last executing test programs:

9.485860244s ago: executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000680)={0x30, 0x3, 0x8, 0x0, 0x0, 0x0, {}, [@CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @gre=[@CTA_TIMEOUT_GRE_UNREPLIED={0x8}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x84}, @CTA_TIMEOUT_L3PROTO={0x6}]}, 0x30}}, 0x0)
bind$netlink(r0, &(0x7f0000000140)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000000580)="03", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

9.371379958s ago: executing program 0:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='block_bio_remap\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
bpf$BPF_PROG_QUERY(0x14, &(0x7f0000000380)={@cgroup, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

9.241533933s ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000014c80020850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='scsi_dispatch_cmd_start\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000100), 0x1001)
ioctl$SIOCSIFHWADDR(r2, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc, 0x8}})

9.078850019s ago: executing program 0:
pipe(&(0x7f0000001540)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet(0x2, 0x3, 0x5)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_ro(r3, &(0x7f0000000380)='devices.list\x00', 0x0, 0x0)
preadv(r4, &(0x7f0000000140)=[{&(0x7f0000000280)=""/241, 0xf1}], 0x1, 0xc000011, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r2, 0x0, 0x3, &(0x7f0000000080)=0xfffffffa, 0x4)
connect$inet(r2, &(0x7f0000000340)={0x2, 0x0, @multicast1}, 0x10)
write$binfmt_elf64(r2, &(0x7f0000000480)=ANY=[@ANYBLOB="7f454c460001"], 0x78)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x4014, 0x0, 0x0)
shutdown(r1, 0x1)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f000000b500), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r5, &(0x7f000000d040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="c35e63fb29f91a9fce0089000008000300f1665e3df29dfcbdedc08d4df2c246203c5cd42734f9ec0b7268d95f9cb68006a815e1d62604cff9ea8dd64226a4dfbef714c9088a5b0390c059eaf4d3bd19378eb614838c88cdaf10ed4029bad8fc51f8e226", @ANYRES32, @ANYBLOB], 0x3c}}, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r7, 0x8955, &(0x7f0000000180)={{0x2, 0x0, @local}, {0x20000010304, @remote}, 0xde, {0x2, 0xfffd, @multicast1=0xe000cc02}})
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x0, 0xc, 0x800, 0x1, 0x0, '\x00', 0x0, r0}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000400000000000000080021850000006d00000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='jbd2_run_stats\x00', r9}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000640)=@newtaction={0x64, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x50, 0x1, [@m_bpf={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1}}, @TCA_ACT_BPF_FD={0x8, 0x5, r10}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)

8.90515486s ago: executing program 0:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, 0x0, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000001295"], &(0x7f00000003c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x0, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000080)={@multicast2, @empty, <r3=>0x0}, &(0x7f00000001c0)=0xc)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x15, 0x16, &(0x7f0000000780)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r4, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
setsockopt$packet_drop_memb(r2, 0x107, 0x2, &(0x7f0000000180)={0x0, 0x1, 0x6, @multicast}, 0x10)
socket(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r5, 0x400448ca, 0x0)
r6 = socket(0x0, 0x80005, 0x0)
sendto$inet6(r6, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2={0xff, 0x5}}, 0x1c)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, 0x1}, 0x6)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x3c1, 0x3, 0x510, 0x0, 0x18c, 0x203, 0x328, 0x19030000, 0x440, 0x2e0, 0x2e0, 0x440, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x328, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5a5)

4.134664608s ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0xffffffbc, 0x10}, [@ldst={0x7, 0xff05, 0x0, 0x0, 0xa}]}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xff06, &(0x7f000000cf3d)=""/195}, 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r2, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10)
recvmmsg(r2, &(0x7f0000005280)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00003f00}, 0x3}, {{0x0, 0x0, &(0x7f0000000200)=[{0x0}, {&(0x7f0000000340)=""/211, 0xd3}], 0x2}}, {{0x0, 0x0, &(0x7f0000003200)=[{0x0}], 0x1}, 0xb177}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000005200)=""/64, 0x40}, 0xa000000}], 0x4, 0x40002006, 0x0)
sendfile(r2, r1, 0x0, 0xffefffff)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000dc0)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d00)={0xffffffffffffffff, 0xe0, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0), ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x4, 0x6, &(0x7f0000000840)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r5=>0x0, 0x8, &(0x7f0000000540)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000780), &(0x7f00000007c0), 0x8, 0xee, 0x8, 0x8, &(0x7f0000000b00)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x2, 0xd, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, [@call={0x85, 0x0, 0x0, 0x50}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}, @jmp={0x5, 0x1}]}, &(0x7f0000000800)='GPL\x00', 0x5, 0x0, &(0x7f0000000840), 0x41100, 0x28, '\x00', r4, 0x8, 0xffffffffffffffff, 0x8, &(0x7f00000008c0)={0x8, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, r3, 0x2, &(0x7f0000000900)=[0xffffffffffffffff, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000940)=[{0x3}, {0x7fffffff, 0x3, 0x3, 0x5}], 0x10, 0xfffffbff}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1c, 0x1, &(0x7f0000001e40)=ANY=[@ANYRESHEX], &(0x7f0000000200)='syzkaller\x00', 0xb0dd, 0xaf, &(0x7f00000002c0)=""/175, 0x40f00, 0x0, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000440)={0x2, 0x2, 0x67f7, 0x8}, 0x10, r5, r3}, 0x90)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000006840)={'ip6gre0\x00', &(0x7f00000067c0)={'syztnl2\x00', <r7=>0x0, 0x4, 0xc1, 0x2b, 0x6b1c, 0x10, @local, @mcast2, 0x6, 0x8000, 0x1, 0x3}})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'lo\x00', <r8=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r8}, [@IFLA_VFINFO_LIST={0x1c, 0x16, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@IFLA_VF_IB_PORT_GUID={0x14, 0xa, {0xfffffff8}}]}]}, @IFLA_IFALIASn={0x4}]}, 0x40}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000007bc0)={'syztnl1\x00', &(0x7f0000007b40)={'ip6_vti0\x00', <r9=>0x0, 0x4, 0x7, 0x40, 0x0, 0x0, @empty, @remote, 0x8000, 0x40, 0x6, 0x8a02}})
getsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000008100)={@dev, @dev, <r10=>0x0}, &(0x7f0000008140)=0xc)
sendmmsg$inet(r2, &(0x7f0000008200)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000003840)={0x2, 0x4e23, @multicast2}, 0x10, &(0x7f0000003880)=[{&(0x7f0000000a40)="95e33a8f5968079d5291b438426ea0199e4687ca529af5a568c8196fa99ec754961a174f7a5d23535fa171fff30b0f091a391d46bc67330cd04d9ab16a3bb4c6f85c07fe763fe275388a9924982b6e46cdbfdf33586176de3d15dc30242f97c62639c036cf91778502da6c5847e0e1ccc0dad8fc3ab71bdd331711505f2ba55e1ea2e84d7beecbe61b0d999ccaa232dade86a08688b5dab9d510f2accbb89b4869abc3987a09c266529fc21d5dbb5e8c723e957ab247ba555b80c7f0", 0xbc}], 0x1, &(0x7f0000008480)=ANY=[@ANYBLOB="2c000000000000000000000007000000890b4ee00000097f000001890f67ba1e01010a7d8ad88e000001000000000000dc66688d734f0510801c00000000000083bc603ea86e56cfd3a6785d2b0f1259c960e86192e21dcd5f64a735385c6dd4e6e86a7a86dedaa9ee189aad5ffb60daf82837265dd259918eea4126e8800381f2a4adaf72651082937ae95d1aba195c06149276c7581ec24148b4d9ee5f78", @ANYRES32=r6, @ANYBLOB="e0000002e0000001000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1e01010a010101000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1e01010a01010100000000580000000000000000000000070000000713dc0a010100ac14142fac1414aaac1e01010094040100441cba13ac1414aa00000f1b000000000000240affffffff000000070144080d70fffffffb070bbb000000007f000001"], 0xe8}}, {{&(0x7f0000004b80)={0x2, 0x4e20, @rand_addr=0x64010101}, 0x10, &(0x7f0000004f80)=[{&(0x7f0000004bc0)="5c888ca322433af70e7f5ed4195deeda4fb90d076ddd220311939a9a765526631632101e9b7bee408d08d021617ff259da02d409d3fe8c5edd329549501adc3f01563b11ca030a733d65203fa2285821b92afcba4fe1c16b2c9b0ec03f86dd6d85eae09aed41b7fb3fa72d945a1fd3a6afcbe1de9d07d5b6f700cbe5fce0b6fd06687dd31d8af508ec11dc498e45234cbe45", 0x92}, {0x0}, {&(0x7f0000004dc0)="dc09135bc5e2541b7d8fc91c6f", 0xd}, {&(0x7f0000004e00)="eb674cd753646b91b2eb0f9a408fdb50e89c63cb0440b5449237f809298da760915cd1ea3698e111a2f3424de70682d5dc5855aa299609b68626fff647ad501b0a91347b07e610811331c7e4920afef62cafc1994c1442e1e98de6df0164932c0f0818d7015d8f1aefd96e5435701207aebb3e3e8e1320d23b58d88c3cadca5ec2fbe8c33f7fab", 0x87}, {&(0x7f0000004ec0)="58947ffd6723da34b3ba04276b35d52be7ba42a5b7239162db112899c8fc2676f5b4d11f05a93ca21eeeb1c087029a08d34f5f838340552ea758801c4f61a121552f74925b3b1ba551827f14f4c65b743fd6ef6ed5e9c84a43502b111d06eeefa4c93d5cca2b5400a23d1e8dbc", 0x6d}, {&(0x7f0000004f40)="04c83049e71d", 0x6}], 0x6, &(0x7f0000005040)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7f}}, @ip_retopts={{0x30, 0x0, 0x7, {[@timestamp={0x44, 0x20, 0x58, 0x0, 0x3, [0x4286, 0x2dde, 0x1, 0x6, 0x800, 0x3, 0x1]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010102, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xff}}, @ip_ttl={{0x14, 0x0, 0x2, 0x2}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}}}}], 0xb8}}, {{0x0, 0x0, &(0x7f0000005240)=[{&(0x7f0000005140)="d2262ad42b3841ace2e3642fb73be9c77c80276de03fecf4c02bbdec610c8d0c6dea14fa85c740a52dd321dee7b8c2177783eb29f545dd7f16cc0b598e1c6240a36d90158cdd83051ce3bf9961ab4cf5f6d43929438982effcea3558f28e2b785c316dad0e4858d82e2644d3bd18cd48a021b78eaf5fc4901f698a52d60127151efc4e75", 0x84}, {&(0x7f0000005380)="0bdb44ca8e6563748d58308dec74c1bae66a8299b89ee090572f53de3335edcb1a850464ba77d933691c23de3e25c96b2b0094adcfa82bacccca5b684cf6b6c1d4176578e2e07b216c157e5e96d2a1b51ffda63778ce042e5e9ec33a3a3924048145e0e48938a50f4c2c131565136b1b7bf86d3a475f43e3bd03618277f29b40574db349d3772c3b09a92609d60633c62a683153ac2b92005ab143b9e62813cb5685c0cf810acd80ba9a493e7ebab858510c8416d8b35e9faa33ede2c8096eb4cd", 0xc1}], 0x2, &(0x7f0000005480)=[@ip_ttl={{0x14, 0x0, 0x2, 0x400}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x7818}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x100}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1f}}, @ip_retopts={{0x18, 0x0, 0x7, {[@noop, @timestamp_addr={0x44, 0x4, 0xeb, 0x1, 0xe}]}}}], 0x78}}, {{&(0x7f0000005540)={0x2, 0x4e23, @private=0xa010100}, 0x10, &(0x7f0000006740), 0x0, &(0x7f0000003000)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x3}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}, @ip_retopts={{0x9c, 0x0, 0x7, {[@ssrr={0x89, 0x13, 0x8d, [@private, @multicast1, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @generic={0x7, 0x7, "6fcbbf500d"}, @noop, @timestamp_addr={0x44, 0xc, 0xc1, 0x1, 0x6, [{@dev={0xac, 0x14, 0x14, 0x31}, 0xffffffc0}]}, @timestamp_addr={0x44, 0x34, 0x76, 0x1, 0xe, [{@local, 0x8}, {@multicast1, 0x5c}, {@multicast2, 0x3}, {@multicast2, 0x6}, {@dev={0xac, 0x14, 0x14, 0x2f}, 0x6}, {@broadcast, 0x8d5d}]}, @lsrr={0x83, 0x1b, 0xd0, [@empty, @local, @empty, @empty, @multicast1, @multicast1]}, @rr={0x7, 0x13, 0xe2, [@dev={0xac, 0x14, 0x14, 0x35}, @remote, @dev={0xac, 0x14, 0x14, 0x2f}, @multicast2]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @private=0xa010100, @local}}}], 0x108}}, {{&(0x7f0000006980)={0x2, 0x4e21, @private=0xa010101}, 0x10, &(0x7f0000007b00)=[{&(0x7f00000069c0)="54c630db", 0x4}, {&(0x7f0000006a00)="a1c04d2ea46a25287826ed89f19033d3000bf29971540a5247da52ad4701cfc539b6df5a1cd976dda2de493f449d3577ebdc5cb7b168e86cc7fa3dd3dde958367b47e117cc17fb90c8b452f43d80988f773f8d8cc065b74dd4152d02075dc7a3613dbe091388b0ee33d1be0a012efe7b30b36c0e1632238a", 0x78}, {&(0x7f0000007a80)="4fc1e6f28ed816db5a0998e96b562645c99402e264aa35bc56979921e22f9534b9ff7c24a73e686332de0ec66410deaf351ff1ef91d12ec459ebbbf5576ffaad65a94d7bf8a52de669905a39e33671c91767ff3e0e33540b631b5f9473b367bf6899b3cf96d990751769c45cc3", 0x6d}], 0x3, &(0x7f0000007c00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @dev={0xac, 0x14, 0x14, 0x3c}, @local}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x7fff}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @multicast1, @remote}}}], 0x58}}, {{&(0x7f0000007c80)={0x2, 0x4e23, @private=0xa010100}, 0x10, &(0x7f0000007f00)=[{&(0x7f0000007cc0)="9ae01e756e5d4e83ee5ff87cc44c596adba373711fc43c02c79612b79a0efadcda34410db118b471d075c4ae657e995763999b73e5742152ca5d38adde2256eef9c39650a4c801a56974b3def28bea95c4d762ca485175127cc245a4e020f587bbc7e757ed35af428b9f70592c14bc8edc5a7a875d8c0e6c91776476c236fca6ae24fcfe8888338d5774f1febae311f14177a27b4a5b456ad31d8fabee0a1fbe1ae81426eda5bf73428c135520620473039a009ed62c4c469d6706db2fe4454c3dd035b2837baa75690c44c2d0d8084ae670b19e2cb5bc7300852a896e01d816c7ed63a4a1e4493dd960fca5234f943ef39c", 0xf2}, {&(0x7f0000007dc0)="fcc4285fb94f93752a1d9654ee79d7f11ccc592bf606fffd12280cbe7192f643c074cfa4", 0x24}, {&(0x7f0000007e00)="31fd33fc44b33e87b7b2b06055932abb497324bfd15f8face1764eba6bc36266d6c07e708641e79214fec11c04c6c86e5062626a2d45db84a7f68f5b77103634f501cec93b956a8df98c2847467ef13dd96cc1a820383925e7d505b52191f13b66fec1e75feb6bd0d22a95bc99fbff78d8ac0cd168c5c5e64b51dc24ebd28403783eb816d99c14e7d589221adde65a5399b479bdad280f3e217bbd18425870d6bb0d9814adceb00392cccb1ab19bd2e31a7190970f59d34a1aece6e4b34889f8521e7d8e30c88888b54abc4f75d91fbd6c4795f60c309b247e40ae58b029f22a7bf5699af59f4e8b089b4a44f7333f67c17431", 0xf3}], 0x3, &(0x7f0000007f40)=[@ip_retopts={{0x44, 0x0, 0x7, {[@lsrr={0x83, 0x3}, @ssrr={0x89, 0x1b, 0x4e, [@broadcast, @multicast1, @loopback, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x28}]}, @end, @lsrr={0x83, 0x13, 0xf5, [@private=0xa010101, @rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast]}, @end]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x80000001}}], 0x78}}, {{&(0x7f0000008000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x40}}, 0x10, &(0x7f00000080c0)=[{&(0x7f0000008040)="af4df645989fb1778f62d47dee3c665c394b9c9fdc228a3a748f3b35849580fd74d1bd49b7b2b19ceb779b756f27560d90a0385d911611951917183ebc0b585bd24e793e59a54743db630fbf06d343d2e4fab5906c04850ec78b06b0de215789c93eb4", 0x63}], 0x1, &(0x7f0000008180)=[@ip_ttl={{0x14, 0x0, 0x2, 0x10000}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @local, @multicast2}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xfffffff9}}, @ip_ttl={{0x14, 0x0, 0x2, 0x401}}], 0x80}}], 0x8, 0x0)
socket$inet6_sctp(0xa, 0x0, 0x84)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x24, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000100001"], 0x50}}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000680)=ANY=[@ANYBLOB="58000000000901010000000000000000000000001000048008000140000000000000ffdf14000280080001000000000008000200ac1414000800054000000000090001"], 0x58}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
pipe(&(0x7f0000000080))
sendmsg$SMC_PNETID_FLUSH(r1, &(0x7f0000000600)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x30, 0x0, 0x100, 0x70bd2d, 0x25dfdbfe, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
read(r0, &(0x7f00000000c0)=""/97, 0x3b)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000))

3.072821151s ago: executing program 2:
r0 = socket$inet6(0xa, 0x3, 0xff)
close(r0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'bond_slave_1\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)=@gettclass={0x24, 0x2a, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x3}, {0x0, 0x3}}}, 0x24}}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x0, 0x1000, 0x0, 0x1}, 0x20)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x0, 0x4, 0x4}, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r4 = socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20004080)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB, @ANYBLOB], 0x48}}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000040), 0x208e24b)
r6 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r6, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x2, @dev}, 0x10)
sendfile(r6, r5, 0x0, 0xffefffff)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000440)='\x00'/16, 0x10)
r8 = accept4(r7, 0x0, 0x0, 0x0)
recvfrom$l2tp6(r8, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$packet(r6, 0x0, 0x0, 0x4010, &(0x7f0000000380)={0x11, 0x1c, 0x0, 0x1, 0x80, 0x6, @link_local}, 0x14)

