last executing test programs:

1m29.903223227s ago: executing program 1 (id=1837):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x17, 0x0, 0x8400, 0x1, 0x0, 0x1}, 0x48)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r1, 0x400448e1, &(0x7f0000000240)={0x0, 0x0, "957008"})
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r0, 0x0, 0x20000000}, 0x20)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000380)={r0, 0x0, 0x20000000, 0x2}, 0x20)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000500)={r0, 0x0, 0x20000000}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r2=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r2, 0x0, &(0x7f0000001780)=""/4096}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x4, [@var={0x1, 0x0, 0x0, 0xe, 0x1000002}, @enum]}, {0x0, [0x2e, 0x0]}}, &(0x7f0000000240)=""/214, 0x38, 0xd6, 0x1}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet6(0xa, 0x3, 0x200)
sendmmsg$inet6(r4, &(0x7f00000001c0)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x1, @mcast1, 0x189}, 0x1c, &(0x7f0000000740)=[{&(0x7f00000000c0)="a4497fdbb200cb904e94bb508ed82c68ffd21d13d833bea1b2c1543ace649f4604", 0x21}, {&(0x7f0000000180)="9805da9cf0afb05d9a17fe", 0xb}, {&(0x7f0000000480)="c45148f97fa396fb2d3ea218dae97902f9430fe3ad14431de249d67f8f52a941250bcc0d75b4358605383a4e3e1063f78ce03044900c040f4628d4cd0328950bc5b0603adc4342f22eb38eebe2b244bdeb93e3d071ddcc6067b799a0ee5887d3448816469b45b22baa5c0f2e2605467f9738", 0x72}, {&(0x7f0000000540)="ef64d846b3a306dd8d0b14edf9020780b97c0586d84e5cbd4cee77d3f1737a0b31c5c253251a25f298420be15f7bb5015cd56caf2ec56d95f50671e833d7975cce8219f261d1c072d5d8cf00a98bdd9fe0f6905d9bb51a9f11ab8770f6083e296393eafe5035de1faf08443ff251c8df7a006bed7197a82b4422275c6142946a2e1e9f6d96456f121a3f4f692c51a232a2ccf2e4ae59a925d63851f5ffa58ffdf75dd07941905a4a54e4d503648f19c5cc1cf4a6a73d491eba8bf8d40dc7", 0xbe}, {&(0x7f0000000680)="0cd11b8df3ffd659d26053f4e9e8f1d51620bd78a88c21e4caa6a917ddf448738a7c50b5ed08e2c2c16e84eb0cdca0896cbe50e870285f27f508d1bfac8337dd3c75e08c9a2fb357923df17d1a70e62aa13caaa7fff60824b370117ce2701848d4a6d7cfd898226bbffbc81712473c60d6281bf43c85573fab71b7b9d5cca9f1de2909cd61c755d13cfa363f3154a58dc41b2e900864fa6925319f173ca2", 0x9e}], 0x5}}], 0x1, 0x1)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000800000000003b00000008000300", @ANYRES32=r6, @ANYBLOB="48003300d0000000ffffffffffff08021100000050505050505000000f"], 0x64}}, 0x0)

1m27.435751473s ago: executing program 3 (id=1015):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000240)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r0, &(0x7f0000000540)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47380c90800", 0xe}, {&(0x7f0000000600)="9b1266926bac6fe17589a03ea03dd982ae36633c", 0x14}, {0x0}], 0x3)

1m15.086019766s ago: executing program 1 (id=1837):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x17, 0x0, 0x8400, 0x1, 0x0, 0x1}, 0x48)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r1, 0x400448e1, &(0x7f0000000240)={0x0, 0x0, "957008"})
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r0, 0x0, 0x20000000}, 0x20)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000380)={r0, 0x0, 0x20000000, 0x2}, 0x20)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000500)={r0, 0x0, 0x20000000}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r2=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r2, 0x0, &(0x7f0000001780)=""/4096}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x4, [@var={0x1, 0x0, 0x0, 0xe, 0x1000002}, @enum]}, {0x0, [0x2e, 0x0]}}, &(0x7f0000000240)=""/214, 0x38, 0xd6, 0x1}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet6(0xa, 0x3, 0x200)
sendmmsg$inet6(r4, &(0x7f00000001c0)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x1, @mcast1, 0x189}, 0x1c, &(0x7f0000000740)=[{&(0x7f00000000c0)="a4497fdbb200cb904e94bb508ed82c68ffd21d13d833bea1b2c1543ace649f4604", 0x21}, {&(0x7f0000000180)="9805da9cf0afb05d9a17fe", 0xb}, {&(0x7f0000000480)="c45148f97fa396fb2d3ea218dae97902f9430fe3ad14431de249d67f8f52a941250bcc0d75b4358605383a4e3e1063f78ce03044900c040f4628d4cd0328950bc5b0603adc4342f22eb38eebe2b244bdeb93e3d071ddcc6067b799a0ee5887d3448816469b45b22baa5c0f2e2605467f9738", 0x72}, {&(0x7f0000000540)="ef64d846b3a306dd8d0b14edf9020780b97c0586d84e5cbd4cee77d3f1737a0b31c5c253251a25f298420be15f7bb5015cd56caf2ec56d95f50671e833d7975cce8219f261d1c072d5d8cf00a98bdd9fe0f6905d9bb51a9f11ab8770f6083e296393eafe5035de1faf08443ff251c8df7a006bed7197a82b4422275c6142946a2e1e9f6d96456f121a3f4f692c51a232a2ccf2e4ae59a925d63851f5ffa58ffdf75dd07941905a4a54e4d503648f19c5cc1cf4a6a73d491eba8bf8d40dc7", 0xbe}, {&(0x7f0000000680)="0cd11b8df3ffd659d26053f4e9e8f1d51620bd78a88c21e4caa6a917ddf448738a7c50b5ed08e2c2c16e84eb0cdca0896cbe50e870285f27f508d1bfac8337dd3c75e08c9a2fb357923df17d1a70e62aa13caaa7fff60824b370117ce2701848d4a6d7cfd898226bbffbc81712473c60d6281bf43c85573fab71b7b9d5cca9f1de2909cd61c755d13cfa363f3154a58dc41b2e900864fa6925319f173ca2", 0x9e}], 0x5}}], 0x1, 0x1)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000800000000003b00000008000300", @ANYRES32=r6, @ANYBLOB="48003300d0000000ffffffffffff08021100000050505050505000000f"], 0x64}}, 0x0)

