 0x20)
socket$inet(0x2, 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r6 = socket(0x5, 0x2, 0x4000006)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f0000000300)={'gre0\x00', &(0x7f00000002c0)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, {[@generic={0x0, 0x2}]}}}}})
socket$xdp(0x2c, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
sendmsg$NBD_CMD_CONNECT(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={0x0, 0xda}, 0x1, 0x0, 0x0, 0x15}, 0x6000071)

2.866421029s ago: executing program 3:
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x8000, 0x4}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xf, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bfa90000000000005d090100000000009500000000000000bf91000000000000b7020000000000008500000000000000b70000000000000095"], &(0x7f0000000080)='GPL\x00'}, 0x90)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x0)
setsockopt$inet6_IPV6_ADDRFORM(r3, 0x29, 0x2a, 0x0, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r2)
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000006c0)=ANY=[], 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0xbc)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000900)=@gettfilter={0x24, 0x2e, 0x129, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0xb, 0x2}, {0x9, 0x5}, {0xa, 0xfff2}}}, 0x24}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2.295187796s ago: executing program 2:
socket$nl_crypto(0x10, 0x3, 0x15)
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000280), 0x8)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000000440)=[@in={0x2, 0x4e21, @multicast2}, @in6={0xa, 0x4e22, 0x2, @mcast2, 0x9}, @in6={0xa, 0x4e24, 0x3, @private0, 0xffff}, @in6={0xa, 0x4e24, 0x7fffffff, @dev={0xfe, 0x80, '\x00', 0x11}, 0x4}], 0x64)
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001440), &(0x7f0000001480)=0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000240)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f0000000880), 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
unshare(0x600)
r5 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r5, 0x29, 0x7, &(0x7f0000000080), 0xc)
r6 = openat$cgroup_procs(r4, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000380), 0x12)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x70}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet6_SIOCSIFADDR(r8, 0x8916, &(0x7f0000000040)={@private2={0xfc, 0x2, '\x00', 0x1}, 0x5d})
sendmsg$DEVLINK_CMD_RELOAD(r7, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000001c40)=ANY=[@ANYBLOB="840000", @ANYRES16, @ANYBLOB="10002cbd7000fddbdf25250000000e0001006e657464657673696d", @ANYRES32, @ANYBLOB="080001007063690011000200303030303a30303a31302e300000000008008c0004000000080001007063690011000200303030303a30303a31302e30"], 0x84}}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000580)="6700000010008188040f56ecdb4cb9cca7480ef434000000e3bd6efb440009000e000a0010000000ba80010000005a8c3774da0a040059a933c1e7a6d3361d83b20000319cdf5656826edaaa11032701c61ec666d482078ccebcb9a4f187f7a4e98f09cdc2649f", 0x67}], 0x1}, 0x0)

2.017809188s ago: executing program 3:
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x85, &(0x7f00000000c0), 0x4)

1.941239083s ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x6}, 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x1}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000001500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000140)="3d6ee2e04b91ab10143d9abe86dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$DEVLINK_CMD_RATE_SET(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000400006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcff7ffa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67e6ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4510555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f297446d22384e5dad9796edb697aeea0182babd18cace339f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a833784456c386e22cc22ee17476d000000009682e24b92533ac2a997d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f18215523167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3037ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cb8846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545b50f576b2b5cc7f819abd0f885cc4806f40300966f08294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000052007563885a1105000000dc1c56d59f35d319909ea4a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f00000000000000010100000000000057a8abef8b64237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2c09000000bfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07000000ef060cd4403a099f32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbcbf2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa412af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00a40e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f651600eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47547f164391c673b6079e65d7295eed164ca63e4ea26d65f6b3ce0f6591d80dfb8f386bb74b5589829b6b067903000000000000003d9950d48c774eaa35b24fce696af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c80c57ed04dbc574ad278b9b7b71792e523077d033d8cea3cc571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e40000"], &(0x7f0000000340)='syzkaller\x00'}, 0x90)
socket$inet(0x2, 0x4000000000000001, 0x0)
r4 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r4, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0)
sendmmsg$inet_sctp(r4, &(0x7f00000032c0), 0x0, 0x0)
r5 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r5, &(0x7f00000032c0), 0x0, 0x0)
sendmmsg$inet_sctp(r5, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)='a', 0x1}], 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="3000000001000000000000000c0000000000000000000000000000000000000001000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="720a07ff000000007110b1000000000095"], &(0x7f0000000480)='GPL\x00'}, 0x90)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x3, 0x0)
socket(0x11, 0x800000003, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)

1.860541214s ago: executing program 3:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$ARPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x15, &(0x7f0000000300)={'IDLETIMER\x00'}, &(0x7f0000000340)=0x1e)

1.731111271s ago: executing program 3:
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth1_to_bridge\x00', <r1=>0x0})
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r2, 0x84, 0x2, &(0x7f00000000c0)={0xfffc}, 0x8)
sendto$inet6(r2, &(0x7f0000000580)="03", 0x34000, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r2, 0x84, 0x76, 0x0, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000140)={@loopback, @private2, @private2, 0x0, 0x0, 0x400, 0x0, 0xd, 0x40, r1})
r4 = socket(0x10, 0x80803, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c0000005e0001"], 0x1c}}, 0x0)
ioctl$AUTOFS_IOC_SETTIMEOUT(r4, 0x80049367, &(0x7f0000000000)=0x7)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
close(r7)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r7, 0x8b15, &(0x7f0000000000)={'vxcan1\x00', @random="50b58e383ede"})
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB="00000400", @ANYRES16=0x0, @ANYBLOB="0400000000000000000006000000"], 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f00000003c0), r6)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000001580)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "050008", 0x38, 0x3a, 0x0, @remote, @mcast2, {[], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "4bb191", 0x0, 0x84, 0x0, @rand_addr=' \x01\x00', @remote, [], "b1c401e1ce4ffe7d"}}}}}}}, 0x0)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000fc0), r6)
sendmsg$NL802154_CMD_DEL_SEC_DEV(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x14, r8, 0x1, 0x8001}, 0x14}}, 0x0)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000540)={@rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400046, r1})

1.625244143s ago: executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079109500000000006300e600000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0x7300, &(0x7f000000cf3d)=""/195}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000140)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010023f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0xe80, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r4, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000adc000000000a01010000000000000000020000000900010073797a3000000000bb00060079e7b7eceea68f6099fc83cd0c8b373bdc9c6e78c075643c2a5dc89eb0188b6e3c512219635880d31407b1bea8b51c012324ad64e902a795dd7d36f1a712ec4c42012093d8a49a7c757ae492a9d523299810795e47f54226d5e82b6b8c072dbc09ea01b308a7258f6f57d4e098a3c69594a4b34ce080de2f8d466218e1a7c0c892555bed25b878d04ec6a9ea5449f4c16154128d3ac145d1994aa1e97eb08fb911a7cbba3d617a7e2b6ed10aea8c35ca397a88f327ee2e0034010000030a01020000000000000000020000000900010073797a30000000000900030073797a32000000001400048008000140000000000800024000000000f300030091abc12404cf378042f26c43f91f68d8a90767c0bc71f60877974475de3d78ef670efff3f7311209fb8cc158fa18f18591bb90dd1e0464d31ff30a7e5b227e08a2ee0643e735c3cd21b6e743176c8eefd41693bc94e6a273643642d61840a5f275333bb1afbbd583fe318f4f9fede53e5b2e5362948561f9a734f912471f65300a734ab4fc76055ae03eceec7311bea9d533e58fd544db5f584430966667bc251a3fe19a389fae635a5a60ec0e28d8e428677abc89542a33cba0f155d8e6aafc2e55efab5e5d3b471b046e01625e968c3c4e6dbbcd9a34ba87f518b418399816b344ac1b87384cf1b1ffe4109e6a8d0014000000020a010200000000000000000000010014000000110001"], 0x24c}}, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$sock_int(r6, 0x1, 0xf, &(0x7f0000000000)=0x6, 0x4)
syz_emit_ethernet(0x3a, &(0x7f0000000e00)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x18, 0x0, @wg=@data}}}}}, 0x0)
write$tun(r0, &(0x7f0000000140)={@val={0x8, 0x800}, @val={0x1, 0x0, 0x0, 0x7ff}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @dest_unreach={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x66, 0x0, 0x0, 0x1d, 0x0, @initdev={0xac, 0x1e, 0xff, 0x0}, @loopback}}}}, 0x3e)

1.580033114s ago: executing program 2:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a5000000230000"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00'}, 0x10)
r1 = epoll_create(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, 0xffffffffffffffff)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000840), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x20, r2, 0x401, 0x0, 0x0, {}, [@ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x2}, @ETHTOOL_A_CHANNELS_HEADER={0x4}]}, 0x20}}, 0x0)

1.374495643s ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x5, 0x5, 0x2, 0x4}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c0000000206050000000000000000000000000005000400000000000900020073797a30000000001400078008000840000028590800064000000000050005000000400005000100060000000d000300686173683a6d6163"], 0x5c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
socketpair(0x0, 0x0, 0x0, &(0x7f0000000000))

1.097035769s ago: executing program 2:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r1=>0xffffffffffffffff, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000020000000000000000000000018110000", @ANYRES32=<r3=>0xffffffffffffffff, @ANYBLOB="0000000000000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f00000002c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={{0x14}, [], {0x14}}, 0x28}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000004c0)=ANY=[@ANYRESOCT=0x0, @ANYRESDEC=r3, @ANYRESHEX=r1, @ANYBLOB="aeca7f6b684bc882f6455d1233448779553808e16c47fca2918bb5432e046374bf18cf6369873035e1941356be811e6ff18e782a26", @ANYRES64=r0, @ANYRESOCT=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, 0x0, &(0x7f00000002c0)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000180)='ext4_ext_show_extent\x00', r6}, 0x10)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r7, &(0x7f0000000000), 0x400000)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff})
setsockopt$TIPC_SRC_DROPPABLE(r8, 0x10f, 0x8a, &(0x7f00000000c0)=0x7, 0x4)

1.094015094s ago: executing program 4:
socket$nl_crypto(0x10, 0x3, 0x15)
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000280), 0x8)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000000440)=[@in={0x2, 0x4e21, @multicast2}, @in6={0xa, 0x4e22, 0x2, @mcast2, 0x9}, @in6={0xa, 0x4e24, 0x3, @private0, 0xffff}, @in6={0xa, 0x4e24, 0x7fffffff, @dev={0xfe, 0x80, '\x00', 0x11}, 0x4}], 0x64)
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001440), &(0x7f0000001480)=0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000240)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f0000000880), 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
unshare(0x600)
r5 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r5, 0x29, 0x7, &(0x7f0000000080), 0xc)
r6 = openat$cgroup_procs(r4, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000380), 0x12)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x70}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet6_SIOCSIFADDR(r8, 0x8916, &(0x7f0000000040)={@private2={0xfc, 0x2, '\x00', 0x1}, 0x5d})
sendmsg$DEVLINK_CMD_RELOAD(r7, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000001c40)=ANY=[@ANYBLOB="840000", @ANYRES16, @ANYBLOB="10002cbd7000fddbdf25250000000e0001006e657464657673696d", @ANYRES32, @ANYBLOB="080001007063690011000200303030303a30303a31302e300000000008008c0004000000080001007063690011000200303030303a30303a31302e30"], 0x84}}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000580)="6700000010008188040f56ecdb4cb9cca7480ef434000000e3bd6efb440009000e000a0010000000ba80010000005a8c3774da0a040059a933c1e7a6d3361d83b20000319cdf5656826edaaa11032701c61ec666d482078ccebcb9a4f187f7a4e98f09cdc2649f", 0x67}], 0x1}, 0x0)

1.088932162s ago: executing program 1:
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) (async)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wg0\x00', <r2=>0x0}) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x34, r4, 0x3c1ef5685f8d0157, 0x0, 0x0, {}, [@GTPA_MS_ADDRESS={0x8, 0x5, @remote}, @GTPA_PEER_ADDRESS={0x8, 0x4, @loopback}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_LINK={0x8}]}, 0x34}}, 0x0)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000006c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xee, 0xee, 0x8, [@ptr={0xf, 0x0, 0x0, 0x2, 0x3}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x5, 0x2}}, @datasec={0x1, 0xa, 0x0, 0xf, 0x2, [{0x3, 0x5, 0xc009}, {0x2, 0x8, 0x10001}, {0x2, 0x0, 0xffffffff}, {0x3, 0x5, 0x3}, {0x2, 0x1000, 0x9}, {0x1, 0xa37, 0x6}, {0x5, 0x5, 0x4}, {0x4, 0x1, 0x1}, {0x3, 0xfff, 0x3}, {0x1, 0x9}], "bfe6"}, @var={0x3, 0x0, 0x0, 0xe, 0x1}, @const={0x3, 0x0, 0x0, 0xa, 0x2}, @int={0x10, 0x0, 0x0, 0x1, 0x0, 0x31, 0x0, 0x46, 0x1}, @func={0x8, 0x0, 0x0, 0xc, 0x2}, @ptr={0x6, 0x0, 0x0, 0x2, 0x2}]}, {0x0, [0x30, 0x2e, 0x30, 0x0, 0x61, 0x5f]}}, &(0x7f00000002c0)=""/206, 0x110, 0xce, 0x0, 0x5}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x40f00, 0x8, '\x00', r2, 0xf, r5, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r6 = socket$nl_route(0x10, 0x3, 0x0) (async)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001900)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x88a8}]}}}, @IFLA_LINK={0x8, 0x5, r8}]}, 0x4c}}, 0x0)