2.531248315s ago: executing program 4:
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0xffffffbc, 0x10}, [@ldst={0x7, 0xff05, 0x0, 0x0, 0xa}]}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xff06, &(0x7f000000cf3d)=""/195}, 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r2, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10)
recvmmsg(r2, &(0x7f0000005280)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00003f00}, 0x3}, {{0x0, 0x0, &(0x7f0000000200)=[{0x0}, {&(0x7f0000000340)=""/211, 0xd3}], 0x2}}, {{0x0, 0x0, &(0x7f0000003200)=[{0x0}], 0x1}, 0xb177}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000005200)=""/64, 0x40}, 0xa000000}], 0x4, 0x40002006, 0x0)
sendfile(r2, r1, 0x0, 0xffefffff)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000dc0)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d00)={0xffffffffffffffff, 0xe0, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0), ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x4, 0x6, &(0x7f0000000840)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r5=>0x0, 0x8, &(0x7f0000000540)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000780), &(0x7f00000007c0), 0x8, 0xee, 0x8, 0x8, &(0x7f0000000b00)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x2, 0xd, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, [@call={0x85, 0x0, 0x0, 0x50}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}, @jmp={0x5, 0x1}]}, &(0x7f0000000800)='GPL\x00', 0x5, 0x0, &(0x7f0000000840), 0x41100, 0x28, '\x00', r4, 0x8, 0xffffffffffffffff, 0x8, &(0x7f00000008c0)={0x8, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, r3, 0x2, &(0x7f0000000900)=[0xffffffffffffffff, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000940)=[{0x3}, {0x7fffffff, 0x3, 0x3, 0x5}], 0x10, 0xfffffbff}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1c, 0x1, &(0x7f0000001e40)=ANY=[@ANYRESHEX], &(0x7f0000000200)='syzkaller\x00', 0xb0dd, 0xaf, &(0x7f00000002c0)=""/175, 0x40f00, 0x0, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000440)={0x2, 0x2, 0x67f7, 0x8}, 0x10, r5, r3}, 0x90)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000006840)={'ip6gre0\x00', &(0x7f00000067c0)={'syztnl2\x00', <r7=>0x0, 0x4, 0xc1, 0x2b, 0x6b1c, 0x10, @local, @mcast2, 0x6, 0x8000, 0x1, 0x3}})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'lo\x00', <r8=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r8}, [@IFLA_VFINFO_LIST={0x1c, 0x16, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@IFLA_VF_IB_PORT_GUID={0x14, 0xa, {0xfffffff8}}]}]}, @IFLA_IFALIASn={0x4}]}, 0x40}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000007bc0)={'syztnl1\x00', &(0x7f0000007b40)={'ip6_vti0\x00', <r9=>0x0, 0x4, 0x7, 0x40, 0x0, 0x0, @empty, @remote, 0x8000, 0x40, 0x6, 0x8a02}})
getsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000008100)={@dev, @dev, <r10=>0x0}, &(0x7f0000008140)=0xc)
sendmmsg$inet(r2, &(0x7f0000008200)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000003840)={0x2, 0x4e23, @multicast2}, 0x10, &(0x7f0000003880)=[{&(0x7f0000000a40)="95e33a8f5968079d5291b438426ea0199e4687ca529af5a568c8196fa99ec754961a174f7a5d23535fa171fff30b0f091a391d46bc67330cd04d9ab16a3bb4c6f85c07fe763fe275388a9924982b6e46cdbfdf33586176de3d15dc30242f97c62639c036cf91778502da6c5847e0e1ccc0dad8fc3ab71bdd331711505f2ba55e1ea2e84d7beecbe61b0d999ccaa232dade86a08688b5dab9d510f2accbb89b4869abc3987a09c266529fc21d5dbb5e8c723e957ab247ba555b80c7f0", 0xbc}], 0x1, &(0x7f0000008480)=ANY=[@ANYBLOB="2c000000000000000000000007000000890b4ee00000097f000001890f67ba1e01010a7d8ad88e000001000000000000dc66688d734f0510801c00000000000083bc603ea86e56cfd3a6785d2b0f1259c960e86192e21dcd5f64a735385c6dd4e6e86a7a86dedaa9ee189aad5ffb60daf82837265dd259918eea4126e8800381f2a4adaf72651082937ae95d1aba195c06149276c7581ec24148b4d9ee5f78", @ANYRES32=r6, @ANYBLOB="e0000002e0000001000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1e01010a010101000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1e01010a01010100000000580000000000000000000000070000000713dc0a010100ac14142fac1414aaac1e01010094040100441cba13ac1414aa00000f1b000000000000240affffffff000000070144080d70fffffffb070bbb000000007f000001"], 0xe8}}, {{&(0x7f0000004b80)={0x2, 0x4e20, @rand_addr=0x64010101}, 0x10, &(0x7f0000004f80)=[{&(0x7f0000004bc0)="5c888ca322433af70e7f5ed4195deeda4fb90d076ddd220311939a9a765526631632101e9b7bee408d08d021617ff259da02d409d3fe8c5edd329549501adc3f01563b11ca030a733d65203fa2285821b92afcba4fe1c16b2c9b0ec03f86dd6d85eae09aed41b7fb3fa72d945a1fd3a6afcbe1de9d07d5b6f700cbe5fce0b6fd06687dd31d8af508ec11dc498e45234cbe45", 0x92}, {0x0}, {&(0x7f0000004dc0)="dc09135bc5e2541b7d8fc91c6f", 0xd}, {&(0x7f0000004e00)="eb674cd753646b91b2eb0f9a408fdb50e89c63cb0440b5449237f809298da760915cd1ea3698e111a2f3424de70682d5dc5855aa299609b68626fff647ad501b0a91347b07e610811331c7e4920afef62cafc1994c1442e1e98de6df0164932c0f0818d7015d8f1aefd96e5435701207aebb3e3e8e1320d23b58d88c3cadca5ec2fbe8c33f7fab", 0x87}, {&(0x7f0000004ec0)="58947ffd6723da34b3ba04276b35d52be7ba42a5b7239162db112899c8fc2676f5b4d11f05a93ca21eeeb1c087029a08d34f5f838340552ea758801c4f61a121552f74925b3b1ba551827f14f4c65b743fd6ef6ed5e9c84a43502b111d06eeefa4c93d5cca2b5400a23d1e8dbc", 0x6d}, {&(0x7f0000004f40)="04c83049e71d", 0x6}], 0x6, &(0x7f0000005040)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7f}}, @ip_retopts={{0x30, 0x0, 0x7, {[@timestamp={0x44, 0x20, 0x58, 0x0, 0x3, [0x4286, 0x2dde, 0x1, 0x6, 0x800, 0x3, 0x1]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010102, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xff}}, @ip_ttl={{0x14, 0x0, 0x2, 0x2}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}}}}], 0xb8}}, {{0x0, 0x0, &(0x7f0000005240)=[{&(0x7f0000005140)="d2262ad42b3841ace2e3642fb73be9c77c80276de03fecf4c02bbdec610c8d0c6dea14fa85c740a52dd321dee7b8c2177783eb29f545dd7f16cc0b598e1c6240a36d90158cdd83051ce3bf9961ab4cf5f6d43929438982effcea3558f28e2b785c316dad0e4858d82e2644d3bd18cd48a021b78eaf5fc4901f698a52d60127151efc4e75", 0x84}, {&(0x7f0000005380)="0bdb44ca8e6563748d58308dec74c1bae66a8299b89ee090572f53de3335edcb1a850464ba77d933691c23de3e25c96b2b0094adcfa82bacccca5b684cf6b6c1d4176578e2e07b216c157e5e96d2a1b51ffda63778ce042e5e9ec33a3a3924048145e0e48938a50f4c2c131565136b1b7bf86d3a475f43e3bd03618277f29b40574db349d3772c3b09a92609d60633c62a683153ac2b92005ab143b9e62813cb5685c0cf810acd80ba9a493e7ebab858510c8416d8b35e9faa33ede2c8096eb4cd", 0xc1}], 0x2, &(0x7f0000005480)=[@ip_ttl={{0x14, 0x0, 0x2, 0x400}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x7818}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x100}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1f}}, @ip_retopts={{0x18, 0x0, 0x7, {[@noop, @timestamp_addr={0x44, 0x4, 0xeb, 0x1, 0xe}]}}}], 0x78}}, {{&(0x7f0000005540)={0x2, 0x4e23, @private=0xa010100}, 0x10, &(0x7f0000006740), 0x0, &(0x7f0000003000)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x3}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}, @ip_retopts={{0x9c, 0x0, 0x7, {[@ssrr={0x89, 0x13, 0x8d, [@private, @multicast1, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @generic={0x7, 0x7, "6fcbbf500d"}, @noop, @timestamp_addr={0x44, 0xc, 0xc1, 0x1, 0x6, [{@dev={0xac, 0x14, 0x14, 0x31}, 0xffffffc0}]}, @timestamp_addr={0x44, 0x34, 0x76, 0x1, 0xe, [{@local, 0x8}, {@multicast1, 0x5c}, {@multicast2, 0x3}, {@multicast2, 0x6}, {@dev={0xac, 0x14, 0x14, 0x2f}, 0x6}, {@broadcast, 0x8d5d}]}, @lsrr={0x83, 0x1b, 0xd0, [@empty, @local, @empty, @empty, @multicast1, @multicast1]}, @rr={0x7, 0x13, 0xe2, [@dev={0xac, 0x14, 0x14, 0x35}, @remote, @dev={0xac, 0x14, 0x14, 0x2f}, @multicast2]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @private=0xa010100, @local}}}], 0x108}}, {{&(0x7f0000006980)={0x2, 0x4e21, @private=0xa010101}, 0x10, &(0x7f0000007b00)=[{&(0x7f00000069c0)="54c630db", 0x4}, {&(0x7f0000006a00)="a1c04d2ea46a25287826ed89f19033d3000bf29971540a5247da52ad4701cfc539b6df5a1cd976dda2de493f449d3577ebdc5cb7b168e86cc7fa3dd3dde958367b47e117cc17fb90c8b452f43d80988f773f8d8cc065b74dd4152d02075dc7a3613dbe091388b0ee33d1be0a012efe7b30b36c0e1632238a", 0x78}, {&(0x7f0000007a80)="4fc1e6f28ed816db5a0998e96b562645c99402e264aa35bc56979921e22f9534b9ff7c24a73e686332de0ec66410deaf351ff1ef91d12ec459ebbbf5576ffaad65a94d7bf8a52de669905a39e33671c91767ff3e0e33540b631b5f9473b367bf6899b3cf96d990751769c45cc3", 0x6d}], 0x3, &(0x7f0000007c00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @dev={0xac, 0x14, 0x14, 0x3c}, @local}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x7fff}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @multicast1, @remote}}}], 0x58}}, {{&(0x7f0000007c80)={0x2, 0x4e23, @private=0xa010100}, 0x10, &(0x7f0000007f00)=[{&(0x7f0000007cc0)="9ae01e756e5d4e83ee5ff87cc44c596adba373711fc43c02c79612b79a0efadcda34410db118b471d075c4ae657e995763999b73e5742152ca5d38adde2256eef9c39650a4c801a56974b3def28bea95c4d762ca485175127cc245a4e020f587bbc7e757ed35af428b9f70592c14bc8edc5a7a875d8c0e6c91776476c236fca6ae24fcfe8888338d5774f1febae311f14177a27b4a5b456ad31d8fabee0a1fbe1ae81426eda5bf73428c135520620473039a009ed62c4c469d6706db2fe4454c3dd035b2837baa75690c44c2d0d8084ae670b19e2cb5bc7300852a896e01d816c7ed63a4a1e4493dd960fca5234f943ef39c", 0xf2}, {&(0x7f0000007dc0)="fcc4285fb94f93752a1d9654ee79d7f11ccc592bf606fffd12280cbe7192f643c074cfa4", 0x24}, {&(0x7f0000007e00)="31fd33fc44b33e87b7b2b06055932abb497324bfd15f8face1764eba6bc36266d6c07e708641e79214fec11c04c6c86e5062626a2d45db84a7f68f5b77103634f501cec93b956a8df98c2847467ef13dd96cc1a820383925e7d505b52191f13b66fec1e75feb6bd0d22a95bc99fbff78d8ac0cd168c5c5e64b51dc24ebd28403783eb816d99c14e7d589221adde65a5399b479bdad280f3e217bbd18425870d6bb0d9814adceb00392cccb1ab19bd2e31a7190970f59d34a1aece6e4b34889f8521e7d8e30c88888b54abc4f75d91fbd6c4795f60c309b247e40ae58b029f22a7bf5699af59f4e8b089b4a44f7333f67c17431", 0xf3}], 0x3, &(0x7f0000007f40)=[@ip_retopts={{0x44, 0x0, 0x7, {[@lsrr={0x83, 0x3}, @ssrr={0x89, 0x1b, 0x4e, [@broadcast, @multicast1, @loopback, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x28}]}, @end, @lsrr={0x83, 0x13, 0xf5, [@private=0xa010101, @rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast]}, @end]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x80000001}}], 0x78}}, {{&(0x7f0000008000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x40}}, 0x10, &(0x7f00000080c0)=[{&(0x7f0000008040)="af4df645989fb1778f62d47dee3c665c394b9c9fdc228a3a748f3b35849580fd74d1bd49b7b2b19ceb779b756f27560d90a0385d911611951917183ebc0b585bd24e793e59a54743db630fbf06d343d2e4fab5906c04850ec78b06b0de215789c93eb4", 0x63}], 0x1, &(0x7f0000008180)=[@ip_ttl={{0x14, 0x0, 0x2, 0x10000}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @local, @multicast2}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xfffffff9}}, @ip_ttl={{0x14, 0x0, 0x2, 0x401}}], 0x80}}], 0x8, 0x0)
socket$inet6_sctp(0xa, 0x0, 0x84)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x24, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000100001"], 0x50}}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000680)=ANY=[@ANYBLOB="58000000000901010000000000000000000000001000048008000140000000000000ffdf14000280080001000000000008000200ac1414000800054000000000090001"], 0x58}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
pipe(&(0x7f0000000080))
sendmsg$SMC_PNETID_FLUSH(r1, &(0x7f0000000600)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x30, 0x0, 0x100, 0x70bd2d, 0x25dfdbfe, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
read(r0, &(0x7f00000000c0)=""/97, 0x3b)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000))

1.610307004s ago: executing program 2:
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'team_slave_0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="2000000010000110000100000475000000000000", @ANYRES32=r4, @ANYBLOB="da"], 0x20}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newlink={0x20, 0x10, 0x401, 0x0, 0x0, {0x0, 0x48, 0x0, r4, 0x22a0b}}, 0x20}}, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r2, 0x0)
syz_emit_ethernet(0x5a, &(0x7f0000000140)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff00f5", 0x24, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x9, 0xc2, 0x0, 0x0, 0x0, {[@mptcp=@synack={0x1e, 0x10, 0x0, 0x2, 0xfc}]}}}}}}}}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x11, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b6000000850000000700000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='jbd2_handle_stats\x00', r6}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)

1.331807253s ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x16, 0x14, &(0x7f00000000c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}, @printk={@ld, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x73}}]}, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x10, 0x38, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/8, 0x60ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1.317229454s ago: executing program 1:
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f00000001c0))

1.183987488s ago: executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x14}, 0x14}}, 0x0)
ioctl$sock_SIOCBRDELBR(r0, 0x89a2, &(0x7f0000000000)='bridge0\x00')
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x8001)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r0, &(0x7f0000000580)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000540)={&(0x7f0000000340)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042dbd7000fbdbdf257a000046e5629de92d3130d5000008000300", @ANYRES32=0x0, @ANYBLOB="0c002a000106b69884160904"], 0x28}, 0x1, 0x0, 0x0, 0x4051}, 0x4040090)
r3 = socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(r3, 0x8983, &(0x7f0000000100)={0x7, 'nr0\x00', {0x1}, 0x5})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000140)={'ip6tnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x656, 0x44, @remote, @mcast2={0xff, 0x5}, 0x0, 0x80, 0x0, 0x10000000}})
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r6=>0x0}, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r4, 0x84, 0x22, &(0x7f0000000180)={0xfff, 0x8004, 0xffffffff, 0x8, r6}, 0x10)
connect$l2tp6(r3, &(0x7f0000000280)={0xa, 0x0, 0x4, @private0, 0x9}, 0x20)
setsockopt$inet6_udp_encap(r3, 0x11, 0x64, &(0x7f00000003c0)=0x5, 0x4)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
r8 = socket$inet6_sctp(0xa, 0x0, 0x84)
r9 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r10=>0x0}, &(0x7f00000001c0)=0x8)
r11 = socket(0x29, 0x80805, 0x1)
sendmmsg$inet(r11, &(0x7f0000003b40)=[{{&(0x7f0000000080)={0x2, 0x0, @private=0xa010101}, 0x10, &(0x7f0000001400)=[{&(0x7f00000000c0)="fe", 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r11, 0x84, 0x10, &(0x7f00000077c0)={r10}, 0x8)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r8, 0x84, 0x76, &(0x7f00000003c0)={r10, 0x1}, 0x8)
setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r7, 0x84, 0x6, &(0x7f0000000400)={r10, @in6={{0xa, 0x4e23, 0x2, @mcast1, 0x79ea}}}, 0x84)
r12 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r12, 0x84, 0x23, &(0x7f0000000380)={r6, 0x4}, 0x8)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f00000001c0)=@sack_info={r6, 0x3, 0xfffff000}, &(0x7f0000000200)=0xc)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, &(0x7f00000002c0)={0x2, 'bond0\x00', {0x1f}, 0x1000})
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f00000000c0)={r6, 0xf1f0}, 0x8)

1.10056977s ago: executing program 2:
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x18, 0x0, 0x0)
close(r0)
socket$can_j1939(0x1d, 0x2, 0x7)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)=ANY=[@ANYBLOB="ac1e00018aac14140000000000000000"], 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000340)=0x100000, 0x4)
clock_gettime(0x0, &(0x7f0000003cc0)={<r3=>0x0, <r4=>0x0})
recvmmsg(r2, &(0x7f00000056c0)=[{{&(0x7f0000000140)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000001480)=[{&(0x7f00000001c0)=""/183, 0xb7}, {&(0x7f0000005900)=""/267, 0x10b}, {&(0x7f0000000380)=""/4096, 0x1000}, {&(0x7f0000000080)=""/17, 0x11}, {&(0x7f0000001380)=""/135, 0x87}, {&(0x7f0000001440)=""/2, 0x2}], 0x6, &(0x7f0000001500)=""/114, 0x72}, 0x4f}, {{&(0x7f0000001580)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast1}}, 0x80, &(0x7f0000002880)=[{&(0x7f0000001600)=""/95, 0x5f}, {&(0x7f0000001680)=""/99, 0x63}, {&(0x7f0000001700)=""/106, 0x6a}, {&(0x7f0000001780)=""/4096, 0x1000}, {&(0x7f0000002780)=""/41, 0x29}, {&(0x7f00000027c0)=""/186, 0xba}], 0x6, &(0x7f0000002900)=""/131, 0x83}, 0x9}, {{&(0x7f00000029c0)=@hci, 0x80, &(0x7f0000002c00)=[{&(0x7f0000002a40)=""/186, 0xba}, {&(0x7f0000002b00)=""/248, 0xf8}], 0x2, &(0x7f0000002c40)=""/72, 0x48}, 0x9}, {{0x0, 0x0, &(0x7f0000003340)=[{&(0x7f0000002cc0)=""/131, 0x83}, {&(0x7f0000002d80)=""/190, 0xbe}, {&(0x7f0000002e40)=""/56, 0x38}, {&(0x7f0000002e80)=""/125, 0x7d}, {&(0x7f0000002f00)=""/163, 0xa3}, {&(0x7f0000002fc0)=""/215, 0xd7}, {&(0x7f00000030c0)=""/140, 0x8c}, {&(0x7f0000003180)=""/146, 0x92}, {&(0x7f0000003240)=""/163, 0xa3}, {&(0x7f0000003300)=""/33, 0x21}], 0xa, &(0x7f0000003400)=""/49, 0x31}, 0x7ff}, {{&(0x7f0000003440)=@isdn, 0x80, &(0x7f00000037c0)=[{&(0x7f00000034c0)=""/122, 0x7a}, {&(0x7f0000003540)=""/88, 0x58}, {&(0x7f00000035c0)=""/134, 0x86}, {&(0x7f0000003680)=""/141, 0x8d}, {&(0x7f0000003740)=""/103, 0x67}], 0x5, &(0x7f0000003840)=""/41, 0x29}, 0x7}, {{0x0, 0x0, &(0x7f0000003d40)=[{&(0x7f0000003880)=""/38, 0x26}, {&(0x7f00000038c0)=""/38, 0x26}, {&(0x7f0000003900)=""/67, 0x43}, {&(0x7f0000003980)=""/167, 0xa7}, {&(0x7f0000003a40)=""/242, 0xf2}, {&(0x7f0000003b40)=""/224, 0xe0}, {&(0x7f0000003c40)=""/114, 0x72}, {&(0x7f0000003cc0)}, {&(0x7f0000003d00)=""/4, 0x4}], 0x9, &(0x7f0000003e00)}, 0x81}, {{&(0x7f0000003e40)=@isdn, 0x80, &(0x7f0000004100)=[{&(0x7f0000003ec0)=""/153, 0x99}, {&(0x7f0000003f80)=""/27, 0x1b}, {&(0x7f0000003fc0)=""/71, 0x47}, {&(0x7f0000004040)=""/123, 0x7b}, {&(0x7f00000040c0)=""/44, 0x2c}], 0x5, &(0x7f0000004180)=""/4096, 0x1000}, 0x129}, {{&(0x7f0000005180)=@can, 0x80, &(0x7f0000005600)=[{&(0x7f0000005200)=""/182, 0xb6}, {&(0x7f00000052c0)=""/13, 0xd}, {&(0x7f0000005300)=""/229, 0xe5}, {&(0x7f0000005400)=""/190, 0xbe}, {&(0x7f00000054c0)=""/93, 0x5d}, {&(0x7f0000005540)=""/148, 0x94}], 0x6, &(0x7f0000005680)=""/36, 0x24}}], 0x8, 0x12141, &(0x7f00000058c0)={r3, r4+10000000})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x2, 0xc}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="1801000000bae3000000000000000000850000007b00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000640)='kfree\x00', r6}, 0x10)
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="580000000206010100000000000000000000000005000100070000000900020073797a30000000000c00078005001a460000000012000300686173683a6e65742c706f7274000000050005000a0000000500040000000000edb0af566f0af6d06ccd36d298a181efac1f0259b5eb26be38cdffd39369bcd6e557da2553efb50f738e8da92521a41c5b42e5f36ede1cd0a60ab35d4eb1095e5c797f9333478056c7002629136d6dae408805ec54ac2d07c622fa8292e09172"], 0x58}}, 0x0)
getsockopt$nfc_llcp(r0, 0x6b, 0x0, 0x0, 0xf0ff1f00000000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000080)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_skbedit={0x48, 0x1, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x23}]}, {0xdb}, {0xc}, {0xc, 0x9}}}]}]}, 0x60}}, 0x0)