1m13.347516435s ago: executing program 3 (id=1015):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000240)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r0, &(0x7f0000000540)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47380c90800", 0xe}, {&(0x7f0000000600)="9b1266926bac6fe17589a03ea03dd982ae36633c", 0x14}, {0x0}], 0x3)

58.224046585s ago: executing program 1 (id=1837):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x17, 0x0, 0x8400, 0x1, 0x0, 0x1}, 0x48)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r1, 0x400448e1, &(0x7f0000000240)={0x0, 0x0, "957008"})
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r0, 0x0, 0x20000000}, 0x20)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000380)={r0, 0x0, 0x20000000, 0x2}, 0x20)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000500)={r0, 0x0, 0x20000000}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r2=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r2, 0x0, &(0x7f0000001780)=""/4096}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x4, [@var={0x1, 0x0, 0x0, 0xe, 0x1000002}, @enum]}, {0x0, [0x2e, 0x0]}}, &(0x7f0000000240)=""/214, 0x38, 0xd6, 0x1}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet6(0xa, 0x3, 0x200)
sendmmsg$inet6(r4, &(0x7f00000001c0)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x1, @mcast1, 0x189}, 0x1c, &(0x7f0000000740)=[{&(0x7f00000000c0)="a4497fdbb200cb904e94bb508ed82c68ffd21d13d833bea1b2c1543ace649f4604", 0x21}, {&(0x7f0000000180)="9805da9cf0afb05d9a17fe", 0xb}, {&(0x7f0000000480)="c45148f97fa396fb2d3ea218dae97902f9430fe3ad14431de249d67f8f52a941250bcc0d75b4358605383a4e3e1063f78ce03044900c040f4628d4cd0328950bc5b0603adc4342f22eb38eebe2b244bdeb93e3d071ddcc6067b799a0ee5887d3448816469b45b22baa5c0f2e2605467f9738", 0x72}, {&(0x7f0000000540)="ef64d846b3a306dd8d0b14edf9020780b97c0586d84e5cbd4cee77d3f1737a0b31c5c253251a25f298420be15f7bb5015cd56caf2ec56d95f50671e833d7975cce8219f261d1c072d5d8cf00a98bdd9fe0f6905d9bb51a9f11ab8770f6083e296393eafe5035de1faf08443ff251c8df7a006bed7197a82b4422275c6142946a2e1e9f6d96456f121a3f4f692c51a232a2ccf2e4ae59a925d63851f5ffa58ffdf75dd07941905a4a54e4d503648f19c5cc1cf4a6a73d491eba8bf8d40dc7", 0xbe}, {&(0x7f0000000680)="0cd11b8df3ffd659d26053f4e9e8f1d51620bd78a88c21e4caa6a917ddf448738a7c50b5ed08e2c2c16e84eb0cdca0896cbe50e870285f27f508d1bfac8337dd3c75e08c9a2fb357923df17d1a70e62aa13caaa7fff60824b370117ce2701848d4a6d7cfd898226bbffbc81712473c60d6281bf43c85573fab71b7b9d5cca9f1de2909cd61c755d13cfa363f3154a58dc41b2e900864fa6925319f173ca2", 0x9e}], 0x5}}], 0x1, 0x1)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000800000000003b00000008000300", @ANYRES32=r6, @ANYBLOB="48003300d0000000ffffffffffff08021100000050505050505000000f"], 0x64}}, 0x0)

54.992512803s ago: executing program 3 (id=1015):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000240)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r0, &(0x7f0000000540)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47380c90800", 0xe}, {&(0x7f0000000600)="9b1266926bac6fe17589a03ea03dd982ae36633c", 0x14}, {0x0}], 0x3)