970.874198ms ago: executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
writev(r0, &(0x7f0000000700)=[{&(0x7f0000000540)='Y', 0x1}, {&(0x7f0000000640)="b5", 0x1}, {&(0x7f00000006c0)="ce", 0x1}, {&(0x7f0000000680)="13916b957b001e829e9700", 0xb}], 0x4)
write$binfmt_script(r0, &(0x7f0000000040), 0x18a3c85)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SWAP(r2, &(0x7f0000001ec0)={0x0, 0x0, &(0x7f0000001e80)={&(0x7f0000001e00)={0x1c, 0x6, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TDLS_OPER(r3, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000980)={0x20, r4, 0x1, 0x0, 0x0, {{0x8}, {@void, @val={0xc, 0x99, {0x1}}}}}, 0x20}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)={{0x14}, [@NFT_MSG_NEWSET={0x40, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSETELEM={0x178, 0x1e, 0xa, 0x105, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14c, 0x3, 0x0, 0x1, [{0x148, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4}, @NFTA_SET_ELEM_FLAGS={0x8}, @NFTA_SET_ELEM_EXPRESSIONS={0x138, 0xb, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x2965}, @NFTA_NG_OFFSET={0x8, 0x4, 0x1, 0x0, 0xff}, @NFTA_NG_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}]}}}, {0x38, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_CONNLIMIT_FLAGS={0x8}, @NFTA_CONNLIMIT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_CONNLIMIT_FLAGS={0x8}]}}}, {0x20, 0x1, 0x0, 0x1, @rt={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_RT_KEY={0x8}]}}}, {0x14, 0x1, 0x0, 0x1, @connlimit={{0xe}, @void}}, {0x10, 0x1, 0x0, 0x1, @quota={{0xa}, @void}}, {0x2c, 0x1, 0x0, 0x1, @lookup={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_FLAGS={0x8}, @NFTA_LOOKUP_FLAGS={0x8}, @NFTA_LOOKUP_DREG={0x8}]}}}, {0x10, 0x1, 0x0, 0x1, @quota={{0xa}, @void}}, {0x44, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_REDIR_FLAGS={0x8, 0x3, 0x1, 0x0, 0x20}, @NFTA_REDIR_REG_PROTO_MIN={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_REDIR_FLAGS={0x8, 0x3, 0x1, 0x0, 0x28}, @NFTA_REDIR_REG_PROTO_MIN={0x8}, @NFTA_REDIR_REG_PROTO_MIN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_REDIR_REG_PROTO_MIN={0x8, 0x1, 0x1, 0x0, 0xd}]}}}, {0xc, 0x1, 0x0, 0x1, @fwd={{0x8}, @void}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x1e0}}, 0x0)
sendmsg$NL80211_CMD_SET_PMK(r1, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x8c, r4, 0x400, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "80a8787ea677b79abce92ae13f52d390"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "7adc7761097739f29393c8361ea84733"}, @NL80211_ATTR_PMK={0x14, 0xfe, "c70eb19365b943bacf829450e5b09f56"}, @NL80211_ATTR_PMK={0x14, 0xfe, "e3ccc7ae7ae81b2b25f2a14d93986fae"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "da4361828409469b0542fde58ada4fd3"}, @NL80211_ATTR_MAC={0xa}]}, 0x8c}, 0x1, 0x0, 0x0, 0x44040}, 0x4014)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000680), 0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={0x0, 0x54}}, 0x0)
socket$rds(0x15, 0x5, 0x0)
r7 = socket(0x11, 0x800000003, 0x0)
r8 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000600)={'team0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x90, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0xf}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [0x0, 0x40], 0x0, [0x4, 0x2], [0x0, 0x4]}}}}, @TCA_RATE={0x6}]}, 0x90}}, 0x24000001)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_TIMEOUT={0xc}]}], {0x14, 0x10}}, 0x70}}, 0x0)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r11)

834.065017ms ago: executing program 4:
r0 = socket(0xa, 0x6, 0x0)
getsockopt$inet6_mreq(r0, 0x10d, 0x95, 0x0, &(0x7f0000000040))
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000200)={0x0, 0x14000000, &(0x7f0000000000)={&(0x7f0000000040)={0x1c, r1, 0x62c21a4ade68aba1, 0x0, 0x0, {{0x5}, {@val={0x8, 0x3}, @void, @void}}}, 0x1c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_START_P2P_DEVICE(0xffffffffffffffff, 0x0, 0x4000080)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000088500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001940)=ANY=[@ANYBLOB="ec0000002100390d0000000000000000ac141400000000000000000000000000e000000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000009c001100ff010000000000000000000000000001ffffffff000000000000000000000000fe880000000000000000000000000001ac141400000000000000000000000000000000000000000000000200ff010000000000000000000000000001ffffffff000000000000000000000000fe8000000000000000f0151659b2f8d500000000000000fe880000000000000000000000000001"], 0xec}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac14141644089f034d2f87e5fe0c6aab845013f2325f1a39014403048da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)

823.457165ms ago: executing program 1:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xa, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000810000000000000018550000010000000000000000000000186b0000070000000000000080000000185000000200000000000001000000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x7, 0xbf, &(0x7f00000000c0)=""/191}, 0x90)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_opts(r0, 0x0, 0xc, &(0x7f00000000c0)='H', 0x1)
getsockopt$inet_opts(r0, 0x0, 0x400000000000009, &(0x7f0000937fed)=""/16, &(0x7f0000000100)=0x40)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f00000005c0)={0x2, 0x4e23, @multicast1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYRESHEX=r2, @ANYRESHEX=r2, @ANYRES8=r2], 0x50}, 0x1, 0x0, 0x0, 0x20000060}, 0x4044890)
sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000009006000000000000000000000a3c000000090a050600000000000000000100000008000a40000000000900020073797a31000000000900010073797a3000000020080005400000001414000000110001"], 0x64}}, 0x0)
sendmsg$NFT_MSG_GETSET(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000000a0a016afeb2d0de7d5b9f1e01"], 0x14}}, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000001340)=[{{0x0, 0x0, &(0x7f0000000480)}}], 0x1, 0x24004041)
ioctl$sock_inet_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000540))
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c0000000a00000008000100feffffff43cbff4a5775e7afb2382e45c708c3d11d470564677271ed165670e1a6dff9beb9f81451333175ca7064f77108ab1ba90ae9e13cb15f17d1e300745a1c3f974892"], 0x1c}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="240000000408010100000000000000000000d38a775df70c5cea00000600024000000000ef977ef59afa44aca326"], 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000007bc0), r3)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_NEW_KEY(r7, &(0x7f0000009240)={0x0, 0x0, &(0x7f0000009200)={&(0x7f0000000340)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r6, @ANYRES16=r1, @ANYRES32=r5, @ANYBLOB="11000700e081cc0a605cdbcb9a662cc10a0000000b000a0055cee83e456d8600050008"], 0x44}}, 0x0)
r8 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000100)=[{0x30, 0x0, 0x0, 0xfffff038}, {0x80000006}]}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000580)='./cgroup.cpu/syz0\x00', 0x1ff)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), r9)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="440000000206030000000000000000000000000005000100070000000900d2b068c19afe3082020073797a31f3ffffff040005000031915993000000f2bb163e000000000c000300686173682f9a6469da73a988cd8650c3489d9fa7"], 0x44}}, 0x0)

755.115782ms ago: executing program 2:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="8fedcb5d07081175f37538e4894f"], 0xfdef)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x3c, 0x1e, 0xa, 0x105, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xc0}}, 0x0)

686.639476ms ago: executing program 0:
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0x2000011a)
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x1000000000000000)

672.119396ms ago: executing program 4:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a5000000230000"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00'}, 0x10)
r1 = epoll_create(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, 0xffffffffffffffff)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000840), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x20, r2, 0x401, 0x0, 0x0, {}, [@ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x2}, @ETHTOOL_A_CHANNELS_HEADER={0x4}]}, 0x20}}, 0x0)

645.686289ms ago: executing program 1:
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0xffb}, 0x10)
write(0xffffffffffffffff, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a0000000000", 0x41d)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r0=>0x0})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f00000003c0)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x69}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, 0x0, &(0x7f00000002c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r5}, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000640)='ext4_ext_remove_space_done\x00', r3}, 0x10)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x275a, 0x0)
write$cgroup_int(r6, &(0x7f00000000c0), 0x12)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=@gettclass={0x24, 0x2a, 0xf08, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r0, {0xfff1, 0x10}, {0x9, 0x6}, {0x3, 0x8}}, [""]}, 0x24}}, 0x20044090)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}, @random="267a8fff0621", @val={@void, {0x8100, 0x0, 0x1, 0x3}}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x10, 0x3a, 0xff, @dev={0xfe, 0xe0}, @mcast2, {[], @ndisc_ra={0x89, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2}}}}}}, 0x0)

502.96895ms ago: executing program 4:
syz_emit_ethernet(0x32, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local, @val={@val={0x88a8, 0x4, 0x0, 0x2}, {0x8100, 0x6}}, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr=0xfffffffd, @remote}, {0x12, 0x0, 0x0, @local}}}}}, 0x0)

487.290336ms ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x5, 0x5, 0x2, 0x4}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c0000000206050000000000000000000000000005000400000000000900020073797a30000000001400078008000840000028590800064000000000050005000000400005000100060000000d000300686173683a6d6163"], 0x5c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
socketpair(0x0, 0x0, 0x0, &(0x7f0000000000))

384.968631ms ago: executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
readv(r0, &(0x7f0000000040)=[{&(0x7f00000001c0)=""/202, 0xca}], 0x1) (async)
readv(r0, &(0x7f0000000040)=[{&(0x7f00000001c0)=""/202, 0xca}], 0x1)
socket$kcm(0x2, 0xa, 0x2) (async)
r1 = socket$kcm(0x2, 0xa, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) (async)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r4}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r4}, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000002c0), r5) (async)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000002c0), r5)
sendmsg$NLBL_MGMT_C_PROTOCOLS(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r6, 0x30d}, 0x14}}, 0x0)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000002c0), 0x4) (async)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
sendmsg$inet(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000300)="480cfd4823", 0x5}], 0x1}, 0x0)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x304, 0x36}, "b1d65ab71f5ef2fe", "9e8ecc7bb5352776725e1047711330ff2bb17b550800", "dc5d3f00", "46b0dc72b7b1d30e"}, 0x38)
sendmsg$NL80211_CMD_LEAVE_IBSS(r2, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000002c0)={&(0x7f0000000100)={0x14, 0x0, 0x100, 0x70bd29, 0x25dfdbff, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x20000081}, 0x4000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x2d}, 0x20)
r7 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) (async)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c)
listen(r7, 0x80080400)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x4) (async)
socket$caif_seqpacket(0x25, 0x5, 0x4)
r8 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r8, &(0x7f00000000c0)={0x2, 0x4e20, @local}, 0x10) (async)
connect$inet(r8, &(0x7f00000000c0)={0x2, 0x4e20, @local}, 0x10)
getsockopt$inet_int(r8, 0x10d, 0xeb, &(0x7f0000000000), &(0x7f0000000080)=0x4)
ioctl$BTRFS_IOC_QUOTA_CTL(r1, 0xc0109428, &(0x7f0000000340)={0x1, 0x63})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000000)={0x0, 'syzkaller1\x00'})
socket$nl_netfilter(0x10, 0x3, 0xc)

260.761756ms ago: executing program 1:
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x13, 0xefb, 0x9, 0x4, 0x1, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x1, 0x2}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008800000b704000000000000850000002300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r4}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000009c0)={@cgroup=r0, 0xffffffffffffffff, 0x31, 0xc, 0x0, @link_fd=r5}, 0x20)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_DEL_PMK(0xffffffffffffffff, 0x0, 0x0)
r9 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000280), r8)
sendmsg$NET_DM_CMD_START(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r9, 0x1}, 0x14}}, 0x0)
sendmsg$NET_DM_CMD_STOP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r9, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r11 = openat$cgroup_procs(r10, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r11, &(0x7f0000000040), 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r13 = openat$cgroup_procs(r12, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r13, &(0x7f0000000880), 0x12)
setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000000)=0x4, 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f00000003c0), 0xffffffffffffffff)

66.60999ms ago: executing program 0:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000001dc0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null-generic\x00'}, 0x58)
accept$alg(r1, 0x0, 0x0)
bind$alg(r1, &(0x7f0000000080)={0x2, 'aead\x00', 0xa, 0x0, 'rfc7539esp(chacha20-generic,ghash-clmulni)\x00'}, 0x58)

0s ago: executing program 1:
socket$nl_crypto(0x10, 0x3, 0x15)
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000280), 0x8)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000000440)=[@in={0x2, 0x4e21, @multicast2}, @in6={0xa, 0x4e22, 0x2, @mcast2, 0x9}, @in6={0xa, 0x4e24, 0x3, @private0, 0xffff}, @in6={0xa, 0x4e24, 0x7fffffff, @dev={0xfe, 0x80, '\x00', 0x11}, 0x4}], 0x64)
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001440), &(0x7f0000001480)=0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000240)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f0000000880), 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
unshare(0x600)
r5 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r5, 0x29, 0x7, &(0x7f0000000080), 0xc)
r6 = openat$cgroup_procs(r4, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000380), 0x12)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x70}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet6_SIOCSIFADDR(r8, 0x8916, &(0x7f0000000040)={@private2={0xfc, 0x2, '\x00', 0x1}, 0x5d})
sendmsg$DEVLINK_CMD_RELOAD(r7, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000001c40)=ANY=[@ANYBLOB="840000", @ANYRES16, @ANYBLOB="10002cbd7000fddbdf25250000000e0001006e657464657673696d", @ANYRES32, @ANYBLOB="080001007063690011000200303030303a30303a31302e300000000008008c0004000000080001007063690011000200303030303a30303a31302e30"], 0x84}}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000580)="6700000010008188040f56ecdb4cb9cca7480ef434000000e3bd6efb440009000e000a0010000000ba80010000005a8c3774da0a040059a933c1e7a6d3361d83b20000319cdf5656826edaaa11032701c61ec666d482078ccebcb9a4f187f7a4e98f09cdc2649f", 0x67}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