1.081894053s ago: executing program 3:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x8, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {{0x6, 0x0, 0xb}, {0x65, 0x0, 0xc}}, [@printk={@lld, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0x2, 0xa, 0x9}, {0x7, 0x0, 0x3, 0x9}, {}, {}, {0x15}}], {{0x5, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

982.528378ms ago: executing program 2:
syz_emit_ethernet(0x8a, &(0x7f0000000100)={@local, @link_local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x7c, 0x0, 0x0, 0x0, 0x21, 0x0, @private, @broadcast}, @redirect={0x5, 0x0, 0x0, @private=0xa010102, {0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @dev, {[@rr={0x7, 0x13, 0x0, [@multicast2, @private, @broadcast, @broadcast]}, @end, @timestamp={0x44, 0x28, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @lsrr={0x83, 0x3}, @cipso={0x86, 0x6}, @generic={0x0, 0x4, "c48f"}]}}}}}}}, 0x0)

937.41388ms ago: executing program 3:
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000005000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='ext4_allocate_blocks\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r2, &(0x7f0000000000), 0x248800)

875.981379ms ago: executing program 1:
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x18, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000010000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='jbd2_handle_stats\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)

847.543864ms ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='ext4_ext_handle_unwritten_extents\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='ext4_ext_handle_unwritten_extents\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x40305839, &(0x7f0000000540)={'\x00', @link_local={0x1, 0x80, 0xc2, 0x5}})

810.853726ms ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0xffffffbc, 0x10}, [@ldst={0x7, 0xff05, 0x0, 0x0, 0xa}]}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xff06, &(0x7f000000cf3d)=""/195}, 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r2, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10)
recvmmsg(r2, &(0x7f0000005280)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00003f00}, 0x3}, {{0x0, 0x0, &(0x7f0000000200)=[{0x0}, {&(0x7f0000000340)=""/211, 0xd3}], 0x2}}, {{0x0, 0x0, &(0x7f0000003200)=[{0x0}], 0x1}, 0xb177}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000005200)=""/64, 0x40}, 0xa000000}], 0x4, 0x40002006, 0x0)
sendfile(r2, r1, 0x0, 0xffefffff)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000dc0)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d00)={0xffffffffffffffff, 0xe0, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0), ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x4, 0x6, &(0x7f0000000840)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r5=>0x0, 0x8, &(0x7f0000000540)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000780), &(0x7f00000007c0), 0x8, 0xee, 0x8, 0x8, &(0x7f0000000b00)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x2, 0xd, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, [@call={0x85, 0x0, 0x0, 0x50}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}, @jmp={0x5, 0x1}]}, &(0x7f0000000800)='GPL\x00', 0x5, 0x0, &(0x7f0000000840), 0x41100, 0x28, '\x00', r4, 0x8, 0xffffffffffffffff, 0x8, &(0x7f00000008c0)={0x8, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, r3, 0x2, &(0x7f0000000900)=[0xffffffffffffffff, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000940)=[{0x3}, {0x7fffffff, 0x3, 0x3, 0x5}], 0x10, 0xfffffbff}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1c, 0x1, &(0x7f0000001e40)=ANY=[@ANYRESHEX], &(0x7f0000000200)='syzkaller\x00', 0xb0dd, 0xaf, &(0x7f00000002c0)=""/175, 0x40f00, 0x0, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000440)={0x2, 0x2, 0x67f7, 0x8}, 0x10, r5, r3}, 0x90)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000006840)={'ip6gre0\x00', &(0x7f00000067c0)={'syztnl2\x00', <r7=>0x0, 0x4, 0xc1, 0x2b, 0x6b1c, 0x10, @local, @mcast2, 0x6, 0x8000, 0x1, 0x3}})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'lo\x00', <r8=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r8}, [@IFLA_VFINFO_LIST={0x1c, 0x16, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@IFLA_VF_IB_PORT_GUID={0x14, 0xa, {0xfffffff8}}]}]}, @IFLA_IFALIASn={0x4}]}, 0x40}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000007bc0)={'syztnl1\x00', &(0x7f0000007b40)={'ip6_vti0\x00', <r9=>0x0, 0x4, 0x7, 0x40, 0x0, 0x0, @empty, @remote, 0x8000, 0x40, 0x6, 0x8a02}})
getsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000008100)={@dev, @dev, <r10=>0x0}, &(0x7f0000008140)=0xc)
sendmmsg$inet(r2, &(0x7f0000008200)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000003840)={0x2, 0x4e23, @multicast2}, 0x10, &(0x7f0000003880)=[{&(0x7f0000000a40)="95e33a8f5968079d5291b438426ea0199e4687ca529af5a568c8196fa99ec754961a174f7a5d23535fa171fff30b0f091a391d46bc67330cd04d9ab16a3bb4c6f85c07fe763fe275388a9924982b6e46cdbfdf33586176de3d15dc30242f97c62639c036cf91778502da6c5847e0e1ccc0dad8fc3ab71bdd331711505f2ba55e1ea2e84d7beecbe61b0d999ccaa232dade86a08688b5dab9d510f2accbb89b4869abc3987a09c266529fc21d5dbb5e8c723e957ab247ba555b80c7f0", 0xbc}], 0x1, &(0x7f0000008480)=ANY=[@ANYBLOB="2c000000000000000000000007000000890b4ee00000097f000001890f67ba1e01010a7d8ad88e000001000000000000dc66688d734f0510801c00000000000083bc603ea86e56cfd3a6785d2b0f1259c960e86192e21dcd5f64a735385c6dd4e6e86a7a86dedaa9ee189aad5ffb60daf82837265dd259918eea4126e8800381f2a4adaf72651082937ae95d1aba195c06149276c7581ec24148b4d9ee5f78", @ANYRES32=r6, @ANYBLOB="e0000002e0000001000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1e01010a010101000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1e01010a01010100000000580000000000000000000000070000000713dc0a010100ac14142fac1414aaac1e01010094040100441cba13ac1414aa00000f1b000000000000240affffffff000000070144080d70fffffffb070bbb000000007f000001"], 0xe8}}, {{&(0x7f0000004b80)={0x2, 0x4e20, @rand_addr=0x64010101}, 0x10, &(0x7f0000004f80)=[{&(0x7f0000004bc0)="5c888ca322433af70e7f5ed4195deeda4fb90d076ddd220311939a9a765526631632101e9b7bee408d08d021617ff259da02d409d3fe8c5edd329549501adc3f01563b11ca030a733d65203fa2285821b92afcba4fe1c16b2c9b0ec03f86dd6d85eae09aed41b7fb3fa72d945a1fd3a6afcbe1de9d07d5b6f700cbe5fce0b6fd06687dd31d8af508ec11dc498e45234cbe45", 0x92}, {0x0}, {&(0x7f0000004dc0)="dc09135bc5e2541b7d8fc91c6f", 0xd}, {&(0x7f0000004e00)="eb674cd753646b91b2eb0f9a408fdb50e89c63cb0440b5449237f809298da760915cd1ea3698e111a2f3424de70682d5dc5855aa299609b68626fff647ad501b0a91347b07e610811331c7e4920afef62cafc1994c1442e1e98de6df0164932c0f0818d7015d8f1aefd96e5435701207aebb3e3e8e1320d23b58d88c3cadca5ec2fbe8c33f7fab", 0x87}, {&(0x7f0000004ec0)="58947ffd6723da34b3ba04276b35d52be7ba42a5b7239162db112899c8fc2676f5b4d11f05a93ca21eeeb1c087029a08d34f5f838340552ea758801c4f61a121552f74925b3b1ba551827f14f4c65b743fd6ef6ed5e9c84a43502b111d06eeefa4c93d5cca2b5400a23d1e8dbc", 0x6d}, {&(0x7f0000004f40)="04c83049e71d", 0x6}], 0x6, &(0x7f0000005040)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7f}}, @ip_retopts={{0x30, 0x0, 0x7, {[@timestamp={0x44, 0x20, 0x58, 0x0, 0x3, [0x4286, 0x2dde, 0x1, 0x6, 0x800, 0x3, 0x1]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010102, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xff}}, @ip_ttl={{0x14, 0x0, 0x2, 0x2}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}}}}], 0xb8}}, {{0x0, 0x0, &(0x7f0000005240)=[{&(0x7f0000005140)="d2262ad42b3841ace2e3642fb73be9c77c80276de03fecf4c02bbdec610c8d0c6dea14fa85c740a52dd321dee7b8c2177783eb29f545dd7f16cc0b598e1c6240a36d90158cdd83051ce3bf9961ab4cf5f6d43929438982effcea3558f28e2b785c316dad0e4858d82e2644d3bd18cd48a021b78eaf5fc4901f698a52d60127151efc4e75", 0x84}, {&(0x7f0000005380)="0bdb44ca8e6563748d58308dec74c1bae66a8299b89ee090572f53de3335edcb1a850464ba77d933691c23de3e25c96b2b0094adcfa82bacccca5b684cf6b6c1d4176578e2e07b216c157e5e96d2a1b51ffda63778ce042e5e9ec33a3a3924048145e0e48938a50f4c2c131565136b1b7bf86d3a475f43e3bd03618277f29b40574db349d3772c3b09a92609d60633c62a683153ac2b92005ab143b9e62813cb5685c0cf810acd80ba9a493e7ebab858510c8416d8b35e9faa33ede2c8096eb4cd", 0xc1}], 0x2, &(0x7f0000005480)=[@ip_ttl={{0x14, 0x0, 0x2, 0x400}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x7818}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x100}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1f}}, @ip_retopts={{0x18, 0x0, 0x7, {[@noop, @timestamp_addr={0x44, 0x4, 0xeb, 0x1, 0xe}]}}}], 0x78}}, {{&(0x7f0000005540)={0x2, 0x4e23, @private=0xa010100}, 0x10, &(0x7f0000006740), 0x0, &(0x7f0000003000)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x3}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}, @ip_retopts={{0x9c, 0x0, 0x7, {[@ssrr={0x89, 0x13, 0x8d, [@private, @multicast1, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @generic={0x7, 0x7, "6fcbbf500d"}, @noop, @timestamp_addr={0x44, 0xc, 0xc1, 0x1, 0x6, [{@dev={0xac, 0x14, 0x14, 0x31}, 0xffffffc0}]}, @timestamp_addr={0x44, 0x34, 0x76, 0x1, 0xe, [{@local, 0x8}, {@multicast1, 0x5c}, {@multicast2, 0x3}, {@multicast2, 0x6}, {@dev={0xac, 0x14, 0x14, 0x2f}, 0x6}, {@broadcast, 0x8d5d}]}, @lsrr={0x83, 0x1b, 0xd0, [@empty, @local, @empty, @empty, @multicast1, @multicast1]}, @rr={0x7, 0x13, 0xe2, [@dev={0xac, 0x14, 0x14, 0x35}, @remote, @dev={0xac, 0x14, 0x14, 0x2f}, @multicast2]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @private=0xa010100, @local}}}], 0x108}}, {{&(0x7f0000006980)={0x2, 0x4e21, @private=0xa010101}, 0x10, &(0x7f0000007b00)=[{&(0x7f00000069c0)="54c630db", 0x4}, {&(0x7f0000006a00)="a1c04d2ea46a25287826ed89f19033d3000bf29971540a5247da52ad4701cfc539b6df5a1cd976dda2de493f449d3577ebdc5cb7b168e86cc7fa3dd3dde958367b47e117cc17fb90c8b452f43d80988f773f8d8cc065b74dd4152d02075dc7a3613dbe091388b0ee33d1be0a012efe7b30b36c0e1632238a", 0x78}, {&(0x7f0000007a80)="4fc1e6f28ed816db5a0998e96b562645c99402e264aa35bc56979921e22f9534b9ff7c24a73e686332de0ec66410deaf351ff1ef91d12ec459ebbbf5576ffaad65a94d7bf8a52de669905a39e33671c91767ff3e0e33540b631b5f9473b367bf6899b3cf96d990751769c45cc3", 0x6d}], 0x3, &(0x7f0000007c00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @dev={0xac, 0x14, 0x14, 0x3c}, @local}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x7fff}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @multicast1, @remote}}}], 0x58}}, {{&(0x7f0000007c80)={0x2, 0x4e23, @private=0xa010100}, 0x10, &(0x7f0000007f00)=[{&(0x7f0000007cc0)="9ae01e756e5d4e83ee5ff87cc44c596adba373711fc43c02c79612b79a0efadcda34410db118b471d075c4ae657e995763999b73e5742152ca5d38adde2256eef9c39650a4c801a56974b3def28bea95c4d762ca485175127cc245a4e020f587bbc7e757ed35af428b9f70592c14bc8edc5a7a875d8c0e6c91776476c236fca6ae24fcfe8888338d5774f1febae311f14177a27b4a5b456ad31d8fabee0a1fbe1ae81426eda5bf73428c135520620473039a009ed62c4c469d6706db2fe4454c3dd035b2837baa75690c44c2d0d8084ae670b19e2cb5bc7300852a896e01d816c7ed63a4a1e4493dd960fca5234f943ef39c", 0xf2}, {&(0x7f0000007dc0)="fcc4285fb94f93752a1d9654ee79d7f11ccc592bf606fffd12280cbe7192f643c074cfa4", 0x24}, {&(0x7f0000007e00)="31fd33fc44b33e87b7b2b06055932abb497324bfd15f8face1764eba6bc36266d6c07e708641e79214fec11c04c6c86e5062626a2d45db84a7f68f5b77103634f501cec93b956a8df98c2847467ef13dd96cc1a820383925e7d505b52191f13b66fec1e75feb6bd0d22a95bc99fbff78d8ac0cd168c5c5e64b51dc24ebd28403783eb816d99c14e7d589221adde65a5399b479bdad280f3e217bbd18425870d6bb0d9814adceb00392cccb1ab19bd2e31a7190970f59d34a1aece6e4b34889f8521e7d8e30c88888b54abc4f75d91fbd6c4795f60c309b247e40ae58b029f22a7bf5699af59f4e8b089b4a44f7333f67c17431", 0xf3}], 0x3, &(0x7f0000007f40)=[@ip_retopts={{0x44, 0x0, 0x7, {[@lsrr={0x83, 0x3}, @ssrr={0x89, 0x1b, 0x4e, [@broadcast, @multicast1, @loopback, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x28}]}, @end, @lsrr={0x83, 0x13, 0xf5, [@private=0xa010101, @rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast]}, @end]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x80000001}}], 0x78}}, {{&(0x7f0000008000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x40}}, 0x10, &(0x7f00000080c0)=[{&(0x7f0000008040)="af4df645989fb1778f62d47dee3c665c394b9c9fdc228a3a748f3b35849580fd74d1bd49b7b2b19ceb779b756f27560d90a0385d911611951917183ebc0b585bd24e793e59a54743db630fbf06d343d2e4fab5906c04850ec78b06b0de215789c93eb4", 0x63}], 0x1, &(0x7f0000008180)=[@ip_ttl={{0x14, 0x0, 0x2, 0x10000}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @local, @multicast2}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xfffffff9}}, @ip_ttl={{0x14, 0x0, 0x2, 0x401}}], 0x80}}], 0x8, 0x0)
socket$inet6_sctp(0xa, 0x0, 0x84)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x24, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000100001"], 0x50}}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000680)=ANY=[@ANYBLOB="58000000000901010000000000000000000000001000048008000140000000000000ffdf14000280080001000000000008000200ac1414000800054000000000090001"], 0x58}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
pipe(&(0x7f0000000080))
sendmsg$SMC_PNETID_FLUSH(r1, &(0x7f0000000600)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x30, 0x0, 0x100, 0x70bd2d, 0x25dfdbfe, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
read(r0, &(0x7f00000000c0)=""/97, 0x3b)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000))

809.620907ms ago: executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x55}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

764.382443ms ago: executing program 3:
r0 = socket$inet(0x2, 0x800, 0x3d)
shutdown(0xffffffffffffffff, 0x1)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r3=>0x0})
sendto$packet(r1, &(0x7f0000000180)="02030e00d3fc02000000ab5d71acedd7c9560385dcb18906", 0x18, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14)
r4 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r6=>0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r8=>0x0})
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r8, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_FRAME(r10, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000880)={0x4c, r11, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r12}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16ad}], @NL80211_ATTR_FRAME={0x24, 0x33, @assoc_resp={{{}, {}, @device_a, @device_a, @from_mac=@device_b}, 0x0, 0x0, @default, @val, @void}}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}]}, 0x4c}}, 0x0)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001440)={0x1c, r13, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}}, 0x0)
setsockopt$sock_int(r4, 0x1, 0x3e, &(0x7f00000000c0)=0x207, 0x4)
r14 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r14}, 0x0, &(0x7f0000000280)}, 0x20)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000180), 0x2009)
sendmmsg(r4, &(0x7f0000000740), 0x0, 0x0)
recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
bind$packet(r2, &(0x7f00000003c0)={0x11, 0xf5, r3, 0x1, 0x2}, 0x14)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00'}, 0x90)

707.202959ms ago: executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x0, 0x0, 0x100, 0x0, 0x0, 0x1}, 0x48)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0x1e, &(0x7f0000000040), 0xc)

649.927496ms ago: executing program 4:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000200000000d9d0363db5f38229f4ffffffffff52ce544bb5ef104ac9e6"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r3=>0xffffffffffffffff})
pipe(&(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
write$binfmt_script(r2, 0x0, 0xb)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xf3a, 0x2)
write$binfmt_misc(r5, &(0x7f0000000240)=ANY=[], 0xfdef)
splice(r1, 0x0, r4, 0x0, 0x80, 0x2)
write(r3, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x6, 0xab, 0xdc2, 0x1, 0x400, 0xffffffffffffffff, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x3}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000240)={{0x1, <r6=>0xffffffffffffffff}, &(0x7f00000001c0), &(0x7f0000000200)='%pB    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={r6}, 0x4)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000100000000000f0000002400078008000200040000000c000400003f0000140000000c0003"], 0x38}}, 0x0)