42.555656089s ago: executing program 1 (id=1837):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x17, 0x0, 0x8400, 0x1, 0x0, 0x1}, 0x48)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r1, 0x400448e1, &(0x7f0000000240)={0x0, 0x0, "957008"})
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r0, 0x0, 0x20000000}, 0x20)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000380)={r0, 0x0, 0x20000000, 0x2}, 0x20)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000500)={r0, 0x0, 0x20000000}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r2=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r2, 0x0, &(0x7f0000001780)=""/4096}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x4, [@var={0x1, 0x0, 0x0, 0xe, 0x1000002}, @enum]}, {0x0, [0x2e, 0x0]}}, &(0x7f0000000240)=""/214, 0x38, 0xd6, 0x1}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet6(0xa, 0x3, 0x200)
sendmmsg$inet6(r4, &(0x7f00000001c0)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x1, @mcast1, 0x189}, 0x1c, &(0x7f0000000740)=[{&(0x7f00000000c0)="a4497fdbb200cb904e94bb508ed82c68ffd21d13d833bea1b2c1543ace649f4604", 0x21}, {&(0x7f0000000180)="9805da9cf0afb05d9a17fe", 0xb}, {&(0x7f0000000480)="c45148f97fa396fb2d3ea218dae97902f9430fe3ad14431de249d67f8f52a941250bcc0d75b4358605383a4e3e1063f78ce03044900c040f4628d4cd0328950bc5b0603adc4342f22eb38eebe2b244bdeb93e3d071ddcc6067b799a0ee5887d3448816469b45b22baa5c0f2e2605467f9738", 0x72}, {&(0x7f0000000540)="ef64d846b3a306dd8d0b14edf9020780b97c0586d84e5cbd4cee77d3f1737a0b31c5c253251a25f298420be15f7bb5015cd56caf2ec56d95f50671e833d7975cce8219f261d1c072d5d8cf00a98bdd9fe0f6905d9bb51a9f11ab8770f6083e296393eafe5035de1faf08443ff251c8df7a006bed7197a82b4422275c6142946a2e1e9f6d96456f121a3f4f692c51a232a2ccf2e4ae59a925d63851f5ffa58ffdf75dd07941905a4a54e4d503648f19c5cc1cf4a6a73d491eba8bf8d40dc7", 0xbe}, {&(0x7f0000000680)="0cd11b8df3ffd659d26053f4e9e8f1d51620bd78a88c21e4caa6a917ddf448738a7c50b5ed08e2c2c16e84eb0cdca0896cbe50e870285f27f508d1bfac8337dd3c75e08c9a2fb357923df17d1a70e62aa13caaa7fff60824b370117ce2701848d4a6d7cfd898226bbffbc81712473c60d6281bf43c85573fab71b7b9d5cca9f1de2909cd61c755d13cfa363f3154a58dc41b2e900864fa6925319f173ca2", 0x9e}], 0x5}}], 0x1, 0x1)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000800000000003b00000008000300", @ANYRES32=r6, @ANYBLOB="48003300d0000000ffffffffffff08021100000050505050505000000f"], 0x64}}, 0x0)

41.009037178s ago: executing program 3 (id=1015):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000240)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r0, &(0x7f0000000540)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47380c90800", 0xe}, {&(0x7f0000000600)="9b1266926bac6fe17589a03ea03dd982ae36633c", 0x14}, {0x0}], 0x3)

26.382494347s ago: executing program 1 (id=1837):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x17, 0x0, 0x8400, 0x1, 0x0, 0x1}, 0x48)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r1, 0x400448e1, &(0x7f0000000240)={0x0, 0x0, "957008"})
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r0, 0x0, 0x20000000}, 0x20)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000380)={r0, 0x0, 0x20000000, 0x2}, 0x20)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000500)={r0, 0x0, 0x20000000}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r2=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r2, 0x0, &(0x7f0000001780)=""/4096}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x4, [@var={0x1, 0x0, 0x0, 0xe, 0x1000002}, @enum]}, {0x0, [0x2e, 0x0]}}, &(0x7f0000000240)=""/214, 0x38, 0xd6, 0x1}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet6(0xa, 0x3, 0x200)
sendmmsg$inet6(r4, &(0x7f00000001c0)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x1, @mcast1, 0x189}, 0x1c, &(0x7f0000000740)=[{&(0x7f00000000c0)="a4497fdbb200cb904e94bb508ed82c68ffd21d13d833bea1b2c1543ace649f4604", 0x21}, {&(0x7f0000000180)="9805da9cf0afb05d9a17fe", 0xb}, {&(0x7f0000000480)="c45148f97fa396fb2d3ea218dae97902f9430fe3ad14431de249d67f8f52a941250bcc0d75b4358605383a4e3e1063f78ce03044900c040f4628d4cd0328950bc5b0603adc4342f22eb38eebe2b244bdeb93e3d071ddcc6067b799a0ee5887d3448816469b45b22baa5c0f2e2605467f9738", 0x72}, {&(0x7f0000000540)="ef64d846b3a306dd8d0b14edf9020780b97c0586d84e5cbd4cee77d3f1737a0b31c5c253251a25f298420be15f7bb5015cd56caf2ec56d95f50671e833d7975cce8219f261d1c072d5d8cf00a98bdd9fe0f6905d9bb51a9f11ab8770f6083e296393eafe5035de1faf08443ff251c8df7a006bed7197a82b4422275c6142946a2e1e9f6d96456f121a3f4f692c51a232a2ccf2e4ae59a925d63851f5ffa58ffdf75dd07941905a4a54e4d503648f19c5cc1cf4a6a73d491eba8bf8d40dc7", 0xbe}, {&(0x7f0000000680)="0cd11b8df3ffd659d26053f4e9e8f1d51620bd78a88c21e4caa6a917ddf448738a7c50b5ed08e2c2c16e84eb0cdca0896cbe50e870285f27f508d1bfac8337dd3c75e08c9a2fb357923df17d1a70e62aa13caaa7fff60824b370117ce2701848d4a6d7cfd898226bbffbc81712473c60d6281bf43c85573fab71b7b9d5cca9f1de2909cd61c755d13cfa363f3154a58dc41b2e900864fa6925319f173ca2", 0x9e}], 0x5}}], 0x1, 0x1)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000800000000003b00000008000300", @ANYRES32=r6, @ANYBLOB="48003300d0000000ffffffffffff08021100000050505050505000000f"], 0x64}}, 0x0)

25.912879595s ago: executing program 3 (id=1015):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000240)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r0, &(0x7f0000000540)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47380c90800", 0xe}, {&(0x7f0000000600)="9b1266926bac6fe17589a03ea03dd982ae36633c", 0x14}, {0x0}], 0x3)