[  107.885602][ T6258] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  108.065772][ T6264] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  108.152090][ T6267] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  108.159524][ T6267] IPv6: NLM_F_CREATE should be set when creating new route
[  108.246171][ T6272] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  108.603276][ T6285] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'.
[  109.255242][ T6309] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  109.799505][ T6333] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.1'.
[  109.832038][ T6339] netlink: 88 bytes leftover after parsing attributes in process `syz-executor.0'.
[  110.014868][ T5129] Bluetooth: hci1: command tx timeout
[  110.024109][ T6347] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  110.278043][ T6357] Cannot find set identified by id 0 to match
[  110.937432][ T6376] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.3'.
[  111.236225][ T6386] netlink: 'syz-executor.0': attribute type 21 has an invalid length.
[  111.266724][ T6386] netlink: 128 bytes leftover after parsing attributes in process `syz-executor.0'.
[  111.289597][ T6386] netlink: 'syz-executor.0': attribute type 5 has an invalid length.
[  112.105067][ T5129] Bluetooth: hci1: command 0x0405 tx timeout
[  112.145372][ T6424] syzkaller0: entered promiscuous mode
[  112.167071][ T6424] syzkaller0: entered allmulticast mode
[  114.697088][ T6446] __nla_validate_parse: 5 callbacks suppressed
[  114.697110][ T6446] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  114.749979][ T6449] netlink: 88 bytes leftover after parsing attributes in process `syz-executor.4'.
[  115.333979][ T6457] ieee802154 phy0 wpan0: encryption failed: -22
[  115.469769][ T6459] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  115.524931][ T6461] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  115.542748][ T6459] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  115.705080][ T1258] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.738322][ T5129] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  115.749135][ T5129] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  115.766503][ T5129] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  115.776616][ T5129] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  115.786807][ T5129] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  115.795206][ T5129] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  115.922158][ T1258] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.009403][ T6473] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
[  116.110547][ T1258] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.277052][ T1258] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.316440][ T6477] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  116.526050][ T1258] bridge_slave_1: left allmulticast mode
[  116.531784][ T1258] bridge_slave_1: left promiscuous mode
[  116.560462][ T1258] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.600202][ T1258] bridge_slave_0: left allmulticast mode
[  116.614932][ T1258] bridge_slave_0: left promiscuous mode
[  116.621615][ T1258] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.841718][ T6488] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  117.762964][ T1258] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  117.792195][ T1258] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  117.820877][ T1258] bond0 (unregistering): Released all slaves
[  117.855053][ T5133] Bluetooth: hci3: command tx timeout
[  118.165146][ T6517] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  118.276818][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  118.421385][ T6510] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  118.445658][ T6531] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  118.813580][ T6467] chnl_net:caif_netlink_parms(): no params data found
[  119.117956][ T6550] Bluetooth: MGMT ver 1.22
[  119.567319][ T6467] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.604232][ T6467] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.611875][ T6467] bridge_slave_0: entered allmulticast mode
[  119.633045][ T6467] bridge_slave_0: entered promiscuous mode
[  119.649299][ T6467] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.663812][ T6467] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.673435][ T6467] bridge_slave_1: entered allmulticast mode
[  119.685171][ T6467] bridge_slave_1: entered promiscuous mode
[  119.784805][ T6572] netlink: 'syz-executor.4': attribute type 21 has an invalid length.
[  119.944238][ T5133] Bluetooth: hci3: command tx timeout
[  119.960606][ T6467] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  120.064088][ T6467] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  120.124158][ T1258] hsr_slave_0: left promiscuous mode
[  120.132778][ T1258] hsr_slave_1: left promiscuous mode
[  120.147890][ T1258] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  120.160088][ T1258] batman_adv: batadv0: Removing interface: batadv_slave_0
[  120.164186][ T6587] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  120.180135][ T1258] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  120.203415][ T1258] batman_adv: batadv0: Removing interface: batadv_slave_1
[  120.243680][ T1258] veth1_macvtap: left promiscuous mode
[  120.254075][ T1258] veth0_macvtap: left promiscuous mode
[  120.260347][ T1258] veth1_vlan: left promiscuous mode
[  120.272516][ T1258] veth0_vlan: left promiscuous mode
[  121.116809][ T1258] team0 (unregistering): Port device team_slave_1 removed
[  121.192282][ T1258] team0 (unregistering): Port device team_slave_0 removed
[  121.651436][ T6467] team0: Port device team_slave_0 added
[  121.690697][ T6605] tap0: tun_chr_ioctl cmd 1074025677
[  121.709363][ T6605] tap0: linktype set to 768
[  121.755747][ T6467] team0: Port device team_slave_1 added
[  121.853150][ T6467] batman_adv: batadv0: Adding interface: batadv_slave_0
[  121.880922][ T6467] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  121.930900][ T6467] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  121.995913][ T6467] batman_adv: batadv0: Adding interface: batadv_slave_1
[  122.003021][ T6467] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  122.034781][ T5133] Bluetooth: hci3: command tx timeout
[  122.111164][ T6467] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  122.182522][ T6636] netlink: 96 bytes leftover after parsing attributes in process `syz-executor.2'.
[  122.344464][ T6642] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  122.402096][ T6644] netlink: 'syz-executor.4': attribute type 16 has an invalid length.
[  122.406675][ T6467] hsr_slave_0: entered promiscuous mode
[  122.411013][ T6644] netlink: 64138 bytes leftover after parsing attributes in process `syz-executor.4'.
[  122.439904][ T6467] hsr_slave_1: entered promiscuous mode
[  122.460024][ T6467] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  122.482455][ T6467] Cannot create hsr debugfs directory
[  122.525347][ T6644] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  122.574873][ T1258] IPVS: stop unused estimator thread 0...
[  123.153159][ T6467] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  123.165540][ T6467] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  123.192129][ T6467] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  123.207468][ T6467] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  123.255175][ T6659] xt_NFQUEUE: number of queues (27721) out of range (got 91309)
[  123.464334][ T6467] 8021q: adding VLAN 0 to HW filter on device bond0
[  123.532035][ T6467] 8021q: adding VLAN 0 to HW filter on device team0
[  123.567565][  T929] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.574808][  T929] bridge0: port 1(bridge_slave_0) entered forwarding state
[  123.597090][ T6661] netlink: 'syz-executor.1': attribute type 9 has an invalid length.
[  123.630737][ T6661] netlink: 209836 bytes leftover after parsing attributes in process `syz-executor.1'.
[  123.647035][  T929] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.654279][  T929] bridge0: port 2(bridge_slave_1) entered forwarding state
[  123.803996][ T6662] netlink: 'syz-executor.1': attribute type 9 has an invalid length.
[  123.865409][ T6662] netlink: 209836 bytes leftover after parsing attributes in process `syz-executor.1'.
[  124.081410][ T6674] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  124.094954][ T5133] Bluetooth: hci3: command tx timeout
[  124.209866][ T6467] 8021q: adding VLAN 0 to HW filter on device batadv0
[  124.222381][ T6682] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  124.390322][ T6467] veth0_vlan: entered promiscuous mode
[  124.489788][ T6467] veth1_vlan: entered promiscuous mode
[  124.599613][ T6467] veth0_macvtap: entered promiscuous mode
[  124.614415][ T6696] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  124.628414][ T6467] veth1_macvtap: entered promiscuous mode
[  124.680981][ T6467] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.692925][ T6467] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.718867][ T6467] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.744644][ T6467] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.768595][ T6467] batman_adv: batadv0: Interface activated: batadv_slave_0
[  124.810197][ T6467] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.831946][ T6467] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.843522][ T6467] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.861149][ T6467] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.873594][ T6467] batman_adv: batadv0: Interface activated: batadv_slave_1
[  124.913980][ T6467] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.930715][ T6467] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.943957][ T6467] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.960451][ T6467] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.203581][ T6710] netlink: 'syz-executor.1': attribute type 9 has an invalid length.
[  125.221784][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.235602][ T6710] __nla_validate_parse: 1 callbacks suppressed
[  125.235623][ T6710] netlink: 209836 bytes leftover after parsing attributes in process `syz-executor.1'.
[  125.240841][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.394996][ T6712] netlink: 'syz-executor.1': attribute type 9 has an invalid length.
[  125.403230][ T6712] netlink: 209836 bytes leftover after parsing attributes in process `syz-executor.1'.
[  125.410408][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  125.438281][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.695165][ T6727] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  126.439165][ T6757] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  127.358972][ T6798] pimreg: entered allmulticast mode
[  127.403330][ T6803] netlink: 'syz-executor.3': attribute type 9 has an invalid length.
[  127.424882][ T6803] netlink: 209836 bytes leftover after parsing attributes in process `syz-executor.3'.
[  128.478925][ T6895] netlink: zone id is out of range
[  128.517018][ T6895] netlink: zone id is out of range
[  128.554711][ T6895] netlink: zone id is out of range
[  128.597390][ T6895] netlink: zone id is out of range
[  128.616906][ T6895] netlink: zone id is out of range
[  128.622100][ T6895] netlink: zone id is out of range
[  128.644419][ T6895] netlink: zone id is out of range
[  128.657105][ T6895] netlink: zone id is out of range
[  128.666412][ T6895] netlink: zone id is out of range
[  128.673868][ T6895] netlink: zone id is out of range
[  128.806390][ T6913] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'.
[  129.042963][ T6918] can: request_module (can-proto-0) failed.
[  129.222173][ T6934] netlink: 'syz-executor.1': attribute type 15 has an invalid length.
[  129.260055][ T6934] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  129.339540][ T6934] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  129.610109][ T6949] nbd: must specify at least one socket
[  129.703733][ T6953] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'.
[  129.720535][ T6956] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.2'.
[  129.734387][ T6956] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.2'.
[  130.074386][ T6978] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  130.496495][ T7003] __nla_validate_parse: 59 callbacks suppressed
[  130.496515][ T7003] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'.
[  130.590841][ T7005] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  130.974208][ T7015] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  130.985005][ T7015] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  131.007559][ T7016] syz-executor.4[7016] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  131.007742][ T7016] syz-executor.4[7016] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  131.008975][ T7015] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  131.049662][ T7015] batadv_slave_0: entered promiscuous mode
[  131.262529][ T7029] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
[  131.272508][ T7030] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  131.405400][ T7033] sctp: [Deprecated]: syz-executor.1 (pid 7033) Use of int in maxseg socket option.
[  131.405400][ T7033] Use struct sctp_assoc_value instead
[  131.739741][ T7059] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  131.770331][ T7059] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  132.407051][ T7094] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  132.859549][ T7106] netlink: 216 bytes leftover after parsing attributes in process `syz-executor.3'.
[  132.895561][ T7106] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  133.140809][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[  133.150017][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  133.513934][ T7146] bridge0: port 3(bond0) entered blocking state
[  133.521129][ T7146] bridge0: port 3(bond0) entered disabled state
[  133.528567][ T7146] bond0: entered allmulticast mode
[  133.534282][ T7146] bond_slave_0: entered allmulticast mode
[  133.543812][ T7146] bond_slave_1: entered allmulticast mode
[  133.564381][ T7146] bond0: entered promiscuous mode
[  133.576223][ T7146] bond_slave_0: entered promiscuous mode
[  133.582400][ T7146] bond_slave_1: entered promiscuous mode
[  133.598582][ T7146] bridge0: port 3(bond0) entered blocking state
[  133.606213][ T7146] bridge0: port 3(bond0) entered forwarding state
[  133.638521][ T7150] bond0: (slave bond_slave_0): Releasing backup interface
[  133.656838][ T7150] bond_slave_0: left promiscuous mode
[  133.675358][ T7150] bond_slave_0: left allmulticast mode
[  135.551332][ T7247] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0)
[  135.774715][ T7260] __nla_validate_parse: 3 callbacks suppressed
[  135.774737][ T7260] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.4'.
[  135.866320][ T7260] netlink: 'syz-executor.4': attribute type 28 has an invalid length.
[  135.889170][ T7260] netlink: 'syz-executor.4': attribute type 3 has an invalid length.
[  135.915773][ T7260] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.4'.
[  136.136214][ T7274] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  136.170939][ T7274] sctp: [Deprecated]: syz-executor.1 (pid 7274) Use of int in maxseg socket option.
[  136.170939][ T7274] Use struct sctp_assoc_value instead
[  136.626652][ T7300] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  136.721316][ T7301] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  136.769860][ T7300] net_ratelimit: 325 callbacks suppressed
[  136.769880][ T7300] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  136.846634][ T7309] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  137.158187][ T7318] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.3'.
[  137.220232][ T7318] netlink: 'syz-executor.3': attribute type 28 has an invalid length.
[  137.258597][ T7318] netlink: 'syz-executor.3': attribute type 3 has an invalid length.
[  137.302875][ T7318] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.3'.
[  138.208345][ T7346] netlink: 184 bytes leftover after parsing attributes in process `syz-executor.3'.
[  138.227887][ T7344] netlink: 'syz-executor.0': attribute type 64 has an invalid length.
[  138.250489][ T7346] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  138.465954][ T7356] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  139.412566][ T7384] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  139.570405][ T7389] pimreg: entered allmulticast mode
[  139.700981][ T7391] wg2: entered promiscuous mode
[  139.715287][ T7391] wg2: entered allmulticast mode
[  141.556344][ T7448] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  141.577058][ T7448] __nla_validate_parse: 5 callbacks suppressed
[  141.577080][ T7448] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  141.630471][ T7449] bridge2: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  141.654955][ T7448] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  141.670655][ T7448] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  141.709533][ T7451] wg2: entered promiscuous mode
[  141.721955][ T7451] wg2: entered allmulticast mode
[  142.047607][ T7480] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  142.077433][ T7486] workqueue: name exceeds WQ_NAME_LEN. Truncating to: à»Rà.È””y™l‰²¦×ÛMØÐÌȼßcÿ
[  142.995794][ T7522] Driver unsupported XDP return value 0 on prog  (id 281) dev N/A, expect packet loss!
[  143.124120][ T7532] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  143.131477][ T7532] IPv6: NLM_F_CREATE should be set when creating new route
[  143.449605][ T7543] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[  144.388281][ T7574] lo: entered promiscuous mode
[  144.394146][ T7572] lo: left promiscuous mode
[  144.609998][ T7583] syz_tun: entered promiscuous mode
[  144.624189][ T7583] macvtap1: entered promiscuous mode
[  144.641638][ T7583] macvtap1: entered allmulticast mode
[  144.656283][ T7583] syz_tun: entered allmulticast mode
[  144.668669][ T7586] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.2'.
[  144.866618][ T7591] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  144.927364][ T7591] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  144.973672][ T7591] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  145.017451][ T7591] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  145.074316][ T7591] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  145.101638][ T7591] geneve2: entered promiscuous mode
[  145.121614][ T7591] geneve2: entered allmulticast mode
[  145.635657][ T7623] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'.
[  145.802163][ T7630] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  145.959503][ T7637] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  145.981206][ T7638] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  146.660464][ T7674] __nla_validate_parse: 1 callbacks suppressed
[  146.660515][ T7674] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.2'.
[  147.148398][ T7695] netlink: 'syz-executor.1': attribute type 11 has an invalid length.
[  147.190048][ T7697] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  147.506007][ T7708] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'.
[  147.528728][ T7709] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  147.824325][ T7720] xt_TCPMSS: Only works on TCP SYN packets
[  148.043666][ T7731] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  148.209068][ T7738] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  148.614357][ T7764] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  148.782138][ T7770] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[  149.099969][ T7786] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  149.273468][ T7797] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  149.304833][ T7797] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  149.324922][ T7797] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
[  149.376743][ T7802] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  149.404766][ T7802] netlink: 'syz-executor.0': attribute type 2 has an invalid length.
[  149.485144][ T7807] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  149.941327][ T7833] tipc: Failed to remove unknown binding: 66,1,1/0:1972600411/1972600413
[  149.963455][ T7833] tipc: Failed to remove unknown binding: 66,1,1/0:1972600411/1972600413
[  150.325264][ T7859] netlink: 'syz-executor.0': attribute type 13 has an invalid length.
[  150.378767][ T7862] tipc: Failed to remove unknown binding: 66,1,1/65535:778227113/778227115