614.695166ms ago: executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000020240), 0x10010)
r1 = socket(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @remote, 0x34}]}, &(0x7f0000002100)=0x10)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x3, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}}, &(0x7f0000003c00)=0x90)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r0, 0x0)

285.230533ms ago: executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newlink={0x40, 0x10, 0x421, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_MACSEC_CIPHER_SUITE={0xc}]}}}]}, 0x40}}, 0x0)

199.001404ms ago: executing program 4:
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='4'], 0x34}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00'}, 0x30)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.empty_time\x00', 0x275a, 0x0)
write$cgroup_pid(r1, &(0x7f0000000040), 0x3fffff)

186.055697ms ago: executing program 3:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x4, &(0x7f0000000040)=@framed={{}, [@alu={0x7, 0x1, 0xb, 0x0, 0x0, 0x20}]}, &(0x7f0000000080)='GPL\x00', 0x9}, 0x90)

118.584998ms ago: executing program 3:
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000340)="05000000010000", 0x7)

2.1414ms ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x16, 0x14, &(0x7f00000000c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}, @printk={@ld, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x73}}]}, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x10, 0x38, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/8, 0x60ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

0s ago: executing program 3:
syz_emit_ethernet(0x8a, &(0x7f0000000100)={@local, @link_local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x7c, 0x0, 0x0, 0x0, 0x21, 0x0, @private, @broadcast}, @redirect={0x5, 0x0, 0x0, @private=0xa010102, {0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @dev, {[@rr={0x7, 0x13, 0x0, [@multicast2, @private, @broadcast, @broadcast]}, @end, @timestamp={0x44, 0x28, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @lsrr={0x83, 0x3}, @cipso={0x86, 0x6}, @generic={0x0, 0x4, "c48f"}]}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