12.151899263s ago: executing program 1 (id=1837):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x17, 0x0, 0x8400, 0x1, 0x0, 0x1}, 0x48)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r1, 0x400448e1, &(0x7f0000000240)={0x0, 0x0, "957008"})
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r0, 0x0, 0x20000000}, 0x20)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000380)={r0, 0x0, 0x20000000, 0x2}, 0x20)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000500)={r0, 0x0, 0x20000000}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r2=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r2, 0x0, &(0x7f0000001780)=""/4096}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x4, [@var={0x1, 0x0, 0x0, 0xe, 0x1000002}, @enum]}, {0x0, [0x2e, 0x0]}}, &(0x7f0000000240)=""/214, 0x38, 0xd6, 0x1}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet6(0xa, 0x3, 0x200)
sendmmsg$inet6(r4, &(0x7f00000001c0)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x1, @mcast1, 0x189}, 0x1c, &(0x7f0000000740)=[{&(0x7f00000000c0)="a4497fdbb200cb904e94bb508ed82c68ffd21d13d833bea1b2c1543ace649f4604", 0x21}, {&(0x7f0000000180)="9805da9cf0afb05d9a17fe", 0xb}, {&(0x7f0000000480)="c45148f97fa396fb2d3ea218dae97902f9430fe3ad14431de249d67f8f52a941250bcc0d75b4358605383a4e3e1063f78ce03044900c040f4628d4cd0328950bc5b0603adc4342f22eb38eebe2b244bdeb93e3d071ddcc6067b799a0ee5887d3448816469b45b22baa5c0f2e2605467f9738", 0x72}, {&(0x7f0000000540)="ef64d846b3a306dd8d0b14edf9020780b97c0586d84e5cbd4cee77d3f1737a0b31c5c253251a25f298420be15f7bb5015cd56caf2ec56d95f50671e833d7975cce8219f261d1c072d5d8cf00a98bdd9fe0f6905d9bb51a9f11ab8770f6083e296393eafe5035de1faf08443ff251c8df7a006bed7197a82b4422275c6142946a2e1e9f6d96456f121a3f4f692c51a232a2ccf2e4ae59a925d63851f5ffa58ffdf75dd07941905a4a54e4d503648f19c5cc1cf4a6a73d491eba8bf8d40dc7", 0xbe}, {&(0x7f0000000680)="0cd11b8df3ffd659d26053f4e9e8f1d51620bd78a88c21e4caa6a917ddf448738a7c50b5ed08e2c2c16e84eb0cdca0896cbe50e870285f27f508d1bfac8337dd3c75e08c9a2fb357923df17d1a70e62aa13caaa7fff60824b370117ce2701848d4a6d7cfd898226bbffbc81712473c60d6281bf43c85573fab71b7b9d5cca9f1de2909cd61c755d13cfa363f3154a58dc41b2e900864fa6925319f173ca2", 0x9e}], 0x5}}], 0x1, 0x1)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000800000000003b00000008000300", @ANYRES32=r6, @ANYBLOB="48003300d0000000ffffffffffff08021100000050505050505000000f"], 0x64}}, 0x0)

9.496624669s ago: executing program 3 (id=1015):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000240)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r0, &(0x7f0000000540)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b47380c90800", 0xe}, {&(0x7f0000000600)="9b1266926bac6fe17589a03ea03dd982ae36633c", 0x14}, {0x0}], 0x3)

4.96159539s ago: executing program 0 (id=2766):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x19, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x63, 0x11, 0x18}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x16}, 0x70)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x270}}, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000880)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000000000000000010010c"], 0x270}}, 0x0)
r3 = socket(0x15, 0x5, 0x0)
r4 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r4, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
sendmsg$xdp(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
getsockopt(r3, 0x200000000114, 0x2715, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r5, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e74657200500000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000002400038020000080080003400000000214000b"], 0xe4}}, 0x0)
write$binfmt_script(r6, &(0x7f0000000200), 0xfffffd9d)
close(r7)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x41, 0x3, 0x200, 0x0, 0x0, 0x0, 0x168, 0x0, 0x168, 0x1f0, 0x1f0, 0x168, 0x1f0, 0x3, 0x0, {[{{@ip={@dev, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'wlan1\x00', 'wg1\x00', {}, {}, 0x6}, 0x0, 0x70, 0x98, 0x0, {0x0, 0xffffffffa0028000}}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0x0, 'vlan0\x00'}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x260)
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000040)='htcp\x00', 0x5)
unshare(0x22020600)
sendfile(r5, r6, 0x0, 0x8000002b)

4.334390989s ago: executing program 0 (id=2768):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)={{0x14, 0x12}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x16}, @NFTA_BITWISE_DATA={0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x88}}, 0x0)

3.651207288s ago: executing program 0 (id=2772):
r0 = socket$igmp6(0xa, 0x3, 0x2)
sendmmsg$inet6(r0, &(0x7f0000005180)=[{{&(0x7f0000000100)={0xa, 0x0, 0xffff0000, @dev, 0x2}, 0x1c, 0x0}}, {{&(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x800}, 0x1c, 0x0}}], 0x2, 0x0)

3.631327569s ago: executing program 0 (id=2773):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
socket$tipc(0x1e, 0x5, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r2, 0x29, 0x13, 0x0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000061122c000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000040), 0x208e24b)
r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r4, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10)
recvmmsg(r4, &(0x7f0000005280)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00003f00}}, {{0x0, 0x0, 0x0}, 0xe}, {{&(0x7f00000038c0)=@sco, 0x80, &(0x7f0000005180)=[{&(0x7f00000007c0)=""/4096, 0x1000}, {0x0}, {&(0x7f0000005080)=""/223, 0xdf}], 0x3, &(0x7f0000005200)=""/79, 0x4f}, 0x6}], 0x3, 0x40002006, 0x0)
sendfile(r4, r3, 0x0, 0xffefffff)
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$sock_FIOGETOWN(r5, 0x8903, &(0x7f0000000280)=<r6=>0x0)
write$cgroup_pid(r5, &(0x7f0000000040)=r6, 0x12)
ioctl$SIOCSIFHWADDR(r3, 0x4030582b, &(0x7f0000003400)={'pim6reg1\x00', @random="b68dbcbd15dc"})
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r5, 0x84, 0x1f, &(0x7f0000000080)={0x0, @in6={{0xa, 0x4e23, 0xcb, @private2, 0x100}}, 0x4}, &(0x7f0000000140)=0x90)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000002000000080001"], 0x28}, 0x1, 0x0, 0x0, 0x20000195}, 0x0)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
write$cgroup_pid(r5, &(0x7f00000003c0), 0x12)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r9}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r9}, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)