[  150.424650][ T7862] tipc: Failed to remove unknown binding: 66,1,1/65535:778227113/778227115
[  150.950152][ T7891] netlink: 'syz-executor.2': attribute type 21 has an invalid length.
[  150.976903][ T7891] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  151.172585][ T7899] bond2: entered promiscuous mode
[  151.231691][ T7899] 8021q: adding VLAN 0 to HW filter on device bond2
[  151.278026][ T7902] bond2: left promiscuous mode
[  151.941880][ T7946] __nla_validate_parse: 8 callbacks suppressed
[  151.941904][ T7946] netlink: 9286 bytes leftover after parsing attributes in process `syz-executor.3'.
[  152.340138][ T7976] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  152.383671][ T7976] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  152.404879][ T7976] netlink: 'syz-executor.0': attribute type 2 has an invalid length.
[  152.485722][ T7982] veth0_vlan: entered allmulticast mode
[  152.691276][ T7985] veth0_vlan: left promiscuous mode
[  152.718132][ T7985] veth0_vlan: entered promiscuous mode
[  152.758699][ T8000] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  153.085379][ T8020] netlink: 'syz-executor.4': attribute type 11 has an invalid length.
[  153.197346][ T8029] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  153.812965][ T8060] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  153.828512][ T8060] netlink: 9348 bytes leftover after parsing attributes in process `syz-executor.0'.
[  155.296009][ T5176] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  155.536256][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  155.852657][ T8189] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  155.868599][ T8189] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  155.879562][ T8189] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  155.967601][ T8196] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  156.181289][ T8209] veth0_vlan: entered allmulticast mode
[  156.181711][ T5178] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.335824][ T5209] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.344709][ T8210] veth0_vlan: left promiscuous mode
[  156.373533][ T8210] veth0_vlan: entered promiscuous mode
[  156.666697][ T8233] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.675681][ T8233] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.684232][ T8233] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.723901][ T8233] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  156.756209][ T8233] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.222069][ T8267] syz-executor.3[8267] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  157.222237][ T8267] syz-executor.3[8267] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  157.306775][ T8272] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0
[  157.656765][ T8288] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.4'.
[  157.997348][ T8301] syz-executor.2[8301] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  157.997603][ T8301] syz-executor.2[8301] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  158.513366][ T8325] pim6reg1: entered promiscuous mode
[  158.532289][ T8325] pim6reg1: entered allmulticast mode
[  158.639814][ T8331] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  158.708877][ T8331] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  159.235768][ T8364] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  159.246793][ T8370] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  160.463710][ T8410] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  161.057586][ T5133] Bluetooth: hci0: command tx timeout
[  161.413576][ T8452] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  161.496249][ T8458] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  161.544675][ T8460] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  161.591007][ T8452] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  161.609791][ T8452] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.4'.
[  161.634641][ T8452] team0: entered promiscuous mode
[  161.644219][ T8452] team_slave_0: entered promiscuous mode
[  161.666390][ T8452] team_slave_1: entered promiscuous mode
[  161.685336][ T8452] bridge0: port 3(team0) entered blocking state
[  161.693358][ T8452] bridge0: port 3(team0) entered disabled state
[  161.702838][ T8452] team0: entered allmulticast mode
[  161.708365][ T8452] team_slave_0: entered allmulticast mode
[  161.714427][ T8452] team_slave_1: entered allmulticast mode
[  161.729652][ T8452] bridge0: port 3(team0) entered blocking state
[  161.736217][ T8452] bridge0: port 3(team0) entered forwarding state
[  161.954215][ T8479] batman_adv: batadv0: adding TT local entry 90:c8:2b:92:00:00 to non-existent VLAN 3855
[  162.558668][ T8507] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  162.638513][ T8516] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  162.692848][ T8515] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  162.726944][ T8515] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  162.728415][ T8507] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  162.755501][ T8507] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.2'.
[  162.769363][ T8507] team0: entered promiscuous mode
[  162.776546][ T8507] team_slave_0: entered promiscuous mode
[  162.782722][ T8507] team_slave_1: entered promiscuous mode
[  162.791887][ T8507] mac80211_hwsim hwsim5 wlan1: entered promiscuous mode
[  162.813387][ T8507] 8021q: adding VLAN 0 to HW filter on device team0
[  162.821042][ T8507] bridge0: port 3(team0) entered blocking state
[  162.827870][ T8507] bridge0: port 3(team0) entered disabled state
[  162.835214][ T8507] team0: entered allmulticast mode
[  162.840603][ T8507] team_slave_0: entered allmulticast mode
[  162.847548][ T8507] team_slave_1: entered allmulticast mode
[  162.853525][ T8507] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  162.866232][ T8507] bridge0: port 3(team0) entered blocking state
[  162.872707][ T8507] bridge0: port 3(team0) entered forwarding state
[  163.292988][ T8538] TCP: TCP_TX_DELAY enabled
[  163.559160][ T8548] Bluetooth: MGMT ver 1.22
[  163.604737][ T8548] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  164.008823][ T8567] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  164.088596][ T8568] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  164.235380][ T8567] netlink: 'syz-executor.3': attribute type 10 has an invalid length.
[  164.274578][ T8567] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.3'.
[  164.294618][ T8567] team0: entered promiscuous mode
[  164.299720][ T8567] team_slave_0: entered promiscuous mode
[  164.324851][ T8567] team_slave_1: entered promiscuous mode
[  164.333408][ T8567] bridge0: port 4(team0) entered blocking state
[  164.346909][ T8567] bridge0: port 4(team0) entered disabled state
[  164.365014][ T8567] team0: entered allmulticast mode
[  164.370318][ T8567] team_slave_0: entered allmulticast mode
[  164.385835][ T8567] team_slave_1: entered allmulticast mode
[  164.415633][ T8567] bridge0: port 4(team0) entered blocking state
[  164.422079][ T8567] bridge0: port 4(team0) entered forwarding state
[  164.606644][ T8578] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.1'.
[  164.726962][ T8584] hsr0: entered promiscuous mode
[  164.732868][ T8584] macsec1: entered promiscuous mode
[  164.861076][ T8593] netlink: 'syz-executor.2': attribute type 5 has an invalid length.
[  165.662637][ T8621] netlink: 308 bytes leftover after parsing attributes in process `syz-executor.0'.
[  166.553776][ T8643] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  166.751320][ T8651] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  166.786141][ T8651] bridge_slave_1: left allmulticast mode
[  166.792089][ T8651] bridge_slave_1: left promiscuous mode
[  166.798208][ T8651] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.813959][ T8651] bridge1: port 1(bridge_slave_1) entered blocking state
[  166.823295][ T8651] bridge1: port 1(bridge_slave_1) entered disabled state
[  166.830796][ T8651] bridge_slave_1: entered allmulticast mode
[  166.861363][ T8651] bridge_slave_1: entered promiscuous mode
[  166.939531][ T8656] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  166.958100][ T8656] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  167.541380][ T8674] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  167.845409][   T29] audit: type=1804 audit(1719064139.439:4): pid=8680 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2898487946/syzkaller.0jRsQe/192/cgroup.controllers" dev="sda1" ino=1965 res=1 errno=0
[  167.895830][ T8680] netlink: 108 bytes leftover after parsing attributes in process `syz-executor.1'.
[  167.927159][ T8680] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  168.198906][ T8694] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  168.317956][ T8700] netlink: 100 bytes leftover after parsing attributes in process `syz-executor.1'.
[  168.419529][ T8706] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  168.523927][ T8708] netlink: 'syz-executor.0': attribute type 2 has an invalid length.
[  168.669529][ T8720] netlink: 240 bytes leftover after parsing attributes in process `syz-executor.0'.
[  168.998890][ T8735] xt_CT: You must specify a L4 protocol and not use inversions on it
[  169.162895][ T8745] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.3'.
[  169.272168][ T8747] openvswitch: netlink: nsh attribute has 4 unknown bytes.
[  169.505463][ T8747] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[  169.581364][ T8747] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.3'.
[  169.916947][ T8772] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  170.752835][    T9] IPVS: starting estimator thread 0...
[  170.816070][ T8811] IPVS: set_ctl: invalid protocol: 5 172.20.20.170:21
[  170.856228][ T8807] IPVS: using max 18 ests per chain, 43200 per kthread
[  172.994315][ T8901] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  173.506464][ T8908] syzkaller1: entered promiscuous mode
[  173.512153][ T8908] syzkaller1: entered allmulticast mode
[  173.874839][ T8926] __nla_validate_parse: 8 callbacks suppressed
[  173.874860][ T8926] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.2'.
[  173.928862][ T8926] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.2'.
[  173.939464][ T8926] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.2'.
[  173.955152][ T5129] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  173.970982][ T5129] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  173.982882][ T5129] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  173.995200][ T5129] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  174.003234][ T5129] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  174.012959][ T5129] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  174.187055][ T8939] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.0'.
[  174.210246][   T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.460784][   T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.734314][ T8967] dccp_invalid_packet: P.Data Offset(4) too small
[  174.760780][   T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.925813][   T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.936910][ T8973] netlink: 4580 bytes leftover after parsing attributes in process `syz-executor.2'.
[  174.937102][ T8973] netlink: 4580 bytes leftover after parsing attributes in process `syz-executor.2'.
[  174.957760][ T8973] netlink: 69 bytes leftover after parsing attributes in process `syz-executor.2'.
[  174.969404][ T8974] netlink: 4580 bytes leftover after parsing attributes in process `syz-executor.2'.
[  175.000582][ T8974] netlink: 4580 bytes leftover after parsing attributes in process `syz-executor.2'.
[  175.011038][ T8970] syzkaller1: entered promiscuous mode
[  175.022441][ T8970] syzkaller1: entered allmulticast mode
[  175.025799][ T8977] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.0'.
[  175.350914][ T8980] tap0: tun_chr_ioctl cmd 1074025677
[  175.387723][ T8980] tap0: linktype set to 773
[  175.475940][   T35] team0: left allmulticast mode
[  175.484109][   T35] team_slave_0: left allmulticast mode
[  175.492040][   T35] team_slave_1: left allmulticast mode
[  175.501628][   T35] bridge0: port 4(team0) entered disabled state
[  175.514300][   T35] bond0: left allmulticast mode
[  175.522305][   T35] bond_slave_1: left allmulticast mode
[  175.530795][   T35] bond0: left promiscuous mode
[  175.541429][   T35] bond_slave_1: left promiscuous mode
[  175.557581][   T35] bridge0: port 3(bond0) entered disabled state
[  175.633395][   T35] bridge_slave_0: left allmulticast mode
[  175.645102][   T35] bridge_slave_0: left promiscuous mode
[  175.657457][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.692221][   T35] bridge_slave_1: left allmulticast mode
[  175.708969][   T35] bridge_slave_1: left promiscuous mode
[  175.725007][   T35] bridge1: port 1(bridge_slave_1) entered disabled state
[  176.095795][ T5129] Bluetooth: hci3: command tx timeout
[  176.634080][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  176.651765][   T35] bond0 (unregistering): Released all slaves
[  176.671425][   T35] bond1 (unregistering): Released all slaves
[  176.798985][   T35] bond2 (unregistering): Released all slaves
[  176.824809][ T8980] pim6reg1: entered promiscuous mode
[  176.830178][ T8980] pim6reg1: entered allmulticast mode
[  177.581980][ T8930] chnl_net:caif_netlink_parms(): no params data found
[  178.175524][ T5129] Bluetooth: hci3: command tx timeout
[  178.311257][ T8930] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.350892][ T8930] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.384627][ T8930] bridge_slave_0: entered allmulticast mode
[  178.392372][ T8930] bridge_slave_0: entered promiscuous mode
[  178.457616][ T8930] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.474649][ T8930] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.481973][ T8930] bridge_slave_1: entered allmulticast mode
[  178.521771][ T8930] bridge_slave_1: entered promiscuous mode
[  178.572215][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  178.608775][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  178.624023][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  178.632909][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  178.669044][   T35] veth1_macvtap: left promiscuous mode
[  178.674925][   T35] veth0_macvtap: left promiscuous mode
[  178.680689][   T35] veth1_vlan: left promiscuous mode
[  178.686275][   T35] veth0_vlan: left promiscuous mode
[  179.127148][   T35] pimreg (unregistering): left allmulticast mode
[  179.973160][   T35] team_slave_1 (unregistering): left promiscuous mode
[  179.994130][   T35] team0 (unregistering): Port device team_slave_1 removed
[  180.070182][   T35] team_slave_0 (unregistering): left promiscuous mode
[  180.082345][   T35] team0 (unregistering): Port device team_slave_0 removed
[  180.217690][ T9090] __nla_validate_parse: 14 callbacks suppressed
[  180.217714][ T9090] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'.
[  180.236736][ T9090] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'.
[  180.246342][ T9090] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'.
[  180.266082][ T5129] Bluetooth: hci3: command tx timeout
[  180.737692][ T8930] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  180.797457][ T8930] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  180.947654][ T9107] openvswitch: netlink: nsh attribute has 4 unknown bytes.
[  180.967316][ T8930] team0: Port device team_slave_0 added
[  180.985286][ T9107] netlink: 312 bytes leftover after parsing attributes in process `syz-executor.1'.
[  181.002108][ T8930] team0: Port device team_slave_1 added
[  181.027919][ T9107] tipc: Failed to remove unknown binding: 66,1,1/0:3544038734/3544038736
[  181.151906][ T8930] batman_adv: batadv0: Adding interface: batadv_slave_0
[  181.169487][ T8930] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  181.221113][ T8930] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  181.232519][ T9116] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  181.280806][ T8930] batman_adv: batadv0: Adding interface: batadv_slave_1
[  181.301410][ T8930] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  181.354711][ T8930] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  181.482200][ T8930] hsr_slave_0: entered promiscuous mode
[  181.502327][ T8930] hsr_slave_1: entered promiscuous mode
[  181.521612][ T8930] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  181.540052][ T8930] Cannot create hsr debugfs directory
[  182.003025][ T9144] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'.
[  182.335715][ T5129] Bluetooth: hci3: command tx timeout
[  182.377877][ T9149] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  182.542942][ T9153] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  182.558453][ T9150] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  182.761865][ T9138] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  182.833702][ T9138] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  183.029482][ T8930] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  183.163745][ T8930] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  183.189028][ T8930] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  183.235408][ T8930] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  183.367990][ T9178] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  183.675923][ T8930] 8021q: adding VLAN 0 to HW filter on device bond0
[  183.777508][ T8930] 8021q: adding VLAN 0 to HW filter on device team0
[  183.810885][ T5176] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.818130][ T5176] bridge0: port 1(bridge_slave_0) entered forwarding state
[  183.863880][ T5176] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.871179][ T5176] bridge0: port 2(bridge_slave_1) entered forwarding state
[  184.478086][ T8930] 8021q: adding VLAN 0 to HW filter on device batadv0
[  184.606923][ T9195] bridge_slave_0: left allmulticast mode
[  184.612617][ T9195] bridge_slave_0: left promiscuous mode
[  184.640994][ T9195] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.662076][ T9195] bridge_slave_1: left allmulticast mode
[  184.674668][ T9195] bridge_slave_1: left promiscuous mode
[  184.686199][ T9195] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.726852][ T9195] bond0: (slave bond_slave_0): Releasing backup interface
[  184.766087][ T9195] bond0: (slave bond_slave_1): Releasing backup interface
[  184.920873][ T9195] team0: Port device team_slave_0 removed
[  184.963038][ T9195] team0: Port device team_slave_1 removed
[  184.976419][ T9195] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  184.998802][ T9195] batman_adv: batadv0: Removing interface: batadv_slave_0
[  185.009713][ T9195] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  185.029091][ T9195] batman_adv: batadv0: Removing interface: batadv_slave_1
[  185.123425][ T8930] veth0_vlan: entered promiscuous mode
[  185.190013][ T8930] veth1_vlan: entered promiscuous mode
[  185.300655][ T8930] veth0_macvtap: entered promiscuous mode
[  185.337467][ T8930] veth1_macvtap: entered promiscuous mode
[  185.403554][ T8930] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  185.418859][ T9221] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  185.449209][ T8930] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.477152][ T8930] batman_adv: batadv0: Interface activated: batadv_slave_0
[  185.510656][ T8930] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  185.544661][ T8930] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.576445][ T8930] batman_adv: batadv0: Interface activated: batadv_slave_1
[  185.617696][ T8930] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  185.651468][ T8930] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  185.674937][ T8930] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  185.694802][ T8930] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  185.820072][ T9232] ebt_among: src integrity fail: 300
[  185.995131][ T6884] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  186.003009][ T6884] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  186.100728][ T9236] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  186.142232][ T6882] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  186.164754][ T9236] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.4'.
[  186.173336][ T6882] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  186.380186][ T9239] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  186.411642][ T9239] –: renamed from bridge_slave_1 (while UP)