 port 6081 - 0
[   98.726709][ T5123] veth0_vlan: entered promiscuous mode
[   98.760584][ T5115] veth0_vlan: entered promiscuous mode
[   98.780412][ T5120] Bluetooth: hci0: command tx timeout
[   98.812885][ T5123] veth1_vlan: entered promiscuous mode
[   98.822451][ T5115] veth1_vlan: entered promiscuous mode
[   98.870210][ T5120] Bluetooth: hci1: command tx timeout
[   98.925656][ T5201] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[   98.940994][ T5121] Bluetooth: hci2: command tx timeout
[   98.946457][ T5121] Bluetooth: hci3: command tx timeout
[   98.952976][ T5120] Bluetooth: hci4: command tx timeout
[   98.964686][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.973874][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.986630][ T5201] raw_sendmsg: syz-executor.2 forgot to set AF_INET. Fix it!
[   99.086342][ T5123] veth0_macvtap: entered promiscuous mode
[   99.101400][ T5203] syz-executor.2 uses obsolete (PF_INET,SOCK_PACKET)
[   99.121320][ T5123] veth1_macvtap: entered promiscuous mode
[   99.128758][ T5115] veth0_macvtap: entered promiscuous mode
[   99.143648][ T5115] veth1_macvtap: entered promiscuous mode
[   99.162924][ T2485] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.178325][ T2485] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.218342][ T5115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.231911][ T5115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.241956][ T5115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.252899][ T5115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.264793][ T5115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.275562][ T5115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.286737][ T5115] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.308910][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.317008][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.335211][ T5123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.346688][ T5123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.357696][ T5123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.368867][ T5123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.379260][ T5123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.391710][ T5123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.401768][ T5123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.413480][ T5123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.425301][ T5123] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.452406][ T5115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.463791][ T5115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.474316][ T5115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.503395][ T5115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.516284][ T5115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.527656][ T5115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.544815][ T5115] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.557628][ T5123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.569599][ T5123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.589810][ T5123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.604255][ T5123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.620085][ T5123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.631733][ T5123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.642131][ T5123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.652639][ T5123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.667831][ T5123] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.684388][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.688006][ T5208] netlink: 'syz-executor.0': attribute type 30 has an invalid length.
[   99.699882][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.709666][ T5208] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.0'.
[   99.730259][ T5208] bond0: option arp_missed_max: invalid value (0)
[   99.736743][ T5208] bond0: option arp_missed_max: allowed values 1 - 255
[   99.764169][ T5123] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.789821][ T5123] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.807707][ T5123] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.828928][ T5123] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.912514][ T5115] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.924466][ T5115] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.959906][ T5115] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.968647][ T5115] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.009029][ T5217] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  100.117379][ T5221] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  100.277917][ T2485] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.316741][ T2485] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.456087][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.467440][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.594582][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.615639][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.733611][ T1108] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.758539][ T5240] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  100.780845][ T1108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.865712][ T5121] Bluetooth: hci0: command tx timeout
[  100.941397][ T5121] Bluetooth: hci1: command tx timeout
[  101.021114][ T5121] Bluetooth: hci3: command tx timeout
[  101.022810][ T5127] Bluetooth: hci2: command tx timeout
[  101.033733][ T5120] Bluetooth: hci4: command tx timeout
[  101.228580][ T5263] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  101.282520][ T5266] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  101.360945][ T5268] macvlan0: entered allmulticast mode
[  101.366391][ T5268] veth1_vlan: entered allmulticast mode
[  101.514153][ T5271] pim6reg: entered allmulticast mode
[  102.538230][ T5322] netlink: 'syz-executor.4': attribute type 30 has an invalid length.
[  102.559053][ T5322] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.4'.
[  102.596153][ T5322] bond0: option arp_missed_max: invalid value (0)
[  102.628235][ T5322] bond0: option arp_missed_max: allowed values 1 - 255
[  103.039909][   T29] audit: type=1804 audit(1719012297.400:2): pid=5343 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2286983550/syzkaller.j9SsAl/7/cgroup.controllers" dev="sda1" ino=1960 res=1 errno=0
[  103.068385][ T5344] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  103.114921][ T5344] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  103.513514][ T5365] netlink: 'syz-executor.1': attribute type 9 has an invalid length.
[  103.546350][ T5365] netlink: 'syz-executor.1': attribute type 7 has an invalid length.
[  103.581069][ T5365] netlink: 'syz-executor.1': attribute type 8 has an invalid length.
[  103.977008][ T5387] veth0: entered promiscuous mode
[  104.050228][ T5387] veth0: left promiscuous mode
[  104.714304][ T5426] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  104.978743][ T5442] macvlan0: entered allmulticast mode
[  105.028912][ T5442] veth1_vlan: entered allmulticast mode
[  105.078885][ T5447] pim6reg: entered allmulticast mode
[  105.137060][ T5452] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  105.154167][ T5452] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  105.505428][ T5470] hsr0: entered promiscuous mode
[  106.018668][   T29] audit: type=1804 audit(1719012300.380:3): pid=5501 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2701770529/syzkaller.KNVQ3s/30/cgroup.controllers" dev="sda1" ino=1964 res=1 errno=0
[  106.133038][ T5490] warning: `syz-executor.0' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  106.318591][ T5512] netlink: 'syz-executor.4': attribute type 9 has an invalid length.
[  106.357042][ T5512] netlink: 'syz-executor.4': attribute type 7 has an invalid length.
[  106.399886][ T5512] netlink: 'syz-executor.4': attribute type 8 has an invalid length.
[  106.939658][ T5537] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  107.021644][ T5540] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  107.175146][ T5548] syz-executor.2 uses old SIOCAX25GETINFO
[  107.447751][ T5561] Bluetooth: MGMT ver 1.22
[  107.454918][ T5561] Bluetooth: hci3: invalid length 0, exp 2 for type 2
[  107.468523][ T5563] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.4'.
[  107.569404][   T29] audit: type=1800 audit(1719012301.930:4): pid=5562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="memory.events" dev="sda1" ino=1944 res=0 errno=0
[  107.614345][   T29] audit: type=1804 audit(1719012301.940:5): pid=5562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir2701770529/syzkaller.KNVQ3s/36/memory.events" dev="sda1" ino=1944 res=1 errno=0
[  107.834421][ T5575] syzkaller1: entered promiscuous mode
[  107.846124][ T5575] syzkaller1: entered allmulticast mode
[  108.026046][ T5586] Illegal XDP return value 4294967262 on prog  (id 34) dev N/A, expect packet loss!
[  108.083162][ T5582] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.103065][ T5582] team0: Port device bond0 added
[  108.193586][ T5590] team0: Port device team_slave_0 removed
[  108.201186][ T5590] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  108.298316][ T5582] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[  108.331332][ T5600] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  108.395542][ T5600] 8021q: adding VLAN 0 to HW filter on device bond1
[  108.426506][ T5597] batadv1: entered allmulticast mode
[  108.578920][ T5601] 8021q: adding VLAN 0 to HW filter on device bond1
[  108.606804][ T5601] bond1: (slave ip6tnl1): The slave device specified does not support setting the MAC address
[  108.627652][ T5601] bond1: (slave ip6tnl1): Error -95 calling set_mac_address
[  108.938305][ T5622] syzkaller1: entered promiscuous mode
[  108.983691][ T5622] syzkaller1: entered allmulticast mode
[  109.191480][   T29] audit: type=1804 audit(1719012303.550:6): pid=5633 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1503388566/syzkaller.h1wLA2/33/cgroup.controllers" dev="sda1" ino=1953 res=1 errno=0
[  109.249833][   T29] audit: type=1804 audit(1719012303.610:7): pid=5628 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir695058200/syzkaller.peW2Qe/32/cgroup.controllers" dev="sda1" ino=1957 res=1 errno=0
[  109.608260][ T5647] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  109.708356][ T5647] 8021q: adding VLAN 0 to HW filter on device bond1
[  109.848384][ T5651] 8021q: adding VLAN 0 to HW filter on device bond1
[  109.863766][ T5651] bond1: (slave ip6tnl1): The slave device specified does not support setting the MAC address
[  109.876217][ T5651] bond1: (slave ip6tnl1): Error -95 calling set_mac_address
[  109.989091][ T5652] syzkaller0: entered promiscuous mode
[  109.999339][ T5652] syzkaller0: entered allmulticast mode
[  110.486472][ T5672] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  111.524263][ T5669] veth0: entered promiscuous mode
[  111.534031][ T5669] veth0: left promiscuous mode
[  111.786423][ T5689] tipc: Started in network mode
[  111.811071][ T5689] tipc: Node identity aaaaaaaaaa3, cluster identity 4711
[  111.836515][ T5689] tipc: Enabled bearer <eth:ipvlan0>, priority 0
[  111.854151][ T5694] tipc: Enabled bearer <ib:caif0>, priority 0
[  111.973207][   T29] audit: type=1804 audit(1719012306.340:8): pid=5692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1605289000/syzkaller.zYp1UV/40/cgroup.controllers" dev="sda1" ino=1963 res=1 errno=0
[  112.040729][ T5699] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  112.578719][ T5717] 8021q: adding VLAN 0 to HW filter on device bond0
[  112.632982][ T5717] team0: Port device bond0 added
[  112.784333][ T5717] team0: Port device team_slave_0 removed
[  112.811430][ T5717] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  112.838172][   T29] audit: type=1804 audit(1719012307.200:9): pid=5730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2286983550/syzkaller.j9SsAl/31/cgroup.controllers" dev="sda1" ino=1960 res=1 errno=0
[  112.917173][ T5717] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'.
[  112.951053][ T5171] tipc: Node number set to 10136234
[  113.009657][ T5738] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  113.615175][ T5765] IPv6: NLM_F_REPLACE set, but no existing node found!
[  113.670069][ T5768] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'.
[  114.416852][ T5806] IPv6: NLM_F_REPLACE set, but no existing node found!
[  114.949341][ T5833] IPv6: NLM_F_REPLACE set, but no existing node found!
[  115.190991][ T5836] dccp_xmit_packet: Payload too large (65475) for featneg.
[  115.228135][ T5836] dccp_close: ABORT with 65475 bytes unread
[  115.250152][ T5836] sctp: [Deprecated]: syz-executor.0 (pid 5836) Use of int in maxseg socket option.
[  115.250152][ T5836] Use struct sctp_assoc_value instead
[  115.398665][ T5845] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'.
[  115.626853][ T5855] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  115.755177][ T5861] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  115.989527][ T5861] 8021q: adding VLAN 0 to HW filter on device bond2
[  116.017786][ T5865] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  116.095920][ T5866] 8021q: adding VLAN 0 to HW filter on device bond2
[  116.147856][ T5866] bond2: (slave ip6tnl1): The slave device specified does not support setting the MAC address
[  116.171468][ T5866] bond2: (slave ip6tnl1): Error -95 calling set_mac_address
[  116.378062][ T5884] dccp_xmit_packet: Payload too large (65475) for featneg.
[  116.454376][ T5882] dccp_close: ABORT with 65475 bytes unread
[  116.486063][ T5882] sctp: [Deprecated]: syz-executor.4 (pid 5882) Use of int in maxseg socket option.
[  116.486063][ T5882] Use struct sctp_assoc_value instead
[  117.183346][ T5911] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  117.211210][ T5911] netlink: 112848 bytes leftover after parsing attributes in process `syz-executor.0'.
[  117.223205][ T5911] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  117.266779][ T5911] bond0: option miimon: invalid value (18446744073072082944)
[  117.330358][ T5911] bond0: option miimon: allowed values 0 - 2147483647
[  117.432755][ T5920] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  117.448888][ T5920] netlink: 'syz-executor.1': attribute type 18 has an invalid length.
[  117.477713][ T5920] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  117.487753][ T5920] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  117.497206][ T5920] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  117.506182][ T5920] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  117.542927][ T5920] vxlan0: entered promiscuous mode
[  117.610223][ T5923] ip6_tunnel: non-ECT from fc00:0000:0800:0000:0000:0000:0000:0000 with DS=0x2
[  117.971825][ T5931] batadv1: entered allmulticast mode
[  118.599423][ T5955] dccp_xmit_packet: Payload too large (65475) for featneg.
[  118.616075][ T5955] dccp_close: ABORT with 65475 bytes unread
[  118.632906][ T5955] sctp: [Deprecated]: syz-executor.1 (pid 5955) Use of int in maxseg socket option.
[  118.632906][ T5955] Use struct sctp_assoc_value instead
[  118.747074][ T5963] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  118.782515][ T5963] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  118.792695][ T5965] xt_CT: You must specify a L4 protocol and not use inversions on it
[  118.802371][ T5963] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.2'.
[  119.221224][ T5974] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  119.241326][ T5974] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  119.673222][ T5999] dccp_xmit_packet: Payload too large (65475) for featneg.
[  119.711115][ T5999] dccp_close: ABORT with 65475 bytes unread
[  119.743635][ T5997] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  119.820758][ T6001] batadv1: entered allmulticast mode
[  119.840441][ T5993] sctp: [Deprecated]: syz-executor.1 (pid 5993) Use of int in maxseg socket option.
[  119.840441][ T5993] Use struct sctp_assoc_value instead
[  119.883594][ T5997] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[  120.037143][ T6011] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  120.068200][ T6012] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  120.099319][ T6012] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.3'.
[  120.395039][ T6020] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  121.112525][ T6054] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  121.144566][ T6054] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  121.173543][ T6054] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.2'.
[  121.261691][ T5116] syz-executor.1 (5116) used greatest stack depth: 18448 bytes left
[  122.073153][ T6088] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  122.113651][ T6088] netlink: 'syz-executor.3': attribute type 2 has an invalid length.
[  122.206357][ T5127] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  122.215984][ T5127] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  122.227982][ T5127] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  122.236905][ T5127] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  122.250452][ T5127] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  122.258974][ T5127] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  122.658774][ T6116] __nla_validate_parse: 3 callbacks suppressed
[  122.658795][ T6116] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  123.108746][   T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  123.141194][   T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.300786][ T5120] Bluetooth: hci2: command tx timeout
[  124.321131][ T6132] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'.
[  124.413088][   T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  124.423514][   T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.467159][ T6146] ip6_tunnel: non-ECT from fc00:0000:0800:0000:0000:0000:0000:0000 with DS=0x2
[  124.520300][   T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  124.530861][   T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.545048][ T6096] chnl_net:caif_netlink_parms(): no params data found
[  124.600990][   T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  124.612344][   T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.674056][ T6155] netlink: 'syz-executor.0': attribute type 5 has an invalid length.
[  124.885015][ T6096] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.919966][ T6096] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.942251][ T6096] bridge_slave_0: entered allmulticast mode
[  124.963785][ T6096] bridge_slave_0: entered promiscuous mode
[  124.989650][ T6096] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.996944][ T6096] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.036205][ T6096] bridge_slave_1: entered allmulticast mode
[  125.050229][ T6096] bridge_slave_1: entered promiscuous mode
[  125.137612][   T29] audit: type=1804 audit(1719012319.500:10): pid=6164 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1605289000/syzkaller.zYp1UV/75/cgroup.controllers" dev="sda1" ino=1945 res=1 errno=0
[  125.164760][ T6166] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  125.209337][ T6171] Zero length message leads to an empty skb
[  125.360321][ T6173] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'.
[  125.426967][ T6096] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  125.479529][ T6096] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  125.732813][ T6096] team0: Port device team_slave_0 added
[  125.801906][ T6096] team0: Port device team_slave_1 added
[  125.955875][   T11] bridge_slave_1: left allmulticast mode
[  125.963300][   T11] bridge_slave_1: left promiscuous mode
[  125.970871][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.034742][   T11] bridge_slave_0: left allmulticast mode
[  126.054023][   T11] bridge_slave_0: left promiscuous mode
[  126.077576][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.380466][ T5120] Bluetooth: hci2: command tx timeout
[  126.401541][ T6215] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  126.412936][ T6215] netlink: 128636 bytes leftover after parsing attributes in process `syz-executor.0'.
[  126.617171][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  126.629302][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  126.642105][   T11] bond0 (unregistering): Released all slaves
[  126.659115][ T6096] batman_adv: batadv0: Adding interface: batadv_slave_0
[  126.666391][ T6096] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  126.708455][ T6096] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  126.724464][ T6096] batman_adv: batadv0: Adding interface: batadv_slave_1
[  126.745168][ T6096] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  126.809155][ T6096] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  126.858849][ T6220] netlink: 'syz-executor.4': attribute type 21 has an invalid length.
[  126.946476][ T6222] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.2'.
[  127.004383][ T6228] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.4'.
[  127.214209][ T6096] hsr_slave_0: entered promiscuous mode
[  127.242561][ T6096] hsr_slave_1: entered promiscuous mode
[  127.292591][ T6096] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  127.321928][ T6096] Cannot create hsr debugfs directory
[  127.410848][ T6235] netlink: 'syz-executor.0': attribute type 33 has an invalid length.
[  127.502446][ T6238] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.0'.
[  127.534664][ T6238] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.0'.
[  127.836014][   T11] hsr_slave_0: left promiscuous mode
[  127.886283][   T11] hsr_slave_1: left promiscuous mode
[  127.920506][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  127.957929][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  127.999119][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  128.014930][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  128.067821][   T11] veth1_macvtap: left promiscuous mode
[  128.075726][   T11] veth0_macvtap: left promiscuous mode
[  128.086940][   T11] veth1_vlan: left allmulticast mode
[  128.094915][   T11] veth1_vlan: left promiscuous mode
[  128.104631][   T11] veth0_vlan: left promiscuous mode
[  128.384208][   T11] pim6reg (unregistering): left allmulticast mode
[  128.460174][ T5120] Bluetooth: hci2: command tx timeout
[  128.504242][   T11] macvlan0 (unregistering): left allmulticast mode
[  128.732782][   T11] team0 (unregistering): Port device team_slave_1 removed
[  128.770600][   T11] team0 (unregistering): Port device team_slave_0 removed
[  129.546252][ T6297] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.3'.
[  130.049340][ T6322] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  130.213332][ T6322] 8021q: adding VLAN 0 to HW filter on device bond1
[  130.540547][ T5120] Bluetooth: hci2: command tx timeout
[  130.799262][ T6096] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  130.837385][ T6096] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  131.017055][ T6372] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  131.060052][ T6372] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.3'.
[  131.211572][ T6373] team0 (unregistering): Port device team_slave_0 removed
[  131.236628][ T6373] team0 (unregistering): Port device team_slave_1 removed
[  131.264149][ T6096] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  132.484394][ T6096] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  133.069458][ T6096] 8021q: adding VLAN 0 to HW filter on device bond0
[  133.152264][ T6096] 8021q: adding VLAN 0 to HW filter on device team0
[  133.186302][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  133.194197][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  133.264697][ T1246] ieee802154 phy0 wpan0: encryption failed: -22
[  133.273405][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  133.280641][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  133.288636][ T1246] ieee802154 phy1 wpan1: encryption failed: -22
[  133.377805][ T6419] sctp: [Deprecated]: syz-executor.2 (pid 6419) Use of struct sctp_assoc_value in delayed_ack socket option.
[  133.377805][ T6419] Use struct sctp_sack_info instead
[  133.723909][ T6435] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  133.838368][ T6442] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  133.914085][ T6444] lo: Caught tx_queue_len zero misconfig
[  133.985359][ T6446] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  134.014896][ T6449] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  134.093682][ T6096] 8021q: adding VLAN 0 to HW filter on device batadv0
[  134.330247][ T6096] veth0_vlan: entered promiscuous mode
[  134.364561][ T6096] veth1_vlan: entered promiscuous mode
[  134.505916][ T6096] veth0_macvtap: entered promiscuous mode
[  134.571840][ T6096] veth1_macvtap: entered promiscuous mode
[  134.656401][ T6096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.709801][ T6096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.733255][ T6096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.757621][ T6096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.773531][ T6096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.786720][ T6096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.805194][ T6096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.816284][ T6096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.835059][ T6096] batman_adv: batadv0: Interface activated: batadv_slave_0
[  134.849398][ T6096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  134.873462][ T6096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.893787][ T6096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  134.912071][ T6096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.943830][ T6096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  134.962289][ T6096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.994447][ T6096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.034644][ T6096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.061488][ T6096] batman_adv: batadv0: Interface activated: batadv_slave_1
[  135.137837][ T6096] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  135.172666][ T6096] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  135.213831][ T6096] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  135.239870][ T6096] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  135.552813][ T2485] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  135.553406][ T6507] veth1_to_bridge: entered allmulticast mode
[  135.589658][ T2485] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  135.648159][ T6507] veth1_to_bridge: left allmulticast mode
[  135.681359][ T6501] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  135.734760][ T6501] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  135.821014][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  135.847580][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  136.138748][ T6530] syzkaller1: entered promiscuous mode
[  136.156639][ T6533] sctp: [Deprecated]: syz-executor.0 (pid 6533) Use of struct sctp_assoc_value in delayed_ack socket option.
[  136.156639][ T6533] Use struct sctp_sack_info instead
[  136.160406][ T6530] syzkaller1: entered allmulticast mode
[  137.005996][ T6574] sctp: [Deprecated]: syz-executor.2 (pid 6574) Use of struct sctp_assoc_value in delayed_ack socket option.
[  137.005996][ T6574] Use struct sctp_sack_info instead
[  137.654152][ T6597] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  137.682630][ T6598] netlink: 11 bytes leftover after parsing attributes in process `syz-executor.4'.
[  138.002770][ T6610] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.4'.
[  138.125708][ T6610] Êüä^q: entered promiscuous mode
[  138.143570][ T6614] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.1'.
[  138.445287][ T6628] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  138.622682][ T6636] netlink: 11 bytes leftover after parsing attributes in process `syz-executor.0'.
[  138.673681][ T6638] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  138.825550][ T6643] veth1_to_bridge: entered allmulticast mode
[  138.856136][ T6643] veth1_to_bridge: left allmulticast mode
[  139.159019][ T6658] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.3'.
[  139.251492][ T6666] netlink: 11 bytes leftover after parsing attributes in process `syz-executor.2'.
[  139.567734][ T6679] batman_adv: batadv0: adding TT local entry 4a:c8:93:75:00:00 to non-existent VLAN 2358
[  139.821560][ T6690] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  140.180848][ T6707] netlink: 'syz-executor.3': attribute type 5 has an invalid length.
[  140.189092][ T6707] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  140.515020][   T29] audit: type=1804 audit(1719012334.880:11): pid=6732 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2286983550/syzkaller.j9SsAl/109/memory.events" dev="sda1" ino=1964 res=1 errno=0