3.341000787s ago: executing program 4 (id=2776):
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000000)={0x0, @in6={{0xa, 0x4e22, 0x10001, @dev={0xfe, 0x80, '\x00', 0x2a}, 0x9}}, 0x200, 0x4}, &(0x7f00000000c0)=0x90) (async)
r0 = socket$nl_audit(0x10, 0x3, 0x9) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETVNETHDRSZ(r1, 0x400454d8, &(0x7f0000000140)=0x6) (async)
r2 = epoll_create(0x7ff)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180)={0x1}) (async)
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f00000001c0)={<r3=>r0, 0x6, 0x498, 0x9})
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000200)=[@in6={0xa, 0x4e21, 0x3, @mcast1, 0xba2}, @in={0x2, 0x4e23, @loopback}, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in={0x2, 0x4e20, @empty}, @in={0x2, 0x4e23, @loopback}], 0x5c)
read(r1, &(0x7f0000000280)=""/50, 0x32)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f00000002c0)=[@timestamp, @timestamp, @sack_perm, @timestamp, @mss={0x2, 0x5}, @sack_perm, @mss={0x2, 0x9}, @timestamp], 0x8)
getsockname$packet(r3, &(0x7f0000000300)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
ioctl$sock_SIOCOUTQ(r3, 0x5411, &(0x7f0000000380))
clock_gettime(0x1, &(0x7f00000003c0))
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x7, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xf2a}, [@generic={0x6, 0xc, 0x1, 0xe0c7, 0x100}, @map_fd={0x18, 0x1, 0x1, 0x0, r3}, @call={0x85, 0x0, 0x0, 0xb6}]}, &(0x7f0000000440)='syzkaller\x00', 0x200, 0x7e, &(0x7f0000000480)=""/126, 0x41100, 0x22, '\x00', r4, 0x0, r3, 0x8, &(0x7f0000000500)={0x1, 0x2}, 0x8, 0x10, &(0x7f0000000540)={0x1, 0x6, 0x9, 0x7ff}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000580)=[r3], 0x0, 0x10, 0x3}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{r3, <r6=>0xffffffffffffffff}, &(0x7f0000000680), &(0x7f00000006c0)=r5}, 0x20)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000840)={@map=<r7=>r6, 0x30, 0x1, 0x40, &(0x7f0000000740)=[0x0], 0x1, 0x0, &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)
recvfrom$packet(0xffffffffffffffff, &(0x7f0000000880)=""/108, 0x6c, 0x0, &(0x7f0000000900)={0x11, 0x17, r4, 0x1, 0xd6}, 0x14) (async)
r8 = socket$inet(0x2, 0x5, 0x9) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000009c0)={{r7}, &(0x7f0000000940), &(0x7f0000000980)=r5}, 0x20) (async)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000ac0)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)=@getrule={0x14, 0x22, 0x400, 0x70bd2c, 0x25dfdbfe, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x4000095) (async)
sendmsg$TIPC_CMD_SET_LINK_PRI(r3, &(0x7f0000000c00)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b40)={0x68, 0x0, 0x0, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x4c, 0x18, {0x86d, @media='ib\x00'}}}, [""]}, 0x68}, 0x1, 0x0, 0x0, 0xc044}, 0x20004800)
accept4$inet(r8, &(0x7f0000000c40)={0x2, 0x0, @broadcast}, &(0x7f0000000c80)=0x10, 0x80000)
r10 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r11 = syz_genetlink_get_family_id$devlink(&(0x7f0000000d00), r3)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r10, &(0x7f0000000e80)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000e40)={&(0x7f0000000d40)={0xfc, r11, 0xd05, 0x70bd29, 0x25dfdbfe, {}, [{{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x401}, {0x6, 0x16, 0xba}, {0x5}, {0x6, 0x11, 0x3}, {0x8, 0xb, 0x5}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0xfffffff7}, {0x6, 0x16, 0x2}, {0x5}, {0x6, 0x11, 0x8001}, {0x8, 0xb, 0x2}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0xb}, {0x6, 0x16, 0x5}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x4}, {0x8, 0xb, 0xa3bc}}]}, 0xfc}, 0x1, 0x0, 0x0, 0x40010}, 0x80) (async)
socket$inet_smc(0x2b, 0x1, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000f80)={&(0x7f0000000ec0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000f40)={&(0x7f0000000f00)=@bridge_getvlan={0x28, 0x72, 0x400, 0x70bd2d, 0x25dfdbfe, {0x7, 0x0, 0x0, r4}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}]}, 0x28}}, 0x800)
write$ppp(r3, &(0x7f0000000fc0)="b5423767fcc9b7f984b74b5107aa84", 0xf) (async)
sendmsg$DEVLINK_CMD_TRAP_SET(r10, &(0x7f0000001100)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x40000600}, 0xc, &(0x7f00000010c0)={&(0x7f0000001040)={0x58, r11, 0x200, 0x70bd25, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}]}, 0x58}, 0x1, 0x0, 0x0, 0xc1}, 0x10)