[  186.891406][ T9257] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  187.037280][ T9261] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  187.796412][ T9278] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  190.129605][ T9306] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  190.149173][ T9306] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.1'.
[  190.209151][ T9310] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  190.319246][ T9310] vlan2: entered promiscuous mode
[  190.742865][ T9341] __nla_validate_parse: 2 callbacks suppressed
[  190.743387][ T9341] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  191.014415][ T9356] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  191.044196][ T9361] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  191.243057][ T9370] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'.
[  191.598956][ T6876] tipc: Subscription rejected, illegal request
[  192.165711][ T9411] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  192.459481][ T9422] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.0'.
[  192.488859][ T9424] nbd: must specify at least one socket
[  193.072945][ T9448] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  193.506604][ T9467] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  193.746381][   T29] audit: type=1800 audit(1719064165.349:5): pid=9472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name=01E10615CFB83E8E09EE9FADF4EFA727D45F6B12CCAF94413FB9C53E156E2D82216C20 dev="sda1" ino=1969 res=0 errno=0
[  193.806785][   T29] audit: type=1800 audit(1719064165.369:6): pid=9472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name=01E10615CFB83E8E09EE9FADF4EFA727D45F6B12CCAF94413FB9C53E156E2D82216C20 dev="sda1" ino=1969 res=0 errno=0
[  193.870329][   T29] audit: type=1800 audit(1719064165.379:7): pid=9472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name=01E10615CFB83E8E09EE9FADF4EFA727D45F6B12CCAF94413FB9C53E156E2D82216C20 dev="sda1" ino=1969 res=0 errno=0
[  193.912273][   T29] audit: type=1800 audit(1719064165.379:8): pid=9472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name=01E10615CFB83E8E09EE9FADF4EFA727D45F6B12CCAF94413FB9C53E156E2D82216C20 dev="sda1" ino=1969 res=0 errno=0
[  193.965246][   T29] audit: type=1800 audit(1719064165.379:9): pid=9472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name=01E10615CFB83E8E09EE9FADF4EFA727D45F6B12CCAF94413FB9C53E156E2D82216C20 dev="sda1" ino=1969 res=0 errno=0
[  194.056697][   T29] audit: type=1800 audit(1719064165.379:10): pid=9472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name=01E10615CFB83E8E09EE9FADF4EFA727D45F6B12CCAF94413FB9C53E156E2D82216C20 dev="sda1" ino=1969 res=0 errno=0
[  194.118508][ T9478] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
[  194.124723][   T29] audit: type=1800 audit(1719064165.379:11): pid=9472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name=01E10615CFB83E8E09EE9FADF4EFA727D45F6B12CCAF94413FB9C53E156E2D82216C20 dev="sda1" ino=1969 res=0 errno=0
[  194.151524][ T9476] macvlan2: entered promiscuous mode
[  194.174907][ T9476] macvlan2: entered allmulticast mode
[  194.186265][ T9476] bridge0: entered promiscuous mode
[  194.192344][   T29] audit: type=1800 audit(1719064165.379:12): pid=9472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name=01E10615CFB83E8E09EE9FADF4EFA727D45F6B12CCAF94413FB9C53E156E2D82216C20 dev="sda1" ino=1969 res=0 errno=0
[  194.195143][ T9476] bridge0: entered allmulticast mode
[  194.255617][ T9476] team0: Port device macvlan2 added
[  194.262793][   T29] audit: type=1800 audit(1719064165.379:13): pid=9472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name=01E10615CFB83E8E09EE9FADF4EFA727D45F6B12CCAF94413FB9C53E156E2D82216C20 dev="sda1" ino=1969 res=0 errno=0
[  194.405023][   T29] audit: type=1800 audit(1719064165.379:14): pid=9472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name=01E10615CFB83E8E09EE9FADF4EFA727D45F6B12CCAF94413FB9C53E156E2D82216C20 dev="sda1" ino=1969 res=0 errno=0
[  194.591670][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[  194.604647][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  194.763298][ T9506] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  194.946600][ T9514] syz-executor.2[9514] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  194.946763][ T9514] syz-executor.2[9514] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  195.001754][ T9514] ieee802154 phy0 wpan0: encryption failed: -22
[  195.528708][ T9539] nbd: must specify at least one socket
[  195.926730][ T9553] __nla_validate_parse: 3 callbacks suppressed
[  195.926752][ T9553] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  196.659161][ T5136] Bluetooth: hci0: command 0x0406 tx timeout
[  196.663795][ T9585] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  196.665975][   T53] Bluetooth: hci4: command 0x0405 tx timeout
[  196.675448][ T4492] Bluetooth: hci2: command 0x0406 tx timeout
[  197.217577][ T9601] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  198.236064][ T9644] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  198.264741][ T9645] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  198.290399][ T9644] macvlan2: entered promiscuous mode
[  198.308421][ T9648] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  198.491213][ T9655] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  199.581072][ T9689] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.2'.
[  199.589694][ T9686] batadv0: entered promiscuous mode
[  199.608157][ T9689] netlink: 'syz-executor.2': attribute type 11 has an invalid length.
[  199.652527][ T9686] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  199.667552][ T9686] bond0: (slave macvlan3): Enslaving as an active interface with an up link
[  199.987157][ T9699] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  200.004795][ T9699] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.0'.
[  200.023568][ T9704] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  201.030469][ T9733] batadv0: entered promiscuous mode
[  201.050080][ T9733] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  201.096686][ T9733] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  201.524039][ T9755] __nla_validate_parse: 1 callbacks suppressed
[  201.524062][ T9755] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  201.596080][ T9755] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  201.608177][ T9755] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  201.753832][ T9766] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  202.254340][ T9786] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  202.274792][ T9786] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  202.321103][ T9788] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  202.347856][ T9788] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.4'.
[  202.446630][ T9796] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  202.532332][ T9801] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  203.595488][ T9834] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  203.859100][ T9842] nbd: must specify at least one socket
[  204.070669][ T9852] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  204.115787][ T9858] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  205.273228][ T9886] batadv0: entered promiscuous mode
[  205.291620][ T9886] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  205.309589][ T9886] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  205.343212][ T9892] nbd: must specify at least one socket
[  205.680386][ T9905] netlink: 'syz-executor.1': attribute type 21 has an invalid length.
[  205.717076][ T9905] IPv6: NLM_F_CREATE should be specified when creating new route
[  206.042035][ T9924] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'.
[  206.463708][ T9944] nbd: must specify at least one socket
[  207.031719][ T9967] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  207.114901][ T9972] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'.
[  207.346904][ T9987] nbd: must specify at least one socket
[  207.456340][ T9982] syzkaller0: entered promiscuous mode
[  207.461863][ T9982] syzkaller0: entered allmulticast mode
[  209.104877][T10028] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
[  209.796938][T10011] netlink: 'syz-executor.1': attribute type 33 has an invalid length.
[  210.021064][T10034] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  210.061770][T10034] vxcan3: entered promiscuous mode
[  210.154201][T10045] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  210.301940][T10054] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 0 (only 8 groups)
[  210.793864][T10078] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
[  210.925637][T10087] nbd: must specify at least one socket
[  211.258296][T10097] netlink: 864 bytes leftover after parsing attributes in process `syz-executor.3'.
[  211.767014][T10114] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'.
[  211.770353][T10112] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  211.811089][T10112] vxcan3: entered promiscuous mode
[  211.931813][ T5137] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  211.941991][ T5137] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  211.952080][ T5137] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  211.962080][ T5137] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  211.974282][ T5137] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  211.981862][ T5137] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  211.998936][T10117] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  212.077842][T10123] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  212.416722][T10136] netlink: 864 bytes leftover after parsing attributes in process `syz-executor.0'.
[  212.678674][T10118] chnl_net:caif_netlink_parms(): no params data found
[  212.945697][T10118] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.962027][T10118] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.970552][T10118] bridge_slave_0: entered allmulticast mode
[  212.986012][T10118] bridge_slave_0: entered promiscuous mode
[  213.004291][T10118] bridge0: port 2(bridge_slave_1) entered blocking state
[  213.051235][T10118] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.059948][T10118] bridge_slave_1: entered allmulticast mode
[  213.075056][T10118] bridge_slave_1: entered promiscuous mode
[  213.104179][T10160] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'.
[  213.197015][T10118] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  213.226112][T10118] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  213.322230][T10118] team0: Port device team_slave_0 added
[  213.331444][T10167] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  213.353061][T10118] team0: Port device team_slave_1 added
[  213.363731][T10170] nbd: must specify at least one socket
[  213.402392][T10118] batman_adv: batadv0: Adding interface: batadv_slave_0
[  213.409713][T10118] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.442988][T10118] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  213.480855][T10118] batman_adv: batadv0: Adding interface: batadv_slave_1
[  213.490858][T10118] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.523282][T10118] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  213.727298][T10118] hsr_slave_0: entered promiscuous mode
[  213.744364][T10118] hsr_slave_1: entered promiscuous mode
[  213.764624][T10118] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  213.776793][T10118] Cannot create hsr debugfs directory
[  213.860650][T10198] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.0'.
[  214.016156][ T5137] Bluetooth: hci1: command tx timeout
[  214.178513][T10118] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.328445][T10118] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.475550][T10118] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.592995][T10118] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.844246][T10234] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  214.891736][T10118] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  214.949886][T10118] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  214.980163][T10118] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  215.029321][T10118] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  215.078597][T10243] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
[  215.416630][T10118] 8021q: adding VLAN 0 to HW filter on device bond0
[  215.498476][T10118] 8021q: adding VLAN 0 to HW filter on device team0
[  215.539016][ T5127] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.546274][ T5127] bridge0: port 1(bridge_slave_0) entered forwarding state
[  215.576339][ T5127] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.583554][ T5127] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.605799][T10267] sctp: [Deprecated]: syz-executor.3 (pid 10267) Use of int in maxseg socket option.
[  215.605799][T10267] Use struct sctp_assoc_value instead
[  215.709920][T10118] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  216.052111][T10118] 8021q: adding VLAN 0 to HW filter on device batadv0
[  216.095621][ T5137] Bluetooth: hci1: command tx timeout
[  216.111723][T10118] veth0_vlan: entered promiscuous mode
[  216.140128][T10118] veth1_vlan: entered promiscuous mode
[  216.180563][T10118] veth0_macvtap: entered promiscuous mode
[  216.191693][T10118] veth1_macvtap: entered promiscuous mode
[  216.239153][T10118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  216.282760][T10118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.304170][T10118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  216.322931][T10118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.339029][T10118] batman_adv: batadv0: Interface activated: batadv_slave_0
[  216.379252][T10118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.407731][T10118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.429505][T10118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.443633][T10118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.463180][T10118] batman_adv: batadv0: Interface activated: batadv_slave_1
[  216.473862][T10289] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  216.496813][T10118] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  216.516811][T10118] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  216.530647][T10118] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  216.543774][T10118] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.890702][T10308] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  216.946153][T10308] vxcan1: entered promiscuous mode
[  216.988539][ T6861] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  217.012589][ T6861] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.098414][T10308] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  217.122990][ T1059] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  217.137247][ T1059] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.376207][T10332] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.1'.
[  217.410248][T10332] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  217.458095][T10335] netdevsim netdevsim1: Direct firmware load for à? failed with error -2
[  217.482898][T10335] netdevsim netdevsim1: Falling back to sysfs fallback for: à?
[  217.724127][T10349] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  217.848413][T10354] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  217.901144][T10358] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  218.029676][T10362] nbd: must specify at least one socket
[  218.178093][ T5137] Bluetooth: hci1: command tx timeout
[  218.252851][T10373] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'.
[  218.534943][T10387] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  218.643905][T10396] nbd: must specify at least one socket
[  218.932836][T10409] ax25_connect(): syz-executor.3 uses autobind, please contact jreuter@yaina.de
[  219.780320][T10446] sctp: [Deprecated]: syz-executor.0 (pid 10446) Use of int in maxseg socket option.
[  219.780320][T10446] Use struct sctp_assoc_value instead
[  219.819773][T10447] nbd: must specify at least one socket
[  220.048100][T10463] nbd: must specify at least one socket
[  220.162858][T10467] tap0: tun_chr_ioctl cmd 1074812118
[  220.184561][T10467] team0: left allmulticast mode
[  220.213913][T10467] team_slave_0: left allmulticast mode
[  220.226198][T10467] team_slave_1: left allmulticast mode
[  220.247977][T10467] bridge0: port 3(team0) entered disabled state
[  220.254775][ T5137] Bluetooth: hci1: command tx timeout
[  220.297988][T10467] team0: Cannot enslave team device to itself
[  220.788730][T10497] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.4'.
[  220.820696][T10497] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  220.837522][T10501] netlink: 277 bytes leftover after parsing attributes in process `syz-executor.3'.
[  220.859669][T10503] netdevsim netdevsim4: Direct firmware load for à? failed with error -2
[  220.866514][T10502] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  220.884382][T10503] netdevsim netdevsim4: Falling back to sysfs fallback for: à?
[  221.048236][T10509] nbd: must specify at least one socket
[  221.477467][T10534] sctp: [Deprecated]: syz-executor.3 (pid 10534) Use of int in maxseg socket option.
[  221.477467][T10534] Use struct sctp_assoc_value instead
[  222.663219][T10588] __nla_validate_parse: 4 callbacks suppressed
[  222.663260][T10588] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.0'.
[  222.705302][T10588] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  222.728465][T10591] netdevsim netdevsim0: Direct firmware load for à? failed with error -2
[  222.741324][T10591] netdevsim netdevsim0: Falling back to sysfs fallback for: à?
[  222.781220][T10592] netlink: 'syz-executor.4': attribute type 3 has an invalid length.
[  223.241412][T10610] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.1'.
[  223.345822][T10617] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  223.957012][T10637] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode
[  224.147113][T10643] (unnamed net_device) (uninitialized): ARP target 1.0.0.0 is already present
[  224.168023][T10643] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (1)
[  224.222587][T10645] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  224.479470][T10654] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.3'.
[  224.514836][T10654] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  224.544269][T10654] netdevsim netdevsim3: Direct firmware load for à? failed with error -2
[  224.570621][T10654] netdevsim netdevsim3: Falling back to sysfs fallback for: à?
[  224.814745][T10670] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  225.026247][T10685] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  225.433290][T10708] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  226.175480][T10729] 8021q: VLANs not supported on ipvlan0
[  226.211671][T10731] netlink: 420 bytes leftover after parsing attributes in process `syz-executor.2'.
[  226.378169][T10735] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.3'.
[  226.406708][T10737] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  226.425125][T10735] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  226.444814][T10737] netdevsim netdevsim0: Direct firmware load for à? failed with error -2
[  226.453393][T10737] netdevsim netdevsim0: Falling back to sysfs fallback for: à?
[  227.689428][T10800] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 49 (only 8 groups)
[  227.768736][T10805] __nla_validate_parse: 4 callbacks suppressed
[  227.768758][T10805] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  227.876720][T10806] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  228.135951][T10821] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.3'.
[  228.169975][T10821] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  228.301081][T10823] netdevsim netdevsim3: Direct firmware load for à? failed with error -2
[  228.312346][T10823] netdevsim netdevsim3: Falling back to sysfs fallback for: à?
[  228.373850][T10828] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  228.450114][T10829] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.0'.
[  228.474706][T10829] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  228.797048][T10842] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  229.025503][T10848] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  229.435323][T10868] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  229.627072][T10875] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  229.924169][T10890] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.0'.