[  140.586826][   T29] audit: type=1804 audit(1719012334.880:12): pid=6732 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir2286983550/syzkaller.j9SsAl/109/memory.events" dev="sda1" ino=1964 res=1 errno=0
[  140.663586][   T29] audit: type=1804 audit(1719012334.880:13): pid=6732 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir2286983550/syzkaller.j9SsAl/109/memory.events" dev="sda1" ino=1964 res=1 errno=0
[  140.744732][   T29] audit: type=1804 audit(1719012334.880:14): pid=6732 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir2286983550/syzkaller.j9SsAl/109/memory.events" dev="sda1" ino=1964 res=1 errno=0
[  141.527645][   T29] audit: type=1804 audit(1719012335.890:15): pid=6777 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1605289000/syzkaller.zYp1UV/115/memory.events" dev="sda1" ino=1965 res=1 errno=0
[  141.598856][   T29] audit: type=1804 audit(1719012335.940:16): pid=6777 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir1605289000/syzkaller.zYp1UV/115/memory.events" dev="sda1" ino=1965 res=1 errno=0
[  141.719245][   T29] audit: type=1804 audit(1719012335.940:17): pid=6777 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir1605289000/syzkaller.zYp1UV/115/memory.events" dev="sda1" ino=1965 res=1 errno=0
[  141.810195][   T29] audit: type=1804 audit(1719012335.970:18): pid=6777 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir1605289000/syzkaller.zYp1UV/115/memory.events" dev="sda1" ino=1965 res=1 errno=0
[  142.657822][ T6817] netlink: 'syz-executor.0': attribute type 10 has an invalid length.
[  142.902420][ T6829] __nla_validate_parse: 1 callbacks suppressed
[  142.902442][ T6829] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  143.088559][ T6840] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  143.132808][ T6840] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  143.291798][ T6853] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  143.584583][ T6869] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  143.863016][ T6881] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  143.889865][ T6881] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  143.950034][ T6881] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  143.964759][ T6886] sctp: [Deprecated]: syz-executor.3 (pid 6886) Use of int in max_burst socket option.
[  143.964759][ T6886] Use struct sctp_assoc_value instead
[  143.998906][ T6885] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  144.698643][ T6922] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  145.048488][ T6943] Bluetooth: hci3: unsupported parameter 64512
[  145.059917][ T6943] Bluetooth: hci3: invalid length 0, exp 2 for type 1
[  145.330818][ T6957] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  145.503909][ T6964] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.3'.
[  145.523097][ T6964] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.3'.
[  145.715636][ T6975] Bluetooth: hci3: unsupported parameter 64512
[  145.732978][ T6975] Bluetooth: hci3: invalid length 0, exp 2 for type 1
[  145.922779][ T6982] xt_hashlimit: Unknown mode mask 242, kernel too old?
[  147.469607][ T6972] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  147.481997][ T6972] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  147.492936][ T6987] netlink: 'syz-executor.0': attribute type 10 has an invalid length.
[  147.608176][ T6998] tipc: MTU too low for tipc bearer
[  147.722397][ T7005] Bluetooth: MGMT ver 1.22
[  147.761406][ T7005] netlink: 'syz-executor.0': attribute type 14 has an invalid length.
[  148.024601][ T7023] xt_hashlimit: Unknown mode mask 242, kernel too old?
[  148.207509][ T7034] tipc: MTU too low for tipc bearer
[  148.396251][ T7040] netlink: 'syz-executor.4': attribute type 3 has an invalid length.
[  148.693095][ T7054] xt_CONNSECMARK: invalid mode: 0
[  150.232978][ T7053] __nla_validate_parse: 1 callbacks suppressed
[  150.232992][ T7053] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  150.271546][ T7070] tipc: MTU too low for tipc bearer
[  150.467696][ T7078] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  150.504672][   T29] audit: type=1804 audit(1719012344.870:19): pid=7081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir695058200/syzkaller.peW2Qe/179/memory.events" dev="sda1" ino=1945 res=1 errno=0
[  150.568808][   T29] audit: type=1804 audit(1719012344.880:20): pid=7081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir695058200/syzkaller.peW2Qe/179/memory.events" dev="sda1" ino=1945 res=1 errno=0
[  150.578234][ T7085] netlink: 'syz-executor.3': attribute type 3 has an invalid length.
[  150.602973][   T29] audit: type=1804 audit(1719012344.890:21): pid=7081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir695058200/syzkaller.peW2Qe/179/memory.events" dev="sda1" ino=1945 res=1 errno=0
[  150.603021][   T29] audit: type=1804 audit(1719012344.890:22): pid=7081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir695058200/syzkaller.peW2Qe/179/memory.events" dev="sda1" ino=1945 res=1 errno=0
[  150.697603][ T7089] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  150.719827][ T7085] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.3'.
[  150.779961][ T7085] netlink: 88 bytes leftover after parsing attributes in process `syz-executor.3'.
[  150.803765][ T7090] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  151.061446][ T7108] tipc: MTU too low for tipc bearer
[  151.184515][ T7115] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  151.341003][ T7122] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  151.409079][   T29] audit: type=1804 audit(1719012345.770:23): pid=7127 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1236981935/syzkaller.eH77jQ/42/memory.events" dev="sda1" ino=1960 res=1 errno=0
[  151.445284][   T29] audit: type=1804 audit(1719012345.800:24): pid=7127 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir1236981935/syzkaller.eH77jQ/42/memory.events" dev="sda1" ino=1960 res=1 errno=0
[  151.473308][   T29] audit: type=1804 audit(1719012345.810:25): pid=7127 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir1236981935/syzkaller.eH77jQ/42/memory.events" dev="sda1" ino=1960 res=1 errno=0
[  151.499620][   T29] audit: type=1804 audit(1719012345.830:26): pid=7127 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir1236981935/syzkaller.eH77jQ/42/memory.events" dev="sda1" ino=1960 res=1 errno=0
[  151.553368][ T7128] netlink: 'syz-executor.3': attribute type 2 has an invalid length.
[  151.643008][ T7134] bond1: (slave bridge2): Enslaving as an active interface with an up link
[  151.700763][ T7122] bridge0: port 3(bond1) entered blocking state
[  151.711972][ T7122] bridge0: port 3(bond1) entered disabled state
[  151.726956][ T7122] bond1: entered allmulticast mode
[  151.744442][ T7122] bridge2: entered allmulticast mode
[  151.779292][ T7122] bond1: entered promiscuous mode
[  151.800786][ T7122] bridge2: entered promiscuous mode
[  152.177689][ T7170] netlink: 'syz-executor.0': attribute type 3 has an invalid length.
[  152.216475][ T7170] netlink: 130984 bytes leftover after parsing attributes in process `syz-executor.0'.
[  152.244363][ T7175] xt_CONNSECMARK: invalid mode: 0
[  152.250671][ T7157] netlink: 88 bytes leftover after parsing attributes in process `syz-executor.0'.
[  152.627576][   T29] audit: type=1800 audit(1719012346.990:27): pid=7192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="memory.events" dev="sda1" ino=1941 res=0 errno=0
[  152.708022][   T29] audit: type=1804 audit(1719012347.000:28): pid=7192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir1236981935/syzkaller.eH77jQ/46/memory.events" dev="sda1" ino=1941 res=1 errno=0
[  152.962266][ T7210] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  153.685007][ T7254] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  153.789081][ T7254] team0: Device veth1_vlan failed to register rx_handler
[  154.168145][ T7277] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  154.254431][ T7281] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  154.278442][ T7281] syz-executor.0 (7281) used greatest stack depth: 18352 bytes left
[  154.425089][ T7288] Unknown options in mask 1f4
[  154.430748][ T7254] syz-executor.2 (7254) used greatest stack depth: 17488 bytes left
[  155.439568][ T7333] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  155.590402][ T7339] tipc: Started in network mode
[  155.595328][ T7339] tipc: Node identity fffffffd, cluster identity 4711
[  155.621525][ T7339] tipc: Node number set to 4294967293
[  155.922614][ T7359] __nla_validate_parse: 9 callbacks suppressed
[  155.922634][ T7359] netlink: 209848 bytes leftover after parsing attributes in process `syz-executor.4'.
[  156.044543][ T7368] xt_CT: You must specify a L4 protocol and not use inversions on it
[  156.207894][ T7371] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  156.755271][ T7403] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  157.864873][ T7451] dummy0: entered promiscuous mode
[  157.879897][ T7451] macsec1: entered promiscuous mode
[  157.880329][ T7455] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  157.896076][ T7451] macsec1: entered allmulticast mode
[  157.919921][ T7451] dummy0: entered allmulticast mode
[  157.966880][ T7451] dummy0: left allmulticast mode
[  157.972714][ T7451] dummy0: left promiscuous mode
[  158.016048][ T7459] netlink: 209316 bytes leftover after parsing attributes in process `syz-executor.1'.
[  158.151406][ T7462] netlink: 'syz-executor.3': attribute type 10 has an invalid length.
[  158.199347][ T7462] team0: Device veth1_vlan failed to register rx_handler
[  158.257764][ T7466] netlink: 209848 bytes leftover after parsing attributes in process `syz-executor.0'.
[  158.783941][ T7493] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  158.812633][ T7493] netlink: 31 bytes leftover after parsing attributes in process `syz-executor.2'.
[  158.820358][ T7495] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  158.870864][ T7495] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  158.874526][ T7493] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  158.890012][ T7497] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  158.912315][ T7493] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  158.920759][ T7497] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.4'.
[  158.932802][ T7497] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  159.210169][ T7514] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  159.778183][ T7547] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  159.996833][ T7561] netlink: 'syz-executor.3': attribute type 6 has an invalid length.
[  160.212443][ T7575] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  160.244536][ T7576] dummy0: entered promiscuous mode
[  160.256990][ T7576] dummy0: left promiscuous mode
[  160.283210][ T7578] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  160.301738][ T7578] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  160.565886][ T7599] netlink: 'syz-executor.2': attribute type 6 has an invalid length.
[  161.215389][ T7630] dummy0: entered promiscuous mode
[  161.231844][ T7630] macsec1: entered promiscuous mode
[  161.239629][ T7630] macsec1: entered allmulticast mode
[  161.249822][ T7630] dummy0: entered allmulticast mode
[  161.276982][ T7630] dummy0: left allmulticast mode
[  161.286514][ T7630] dummy0: left promiscuous mode
[  161.521510][ T7653] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  161.563153][ T7653] __nla_validate_parse: 5 callbacks suppressed
[  161.563176][ T7653] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.2'.
[  161.614044][ T7657] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  161.637604][ T7653] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  162.364406][ T7710] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  162.575964][ T7724] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  162.630949][ T7724] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
[  162.639078][ T7724] netlink: 16074 bytes leftover after parsing attributes in process `syz-executor.1'.
[  163.126792][   T29] kauditd_printk_skb: 6 callbacks suppressed
[  163.126810][   T29] audit: type=1804 audit(1719012357.490:35): pid=7749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1605289000/syzkaller.zYp1UV/209/cgroup.controllers" dev="sda1" ino=1964 res=1 errno=0
[  163.391121][ T7762] netlink: 'syz-executor.1': attribute type 9 has an invalid length.
[  163.576396][ T7767] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  164.377408][ T7810] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  164.527064][ T7823] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  164.571944][ T7823] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  164.576893][ T7828] nbd: couldn't find device at index -1
[  165.255373][ T7867] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  165.329939][ T7870] nbd: couldn't find device at index -1
[  165.580184][ T5120] Bluetooth: hci2: command 0x0405 tx timeout
[  165.643649][ T7891] netlink: 100 bytes leftover after parsing attributes in process `syz-executor.0'.
[  165.654530][ T7891] netlink: 100 bytes leftover after parsing attributes in process `syz-executor.0'.
[  165.684419][ T7890] netlink: 'syz-executor.3': attribute type 3 has an invalid length.
[  166.797753][ T7939] af_packet: tpacket_rcv: packet too big, clamped from 212960 to 3952. macoff=96
[  166.825846][ T7939] netlink: 209840 bytes leftover after parsing attributes in process `syz-executor.1'.
[  166.958441][ T7946] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  166.999982][ T7946] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0)
[  167.045460][ T7946] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535
[  167.101181][ T7950] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  167.394896][ T7970] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  167.548183][ T7981] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  167.573814][ T7981] IPVS: Error joining to the multicast group
[  167.914811][ T8002] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  167.998121][ T8002] batman_adv: batadv1: Adding interface: netdevsim0
[  168.011841][ T8002] batman_adv: batadv1: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  168.050986][ T8002] batman_adv: batadv1: Interface activated: netdevsim0
[  168.269331][ T8015] netlink: 'syz-executor.2': attribute type 3 has an invalid length.
[  168.521609][ T8029] netlink: 100 bytes leftover after parsing attributes in process `syz-executor.0'.
[  168.709419][ T8042] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  168.873935][ T8051] (unnamed net_device) (uninitialized): option arp_validate: invalid value (18446744073709551615)
[  169.074924][ T8055] IPVS: set_ctl: invalid protocol: 60 10.1.1.2:0
[  169.239047][ T8073] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  169.408505][ T8080] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  169.525039][ T8084] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  169.536336][ T8084] IPVS: Error joining to the multicast group
[  169.813356][ T8103] netlink: 209840 bytes leftover after parsing attributes in process `syz-executor.3'.
[  170.553737][ T8153] IPVS: Error joining to the multicast group
[  170.837308][ T8174] IPVS: set_ctl: invalid protocol: 60 10.1.1.2:0
[  171.203413][ T8195] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  171.230301][ T8195] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  172.963905][ T8258] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  172.977671][ T8258] __nla_validate_parse: 2 callbacks suppressed
[  172.977692][ T8258] netlink: 9352 bytes leftover after parsing attributes in process `syz-executor.3'.
[  173.003043][ T8258] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  173.015406][ T8258] netlink: 'syz-executor.3': attribute type 2 has an invalid length.
[  173.715672][ T8293] netlink: 210616 bytes leftover after parsing attributes in process `syz-executor.0'.
[  174.101252][ T8312] IPVS: set_ctl: invalid protocol: 60 10.1.1.2:0
[  174.341680][ T8319] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  174.938275][ T8337] netlink: 'syz-executor.1': attribute type 16 has an invalid length.
[  175.230776][ T8346] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'.
[  175.302622][ T8347] IPVS: set_ctl: invalid protocol: 60 10.1.1.2:0
[  175.330973][ T8354] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  176.028730][ T8383] netlink: 'syz-executor.3': attribute type 16 has an invalid length.
[  176.089709][ T8383] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  176.243216][ T8394] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  176.271605][ T8393] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  176.354012][ T8402] netlink: 47 bytes leftover after parsing attributes in process `syz-executor.3'.
[  176.460130][ T8408] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  176.596435][ T8417] netlink: 'syz-executor.1': attribute type 25 has an invalid length.
[  176.604871][ T8417] netlink: 'syz-executor.1': attribute type 8 has an invalid length.
[  177.531288][ T8475] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  177.852371][ T8493] netlink: 'syz-executor.0': attribute type 16 has an invalid length.
[  177.877798][ T8493] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  178.428228][ T8522] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  178.452195][ T8522] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  178.478247][ T8522] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[  178.499731][ T8522] block nbd0: Unsupported socket: shutdown callout must be supported.
[  178.758755][ T8534] pim6reg1: entered promiscuous mode
[  178.771593][ T8534] pim6reg1: entered allmulticast mode
[  178.882703][ T8537] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  178.896102][ T8537] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.4'.
[  179.122648][ T8549] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  179.773762][ T8577] netlink: 204152 bytes leftover after parsing attributes in process `syz-executor.1'.
[  179.796817][ T8571] pim6reg1: entered promiscuous mode
[  179.809867][ T8571] pim6reg1: entered allmulticast mode
[  180.203518][ T8593] netlink: 'syz-executor.3': attribute type 13 has an invalid length.
[  180.366172][ T8600] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  180.600997][ T8620] netlink: 96 bytes leftover after parsing attributes in process `syz-executor.2'.
[  180.622857][ T8626] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  180.644511][ T8619] pim6reg1: entered promiscuous mode
[  180.664751][ T8619] pim6reg1: entered allmulticast mode
[  180.980177][ T8639] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  181.980578][ T8636] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  182.307331][ T8680] netlink: 'syz-executor.4': attribute type 13 has an invalid length.
[  182.614238][ T8693] tipc: Started in network mode
[  182.629208][ T8693] tipc: Node identity 3623775b326a, cluster identity 4711
[  182.639279][ T8693] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  182.735229][ T8693] tipc: Resetting bearer <eth:syzkaller0>
[  182.751248][ T8701] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  182.828817][ T8692] tipc: Resetting bearer <eth:syzkaller0>
[  183.669896][    T9] tipc: Node number set to 71923547
[  184.545699][ T8692] tipc: Disabling bearer <eth:syzkaller0>
[  184.694182][ T8723] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  184.848132][ T8735] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  184.864905][ T8735] __nla_validate_parse: 1 callbacks suppressed
[  184.864926][ T8735] netlink: 168864 bytes leftover after parsing attributes in process `syz-executor.2'.
[  185.183180][ T8751] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  185.361604][ T8751] tipc: Resetting bearer <eth:syzkaller0>
[  185.386154][ T8760] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  185.614159][ T8749] tipc: Resetting bearer <eth:syzkaller0>
[  185.703513][ T8779] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  187.491933][ T8749] tipc: Disabling bearer <eth:syzkaller0>
[  187.737799][ T8794] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  187.764214][ T8800] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  188.106622][ T8816] tipc: Started in network mode
[  188.137877][ T8816] tipc: Node identity 8e9bb9e2ca4e, cluster identity 4711
[  188.146388][ T8816] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  188.270822][ T8821] tipc: Resetting bearer <eth:syzkaller0>
[  188.299404][ T8816] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  188.419816][ T8814] tipc: Resetting bearer <eth:syzkaller0>
[  189.274630][ T5168] tipc: Node number set to 1154857442
[  189.533745][ T8859] syz-executor.0[8859] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  189.533903][ T8859] syz-executor.0[8859] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  189.640687][ T8861] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.0'.
[  190.507475][ T8814] tipc: Disabling bearer <eth:syzkaller0>
[  190.518710][ T8838] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.2'.
[  190.649116][ T8864] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  190.677471][ T8864] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  191.094958][ T8899] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  191.381140][ T8918] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  191.395934][ T8918] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  191.427673][ T8918] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  191.609803][ T8937] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  191.623428][ T8934] No such timeout policy "syz0"
[  191.748150][ T8945] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  192.260050][ T8971] netlink: 244 bytes leftover after parsing attributes in process `syz-executor.4'.
[  192.393100][ T8978] tipc: Enabled bearer <eth:geneve1>, priority 10
[  192.684200][ T8990] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  192.863370][ T8998] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  193.056218][ T8998] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  193.081237][ T8999] netlink: 'syz-executor.1': attribute type 29 has an invalid length.
[  193.114000][ T8991] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  193.779154][ T9035] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[  194.836541][ T9084] tap0: tun_chr_ioctl cmd 1074025677
[  194.842897][ T9084] tap0: linktype set to 270
[  194.868040][ T9089] netlink: 244 bytes leftover after parsing attributes in process `syz-executor.1'.
[  195.113099][ T9103] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  195.123455][ T9103] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  195.619261][ T9116] team0: entered promiscuous mode
[  195.630393][ T9116] team_slave_1: entered promiscuous mode
[  195.645814][ T9116] bond0: entered promiscuous mode
[  195.653925][ T9116] bond_slave_0: entered promiscuous mode
[  195.662013][ T9116] bond_slave_1: entered promiscuous mode
[  195.902677][ T9116] dummy0: entered promiscuous mode
[  198.416303][ T9175] syzkaller0: entered promiscuous mode
[  198.422216][ T9175] syzkaller0: entered allmulticast mode
[  199.174117][ T9216] xt_socket: unknown flags 0x8
[  201.058633][ T9241] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  201.238543][ T9254] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  202.214867][ T9309] netlink: 184 bytes leftover after parsing attributes in process `syz-executor.0'.
[  202.229378][ T9309] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  203.348285][ T9314] sch_tbf: peakrate 8 is lower than or equals to rate 14799206064497609713 !
[  203.500686][ T9336] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  203.707903][   T29] audit: type=1804 audit(1719012398.070:36): pid=9348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2286983550/syzkaller.j9SsAl/307/cgroup.controllers" dev="sda1" ino=1967 res=1 errno=0
[  203.773137][ T5168] IPVS: starting estimator thread 0...
[  203.803339][ T9353] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  203.880438][ T9354] IPVS: using max 18 ests per chain, 43200 per kthread
[  204.751985][ T9406] netlink: 184 bytes leftover after parsing attributes in process `syz-executor.1'.
[  204.779910][ T9406] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  205.654291][ T9363] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  205.703725][ T9420] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  205.822862][ T9427] netlink: 140 bytes leftover after parsing attributes in process `syz-executor.2'.
[  205.953090][ T9431] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  205.980037][   T29] audit: type=1804 audit(1719012400.340:37): pid=9435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2701770529/syzkaller.KNVQ3s/357/cgroup.controllers" dev="sda1" ino=1951 res=1 errno=0
[  206.037778][ T5167] IPVS: starting estimator thread 0...
[  206.105610][ T9440] netlink: 11 bytes leftover after parsing attributes in process `syz-executor.4'.
[  206.149819][ T9438] IPVS: using max 21 ests per chain, 50400 per kthread
[  206.628175][ T9465] trusted_key: syz-executor.0 sent an empty control message without MSG_MORE.
[  207.483934][ T9515] netlink: 'syz-executor.4': attribute type 11 has an invalid length.
[  207.740538][ T9530] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  207.774336][ T9530] macsec1: entered promiscuous mode
[  207.788396][ T9530] macsec1: entered allmulticast mode
[  207.807333][ T9530] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[  207.827791][ T9530] mac80211_hwsim hwsim2 wlan0: left allmulticast mode
[  207.853257][ T9530] mac80211_hwsim hwsim2 wlan0: left promiscuous mode
[  208.206921][ T9563] syz-executor.3[9563] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  208.207073][ T9563] syz-executor.3[9563] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  208.470698][ T9583] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  208.500750][ T9583] macsec1: entered promiscuous mode
[  208.507622][ T9583] macsec1: entered allmulticast mode
[  208.523054][ T9583] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode
[  208.564740][ T9583] mac80211_hwsim hwsim4 wlan0: left allmulticast mode
[  208.596580][ T9583] mac80211_hwsim hwsim4 wlan0: left promiscuous mode
[  208.658079][ T9591] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  208.686240][ T9591] batman_adv: batadv0: Removing interface: batadv_slave_0
[  208.697304][ T9591] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  208.705271][ T9591] batman_adv: batadv0: Removing interface: batadv_slave_1
[  209.258758][ T9630] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.2'.
[  209.485232][ T9638] netlink: 11 bytes leftover after parsing attributes in process `syz-executor.0'.
[  209.706025][ T9650] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  209.724326][ T9650] batman_adv: batadv0: Removing interface: batadv_slave_0
[  209.749530][ T9650] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  209.769979][ T9650] batman_adv: batadv0: Removing interface: batadv_slave_1
[  210.072025][ T9666] netlink: 108 bytes leftover after parsing attributes in process `syz-executor.1'.
[  210.080713][ T9667] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  210.105689][ T9667] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  210.363435][ T9679] netlink: 19 bytes leftover after parsing attributes in process `syz-executor.3'.
[  210.393540][ T9679] caif0: entered allmulticast mode
[  210.414924][ T9679] netlink: 'syz-executor.3': attribute type 2 has an invalid length.
[  210.444724][ T9679] netlink: 'syz-executor.3': attribute type 2 has an invalid length.
[  210.479576][ T9687] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  210.711865][ T9702] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  210.713018][ T9700] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  210.735428][ T9702] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  210.764958][ T9700] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  210.934519][ T9707] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  211.182914][ T9726] netlink: 188 bytes leftover after parsing attributes in process `syz-executor.2'.
[  211.196009][ T9726] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  211.206453][ T9726] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[  211.301151][ T9731] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  211.321912][ T9731] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  211.840216][ T9764] geneve2: entered promiscuous mode
[  211.845480][ T9764] geneve2: entered allmulticast mode
[  211.870061][ T9769] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  212.217997][ T9786] mac80211_hwsim hwsim8 wlan0: entered promiscuous mode
[  212.235871][ T9786] macsec1: entered promiscuous mode
[  212.250097][ T9786] macsec1: entered allmulticast mode
[  212.258637][ T9786] mac80211_hwsim hwsim8 wlan0: entered allmulticast mode
[  212.309071][ T9786] mac80211_hwsim hwsim8 wlan0: left allmulticast mode
[  212.335181][ T9786] mac80211_hwsim hwsim8 wlan0: left promiscuous mode