2.868521708s ago: executing program 2 (id=2777):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002380)=ANY=[@ANYBLOB="b702000006000000bfa300000000000007030000407effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7ebfcd0cd00006ed3d09a6175037958e271b60dedf8937f02008b6d83923dd29c034055d47dafe6c8dc3d5d78c07f34e4d5b3185b310efd4989147a00000000f110026e6d2ef831ab7ea0c34f17e3adeef3bb622003b538dfd8e012e71f6420b90adddff61b5b0a341a2d7cbdb90000bdb2ca76050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132658555cf476619f28d9961b626c57c2691208171656d60a17e3c1c4b751ca532e6ea09c346df3d7cb4ebd31a08b32808b80200000000000000334d83239d1d2e9ff10ff2d27080e71113610e10c358e8327e7050b6c860dac12233f9a1fb9c2aec61ce63a38d316ef49b66d6e42fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a5f3d74ca891c4594e8a4399e01eadd3964663e88535c133f7130856f75643619f567d2e24f29e5dad9326edb697a6ea0182babc18cefd07e002cab5ebfcaad34732181feb215139f15eadddcb0c7cbe31fbae7c34d5ac5e7e64c21add9191eadd6e1795ad6a0f7f8cd3fccbdc3dec04b25dfc17975238345d4f71af35910b158e56657b7218baaa7cbf781c0a99bd50499ccff0f000000000000c7beba3da8223fe5308e4e2833baace04f4087c4f0da0d9a88f9dbb593ddeb3f0932a4d0175b889b8eccf707882042e716df9b57b290c661d4e85031086e97bcc5ca0e221a0e34323c129102b7b7a643e82e88a1940b3c02ed9c92d6f64b1282dc519b00159830d7617001154c46bd3ca96318c570f0721fc7aa2a580900000000000000b4f22cdf550ef091a78098534f0d973058594119d06d5ea9a8d085734000000000000000c12346e47ad97f4ead7cf754a52e4b2d0f22d428bd705414888700a30e2366c6a06b3367a389ca39059787790017b0689a1f3db9c24db65c1e00015c1d573dab18fd0600885f1ea8f2fd299fc3cdafda323e9c7080397bc49d70c060d57bc88fbe09baa058b040360ab9261503d2f363fb099408885afc2bf9a4f8c3506b669e889f5e4be1b8e0d634ebc1057b7e98186fc5141bd670dba6f43279f73db9dec75070cd9ab0fd969169ef6d2857b6bf955012cf7fe50d133da86e0477e42b98a6cc999dc21c3ef408e633dfa35f14d6e734837d365e63845f3c1092f8e34fc7eac9e8af3904ea0f3698cd9492794b82649b50d726bff873339c4cad4ead1348474250eda2c8067ab730c1d85969b95a2a5687f2ed690000522a0b7426000000000000000000000000000000000000000093fc7a82b98f99d9dedf7ba17f5f0b6d15e552fbd21f7eecff10243a43af03eea84c4304a5d3f93c02000000000000000043e1ed82b9aa0ae92a499984a009000000937523f5292d12659906005cde64f903c3415c458a2b32c2318f0858f19c6def80e1481e8e1c0098fc3f38b7a57211adb15d824cfdcf229628c0de49860a44286fe0e257cfa4ce50f3d10763d442824414a73c06837fe08de62f8710ca977960b74d0000ce73da6022a8671d1a3575b4e18c28c73203bf134686dd65808452cb6b76fcb134252c78de9b240de7b4cd015a77f76bb6470c05fc980b3d8f3f964f432a4bf6cddd6222c2da006b6fdb9c8468ae1d986a893b9519444d16a6dfa92c04331a6698507048fab5ae402acd05fe621f22712dfd09004770b4278fa14547d8ce3c21188e5e4e2baacd98e8e451d6aaaf090000006ed1d9018000008dd952595d78e9583bf4ea5de36099e3cddcb24ebb6eddb9e87c9ece87a42c0000abdfc6ea55887dfa18d0aea1b6eca5a883702b0bf3aeebb225895db90e237157a34e9f447237ea5b391bddd1290f7ce987a0e36b8e71b1779bbe95ffa9c3e0f6ba66e4d48e75253e3d633811e4b3220616aafbe7a3a18375ae593eb58fd500426286472466823cb8e1800aaaa0d9463c0c4ea5541a55df6eeffec0b66482228816cdfccb98374c644eea45de7867a0efbad0ab2bc33b350440a90b791b2b33f74a112a3b91b40bed8db2df8633207f8387e04ca52ab0f3f7b058b13523b896800b992972d9609551c27a5916ea16069c5bf55b98d926d3c27e7945b2999600000000f857bc1332d200194f658b930780603134ae6b7f5092772bd5d880dbe21b790c475b14b7fe4fe002dffd651faa79bb0cee0cdac23c3218f2ddaa6f7ba04b696a30d313bed30ba8f35569a9b07ee7308da09c01a4b827aa17bc2213fc1572b0204dd456b11a454d1f3f14179974aae624ea59500f5e048b2780666de81a040663c57f49af25be909984aea1b81f33426f86b4b941c08dfe2bc8ec246ec1aae120c42405e428923f3a83d9ba5c373f5e8a54120b451e2806370f1ed60c9fd5d9af4d16cb0f413c324da52d4bd2e01d3ac2d578d72e2d63322dfc9245ce3e3a097fb82f4e3b61a57094616020f72f1c55ee3d325c7496a7c2f10cfea516ae436751227378f00ca0f1f6c1dcf879700dd90b96a330f92bff736c83ca53e7f02b734d1a9292896f5d7f244bfab4946c7042e88206f641eafcc5b4ba7a7880533cdeac995d1caf6936f356ecf07a0084e7adc2dc12417997b03087c7b3b44b06f6158a2a18ce0e56ffbeb