[  229.988022][T10890] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  230.006998][T10896] netdevsim netdevsim0: Direct firmware load for à? failed with error -2
[  230.047860][T10896] netdevsim netdevsim0: Falling back to sysfs fallback for: à?
[  231.237077][T10945] nbd: must specify at least one socket
[  231.721429][T10969] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  231.748586][T10969] netdevsim netdevsim4: Direct firmware load for à? failed with error -2
[  231.784827][T10969] netdevsim netdevsim4: Falling back to sysfs fallback for: à?
[  233.337081][T11053] nbd: must specify at least one socket
[  235.404946][T11059] __nla_validate_parse: 8 callbacks suppressed
[  235.404970][T11059] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  235.435958][T11068] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  235.641481][T11079] nbd: must specify at least one socket
[  235.696122][T11084] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.0'.
[  236.155331][T11111] nbd: must specify at least one socket
[  236.248178][T11116] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  236.331747][T11116] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  236.478521][T11127] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  236.696505][T11139] nbd: must specify at least one socket
[  236.869875][T11127] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  236.973026][T11146] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.0'.
[  237.482436][T11175] nbd: must specify at least one socket
[  237.653156][T11185] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  237.753590][T11185] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  238.472590][T11225] nbd: must specify at least one socket
[  239.210596][T11263] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  239.231361][T11263] netdevsim netdevsim1: Direct firmware load for à? failed with error -2
[  239.255893][T11263] netdevsim netdevsim1: Falling back to sysfs fallback for: à?
[  239.272389][T11267] nbd: must specify at least one socket
[  240.167757][T11314] nbd: must specify at least one socket
[  240.628644][T11338] __nla_validate_parse: 11 callbacks suppressed
[  240.628667][T11338] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
[  240.799484][T11346] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.2'.
[  240.823483][T11346] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  240.847013][T11346] netdevsim netdevsim2: Direct firmware load for à? failed with error -2
[  240.864897][   T29] kauditd_printk_skb: 23 callbacks suppressed
[  240.864918][   T29] audit: type=1804 audit(1719064212.459:38): pid=11342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2815707408/syzkaller.idRwh0/401/cgroup.controllers" dev="sda1" ino=1952 res=1 errno=0
[  240.910676][T11346] netdevsim netdevsim2: Falling back to sysfs fallback for: à?
[  241.200098][T11368] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  241.353625][T11368] bond1: entered promiscuous mode
[  241.515391][T11372] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  241.542829][T11372] ip6gretap1: entered promiscuous mode
[  241.568444][T11372] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  241.601869][T11375] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  241.605187][T11381] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'.
[  241.641831][T11375] bond1: left promiscuous mode
[  241.650891][T11375] ip6gretap1: left promiscuous mode
[  241.683187][T11375] 8021q: adding VLAN 0 to HW filter on device bond1
[  241.802615][T11389] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  241.926714][T11389] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  242.231059][T11406] bridge_slave_1: left allmulticast mode
[  242.238248][T11406] bridge_slave_1: left promiscuous mode
[  242.244165][T11406] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.272619][T11406] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  243.057800][T11430] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.2'.
[  243.068016][T11431] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'.
[  243.121507][T11430] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  243.147894][T11435] netdevsim netdevsim2: Direct firmware load for à? failed with error -2
[  243.197941][T11435] netdevsim netdevsim2: Falling back to sysfs fallback for: à?
[  243.347513][T11447] nbd: must specify at least one socket
[  243.412471][T11449] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  244.321453][T11496] nbd: must specify at least one socket
[  244.376753][T11499] nbd: must specify at least one socket
[  244.945855][T11524] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  244.982252][T11524] netdevsim netdevsim1: Direct firmware load for à? failed with error -2
[  245.014600][T11524] netdevsim netdevsim1: Falling back to sysfs fallback for: à?
[  245.162063][T11539] nbd: must specify at least one socket
[  245.284196][T11543] nbd: must specify at least one socket
[  245.836506][T11575] __nla_validate_parse: 7 callbacks suppressed
[  245.836529][T11575] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.1'.
[  245.938221][T11581] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  245.954416][T11580] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  245.990160][T11580] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  246.303244][T11592] nbd: must specify at least one socket
[  246.395391][T11598] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.4'.
[  246.400589][T11597] nbd: must specify at least one socket
[  246.433700][T11598] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  246.463464][T11601] netdevsim netdevsim4: Direct firmware load for à? failed with error -2
[  246.504601][T11601] netdevsim netdevsim4: Falling back to sysfs fallback for: à?
[  246.518668][T11604] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
[  246.669420][T11611] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  246.828695][T11622] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  246.865118][T11622] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  247.238620][T11643] nbd: must specify at least one socket
[  247.322723][T11645] nbd: must specify at least one socket
[  247.460284][T11649] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'.
[  247.579734][T11653] netlink: 'syz-executor.4': attribute type 5 has an invalid length.
[  248.046619][T11673] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  248.104197][T11673] netdevsim netdevsim4: Direct firmware load for à? failed with error -2
[  248.113786][T11677] netlink: 'syz-executor.0': attribute type 15 has an invalid length.
[  248.122384][T11673] netdevsim netdevsim4: Falling back to sysfs fallback for: à?
[  248.135458][T11679] nbd: must specify at least one socket
[  249.726447][T11741] nbd: must specify at least one socket
[  249.830591][T11745] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  249.862017][T11745] netdevsim netdevsim4: Direct firmware load for à? failed with error -2
[  249.900780][T11745] netdevsim netdevsim4: Falling back to sysfs fallback for: à?
[  250.338134][T11778] EXT4-fs warning (device sda1): verify_group_input:162: Bad blocks count 0
[  250.799052][T11795] nbd: must specify at least one socket
[  251.327622][T11823] __nla_validate_parse: 83 callbacks suppressed
[  251.327645][T11823] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.1'.
[  251.353283][T11825] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.4'.
[  251.374143][T11825] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  251.401159][T11825] netdevsim netdevsim4: Direct firmware load for à? failed with error -2
[  251.433289][T11825] netdevsim netdevsim4: Falling back to sysfs fallback for: à?
[  251.636596][T11836] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  251.721323][T11836] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  252.032962][T11852] nbd: must specify at least one socket
[  252.203772][T11860] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.1'.
[  252.638499][T11885] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  252.748882][T11885] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  252.879540][T11896] netlink: 'syz-executor.4': attribute type 11 has an invalid length.
[  253.199502][T11907] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  253.280493][T11912] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'.
[  253.294888][T11909] nbd: must specify at least one socket
[  253.388022][T11908] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  254.303943][T11957] veth1_macvtap: left promiscuous mode
[  254.313799][T11957] macsec0: entered promiscuous mode
[  254.324696][T11957] macsec0: entered allmulticast mode
[  254.571675][T11966] nbd: must specify at least one socket
[  254.701667][T11971] veth1_macvtap: left promiscuous mode
[  254.708283][T11971] macsec0: entered promiscuous mode
[  255.320257][T12003] macsec0: left promiscuous mode
[  255.334277][T12003] macsec0: entered allmulticast mode
[  255.470279][T12009] nbd: must specify at least one socket
[  255.998841][T12037] Bluetooth: MGMT ver 1.22
[  256.443611][T12060] __nla_validate_parse: 12 callbacks suppressed
[  256.443634][T12060] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  257.181538][T12097] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'.
[  257.551265][T12107] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  257.637197][ T6882] tipc: Subscription rejected, illegal request
[  257.643912][T12117] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  257.683041][T12107] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  258.098008][ T5133] Bluetooth: hci3: command 0x0405 tx timeout
[  258.114505][ T5137] Bluetooth: hci3: Opcode 0x1407 failed: -110
[  258.214832][T12137] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  258.269590][T12137] bridge0: port 3(team0) entered disabled state
[  258.326678][T12137] team0: left allmulticast mode
[  258.357047][T12137] team_slave_0: left allmulticast mode
[  258.394630][T12137] team_slave_1: left allmulticast mode
[  258.406238][T12137] mac80211_hwsim hwsim5 wlan1: left allmulticast mode
[  258.413134][T12137] team0: left promiscuous mode
[  258.419785][T12137] team_slave_0: left promiscuous mode
[  258.424742][T12150] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  258.443025][T12137] team_slave_1: left promiscuous mode
[  258.464723][T12137] mac80211_hwsim hwsim5 wlan1: left promiscuous mode
[  258.477302][T12137] bridge0: port 3(team0) entered disabled state
[  258.529906][T12137] 8021q: adding VLAN 0 to HW filter on device team0
[  258.560878][T12137] bond0: (slave team0): Enslaving as an active interface with an up link
[  258.595452][T12148] C: renamed from lo (while UP)
[  258.613223][T12148] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  258.910951][T12168] Cannot find set identified by id 0 to match
[  259.029205][T12172] nbd: must specify at least one socket
[  259.261223][T12186] netlink: 'syz-executor.1': attribute type 22 has an invalid length.
[  259.299456][T12186] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  259.607659][T12200] dvmrp0: entered allmulticast mode
[  259.640809][T12195] dvmrp0: left allmulticast mode
[  260.162074][T12223] nbd: must specify at least one socket
[  260.175537][ T5137] Bluetooth: hci1: command 0x0405 tx timeout
[  260.282823][T12228] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  260.315970][T12230] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  260.385242][T12234] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.1'.
[  260.396504][T12234] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  260.455894][T12234] netdevsim netdevsim1: Direct firmware load for à? failed with error -2
[  260.474642][T12234] netdevsim netdevsim1: Falling back to sysfs fallback for: à?
[  261.358878][T12250] netlink: 'syz-executor.1': attribute type 10 has an invalid length.
[  261.400252][T12250] bridge0: port 3(batadv0) entered blocking state
[  261.424743][T12250] bridge0: port 3(batadv0) entered disabled state
[  261.436107][T12250] batadv0: entered allmulticast mode
[  261.467230][T12250] batadv0: entered promiscuous mode
[  261.490869][T12250] bridge0: port 3(batadv0) entered blocking state
[  261.497600][T12250] bridge0: port 3(batadv0) entered forwarding state
[  261.675443][T12262] nbd: must specify at least one socket
[  261.775683][ T6882] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  261.785957][ T6882] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  261.819748][T12273] netlink: 'syz-executor.1': attribute type 9 has an invalid length.
[  261.877091][T12273] bond0: entered promiscuous mode
[  261.894096][T12273] bond_slave_0: entered promiscuous mode
[  261.916264][T12273] bond_slave_1: entered promiscuous mode
[  261.947450][T12273] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  261.978193][T12273] bond0: left promiscuous mode
[  261.983069][T12273] bond_slave_0: left promiscuous mode
[  261.991758][T12273] bond_slave_1: left promiscuous mode
[  262.103658][T12284] __nla_validate_parse: 3 callbacks suppressed
[  262.103681][T12284] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  262.363345][T12295] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  262.448644][T12299] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.1'.
[  262.467117][T12299] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  262.500452][T12303] netdevsim netdevsim1: Direct firmware load for à? failed with error -2
[  262.548681][T12303] netdevsim netdevsim1: Falling back to sysfs fallback for: à?
[  262.832108][T12313] nbd: must specify at least one socket
[  263.246914][T12325] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  263.365743][T12325] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  263.556987][T12330] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  264.023604][T12341] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[  264.047876][T12350] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'.
[  264.247934][T12359] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  264.387893][T12366] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  265.391940][T12401] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  265.400559][T12401] bond0: option mode: unable to set because the bond device has slaves
[  266.036085][T12426] veth0: entered promiscuous mode
[  266.051305][T12426] veth0: left promiscuous mode
[  267.734247][T12461] __nla_validate_parse: 7 callbacks suppressed
[  267.734270][T12461] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  267.897636][T12467] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  267.965374][T12461] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  268.699536][T12479] 
: renamed from bond0 (while UP)
[  268.946228][T12496] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  269.320919][T12509] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  269.603517][T12519] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  269.723396][T12527] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  269.837428][T12526] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  269.994135][T12536] netdevsim netdevsim2: Direct firmware load for à? failed with error -2
[  270.034840][T12536] netdevsim netdevsim2: Falling back to sysfs fallback for: à?
[  270.268061][T12549] 8021q: VLANs not supported on lo
[  270.351666][T12551] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  270.419430][T12553] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  270.457963][T12561] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  270.469208][T12553] bond1 (unregistering): Released all slaves
[  270.645137][T12564] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  272.342077][T12638] netlink: 'syz-executor.1': attribute type 5 has an invalid length.
[  272.790663][T12648] __nla_validate_parse: 9 callbacks suppressed
[  272.790713][T12648] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  272.957168][T12657] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  273.272440][T12668] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  273.317707][T12666] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  273.394720][T12668] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  273.561337][T12666] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  273.774801][T12686] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  273.844941][T12691] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  274.361704][T12716] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  274.472219][T12716] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  274.707619][T12726] syzkaller1: entered allmulticast mode
[  275.121621][T12752] syzkaller1: entered promiscuous mode
[  275.138029][T12752] syzkaller1: entered allmulticast mode
[  275.890814][T12777] netdevsim netdevsim1 : renamed from netdevsim0 (while UP)
[  276.013761][T12788] netlink: 'syz-executor.3': attribute type 22 has an invalid length.
[  276.458213][T12806] IPVS: set_ctl: invalid protocol: 51 127.0.0.1:20000
[  276.988724][T12830] syzkaller1: entered promiscuous mode
[  277.003424][T12830] syzkaller1: entered allmulticast mode
[  277.116018][T12834] bond1 (unregistering): Released all slaves
[  277.851726][T12854] __nla_validate_parse: 20 callbacks suppressed
[  277.851750][T12854] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  278.251313][T12871] team_slave_1: invalid flags given to default FDB implementation
[  278.360829][T12883] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  278.458088][T12891] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  278.493214][T12895] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.1'.
[  278.548232][T12896] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  278.884171][T12909] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.0'.
[  279.068829][T12920] x_tables: duplicate underflow at hook 2
[  279.542212][T12948] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.1'.
[  279.582590][T12949] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  279.834697][T12957] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  279.859351][   T29] audit: type=1804 audit(1719064251.449:39): pid=12959 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2954469219/syzkaller.yHc94E/510/cgroup.controllers" dev="sda1" ino=1954 res=1 errno=0
[  280.066749][T12969] openvswitch: netlink: Flow actions attr not present in new flow.
[  280.146065][T12969] openvswitch: netlink: Flow actions attr not present in new flow.
[  280.361576][T12984] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  281.599430][T13039] C: renamed from lo (while UP)
[  281.669460][T13039] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  282.149372][T13061] openvswitch: netlink: Flow actions attr not present in new flow.
[  282.177547][T13063] bond2 (unregistering): Released all slaves
[  282.607779][T13078] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 0 (only 8 groups)
[  282.986744][    C1] vxcan0: j1939_xtp_rx_dat: no tx connection found
[  283.161946][T13089] __nla_validate_parse: 10 callbacks suppressed
[  283.161970][T13089] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  283.225135][T13088] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  283.244899][T13087] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  283.271371][T13095] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  283.743752][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88802f8c7c00: rx timeout, send abort
[  283.808288][T13112] netlink: 'syz-executor.2': attribute type 23 has an invalid length.
[  283.825685][T13112] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  283.850038][T13112] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.858240][T13112] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.903654][T13112] bridge0: entered promiscuous mode
[  283.939445][T13119] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  284.259652][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88802f8c7c00: abort rx timeout. Force session deactivation
[  284.356244][T13133] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  284.418551][    C1] vxcan0: j1939_xtp_rx_dat: no tx connection found
[  284.425184][    C1] vxcan0: j1939_xtp_rx_dat: no rx connection found
[  284.431872][    C1] vxcan0: j1939_xtp_rx_dat: no tx connection found
[  284.438469][    C1] vxcan0: j1939_xtp_rx_dat: no rx connection found
[  284.445206][    C1] vxcan0: j1939_xtp_rx_dat: no tx connection found