[  212.537695][ T9805] netlink: 468 bytes leftover after parsing attributes in process `syz-executor.1'.
[  212.574553][ T9805] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'.
[  212.615484][ T9809] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  212.641375][ T9809] netlink: 'syz-executor.4': attribute type 29 has an invalid length.
[  213.231295][ T9844] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  213.328041][ T9844] bridge0: port 1(bridge_slave_0) entered disabled state
[  213.361584][ T9844] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.456406][ T9844] tipc: Resetting bearer <eth:geneve1>
[  213.470247][ T9844] tipc: Resetting bearer <eth:geneve1>
[  213.495749][ T9852] netlink: 'syz-executor.3': attribute type 2 has an invalid length.
[  213.520640][ T9852] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  213.797325][ T9864] pimreg: entered allmulticast mode
[  213.814581][ T9864] netlink: 'syz-executor.3': attribute type 11 has an invalid length.
[  213.875776][ T9870] pimreg: left allmulticast mode
[  214.568702][ T9917] netlink: 188 bytes leftover after parsing attributes in process `syz-executor.3'.
[  214.582622][ T9917] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  214.607108][ T9917] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  215.109901][ T9962] netlink: zone id is out of range
[  215.123241][ T9962] netlink: zone id is out of range
[  215.128418][ T9962] netlink: zone id is out of range
[  215.161756][ T9962] netlink: zone id is out of range
[  215.177431][ T9962] netlink: zone id is out of range
[  215.201147][ T9962] netlink: zone id is out of range
[  215.216763][ T9962] netlink: zone id is out of range
[  215.223483][ T9962] netlink: zone id is out of range
[  215.240692][ T9962] netlink: zone id is out of range
[  215.377336][ T9975] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.385750][ T9975] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.443347][ T9981] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.451804][ T9981] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.460037][ T9981] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.467413][ T9981] bridge0: port 1(bridge_slave_0) entered forwarding state
[  215.537085][ T9981] bridge0: entered promiscuous mode
[  215.562580][ T9981] bridge0: entered allmulticast mode
[  216.165665][T10000] pimreg: entered allmulticast mode
[  216.223542][T10000] netlink: 'syz-executor.2': attribute type 11 has an invalid length.
[  216.312468][T10008] pimreg: left allmulticast mode
[  216.743645][T10043] pimreg: entered allmulticast mode
[  216.775082][T10043] __nla_validate_parse: 1 callbacks suppressed
[  216.775101][T10043] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  216.805122][T10043] netlink: 188 bytes leftover after parsing attributes in process `syz-executor.1'.
[  216.836477][T10043] pimreg: left allmulticast mode
[  217.265008][ T5118] Bluetooth: hci1: command 0x0406 tx timeout
[  217.265025][ T5121] Bluetooth: hci3: command 0x0406 tx timeout
[  217.804582][ T5120] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  217.822960][ T5120] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  217.833904][ T5120] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  217.846642][ T5120] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  217.866214][ T5120] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  217.874778][ T5120] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  217.964418][T10082] pimreg: entered allmulticast mode
[  218.002466][T10082] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  218.046975][T10080] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  218.069585][T10085] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  218.185471][T10082] netlink: 188 bytes leftover after parsing attributes in process `syz-executor.0'.
[  218.223488][T10086] pimreg: left allmulticast mode
[  218.349818][ T2485] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.523354][ T2485] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.672374][ T2485] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.723233][T10073] chnl_net:caif_netlink_parms(): no params data found
[  218.788516][T10108] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  218.805974][T10108] batman_adv: batadv0: Removing interface: batadv_slave_0
[  218.823697][T10108] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  218.839850][T10108] batman_adv: batadv0: Removing interface: batadv_slave_1
[  219.008490][T10113] netlink: 'syz-executor.3': attribute type 11 has an invalid length.
[  219.018447][T10113] netlink: 'syz-executor.3': attribute type 5 has an invalid length.
[  219.301443][T10073] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.308707][T10073] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.336362][T10073] bridge_slave_0: entered allmulticast mode
[  219.347593][T10073] bridge_slave_0: entered promiscuous mode
[  219.454555][T10073] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.470020][T10073] bridge0: port 2(bridge_slave_1) entered disabled state
[  219.488652][T10073] bridge_slave_1: entered allmulticast mode
[  219.498467][T10073] bridge_slave_1: entered promiscuous mode
[  219.516318][ T2485] bridge_slave_1: left allmulticast mode
[  219.525220][ T2485] bridge_slave_1: left promiscuous mode
[  219.545020][ T2485] bridge0: port 2(bridge_slave_1) entered disabled state
[  219.558709][ T2485] bridge_slave_0: left allmulticast mode
[  219.565507][ T2485] bridge_slave_0: left promiscuous mode
[  219.578253][ T2485] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.980423][ T5127] Bluetooth: hci5: command tx timeout
[  220.780315][ T2485] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  220.792128][ T2485] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  220.802957][ T2485] bond0 (unregistering): Released all slaves
[  220.855907][T10156] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[  220.950840][T10170] dummy0: entered promiscuous mode
[  220.956093][T10170] macsec1: entered promiscuous mode
[  220.967511][T10170] macsec1: entered allmulticast mode
[  220.974491][T10170] dummy0: entered allmulticast mode
[  220.993651][T10073] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  221.014960][ T2485] tipc: Left network mode
[  221.043457][T10073] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  221.184213][T10188] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  221.213404][T10188] netlink: 'syz-executor.3': attribute type 3 has an invalid length.
[  221.240912][T10188] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.3'.
[  221.272470][T10073] team0: Port device team_slave_0 added
[  221.328260][T10073] team0: Port device team_slave_1 added
[  221.507627][T10073] batman_adv: batadv0: Adding interface: batadv_slave_0
[  221.529869][T10073] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.567689][T10213] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'.
[  221.578882][T10213] netlink: 43 bytes leftover after parsing attributes in process `syz-executor.4'.
[  221.588926][T10073] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  221.600263][T10213] netlink: 'syz-executor.4': attribute type 6 has an invalid length.
[  221.610818][T10213] netlink: 'syz-executor.4': attribute type 5 has an invalid length.
[  221.619205][T10073] batman_adv: batadv0: Adding interface: batadv_slave_1
[  221.632273][T10073] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.710013][T10073] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  221.846900][T10219] __nla_validate_parse: 2 callbacks suppressed
[  221.846922][T10219] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'.
[  222.060141][ T5127] Bluetooth: hci5: command tx timeout
[  222.084475][T10073] hsr_slave_0: entered promiscuous mode
[  222.114407][T10073] hsr_slave_1: entered promiscuous mode
[  222.125386][T10073] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  222.140277][   T29] audit: type=1800 audit(1719012416.500:38): pid=10224 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.2" name="memory.events" dev="sda1" ino=1959 res=0 errno=0
[  222.172069][T10073] Cannot create hsr debugfs directory
[  222.289148][ T2485] hsr_slave_0: left promiscuous mode
[  222.310258][ T2485] hsr_slave_1: left promiscuous mode
[  222.380360][ T2485] veth1_macvtap: left promiscuous mode
[  222.385957][ T2485] veth0_macvtap: left promiscuous mode
[  222.396038][ T2485] veth1_vlan: left promiscuous mode
[  222.401534][ T2485] veth0_vlan: left promiscuous mode
[  223.102586][ T2485] team0 (unregistering): Port device team_slave_1 removed
[  223.144498][ T2485] team0 (unregistering): Port device team_slave_0 removed
[  223.550722][T10259] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  223.574366][T10262] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  223.801271][T10280] syz-executor.2[10280] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  223.801430][T10280] syz-executor.2[10280] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  224.058039][T10288] bond0: entered promiscuous mode
[  224.094313][T10288] bond_slave_0: entered promiscuous mode
[  224.120944][T10288] bond_slave_1: entered promiscuous mode
[  224.141701][ T5127] Bluetooth: hci5: command tx timeout
[  224.576033][T10073] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  224.605906][T10073] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  224.634489][T10073] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  224.661973][T10310] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  224.743835][T10073] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  224.871139][T10319] bond0: entered promiscuous mode
[  225.135746][T10073] 8021q: adding VLAN 0 to HW filter on device bond0
[  225.207122][T10073] 8021q: adding VLAN 0 to HW filter on device team0
[  225.242905][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[  225.250109][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[  225.276604][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[  225.283841][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[  225.340987][T10336] ip6gretap0: entered promiscuous mode
[  225.361239][T10336] batadv_slave_0: entered promiscuous mode
[  225.380711][T10336] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  225.398949][T10336] Cannot create hsr debugfs directory
[  225.522420][   T29] audit: type=1800 audit(1719012419.890:39): pid=10343 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.3" name="memory.events" dev="sda1" ino=1950 res=0 errno=0
[  225.922053][T10073] 8021q: adding VLAN 0 to HW filter on device batadv0
[  225.954044][T10373] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  226.053816][T10073] veth0_vlan: entered promiscuous mode
[  226.078234][T10073] veth1_vlan: entered promiscuous mode
[  226.163696][T10073] veth0_macvtap: entered promiscuous mode
[  226.207096][T10073] veth1_macvtap: entered promiscuous mode
[  226.219931][ T5120] Bluetooth: hci5: command tx timeout
[  226.272659][T10385] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.0'.
[  226.325827][T10073] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.369758][T10073] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.380732][T10073] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.399683][T10073] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.421585][T10073] batman_adv: batadv0: Interface activated: batadv_slave_0
[  226.448663][T10073] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  226.470451][T10073] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.487031][T10073] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  226.497726][T10073] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.509183][T10073] batman_adv: batadv0: Interface activated: batadv_slave_1
[  226.538887][T10073] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  226.566005][T10073] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  226.577472][T10073] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  226.588441][T10073] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  226.736061][T10403] geneve3: entered promiscuous mode
[  226.746730][T10403] geneve3: entered allmulticast mode
[  226.761601][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  226.775034][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  226.837457][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  226.852799][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  227.500058][ T5120] Bluetooth: hci4: command 0x0406 tx timeout
[  227.677902][T10438] bond0: entered promiscuous mode
[  227.687187][T10438] bond_slave_0: entered promiscuous mode
[  227.695677][T10438] bond_slave_1: entered promiscuous mode
[  228.323841][T10471] netlink: 'syz-executor.3': attribute type 23 has an invalid length.
[  228.360059][T10471] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[  228.410740][T10471] bridge0: entered promiscuous mode
[  228.880160][T10505] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'.
[  229.351548][T10538] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  229.536347][T10552] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'.
[  229.687034][T10559] netlink: 'syz-executor.4': attribute type 33 has an invalid length.
[  230.083619][T10590] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  230.232798][T10603] netlink: 'syz-executor.1': attribute type 7 has an invalid length.
[  230.241244][T10603] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.1'.
[  230.693780][T10627] (unnamed net_device) (uninitialized): option primary_reselect: invalid value (64)
[  230.757072][T10629] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.762662][T10632] netlink: 'syz-executor.3': attribute type 7 has an invalid length.
[  230.777249][T10632] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.3'.
[  230.803297][T10629] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.866750][T10635] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  231.115379][T10653] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.4'.
[  231.187337][T10658] (unnamed net_device) (uninitialized): option primary_reselect: invalid value (64)
[  231.569878][T10690] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.4'.
[  231.643464][T10695] (unnamed net_device) (uninitialized): option primary_reselect: invalid value (64)
[  232.071726][T10718] tipc: Enabled bearer <eth:hsr0>, priority 10
[  232.078243][T10720] net_ratelimit: 143 callbacks suppressed
[  232.078269][T10720] netlink: zone id is out of range
[  232.099367][T10720] netlink: set zone limit has 4 unknown bytes
[  232.128192][T10724] netlink: 'syz-executor.3': attribute type 64 has an invalid length.
[  232.715359][T10748] netlink: zone id is out of range
[  232.736815][T10748] netlink: set zone limit has 4 unknown bytes
[  232.782688][T10754] netlink: 'syz-executor.1': attribute type 64 has an invalid length.
[  233.175189][T10773] netlink: 'syz-executor.3': attribute type 2 has an invalid length.
[  233.353578][T10783] netlink: zone id is out of range
[  233.358756][T10783] netlink: set zone limit has 4 unknown bytes
[  233.396406][T10785] netlink: 'syz-executor.3': attribute type 64 has an invalid length.
[  233.415313][T10785] __nla_validate_parse: 12 callbacks suppressed
[  233.415336][T10785] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  233.483712][T10785] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.3'.
[  233.868918][T10799] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  233.894364][T10810] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  233.994501][T10815] netlink: zone id is out of range
[  234.021431][T10815] netlink: set zone limit has 4 unknown bytes
[  234.174720][T10827] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  234.302840][   T50] IPVS: starting estimator thread 0...
[  234.410498][T10839] IPVS: using max 19 ests per chain, 45600 per kthread
[  234.536491][T10858] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  234.649253][T10865] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  235.084894][T10895] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  235.682213][T10935] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.0'.
[  236.072167][T10961] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.3'.
[  236.192373][T10968] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.0'.
[  237.243501][ T5120] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  237.252759][ T5120] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  237.289984][ T5120] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  237.310445][ T5120] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  237.319833][ T5120] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  237.328223][ T5120] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  237.501113][ T2485] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.580285][ T5127] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  237.612270][ T5127] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  237.630432][ T5127] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  237.650542][ T5127] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  237.661771][ T5127] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  237.669965][ T5127] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  237.776055][ T2485] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.956841][T11042] Bluetooth: MGMT ver 1.22
[  237.965711][ T2485] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.113399][ T2485] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.613951][T11011] chnl_net:caif_netlink_parms(): no params data found
[  238.754106][ T2485] bridge_slave_1: left allmulticast mode
[  238.760654][ T2485] bridge_slave_1: left promiscuous mode
[  238.766602][ T2485] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.795697][ T2485] bridge_slave_0: left allmulticast mode
[  238.802630][ T2485] bridge_slave_0: left promiscuous mode
[  238.819200][ T2485] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.837437][T11089] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  238.846332][T11089] __nla_validate_parse: 2 callbacks suppressed
[  238.846350][T11089] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  239.429971][ T5120] Bluetooth: hci2: command tx timeout
[  239.749762][ T5120] Bluetooth: hci0: command tx timeout
[  239.914764][ T2485] bond0 (unregistering): left promiscuous mode
[  239.925987][ T2485] bond_slave_0: left promiscuous mode
[  239.933152][ T2485] bond_slave_1: left promiscuous mode
[  239.943613][ T2485] team0: Port device bond0 removed
[  239.952970][ T2485] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  239.965016][ T2485] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  239.976502][ T2485] bond0 (unregistering): Released all slaves
[  240.074863][ T2485] bond1 (unregistering): Released all slaves
[  240.179612][ T2485] bond2 (unregistering): Released all slaves
[  240.194009][ T2485] bond3 (unregistering): Released all slaves
[  240.234113][T11101] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.254708][T11101] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.343124][T11103] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  240.434602][T11024] chnl_net:caif_netlink_parms(): no params data found
[  240.777800][T11138] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  240.793106][T11138] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  240.857396][T11011] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.875037][T11011] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.895114][T11011] bridge_slave_0: entered allmulticast mode
[  240.904654][T11011] bridge_slave_0: entered promiscuous mode
[  240.913764][T11011] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.921671][T11011] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.929087][T11011] bridge_slave_1: entered allmulticast mode
[  240.936774][T11011] bridge_slave_1: entered promiscuous mode
[  241.104111][T11024] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.116094][T11024] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.137561][T11024] bridge_slave_0: entered allmulticast mode
[  241.157258][T11024] bridge_slave_0: entered promiscuous mode
[  241.222615][T11011] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  241.267846][T11011] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  241.296355][T11024] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.310117][T11024] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.330016][T11024] bridge_slave_1: entered allmulticast mode
[  241.346400][T11024] bridge_slave_1: entered promiscuous mode
[  241.394220][T11169] netlink: 830 bytes leftover after parsing attributes in process `syz-executor.4'.
[  241.457742][T11169] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.4'.
[  241.500020][ T5120] Bluetooth: hci2: command tx timeout
[  241.519296][ T2485] team0: left promiscuous mode
[  241.525245][ T2485] team_slave_1: left promiscuous mode
[  241.536035][ T2485] dummy0: left promiscuous mode
[  241.547948][ T2485] hsr_slave_0: left promiscuous mode
[  241.554322][ T2485] hsr_slave_1: left promiscuous mode
[  241.560699][ T2485] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  241.568198][ T2485] batman_adv: batadv0: Removing interface: batadv_slave_0
[  241.576790][ T2485] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  241.584564][ T2485] batman_adv: batadv0: Removing interface: batadv_slave_1
[  241.603893][ T2485] veth1_macvtap: left promiscuous mode
[  241.609503][ T2485] veth0_macvtap: left promiscuous mode
[  241.615322][ T2485] veth1_vlan: left allmulticast mode
[  241.621084][ T2485] veth0_vlan: left promiscuous mode
[  241.772334][ T2485] pim6reg (unregistering): left allmulticast mode
[  241.820215][ T5120] Bluetooth: hci0: command tx timeout
[  241.878377][ T2485] macvlan0 (unregistering): left allmulticast mode
[  242.177135][ T2485] team0 (unregistering): Port device team_slave_1 removed
[  242.606771][T11024] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  242.623408][T11011] team0: Port device team_slave_0 added
[  242.652775][T11024] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  242.683630][T11011] team0: Port device team_slave_1 added
[  242.822724][T11024] team0: Port device team_slave_0 added
[  242.859105][T11024] team0: Port device team_slave_1 added
[  242.910898][T11011] batman_adv: batadv0: Adding interface: batadv_slave_0
[  242.917894][T11011] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  242.953192][T11011] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  243.023375][T11024] batman_adv: batadv0: Adding interface: batadv_slave_0
[  243.040213][T11024] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.077760][T11024] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  243.095499][T11011] batman_adv: batadv0: Adding interface: batadv_slave_1
[  243.107385][T11011] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.142433][T11011] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  243.156154][T11024] batman_adv: batadv0: Adding interface: batadv_slave_1
[  243.186572][T11024] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.251004][T11024] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  243.269497][T11200] xt_TCPMSS: Only works on TCP SYN packets
[  243.300315][T11202] dccp_invalid_packet: P.CsCov 4 exceeds packet length 28
[  243.448767][T11011] hsr_slave_0: entered promiscuous mode
[  243.472848][T11011] hsr_slave_1: entered promiscuous mode
[  243.482126][T11210] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma?
[  243.585073][ T5120] Bluetooth: hci2: command tx timeout
[  243.738059][T11024] hsr_slave_0: entered promiscuous mode
[  243.751400][ T2485] IPVS: stop unused estimator thread 0...
[  243.767631][T11024] hsr_slave_1: entered promiscuous mode
[  243.776873][T11024] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  243.801797][T11024] Cannot create hsr debugfs directory
[  243.900742][ T5120] Bluetooth: hci0: command tx timeout
[  243.952161][T11233] xt_CT: You must specify a L4 protocol and not use inversions on it
[  244.062282][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.223859][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.355210][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.457546][T11255] xt_CT: You must specify a L4 protocol and not use inversions on it
[  244.485273][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.648112][   T12] bond1: left allmulticast mode
[  244.658743][   T12] bridge2: left allmulticast mode
[  244.679806][   T12] bond1: left promiscuous mode
[  244.684911][   T12] bridge2: left promiscuous mode
[  244.690547][   T12] bridge0: port 3(bond1) entered disabled state
[  244.699340][   T12] bridge_slave_1: left allmulticast mode
[  244.708750][   T12] bridge_slave_1: left promiscuous mode
[  244.715946][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.739003][   T12] bridge_slave_0: left allmulticast mode
[  244.745699][   T12] bridge_slave_0: left promiscuous mode
[  244.759081][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.931640][   T12] ip6gretap0 (unregistering): left promiscuous mode
[  244.976317][   T29] audit: type=1800 audit(1719012439.340:40): pid=11267 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.4" name="memory.events" dev="sda1" ino=1956 res=0 errno=0
[  245.002887][T11275] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  245.020977][T11275] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  245.307207][T11257] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  245.337680][   T12] bond1 (unregistering): (slave bridge2): Releasing backup interface
[  245.387226][T11287] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  245.394421][T11287] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  245.622488][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  245.634508][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  245.645995][   T12] bond0 (unregistering): Released all slaves
[  245.658947][   T12] bond1 (unregistering): Released all slaves
[  245.659982][ T5120] Bluetooth: hci2: command tx timeout
[  245.675290][   T12] bond2 (unregistering): Released all slaves
[  245.953904][T11011] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  245.993964][T11011] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  246.013952][   T12] tipc: Disabling bearer <eth:ipvlan0>
[  246.045380][   T12] tipc: Disabling bearer <ib:caif0>
[  246.052778][   T12] tipc: Disabling bearer <eth:hsr0>
[  246.067522][   T12] tipc: Left network mode
[  246.096395][T11011] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  246.201204][T11011] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  246.245213][T11311] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  246.272150][T11311] lo: entered promiscuous mode
[  246.510305][   T12] batadv_slave_0: left promiscuous mode
[  246.546788][   T12] hsr_slave_0: left promiscuous mode
[  246.563537][   T12] hsr_slave_1: left promiscuous mode
[  246.599060][   T12] dummy0: left allmulticast mode
[  246.608092][   T12] dummy0: left promiscuous mode
[  246.617242][   T12] veth1_macvtap: left promiscuous mode
[  246.631244][   T12] veth0_macvtap: left promiscuous mode
[  246.645168][   T12] veth0_vlan: left promiscuous mode
[  247.436878][T11339] bridge0: port 3(gretap0) entered blocking state
[  247.458532][T11339] bridge0: port 3(gretap0) entered disabled state
[  247.476890][T11339] gretap0: entered allmulticast mode
[  247.495450][T11349] xt_CT: You must specify a L4 protocol and not use inversions on it
[  247.497626][T11339] gretap0: entered promiscuous mode
[  247.539930][T11342] gretap0: left allmulticast mode
[  247.545133][T11342] gretap0: left promiscuous mode
[  247.553673][T11342] bridge0: port 3(gretap0) entered disabled state
[  247.775124][T11024] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  247.807046][T11024] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  247.845686][T11024] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  247.878030][T11024] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  248.003873][T11011] 8021q: adding VLAN 0 to HW filter on device bond0
[  248.153251][T11366] vlan2: entered allmulticast mode
[  248.159487][T11366] bond0: (slave vlan2): Opening slave failed
[  248.206398][T11011] 8021q: adding VLAN 0 to HW filter on device team0
[  248.244597][ T5169] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.251865][ T5169] bridge0: port 1(bridge_slave_0) entered forwarding state
[  248.310484][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.317665][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.400993][T11024] 8021q: adding VLAN 0 to HW filter on device bond0
[  248.475534][T11024] 8021q: adding VLAN 0 to HW filter on device team0
[  248.513625][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.520835][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  248.539192][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.546434][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.661140][T11024] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  248.880720][T11385] syz_tun: entered promiscuous mode
[  248.931251][T11384] syz_tun: left promiscuous mode