22f40521dd9972583d413098aa80db98ef324a2bfb7961c07b47521973cf0bb6f5530f6216b447b35d6e06b72b22b29de42bb1bc8ce0a0e3500000000000000000000000000b92eb197e4149627920000008000000000801792756f90b37f0858efc387f559203f314a4b0ed750fa72e5948ac3fe5921c14ef578d413e7b2a9e2f87f7b44949fe14c00000000000047030c09f62d444b4981db81799776eeb444000000009705fa8b56779bc876ad4f8d8c8e50815c4c3b27487996c09121caf47f76158362c74904f89cbc588aae84567a83571ff72bb65c082b5a8dee145ff221159aed2768edc05a3167d84205d5af86553c21e1f023a51c0e179fccfbc201982e3ddcaa45613899d19082453b180ca0c525b8d3cfaf7d0bcddeb5d5c7166038f276a92941393ba5e51f77172822bd903d9f8b436656771774ed88daab0d0cfdd1bf4d30ab566e1a4cb3ad66d830e10f7c1de13218aea21e7def613204c2b7c1ad48b01c208f4032e93408000000000000e96db049b92fc32ee34fe7a3419c8fbf03d61c159dc5864e030000a2c55b614d622b8de966c97e1940026f96db3c78ca18c9f08d1c47edf1a4d7298109f31b6078711ee72eacab84213bf50000000000000000000000000000001217887d0452aa6d26e4614d511710abeec84b78c027c160ba375dfa55a49b832ce4dfb91122193d514ed992c07f8cd6d897b314907e15642da228dbc03429e6e0e7ac118ed351c3b0c44bf5d8b58be573f8333aa8cc2ec5b5e305b3dee2562d415b4b9ed530797f55f9fe8510423409629a09000000000000009a35d9ca93e4b4591679547b8de8af1782451f7b8e1de508f1e9e525210d62bc850f8035040ad9e562be58797515b737bfb21d35ac560f99dbd18dad5e6345a464955e8141d75b6177e4fa176a020b0000000000006e76f0294fee7d19a0f327f8796d77b6e24b8df4bb438b527d10e657d49b844198ea9f93c4fd6fd2daa9bd87fd1e02ecc8075dca1280c201043257e9bd3c9a7aa150eb1711632b76d4dc0555d4bfcfd057980136d6e9000003b24fa300ef90bfe4ad364256937796f941c2faad94785f48777941f0cd3dba54ab6a5d5e91e90ac9ae994c3d4108b2fe7eca9413ac9bc138c74800487eb19c48db3f79be964808f109b5e36fc7fdd41def361427b6b9c118e5c9a0a1d5ca24886e33a7f81b2188ec75a5fc9302e3695bdcc9ab11201ef940569c995c21eeaefe2e8fc02e0433dc7371d1f72124ba263e554c30fdd7cd8c2da1e8706417da9ad8916551a1182fac08603dfc2f2279ba161c13984cd753b54a85e6f3010975e9ff51318b09fa13e2d38ce013aab41524c298c3719e31bcb1f102eaeee69a19e006bcdb1acc2664efa949a1a07bb3d7848d5e1381fbe63c522053a3bb32eb6345e10f7a12bf84e0e196a00833f464dd2f6547f14ebf137fce33efeb813211f31ff24d7dbb00f2574ccda59b3ea068fc2a18c37ee579f5a9ecc47da73684bcadd209ae5bbb7147df74d027d8d0adcdb54182c9de8053fc8b1b9d19c16c53d34db6e26f6a88d449f6abf3010100007e206a758a3f02816b4e097cfa3d46e45e7949c5b10691d49b9693a798a330a1ccb32d49772e80862df36dc0156b3f72cd85083f8e96ca1697457ec722766bd46ee2424975a38149bd57e5c0eb4087fc243e7e51b0aca9f0ab0668d7f2ee9ad9f267d8804417aa7e36a64d489bb84a1483fd3c3ecb024060002858cbb1f7708f5b41fca2fee7c03b1f862ce88dc313d913e041dd7583a1ac41c466757c5dd07ea2c5d62a000000000000000019a4e9a9c2cbc906f97fd6eb71b18d09a5df123ebbdb2827b43aed6a29e9942e402c1ae52e9cb98f3019d364fc21ea12023db91ced3c2f06550cef8a79ed39091e4776001187d0ab2f82478431d36470cc008d745ce8fd64c9aa64da230bb080945a557081b767beb75b1ea856a55c71b8fda672289aa6088630d48ac8039f19fec3acbcc5944a4e6fd44af8f10110db730a8d0d41b4ea36f9510f843a471963bd4621b9e43f08d341bb69df430ac6398c1b28bdd33b69b4b86d7c5f30cf728294e8ea1861ce50c367498945285f73c94d91210652eb4f3077cab6be2a3512eddbcb63d091d69fb1b26c8ada9a9f9355aea34fe55fd0d3011cb83ac03268dc66dd108a4e9944241e1d4ba69212ee0e7526e72c19346d08d3c3c82cb987f1bd2fd9ce2c88082ea23abbf23c6bd43fc9f9f8ea7656e25d3d73cd056b1f782de1fe349fc33546558366ed99940c0fda039272d277a3576d4e0469779d711e10b6bf040f7274fd9577c1c33326d2e60ee611ae226ef00e2944fb727832dc8dad36a6072aacfc4bcefb808ab7b3b95e0f60616320b2a9e1f8fac812daac9983639b35184803b7d192ce1f226e97fa23c37df95d067a54a8b412644cad9ecc251fbe418a81aaf00cc8d15758ff0eb885a40630396ba76b8fadc09e62ef70c8a0121e7e8322cb8bc0f50ad33a17143a29c14ecadd1b6244e31b888d8f3fa03208d3e9a4826a98f31995509015ebdc89f2f3106e54d5898d3758b9bfc9e4924e9cedf7f8fd584e7185703cc5f23741ffb480b5a87cd7efcceb409d354bdab211ebd50ab12b13c1b8ce93093a59a0f952153c2efd10e72ec9ee5fa2a00f9637851ddb81d059f9a363c4ada68dd25f19ee9e4841acee7c1b35ad6f9d54cf4939ce78a55a04e655d7746a3989c6f33b02f8497aacb6bfca7456111900000000