[  284.451759][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  284.459861][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  284.467836][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  284.475938][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  284.483887][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  284.491985][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  284.499974][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  284.508071][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  284.516144][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  284.524199][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  284.532180][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  284.540270][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  284.548237][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  284.556337][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  284.564261][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  284.572347][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  284.580329][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  284.690774][T13146] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  284.721126][T13138] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  284.959940][T13161] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.4'.
[  285.089149][T13168] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  285.266948][T13174] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  285.325769][T13174] batman_adv: batadv0: adding TT local entry 90:c8:2b:92:00:00 to non-existent VLAN 3855
[  286.842592][T13247] C: renamed from lo (while UP)
[  286.858956][T13247] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  288.108955][ T5122] syz_tun (unregistering): left allmulticast mode
[  288.385426][T13318] __nla_validate_parse: 7 callbacks suppressed
[  288.385447][T13318] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  288.541024][ T5137] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  288.555018][ T5137] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  288.564893][ T5137] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  288.576315][ T5137] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  288.579830][T13320] GUP no longer grows the stack in syz-executor.3 (13320): 20006000-2000a000 (20005000)
[  288.599081][ T5137] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  288.610148][ T5137] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  288.666577][T13320] CPU: 0 PID: 13320 Comm: syz-executor.3 Not tainted 6.10.0-rc4-syzkaller-00158-g31392048f55f #0
[  288.677176][T13320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  288.687292][T13320] Call Trace:
[  288.690614][T13320]  <TASK>
[  288.693580][T13320]  dump_stack_lvl+0x241/0x360
[  288.697018][   T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.698327][T13320]  ? __pfx_dump_stack_lvl+0x10/0x10
[  288.710009][   T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  288.714142][T13320]  ? __pfx__printk+0x10/0x10
[  288.729120][T13320]  ? find_vma+0xf9/0x170
[  288.733422][T13320]  __get_user_pages+0x10e3/0x1590
[  288.738485][T13320]  ? __gup_longterm_locked+0x1ec9/0x2a80
[  288.744125][T13320]  ? __pfx___get_user_pages+0x10/0x10
[  288.749517][T13320]  ? __lock_acquire+0x1346/0x1fd0
[  288.754551][T13320]  __gup_longterm_locked+0x1ff6/0x2a80
[  288.760059][T13320]  ? __pfx___gup_longterm_locked+0x10/0x10
[  288.765893][T13320]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  288.771920][T13320]  ? sanity_check_pinned_pages+0x12bb/0x13c0
[  288.777948][T13320]  gup_fast_fallback+0x2732/0x2b40
[  288.783087][T13320]  ? __pfx_gup_fast_fallback+0x10/0x10
[  288.788568][T13320]  ? __pfx_validate_chain+0x10/0x10
[  288.793879][T13320]  ? unwind_get_return_address+0x91/0xc0
[  288.799553][T13320]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.805636][T13320]  ? arch_stack_walk+0x16d/0x1b0
[  288.810616][T13320]  ? __lock_acquire+0x1346/0x1fd0
[  288.815670][T13320]  ? is_valid_gup_args+0x124/0x200
[  288.820808][T13320]  pin_user_pages_fast+0xcc/0x160
[  288.825847][T13320]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  288.831495][T13320]  iov_iter_extract_pages+0x3db/0x720
[  288.836915][T13320]  bio_iov_iter_get_pages+0x541/0x1930
[  288.842446][T13320]  ? bio_associate_blkg+0x6c/0x230
[  288.847598][T13320]  ? bio_associate_blkg_from_css+0xb0c/0xc70
[  288.853774][T13320]  ? bio_associate_blkg_from_css+0xa4/0xc70
[  288.859706][T13320]  ? __pfx_bio_iov_iter_get_pages+0x10/0x10
[  288.865616][T13320]  ? bio_alloc_bioset+0x6d7/0x1130
[  288.870740][T13320]  iomap_dio_bio_iter+0xc8e/0x1670
[  288.875890][T13320]  __iomap_dio_rw+0x1295/0x2370
[  288.880762][T13320]  ? do_syscall_64+0xf3/0x230
[  288.885468][T13320]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.891629][T13320]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  288.897744][T13320]  ? __pfx___iomap_dio_rw+0x10/0x10
[  288.902987][T13320]  ? jbd2_journal_stop+0x902/0xd80
[  288.908145][T13320]  ? __pfx_jbd2_journal_stop+0x10/0x10
[  288.913643][T13320]  ? __pfx_ext4_orphan_add+0x10/0x10
[  288.918960][T13320]  iomap_dio_rw+0x46/0xa0
[  288.923310][T13320]  ext4_file_write_iter+0x15e5/0x1a10
[  288.928714][T13320]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  288.934471][T13320]  vfs_write+0xa72/0xc90
[  288.938764][T13320]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  288.944521][T13320]  ? __pfx_vfs_write+0x10/0x10
[  288.949293][T13320]  ? do_futex+0x392/0x560
[  288.953645][T13320]  ksys_write+0x1a0/0x2c0
[  288.958020][T13320]  ? __pfx_ksys_write+0x10/0x10
[  288.962893][T13320]  ? do_syscall_64+0x100/0x230
[  288.967682][T13320]  ? do_syscall_64+0xb6/0x230
[  288.972403][T13320]  do_syscall_64+0xf3/0x230
[  288.976951][T13320]  ? clear_bhb_loop+0x35/0x90
[  288.981671][T13320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.987622][T13320] RIP: 0033:0x7f3c30e7d0a9
[  288.992084][T13320] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  289.011709][T13320] RSP: 002b:00007f3c31c1b0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  289.020177][T13320] RAX: ffffffffffffffda RBX: 00007f3c30fb3f80 RCX: 00007f3c30e7d0a9
[  289.028165][T13320] RDX: 0000000000043400 RSI: 0000000020000200 RDI: 000000000000000a
[  289.036161][T13320] RBP: 00007f3c30eec074 R08: 0000000000000000 R09: 0000000000000000
[  289.044159][T13320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  289.052135][T13320] R13: 000000000000000b R14: 00007f3c30fb3f80 R15: 00007ffca54f5b38
[  289.060139][T13320]  </TASK>
[  289.238693][   T35] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.250278][   T35] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  289.265443][T13340] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
[  289.478146][   T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.507403][   T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  289.595246][T13350] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  289.687909][   T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.716598][   T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  289.767506][T13359] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  289.787135][T13360] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  290.062912][T13373] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'.
[  290.164879][   T35] –: left allmulticast mode
[  290.192012][   T35] –: left promiscuous mode
[  290.223919][   T35] bridge0: port 2(–) entered disabled state
[  290.255463][   T35] bridge_slave_0: left allmulticast mode
[  290.261269][   T35] bridge_slave_0: left promiscuous mode
[  290.284772][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.434123][T13391] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'.
[  290.655663][ T5137] Bluetooth: hci0: command tx timeout
[  291.582285][   T35] 
 (unregistering): (slave bond_slave_0): Releasing backup interface
[  291.597178][   T35] 
 (unregistering): (slave bond_slave_1): Releasing backup interface
[  291.609430][   T35] 
 (unregistering): (slave macvlan3): Releasing backup interface
[  291.620425][   T35] batadv0: left promiscuous mode
[  291.630907][   T35] 
 (unregistering): Released all slaves
[  291.645542][   T35] bond1 (unregistering): Released all slaves
[  291.661982][   T35] bond0 (unregistering): Released all slaves
[  291.688295][T13379] netlink: 'syz-executor.0': attribute type 12 has an invalid length.
[  291.697666][T13379] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  291.706700][T13379] netlink: 'syz-executor.0': attribute type 2 has an invalid length.
[  291.716686][T13379] netlink: 'syz-executor.0': attribute type 2 has an invalid length.
[  291.725139][T13379] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  291.733762][T13379] netlink: 'syz-executor.0': attribute type 37 has an invalid length.
[  291.742313][T13379] netlink: 'syz-executor.0': attribute type 2 has an invalid length.
[  291.751905][T13379] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.800278][T13406] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  291.857350][   T35] tipc: Left network mode
[  292.032146][   T35] IPVS: stopping master sync thread 8272 ...
[  292.050039][T13328] chnl_net:caif_netlink_parms(): no params data found
[  292.116415][T13427] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'.
[  292.483315][T13445] vlan0: entered promiscuous mode
[  292.516241][T13445] vlan0: entered allmulticast mode
[  292.605130][T13445] veth0_vlan: entered allmulticast mode
[  292.649120][T13445] team0: Port device vlan0 added
[  292.745158][ T5137] Bluetooth: hci0: command tx timeout
[  292.849790][T13328] bridge0: port 1(bridge_slave_0) entered blocking state
[  292.862165][T13458] netlink: 165 bytes leftover after parsing attributes in process `syz-executor.1'.
[  292.862178][T13328] bridge0: port 1(bridge_slave_0) entered disabled state
[  292.862441][T13328] bridge_slave_0: entered allmulticast mode
[  292.901317][T13328] bridge_slave_0: entered promiscuous mode
[  292.924026][T13328] bridge0: port 2(bridge_slave_1) entered blocking state
[  292.931589][T13328] bridge0: port 2(bridge_slave_1) entered disabled state
[  292.939049][T13328] bridge_slave_1: entered allmulticast mode
[  292.947513][T13328] bridge_slave_1: entered promiscuous mode
[  293.069695][T13328] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  293.101407][T13328] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  293.340769][T13466] netlink: 'syz-executor.2': attribute type 12 has an invalid length.
[  293.361140][T13466] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  293.385602][T13466] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  293.405259][T13466] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.533453][T13477] __nla_validate_parse: 2 callbacks suppressed
[  293.533475][T13477] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  293.570415][T13328] team0: Port device team_slave_0 added
[  293.680493][T13328] team0: Port device team_slave_1 added
[  293.840994][T13485] vlan0: entered promiscuous mode
[  293.855396][T13485] vlan0: entered allmulticast mode
[  293.874163][T13485] veth0_vlan: entered allmulticast mode
[  293.925644][T13485] team0: Port device vlan0 added
[  293.940809][T13328] batman_adv: batadv0: Adding interface: batadv_slave_0
[  293.968280][T13328] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.036118][T13328] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  294.129815][T13328] batman_adv: batadv0: Adding interface: batadv_slave_1
[  294.147751][T13328] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.204591][T13328] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  294.372092][T13503] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  294.471067][T13328] hsr_slave_0: entered promiscuous mode
[  294.543093][T13328] hsr_slave_1: entered promiscuous mode
[  294.559969][T13328] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  294.574671][T13328] Cannot create hsr debugfs directory
[  294.595905][T13500] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  294.814858][ T5137] Bluetooth: hci0: command tx timeout
[  295.171316][T13522] netdevsim netdevsim3: Direct firmware load for  failed with error -2
[  295.225028][T13522] netdevsim netdevsim3: Falling back to sysfs fallback for: 
[  295.663067][T13534] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.0'.
[  295.853906][T13540] vlan0: entered promiscuous mode
[  295.868557][T13540] vlan0: entered allmulticast mode
[  295.936925][T13540] team0: Port device vlan0 added
[  296.060257][T13549] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  296.399904][T13328] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  296.488005][T13328] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  296.556770][T13561] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  296.589257][T13561] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  296.637272][T13328] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  296.699381][T13328] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  296.811439][   T35] hsr_slave_0: left promiscuous mode
[  296.859388][   T35] hsr_slave_1: left promiscuous mode
[  296.894706][ T5137] Bluetooth: hci0: command tx timeout
[  296.953128][   T35] veth1_macvtap: left promiscuous mode
[  296.986263][   T29] audit: type=1804 audit(1719064268.579:40): pid=13574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2954469219/syzkaller.yHc94E/542/memory.events" dev="sda1" ino=1945 res=1 errno=0
[  297.027248][   T35] veth0_macvtap: left promiscuous mode
[  297.051909][   T35] veth1_vlan: left promiscuous mode
[  297.070441][   T35] veth0_vlan: left promiscuous mode
[  297.719489][T13587] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
[  298.013224][T13592] validate_nla: 4 callbacks suppressed
[  298.013248][T13592] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  298.034659][T13592] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  298.182458][T13593] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.2'.
[  298.208260][   T35] team_slave_1 (unregistering): left promiscuous mode
[  298.222088][   T35] team0 (unregistering): Port device team_slave_1 removed
[  298.266915][   T35] team_slave_0 (unregistering): left promiscuous mode
[  298.280224][   T35] team0 (unregistering): Port device team_slave_0 removed
[  298.656599][T13577] netdevsim netdevsim0: Direct firmware load for  failed with error -2
[  298.683459][T13577] netdevsim netdevsim0: Falling back to sysfs fallback for: 
[  299.009945][T13607] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  299.016508][T13328] 8021q: adding VLAN 0 to HW filter on device bond0
[  299.054707][ T5133] Bluetooth: hci3: command 0x0405 tx timeout
[  299.144581][T13328] 8021q: adding VLAN 0 to HW filter on device team0
[  299.168853][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  299.176135][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  299.207995][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  299.215274][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  299.356263][T13617] netlink: 'syz-executor.1': attribute type 21 has an invalid length.
[  299.402145][T13617] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  299.589639][T13612] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  299.932925][T13328] 8021q: adding VLAN 0 to HW filter on device batadv0
[  300.095805][T13629] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  300.135451][T13629] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  300.142721][T13629] IPv6: NLM_F_CREATE should be set when creating new route
[  300.326619][T13641] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
[  300.696020][T13328] veth0_vlan: entered promiscuous mode
[  300.737434][T13328] veth1_vlan: entered promiscuous mode
[  300.833956][T13666] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  300.845116][T13328] veth0_macvtap: entered promiscuous mode
[  300.864321][T13328] veth1_macvtap: entered promiscuous mode
[  300.912728][T13328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  300.944032][T13328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.970953][T13328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.004182][T13328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.029352][T13328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.057480][T13328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.074162][T13328] batman_adv: batadv0: Interface activated: batadv_slave_0
[  301.085975][T13671] netlink: 'syz-executor.1': attribute type 21 has an invalid length.
[  301.106675][T13671] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  301.178145][T13328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.204366][T13671] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  301.221135][T13328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.233148][T13328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.251369][T13328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.263948][T13328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.279827][T13328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.303589][T13328] batman_adv: batadv0: Interface activated: batadv_slave_1
[  301.348748][T13328] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  301.367017][T13328] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  301.386173][T13328] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  301.401823][T13328] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  301.539609][T13677] openvswitch: netlink: Missing key (keys=400040, expected=200000)
[  301.644147][ T6854] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  301.684383][ T6854] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  301.735768][T13681] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.1'.
[  301.793735][ T6874] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  301.815271][ T6874] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  302.029696][T13693] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  302.208148][T13705] syzkaller0: entered promiscuous mode
[  302.234623][T13705] syzkaller0: entered allmulticast mode
[  302.653675][T13728] netlink: 'syz-executor.3': attribute type 21 has an invalid length.
[  303.924900][T13782] netlink: 'syz-executor.1': attribute type 3 has an invalid length.
[  304.183247][T13799] __nla_validate_parse: 8 callbacks suppressed
[  304.183268][T13799] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.3'.
[  304.236392][T13799] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.3'.
[  304.257327][T13803] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  304.346622][T13808] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  304.637909][T13819] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.1'.
[  304.834753][T13824] macvlan3: entered promiscuous mode
[  304.840121][T13824] mac80211_hwsim hwsim76 wlan0: entered promiscuous mode
[  304.925070][T13824] mac80211_hwsim hwsim76 wlan0: left promiscuous mode
[  305.519870][T13850] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[  305.599334][T13859] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'.
[  305.610271][T13857] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  306.041975][T13875] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  306.405747][T13895] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  306.432251][T13894] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.3'.
[  306.895360][ T5133] Bluetooth: hci0: command 0x0405 tx timeout
[  306.955119][T13911] bridge0: port 1(bridge_slave_0) entered disabled state
[  307.269750][T13921] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 46475 (only 8 groups)
[  308.040542][T13960] netdevsim netdevsim4: Direct firmware load for  failed with error -2
[  308.064700][T13960] netdevsim netdevsim4: Falling back to sysfs fallback for: 
[  308.592124][T13977] netlink: 'syz-executor.2': attribute type 13 has an invalid length.
[  309.020666][T13996] netlink: zone id is out of range
[  309.205845][T14004] __nla_validate_parse: 8 callbacks suppressed
[  309.205870][T14004] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  309.251097][T14002] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  309.425248][T14015] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  309.549270][T14019] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  309.551301][T14024] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  309.581856][T14019] vxcan2: entered promiscuous mode
[  309.594304][T14022] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.0'.
[  309.604044][T14019] vxcan2: entered allmulticast mode
[  309.628619][T14026] netdevsim netdevsim3: Direct firmware load for 
 failed with error -2
[  309.649236][T14026] netdevsim netdevsim3: Falling back to sysfs fallback for: 