[  248.984732][T11011] 8021q: adding VLAN 0 to HW filter on device batadv0
[  249.155383][T11024] 8021q: adding VLAN 0 to HW filter on device batadv0
[  249.301167][T11011] veth0_vlan: entered promiscuous mode
[  249.330815][T11011] veth1_vlan: entered promiscuous mode
[  249.386760][T11024] veth0_vlan: entered promiscuous mode
[  249.438183][T11024] veth1_vlan: entered promiscuous mode
[  249.457462][T11011] veth0_macvtap: entered promiscuous mode
[  249.508571][T11011] veth1_macvtap: entered promiscuous mode
[  249.635924][T11011] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  249.654669][T11011] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.665013][T11011] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  249.677210][T11011] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.702899][T11011] batman_adv: batadv0: Interface activated: batadv_slave_0
[  249.733748][T11011] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  249.751744][T11011] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.762709][T11011] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  249.773401][T11011] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.785739][T11011] batman_adv: batadv0: Interface activated: batadv_slave_1
[  249.798331][T11024] veth0_macvtap: entered promiscuous mode
[  249.837965][T11024] veth1_macvtap: entered promiscuous mode
[  249.865601][T11011] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  249.893076][T11011] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  249.920579][T11011] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  249.931724][T11011] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  250.019182][T11024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  250.041982][T11024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.056942][T11024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  250.075488][T11024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.086157][T11024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  250.119697][T11024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.143839][T11024] batman_adv: batadv0: Interface activated: batadv_slave_0
[  250.182654][T11451] pimreg1: entered allmulticast mode
[  250.203248][T11024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  250.232141][T11024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.259731][T11024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  250.279681][T11024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.292496][T11024] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  250.305698][T11024] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.317849][T11024] batman_adv: batadv0: Interface activated: batadv_slave_1
[  250.391661][T11024] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  250.419925][T11024] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  250.428676][T11024] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  250.458641][T11024] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  250.557803][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  250.572032][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  250.616499][ T5169] IPVS: starting estimator thread 0...
[  250.666688][ T2485] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  250.671310][T11472] netlink: 'syz-executor.1': attribute type 3 has an invalid length.
[  250.677055][ T2485] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  250.731227][T11473] IPVS: using max 18 ests per chain, 43200 per kthread
[  250.816416][ T2485] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  250.836704][ T2485] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  250.933154][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  250.961529][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  251.098577][T11495] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.3'.
[  251.118762][T11497] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  251.128750][T11497] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.0'.
[  251.308716][T11510] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  251.478241][T11519] tipc: Started in network mode
[  251.494781][T11519] tipc: Node identity aa8220605b0c, cluster identity 4711
[  251.521634][T11519] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  251.668406][T11531] tipc: Resetting bearer <eth:syzkaller0>
[  251.785094][    T9] tipc: Resetting bearer <eth:syzkaller0>
[  251.805563][T11518] tipc: Resetting bearer <eth:syzkaller0>
[  251.815423][T11543] netlink: 14 bytes leftover after parsing attributes in process `syz-executor.4'.
[  251.907939][T11543] netlink: 14 bytes leftover after parsing attributes in process `syz-executor.4'.
[  252.026527][T11543] netlink: 14 bytes leftover after parsing attributes in process `syz-executor.4'.
[  252.649838][ T5167] tipc: Node number set to 4052623456
[  253.523105][T11518] tipc: Disabling bearer <eth:syzkaller0>
[  253.706691][T11566] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  253.795845][T11571] netlink: 'syz-executor.4': attribute type 21 has an invalid length.
[  254.087673][T11590] bond0: (slave bond_slave_1): Releasing backup interface
[  254.115431][T11590] bond_slave_1 (unregistering): left promiscuous mode
[  254.472635][T11618] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  255.065291][T11658] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  255.125889][T11662] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[  255.616088][T11694] netlink: 96 bytes leftover after parsing attributes in process `syz-executor.4'.
[  255.652978][T11694] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 2147221503 (only 8 groups)
[  255.836409][T11703] netlink: 'syz-executor.0': attribute type 12 has an invalid length.
[  255.852253][T11703] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.0'.
[  256.058654][T11717] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  256.360665][T11731] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  256.577603][T11747] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'.
[  257.049431][T11779] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  257.174291][T11787] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  258.487274][T11844] netlink: 'syz-executor.0': attribute type 10 has an invalid length.
[  258.505026][T11844] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.0'.
[  258.535397][T11847] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.2'.
[  258.692295][T11854] netlink: 'syz-executor.0': attribute type 7 has an invalid length.
[  258.726425][T11854] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.0'.
[  259.399893][T11882] tipc: Started in network mode
[  259.407600][T11882] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  259.434054][T11882] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  259.472019][T11882] tipc: Enabled bearer <udp:syz2>, priority 10
[  259.564080][T11889] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  259.588152][T11889] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.4'.
[  259.783198][T11901] netlink: 'syz-executor.4': attribute type 7 has an invalid length.
[  259.819869][T11901] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.4'.
[  259.833939][T11905] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  259.858404][T11905] bridge_slave_1: left allmulticast mode
[  259.880686][T11905] bridge_slave_1: left promiscuous mode
[  259.900018][T11905] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.928187][T11905] bridge_slave_0: left allmulticast mode
[  259.935860][T11905] bridge_slave_0: left promiscuous mode
[  259.947955][T11905] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.119729][T11918] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  260.134830][T11920] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  260.520860][T11936] tipc: Started in network mode
[  260.525782][T11936] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  260.556632][T11936] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  260.578703][T11936] tipc: Enabled bearer <udp:syz2>, priority 10
[  260.599922][ T5167] tipc: Node number set to 1
[  260.643044][T11946] netlink: 'syz-executor.3': attribute type 10 has an invalid length.
[  260.672080][T11946] team0: Device veth1_macvtap failed to register rx_handler
[  261.701695][  T783] tipc: Node number set to 1
[  261.781875][T11990] xt_TCPMSS: Only works on TCP SYN packets
[  262.236266][T12004] __nla_validate_parse: 1 callbacks suppressed
[  262.236287][T12004] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  263.099869][T12047] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  263.177319][T12051] TCP: request_sock_TCPv6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  264.119457][T12088] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  264.220100][T12090] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  264.260901][T12090] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  264.410059][T12100] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  264.616116][T12109] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  264.634763][T12109] bridge_slave_1: left allmulticast mode
[  264.653284][T12109] bridge_slave_1: left promiscuous mode
[  264.659128][T12109] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.682726][T12109] bridge_slave_0: left allmulticast mode
[  264.688731][T12109] bridge_slave_0: left promiscuous mode
[  264.698563][T12109] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.846847][T12106] netlink: 100 bytes leftover after parsing attributes in process `syz-executor.3'.
[  264.858861][T12111] netlink: 'syz-executor.3': attribute type 10 has an invalid length.
[  264.870377][T12111] team0: Device veth1_macvtap failed to register rx_handler
[  264.885265][T12115] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  264.937768][T12119] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  264.988623][T12124] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  265.021387][T12123] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  265.114727][T12125] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  265.158900][T12136] xt_l2tp: missing protocol rule (udp|l2tpip)
[  265.335588][T12142] pim6reg1: entered promiscuous mode
[  265.367621][T12142] pim6reg1: entered allmulticast mode
[  265.690413][T12169] xt_nat: multiple ranges no longer supported
[  266.041535][T12199] pim6reg1: entered promiscuous mode
[  266.053751][T12201] netlink: 207496 bytes leftover after parsing attributes in process `syz-executor.3'.
[  266.065155][T12199] pim6reg1: entered allmulticast mode
[  266.085427][   T29] audit: type=1804 audit(1719012460.450:41): pid=12204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1049253134/syzkaller.UjEIno/70/cgroup.controllers" dev="sda1" ino=1964 res=1 errno=0
[  266.221874][T12209] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  266.650905][T12234] tipc: Enabled bearer <eth:hsr0>, priority 10
[  266.691685][T12239] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  266.887910][T12250] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  267.294997][T12268] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  267.797777][T12296] sit0: entered promiscuous mode
[  267.824383][T12297] xt_nat: multiple ranges no longer supported
[  267.846259][T12296] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  267.885429][T12296] __nla_validate_parse: 2 callbacks suppressed
[  267.885452][T12296] netlink: 1 bytes leftover after parsing attributes in process `syz-executor.2'.
[  268.349948][T12322] netlink: 'syz-executor.1': attribute type 10 has an invalid length.
[  268.368348][T12322] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.1'.
[  268.385053][T12327] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  268.532852][T12327] tipc: Resetting bearer <eth:syzkaller0>
[  268.558111][T12345] netlink: 'syz-executor.1': attribute type 7 has an invalid length.
[  268.583664][T12345] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.1'.
[  268.599159][T12336] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  268.609899][T12326] tipc: Resetting bearer <eth:syzkaller0>
[  268.884214][T12354] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  269.790238][T12365] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.1'.
[  270.424388][T12326] tipc: Disabling bearer <eth:syzkaller0>
[  270.648200][T12377] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  270.758713][T12385] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  270.813264][T12388] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  271.484646][T12433] xt_NFQUEUE: number of total queues is 0
[  271.666486][T12446] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'.
[  271.813798][T12456] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.2'.
[  272.560239][T12506] ip6gretap1: entered allmulticast mode
[  272.637497][T12506] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  272.706401][T12518] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  273.460338][T12562] pim6reg1: entered promiscuous mode
[  273.472327][T12562] pim6reg1: entered allmulticast mode
[  274.016722][T12587] tipc: Enabled bearer <eth:hsr0>, priority 10
[  274.124787][T12592] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  274.169138][T12592] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  274.421323][T12606] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.4'.
[  274.585079][T12603] pim6reg1: entered promiscuous mode
[  274.609917][T12603] pim6reg1: entered allmulticast mode
[  274.951315][T12625] sctp: [Deprecated]: syz-executor.0 (pid 12625) Use of struct sctp_assoc_value in delayed_ack socket option.
[  274.951315][T12625] Use struct sctp_sack_info instead
[  277.148740][T12658] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  277.152689][T12656] skbuff: bad partial csum: csum=65504/2 headroom=144 headlen=65534
[  277.304494][T12664] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  277.768493][T12690] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  277.881683][T12691] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  278.156630][T12705] skbuff: bad partial csum: csum=65504/2 headroom=144 headlen=65534
[  278.587235][T12732] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  278.673458][T12734] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  279.061909][T12752] netlink: 'syz-executor.0': attribute type 8 has an invalid length.
[  279.062460][T12747] skbuff: bad partial csum: csum=65504/2 headroom=144 headlen=65534
[  279.615703][T12794] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  279.755120][T12805] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  279.778602][T12785] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  280.217988][T12833] bond0: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  280.308092][T12836] netlink: 'syz-executor.3': attribute type 2 has an invalid length.
[  280.457470][T12840] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  280.501120][T12843] netlink: 248 bytes leftover after parsing attributes in process `syz-executor.3'.
[  280.522987][T12843] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[  280.867935][T12859] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.1'.
[  280.901841][T12859] 0·: renamed from hsr0 (while UP)
[  280.908834][T12859] 0·: entered allmulticast mode
[  280.916556][T12859] hsr_slave_0: entered allmulticast mode
[  280.929794][T12859] hsr_slave_1: entered allmulticast mode
[  280.947892][T12859] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  281.237319][T12876] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  281.615388][T12891] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.3'.
[  281.648547][T12891] 0·: renamed from hsr0 (while UP)
[  281.673557][T12891] tipc: Disabling bearer <eth:hsr0>
[  281.696436][T12891] 0·: entered allmulticast mode
[  281.715096][T12891] hsr_slave_0: entered allmulticast mode
[  281.740320][T12891] hsr_slave_1: entered allmulticast mode
[  281.757260][T12891] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  281.792851][T12903] bond0: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  281.947781][T12909] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  282.784522][T12948] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  282.960014][T12953] batman_adv: batadv1: Adding interface: netdevsim0
[  282.973993][T12953] batman_adv: batadv1: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  283.005995][T12953] batman_adv: batadv1: Interface activated: netdevsim0
[  283.098947][T12958] netlink: 'syz-executor.3': attribute type 8 has an invalid length.
[  283.429934][T12971] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  283.510472][T12976] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  283.762486][T12984] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  284.418943][T13001] 1·: renamed from 
70· (while UP)
[  284.475175][T13001] A link change request failed with some changes committed already. Interface 
71· may have been left with an inconsistent configuration, please check.
[  284.822067][T13021] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  284.835473][T13021] __nla_validate_parse: 9 callbacks suppressed
[  284.835495][T13021] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.3'.
[  286.018589][T13044] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.2'.
[  286.039871][T13044] 0·: renamed from hsr0 (while UP)
[  286.073461][T13044] tipc: Disabling bearer <eth:hsr0>
[  286.262964][T13044] 0·: entered allmulticast mode
[  286.269790][T13044] hsr_slave_0: entered allmulticast mode
[  286.286145][T13044] hsr_slave_1: entered allmulticast mode
[  286.296480][T13044] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  286.374004][T13052] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  286.693631][T13059] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  286.873526][T13066] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.3'.
[  287.362383][T13094] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.1'.
[  288.410877][T13145] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  288.422946][T13145] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  288.465713][T13145] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  288.723908][T13156] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  289.666780][T13189] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  289.711064][T13189] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  290.170435][T13211] __nla_validate_parse: 3 callbacks suppressed
[  290.170457][T13211] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.4'.
[  290.530456][T13225] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  290.542418][T13225] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'.
[  291.287046][T13258] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  291.338382][T13258] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  291.395225][T13258] netlink: 'syz-executor.4': attribute type 2 has an invalid length.
[  291.417527][T13258] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  291.847057][T13270] netlink: 'syz-executor.3': attribute type 3 has an invalid length.
[  291.890997][T13270] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  291.951784][T13276] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.3'.
[  292.044298][T13279] team_slave_0: entered allmulticast mode
[  292.084642][T13279] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  292.216686][T13285] bridge0: port 3(bond0) entered blocking state
[  292.234218][T13285] bridge0: port 3(bond0) entered disabled state
[  292.250057][T13285] bond0: entered allmulticast mode
[  292.255296][T13285] bond_slave_0: entered allmulticast mode
[  292.431008][T13298] dccp_v4_rcv: dropped packet with invalid checksum
[  293.003183][T13328] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  293.064884][T13328] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  293.096108][T13328] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  293.118262][T13328] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  293.280739][ T5120] ==================================================================
[  293.288857][ T5120] BUG: KASAN: slab-use-after-free in set_powered_sync+0x3a/0xc0
[  293.296605][ T5120] Read of size 8 at addr ffff888023b4c098 by task kworker/u9:4/5120
[  293.304701][ T5120] 
[  293.307044][ T5120] CPU: 0 PID: 5120 Comm: kworker/u9:4 Not tainted 6.10.0-rc4-syzkaller-00837-g3226607302ca #0
[  293.317392][ T5120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  293.327464][ T5120] Workqueue: hci0 hci_cmd_sync_work
[  293.332720][ T5120] Call Trace:
[  293.336112][ T5120]  <TASK>
[  293.339070][ T5120]  dump_stack_lvl+0x241/0x360
[  293.343778][ T5120]  ? __pfx_dump_stack_lvl+0x10/0x10
[  293.349034][ T5120]  ? __pfx__printk+0x10/0x10
[  293.353662][ T5120]  ? _printk+0xd5/0x120
[  293.357855][ T5120]  ? __virt_addr_valid+0x183/0x520
[  293.363183][ T5120]  ? __virt_addr_valid+0x183/0x520
[  293.368331][ T5120]  print_report+0x169/0x550
[  293.372865][ T5120]  ? __virt_addr_valid+0x183/0x520
[  293.378159][ T5120]  ? __virt_addr_valid+0x183/0x520
[  293.383276][ T5120]  ? __virt_addr_valid+0x44e/0x520
[  293.388384][ T5120]  ? __phys_addr+0xba/0x170
[  293.392886][ T5120]  ? set_powered_sync+0x3a/0xc0
[  293.397734][ T5120]  kasan_report+0x143/0x180
[  293.402326][ T5120]  ? set_powered_sync+0x3a/0xc0
[  293.407176][ T5120]  set_powered_sync+0x3a/0xc0
[  293.411852][ T5120]  ? __pfx_set_powered_sync+0x10/0x10
[  293.417393][ T5120]  hci_cmd_sync_work+0x22b/0x400
[  293.422331][ T5120]  ? process_scheduled_works+0x945/0x1830
[  293.428041][ T5120]  process_scheduled_works+0xa2c/0x1830
[  293.433768][ T5120]  ? __pfx_process_scheduled_works+0x10/0x10
[  293.439753][ T5120]  ? assign_work+0x364/0x3d0
[  293.444349][ T5120]  worker_thread+0x86d/0xd70
[  293.448939][ T5120]  ? __kthread_parkme+0x169/0x1d0
[  293.453955][ T5120]  ? __pfx_worker_thread+0x10/0x10
[  293.459085][ T5120]  kthread+0x2f0/0x390
[  293.463148][ T5120]  ? __pfx_worker_thread+0x10/0x10
[  293.468250][ T5120]  ? __pfx_kthread+0x10/0x10
[  293.472838][ T5120]  ret_from_fork+0x4b/0x80
[  293.477257][ T5120]  ? __pfx_kthread+0x10/0x10
[  293.481840][ T5120]  ret_from_fork_asm+0x1a/0x30
[  293.486608][ T5120]  </TASK>
[  293.489619][ T5120] 
[  293.491973][ T5120] Allocated by task 13336:
[  293.496423][ T5120]  kasan_save_track+0x3f/0x80
[  293.501207][ T5120]  __kasan_kmalloc+0x98/0xb0
[  293.505987][ T5120]  kmalloc_trace_noprof+0x19c/0x2c0
[  293.511204][ T5120]  mgmt_pending_new+0x65/0x250
[  293.515978][ T5120]  mgmt_pending_add+0x36/0x120
[  293.520740][ T5120]  set_powered+0x3cd/0x5e0
[  293.525155][ T5120]  hci_mgmt_cmd+0xc47/0x11d0
[  293.529739][ T5120]  hci_sock_sendmsg+0x7b8/0x11c0
[  293.534669][ T5120]  __sock_sendmsg+0x221/0x270
[  293.539345][ T5120]  sock_write_iter+0x2dd/0x400
[  293.544129][ T5120]  vfs_write+0xa72/0xc90
[  293.548366][ T5120]  ksys_write+0x1a0/0x2c0
[  293.552693][ T5120]  do_syscall_64+0xf3/0x230
[  293.557195][ T5120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.563082][ T5120] 
[  293.565409][ T5120] Freed by task 13007:
[  293.569460][ T5120]  kasan_save_track+0x3f/0x80
[  293.574169][ T5120]  kasan_save_free_info+0x40/0x50
[  293.579270][ T5120]  poison_slab_object+0xe0/0x150
[  293.584201][ T5120]  __kasan_slab_free+0x37/0x60
[  293.588954][ T5120]  kfree+0x149/0x360
[  293.592854][ T5120]  settings_rsp+0x2bc/0x390
[  293.597355][ T5120]  mgmt_pending_foreach+0xd1/0x130
[  293.602546][ T5120]  __mgmt_power_off+0x112/0x420
[  293.607567][ T5120]  hci_dev_close_sync+0x587/0xf70
[  293.612634][ T5120]  hci_dev_close+0x112/0x210
[  293.617249][ T5120]  sock_do_ioctl+0x158/0x460
[  293.622035][ T5120]  sock_ioctl+0x629/0x8e0
[  293.626360][ T5120]  __se_sys_ioctl+0xfc/0x170
[  293.630941][ T5120]  do_syscall_64+0xf3/0x230
[  293.635534][ T5120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.641451][ T5120] 
[  293.643764][ T5120] The buggy address belongs to the object at ffff888023b4c080
[  293.643764][ T5120]  which belongs to the cache kmalloc-96 of size 96
[  293.657734][ T5120] The buggy address is located 24 bytes inside of
[  293.657734][ T5120]  freed 96-byte region [ffff888023b4c080, ffff888023b4c0e0)
[  293.671345][ T5120] 
[  293.673657][ T5120] The buggy address belongs to the physical page:
[  293.680065][ T5120] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x23b4c
[  293.688817][ T5120] anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  293.696369][ T5120] page_type: 0xffffefff(slab)
[  293.701039][ T5120] raw: 00fff00000000000 ffff888015041280 0000000000000000 dead000000000001
[  293.709616][ T5120] raw: 0000000000000000 0000000080200020 00000001ffffefff 0000000000000000
[  293.718208][ T5120] page dumped because: kasan: bad access detected
[  293.724614][ T5120] page_owner tracks the page as allocated
[  293.730318][ T5120] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 8681885701, free_ts 8650114981
[  293.748740][ T5120]  post_alloc_hook+0x1f3/0x230
[  293.753524][ T5120]  get_page_from_freelist+0x2e43/0x2f00
[  293.759073][ T5120]  __alloc_pages_noprof+0x256/0x6c0
[  293.764283][ T5120]  alloc_slab_page+0x5f/0x120
[  293.768971][ T5120]  allocate_slab+0x5a/0x2f0
[  293.773469][ T5120]  ___slab_alloc+0xcd1/0x14b0
[  293.778150][ T5120]  __slab_alloc+0x58/0xa0
[  293.782471][ T5120]  kmalloc_trace_noprof+0x1d5/0x2c0
[  293.787663][ T5120]  dev_pm_qos_expose_flags+0x91/0x2b0
[  293.793042][ T5120]  usb_hub_create_port_device+0x6dd/0xc10
[  293.798773][ T5120]  hub_probe+0x2503/0x3640
[  293.803192][ T5120]  usb_probe_interface+0x645/0xbb0
[  293.808297][ T5120]  really_probe+0x2b8/0xad0
[  293.812818][ T5120]  __driver_probe_device+0x1a2/0x390
[  293.818100][ T5120]  driver_probe_device+0x50/0x430
[  293.823119][ T5120]  __device_attach_driver+0x2d6/0x530
[  293.828499][ T5120] page last free pid 930 tgid 930 stack trace:
[  293.834637][ T5120]  free_unref_page+0xd22/0xea0
[  293.839393][ T5120]  vfree+0x186/0x2e0
[  293.843307][ T5120]  delayed_vfree_work+0x56/0x80
[  293.848153][ T5120]  process_scheduled_works+0xa2c/0x1830
[  293.853686][ T5120]  worker_thread+0x86d/0xd70
[  293.858264][ T5120]  kthread+0x2f0/0x390
[  293.862322][ T5120]  ret_from_fork+0x4b/0x80
[  293.866729][ T5120]  ret_from_fork_asm+0x1a/0x30
[  293.871487][ T5120] 
[  293.873818][ T5120] Memory state around the buggy address:
[  293.879721][ T5120]  ffff888023b4bf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc
[  293.887772][ T5120]  ffff888023b4c000: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[  293.895839][ T5120] >ffff888023b4c080: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  293.904061][ T5120]                             ^
[  293.908931][ T5120]  ffff888023b4c100: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[  293.917245][ T5120]  ffff888023b4c180: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc
[  293.925535][ T5120] ==================================================================
[  293.990301][ T5120] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  293.997553][ T5120] CPU: 1 PID: 5120 Comm: kworker/u9:4 Not tainted 6.10.0-rc4-syzkaller-00837-g3226607302ca #0
[  294.007890][ T5120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  294.018491][ T5120] Workqueue: hci0 hci_cmd_sync_work
[  294.023904][ T5120] Call Trace:
[  294.027175][ T5120]  <TASK>
[  294.030103][ T5120]  dump_stack_lvl+0x241/0x360
[  294.035060][ T5120]  ? __pfx_dump_stack_lvl+0x10/0x10
[  294.040293][ T5120]  ? __pfx__printk+0x10/0x10
[  294.045016][ T5120]  ? preempt_schedule+0xe1/0xf0
[  294.050091][ T5120]  ? vscnprintf+0x5d/0x90
[  294.054531][ T5120]  panic+0x349/0x860
[  294.058459][ T5120]  ? check_panic_on_warn+0x21/0xb0
[  294.063601][ T5120]  ? __pfx_panic+0x10/0x10
[  294.068033][ T5120]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  294.074203][ T5120]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  294.080631][ T5120]  ? print_report+0x502/0x550
[  294.085303][ T5120]  check_panic_on_warn+0x86/0xb0
[  294.090235][ T5120]  ? set_powered_sync+0x3a/0xc0
[  294.095099][ T5120]  end_report+0x77/0x160
[  294.099459][ T5120]  kasan_report+0x154/0x180
[  294.103980][ T5120]  ? set_powered_sync+0x3a/0xc0
[  294.108850][ T5120]  set_powered_sync+0x3a/0xc0
[  294.113610][ T5120]  ? __pfx_set_powered_sync+0x10/0x10
[  294.118994][ T5120]  hci_cmd_sync_work+0x22b/0x400
[  294.123939][ T5120]  ? process_scheduled_works+0x945/0x1830
[  294.129658][ T5120]  process_scheduled_works+0xa2c/0x1830
[  294.135308][ T5120]  ? __pfx_process_scheduled_works+0x10/0x10
[  294.141287][ T5120]  ? assign_work+0x364/0x3d0
[  294.145881][ T5120]  worker_thread+0x86d/0xd70
[  294.150497][ T5120]  ? __kthread_parkme+0x169/0x1d0
[  294.155518][ T5120]  ? __pfx_worker_thread+0x10/0x10
[  294.160627][ T5120]  kthread+0x2f0/0x390
[  294.164691][ T5120]  ? __pfx_worker_thread+0x10/0x10
[  294.169797][ T5120]  ? __pfx_kthread+0x10/0x10
[  294.174500][ T5120]  ret_from_fork+0x4b/0x80
[  294.178918][ T5120]  ? __pfx_kthread+0x10/0x10
[  294.183504][ T5120]  ret_from_fork_asm+0x1a/0x30
[  294.188275][ T5120]  </TASK>
[  294.191402][ T5120] Kernel Offset: disabled
[  294.195831][ T5120] Rebooting in 86400 seconds..