[  310.713377][T14061] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  310.844768][T14063] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  310.928209][T14069] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.2'.
[  311.102513][T14082] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  311.183732][T14082] Êü: entered promiscuous mode
[  312.093467][   T29] audit: type=1804 audit(1719064283.689:41): pid=14125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3215202524/syzkaller.tfJ7jc/246/memory.events" dev="sda1" ino=1967 res=1 errno=0
[  312.423450][T14144] netdevsim netdevsim0: Direct firmware load for 
 failed with error -2
[  312.447391][T14144] netdevsim netdevsim0: Falling back to sysfs fallback for: 

[  312.600897][T14153] team1: Mode changed to "activebackup"
[  313.446301][   T29] audit: type=1804 audit(1719064285.049:42): pid=14199 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir95073183/syzkaller.Z2J3es/567/memory.events" dev="sda1" ino=1949 res=1 errno=0
[  313.756722][T14214] IPVS: set_ctl: invalid protocol: 59 224.0.0.1:20004
[  313.870873][T14225] IPVS: set_ctl: invalid protocol: 0 172.30.1.3:20002
[  313.878406][T14220] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[  314.681690][T14261] __nla_validate_parse: 14 callbacks suppressed
[  314.681714][T14261] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  314.781810][T14259] veth0_vlan: left allmulticast mode
[  314.894248][T14259] team0: Port device vlan0 removed
[  314.932439][T14278] x_tables: duplicate underflow at hook 2
[  315.360328][   T29] audit: type=1800 audit(1719064286.959:43): pid=14294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="memory.events" dev="sda1" ino=1961 res=0 errno=0
[  315.411632][   T29] audit: type=1804 audit(1719064286.959:44): pid=14294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir2954469219/syzkaller.yHc94E/579/memory.events" dev="sda1" ino=1961 res=1 errno=0
[  315.447555][   T29] audit: type=1804 audit(1719064286.959:45): pid=14294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir2954469219/syzkaller.yHc94E/579/memory.events" dev="sda1" ino=1961 res=1 errno=0
[  315.478973][T14296] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.4'.
[  315.487563][   T29] audit: type=1804 audit(1719064287.079:46): pid=14298 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir2954469219/syzkaller.yHc94E/579/memory.events" dev="sda1" ino=1961 res=1 errno=0
[  315.731117][T14314] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  315.865829][T14325] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  316.357682][T14348] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  316.390811][T14353] x_tables: duplicate underflow at hook 1
[  316.406289][T14352] Bluetooth: MGMT ver 1.22
[  316.752172][T14369] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  317.357312][T14400] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  317.454109][T14406] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'.
[  317.476516][T14404] dccp_xmit_packet: Payload too large (65475) for featneg.
[  317.543455][T14413] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  317.589761][T14415] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  317.717842][T14422] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  318.240930][T14447] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  319.608642][ T5176] IPVS: starting estimator thread 0...
[  319.725880][T14519] IPVS: using max 20 ests per chain, 48000 per kthread
[  319.770089][T14524] __nla_validate_parse: 16 callbacks suppressed
[  319.770114][T14524] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[  319.798096][T14524] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[  319.880558][T14524] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[  319.907703][T14524] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[  320.100528][T14524] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[  320.124981][T14524] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[  320.481853][T14555] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  320.715450][T14571] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  320.897790][T14581] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  320.916648][T14582] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  321.064014][T14590] netlink: 'syz-executor.2': attribute type 11 has an invalid length.
[  321.399094][T14605] macvtap0: entered promiscuous mode
[  321.419400][T14605] macvtap0: left promiscuous mode
[  321.905234][T14620] IPVS: set_ctl: invalid protocol: 115 10.1.1.2:20001
[  322.506890][T14659] netlink: 'syz-executor.1': attribute type 5 has an invalid length.
[  322.608801][T14659] team0: entered promiscuous mode
[  322.613934][T14659] team_slave_0: entered promiscuous mode
[  322.644902][T14659] team_slave_1: entered promiscuous mode
[  322.675731][T14659] netlink: 'syz-executor.1': attribute type 10 has an invalid length.
[  322.789875][T14659] team0: left promiscuous mode
[  322.803233][T14659] team_slave_0: left promiscuous mode
[  322.827195][T14659] team_slave_1: left promiscuous mode
[  323.308743][T14690] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  323.347636][T14690] team0: Port device virt_wifi0 added
[  323.944381][T14719] syzkaller1: entered promiscuous mode
[  323.956216][T14719] syzkaller1: entered allmulticast mode
[  324.440031][T14736] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  324.495582][T14736] team0: Port device virt_wifi0 added
[  325.404849][ T6870] ------------[ cut here ]------------
[  325.410911][ T6870] WARNING: CPU: 0 PID: 6870 at net/wireless/sme.c:846 __cfg80211_connect_result+0x19ea/0x21d0
[  325.421401][ T6870] Modules linked in:
[  325.425399][ T6870] CPU: 0 PID: 6870 Comm: kworker/u8:17 Not tainted 6.10.0-rc4-syzkaller-00158-g31392048f55f #0
[  325.435927][ T6870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  325.446315][ T6870] Workqueue: cfg80211 cfg80211_event_work
[  325.452114][ T6870] RIP: 0010:__cfg80211_connect_result+0x19ea/0x21d0
[  325.459911][ T6870] Code: a3 00 89 c3 31 ff 89 c6 e8 f3 44 b4 f6 85 db 74 29 e8 6a 70 9a f6 84 c0 74 27 e8 a1 40 b4 f6 e9 84 00 00 00 e8 97 40 b4 f6 90 <0f> 0b 90 4c 89 ff 4c 89 f6 e8 68 23 00 00 eb 91 e8 81 40 b4 f6 eb
[  325.480986][ T6870] RSP: 0018:ffffc900145479e0 EFLAGS: 00010293
[  325.487197][ T6870] RAX: ffffffff8ae1e4f9 RBX: 0000000000000000 RCX: ffff88805a909e00
[  325.495301][ T6870] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
2024/06/22 13:51:37 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  325.503326][ T6870] RBP: ffffc90014547b00 R08: ffffffff8ae1e0c9 R09: 1ffffffff25f4ebd
[  325.511420][ T6870] R10: dffffc0000000000 R11: fffffbfff25f4ebe R12: ffff888061e9c098
[  325.519529][ T6870] R13: dffffc0000000000 R14: ffff888061e9c018 R15: ffff88807e4af000
[  325.527840][ T6870] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  325.537612][ T6870] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  325.544249][ T6870] CR2: 00007f30f3981198 CR3: 0000000064b86000 CR4: 00000000003506f0
[  325.552395][ T6870] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  325.561244][ T6870] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  325.570003][ T6870] Call Trace:
[  325.573326][ T6870]  <TASK>
[  325.576392][ T6870]  ? __warn+0x163/0x4e0
[  325.580592][ T6870]  ? __cfg80211_connect_result+0x19ea/0x21d0
[  325.586708][ T6870]  ? report_bug+0x2b3/0x500
[  325.591281][ T6870]  ? __cfg80211_connect_result+0x19ea/0x21d0
[  325.597405][ T6870]  ? handle_bug+0x3e/0x70
[  325.601782][ T6870]  ? exc_invalid_op+0x1a/0x50
[  325.606601][ T6870]  ? asm_exc_invalid_op+0x1a/0x20
[  325.611683][ T6870]  ? __cfg80211_connect_result+0x15b9/0x21d0
[  325.617912][ T6870]  ? __cfg80211_connect_result+0x19e9/0x21d0
[  325.623965][ T6870]  ? __cfg80211_connect_result+0x19ea/0x21d0
[  325.630215][ T6870]  ? __pfx___cfg80211_connect_result+0x10/0x10
[  325.636472][ T6870]  ? lockdep_hardirqs_on+0x99/0x150
[  325.641738][ T6870]  cfg80211_process_wdev_events+0x356/0x510
[  325.647834][ T6870]  cfg80211_process_rdev_events+0xac/0x110
[  325.653695][ T6870]  ? process_scheduled_works+0x945/0x1830
[  325.659570][ T6870]  cfg80211_event_work+0x2f/0x40
[  325.665457][ T6870]  process_scheduled_works+0xa2c/0x1830
[  325.671097][ T6870]  ? __pfx_process_scheduled_works+0x10/0x10
[  325.677818][ T6870]  ? assign_work+0x364/0x3d0
[  325.682474][ T6870]  worker_thread+0x86d/0xd70
[  325.687364][ T6870]  ? __kthread_parkme+0x169/0x1d0
[  325.692441][ T6870]  ? __pfx_worker_thread+0x10/0x10
[  325.697823][ T6870]  kthread+0x2f0/0x390
[  325.701954][ T6870]  ? __pfx_worker_thread+0x10/0x10
[  325.707200][ T6870]  ? __pfx_kthread+0x10/0x10
[  325.711843][ T6870]  ret_from_fork+0x4b/0x80
[  325.716383][ T6870]  ? __pfx_kthread+0x10/0x10
[  325.721014][ T6870]  ret_from_fork_asm+0x1a/0x30
[  325.725917][ T6870]  </TASK>
[  325.728960][ T6870] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  325.736253][ T6870] CPU: 0 PID: 6870 Comm: kworker/u8:17 Not tainted 6.10.0-rc4-syzkaller-00158-g31392048f55f #0
[  325.746583][ T6870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  325.756667][ T6870] Workqueue: cfg80211 cfg80211_event_work
[  325.762437][ T6870] Call Trace:
[  325.765734][ T6870]  <TASK>
[  325.768684][ T6870]  dump_stack_lvl+0x241/0x360
[  325.773383][ T6870]  ? __pfx_dump_stack_lvl+0x10/0x10
[  325.778602][ T6870]  ? __pfx__printk+0x10/0x10
[  325.783213][ T6870]  ? vscnprintf+0x5d/0x90
[  325.787564][ T6870]  panic+0x349/0x860
[  325.791482][ T6870]  ? __warn+0x172/0x4e0
[  325.795660][ T6870]  ? __pfx_panic+0x10/0x10
[  325.800100][ T6870]  ? ret_from_fork_asm+0x1a/0x30
[  325.805073][ T6870]  __warn+0x346/0x4e0
[  325.809072][ T6870]  ? __cfg80211_connect_result+0x19ea/0x21d0
[  325.815070][ T6870]  report_bug+0x2b3/0x500
[  325.819410][ T6870]  ? __cfg80211_connect_result+0x19ea/0x21d0
[  325.825404][ T6870]  handle_bug+0x3e/0x70
[  325.829575][ T6870]  exc_invalid_op+0x1a/0x50
[  325.834091][ T6870]  asm_exc_invalid_op+0x1a/0x20
[  325.838958][ T6870] RIP: 0010:__cfg80211_connect_result+0x19ea/0x21d0
[  325.845564][ T6870] Code: a3 00 89 c3 31 ff 89 c6 e8 f3 44 b4 f6 85 db 74 29 e8 6a 70 9a f6 84 c0 74 27 e8 a1 40 b4 f6 e9 84 00 00 00 e8 97 40 b4 f6 90 <0f> 0b 90 4c 89 ff 4c 89 f6 e8 68 23 00 00 eb 91 e8 81 40 b4 f6 eb
[  325.865267][ T6870] RSP: 0018:ffffc900145479e0 EFLAGS: 00010293
[  325.871343][ T6870] RAX: ffffffff8ae1e4f9 RBX: 0000000000000000 RCX: ffff88805a909e00
[  325.879322][ T6870] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  325.887304][ T6870] RBP: ffffc90014547b00 R08: ffffffff8ae1e0c9 R09: 1ffffffff25f4ebd
[  325.895320][ T6870] R10: dffffc0000000000 R11: fffffbfff25f4ebe R12: ffff888061e9c098
[  325.903301][ T6870] R13: dffffc0000000000 R14: ffff888061e9c018 R15: ffff88807e4af000
[  325.911295][ T6870]  ? __cfg80211_connect_result+0x15b9/0x21d0
[  325.917288][ T6870]  ? __cfg80211_connect_result+0x19e9/0x21d0
[  325.923299][ T6870]  ? __pfx___cfg80211_connect_result+0x10/0x10
[  325.929470][ T6870]  ? lockdep_hardirqs_on+0x99/0x150
[  325.934701][ T6870]  cfg80211_process_wdev_events+0x356/0x510
[  325.940716][ T6870]  cfg80211_process_rdev_events+0xac/0x110
[  325.946538][ T6870]  ? process_scheduled_works+0x945/0x1830
[  325.952261][ T6870]  cfg80211_event_work+0x2f/0x40
[  325.957216][ T6870]  process_scheduled_works+0xa2c/0x1830
[  325.962825][ T6870]  ? __pfx_process_scheduled_works+0x10/0x10
[  325.968829][ T6870]  ? assign_work+0x364/0x3d0
[  325.973454][ T6870]  worker_thread+0x86d/0xd70
[  325.978101][ T6870]  ? __kthread_parkme+0x169/0x1d0
[  325.983158][ T6870]  ? __pfx_worker_thread+0x10/0x10
[  325.988291][ T6870]  kthread+0x2f0/0x390
[  325.992406][ T6870]  ? __pfx_worker_thread+0x10/0x10
[  325.997536][ T6870]  ? __pfx_kthread+0x10/0x10
[  326.002150][ T6870]  ret_from_fork+0x4b/0x80
[  326.006581][ T6870]  ? __pfx_kthread+0x10/0x10
[  326.011180][ T6870]  ret_from_fork_asm+0x1a/0x30
[  326.015996][ T6870]  </TASK>
[  326.019310][ T6870] Kernel Offset: disabled
[  326.023757][ T6870] Rebooting in 86400 seconds..