000000000048d35af24acb66fdd4d1fb150138f0ee6abfc7049c94346868ed76d3a5df7335184386a5c532d425f1a098ff93efd05e5dd8b765121fbdfe5ef44f6472b939c31883f45889142e82086c2448da60d7a40774d71c2da2e7f6d4fe5d36923213cc7b7d71a1c90006e8f8d84953f284b0eb4366beff5df5595827dcd736e8cfab28cfa416e83c06213ca7fd21af56e3de1d80e77060447e20a8b317a4c06e24e99239824d08abf670a685bc46c8168bee4cfc30cc6d0dc030a592925bad3e0f805f0d4b2b600dc3f0c4c6f75bb4e49982f4198ac90ab77c5572c956d415858bad5ee117b3e5f1507bbd0d7a30388865deb11106a93225a81feb08f5"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002300)={r2, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000140)="b9ff0300600d698cff9e14f008004d", 0x0, 0xe00, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f00000000c0), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0)
sendfile(r6, r6, 0x0, 0x40001)
readv(r6, &(0x7f0000000340)=[{&(0x7f0000001740)=""/153, 0x99}], 0x1)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000d00)=ANY=[@ANYBLOB="80000000", @ANYRES16=r7, @ANYBLOB="010c26bd7000fbdbdf250a00000008000600ffffffff04000180100001800c0007000000000020000000080005"], 0x80}}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000330a03000000000000000000020000000900020073797a310000000208000340000000010900810073797a3000000000"], 0x34}}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000440)={&(0x7f0000000000)=@generic={0x29, "89bc1e1f53286a9195804ee37750f1cc7fd9c451b1dce444121caf84d4f48808bfcd9e8dc9f74722809dfcf439af4893e096a037a86427233f243c33b281fa63f396e49036c3b503d231fa66c4ed4af2656b74223d889eacde5e20543c4c7863c01885e5f9215fb321b3a7751156b666c9c1edddd8b358e720317fb145aa"}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000080)="794a97b06f79fbc8f735d664f79d00320993bc69103b80bfae167d571dc4260057f87a683df6917ce22187f168818e6f045a17300046d466054cd822d47f05004b09e8d073e881d4d306e5058ff77edc12971a77b5ba5dd553b12a316ef957d2cdee150bfa3fd8351ecc32a60d2c05317463c5834b66088911a06972c1e117b72d6267f978", 0x85}, {&(0x7f00000001c0)="9a030d429acea97301d6d21e469f990ac0b10e13396709e76665b2affda0f529c13ef40fdad781ebcc0ffce1dee9413cc3b83a4f80d75f268e8b4a201a827c8d07c1a3ed8598c25c806911", 0x4b}, {&(0x7f0000000240)="ceb4d7fe2566d58794a9b904be97", 0xe}], 0x3, &(0x7f00000002c0)=[{0xe0, 0x118, 0x7, "86f00bd5461ff8134d73f2d1779571676b5bdfaee257d3b019447d89cf37a7109dca76af4bd4ec3e5e37a64a2adaa7fd4476bd33f3563ce5bd91301ab66e0e88839b7a08c48818235c0ad3b060494f7525894d8e13ee873e3aeed3bd7c1d50ec2f249253c161f40dedbfb1fd0b1eb0639ae58bbdec999aac9f73d07aa625624c4c3798b048bb33dc608452707208d0a494499d3cc098d079edbc6511aaf607fe4754a08541c90cbdf67e48f5284da5e69af5db67dd88b25756a70b6496bf3cc466f5df79c8a1474a8a404c6c5a9018"}], 0xe0}, 0x80)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket(0x10, 0x3, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002380)=ANY=[@ANYBLOB="b702000006000000bfa300000000000007030000407effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7ebfcd0cd00006ed3d09a6175037958e271b60dedf8937f02008b6d83923dd29c034055d47dafe6c8dc3d5d78c07f34e4d5b3185b310efd4989147a00000000f110026e6d2ef831ab7ea0c34f17e3adeef3bb622003b538dfd8e012e71f6420b90adddff61b5b0a341a2d7cbdb90000bdb2ca76050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132658555cf476619f28d9961b626c57c2691208171656d60a17e3c1c4b751ca532e6ea09c346df3d7cb4ebd31a08b32808b80200000000000000334d83239d1d2e9ff10ff2d27080e71113610e10c358e8327e7050b6c860dac12233f9a1fb9c2aec61ce63a38d316ef49b66d6e42fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a5f3d74ca891c4594e8a4399e01eadd3964663e88535c133f7130856f75643619f567d2e24f29e5dad9326edb697a6ea0182babc18cefd07e002cab5ebfcaad34732181feb215139f15eadddcb0c7cbe31fbae7c34d5ac5e7e64c21add9191eadd6e1795ad6a0f7f8cd3fccbdc3dec04b25dfc17975238345d4f71af35910b158e56657b7218baaa7cbf781c0a99bd50499ccff0f000000000000c7beba3da8223fe5308e4e2833baace04f4087c4f0da0d9a88f9dbb593ddeb3f0932a4d0175b889b8eccf707882042e716df9b57b290c661d4e85031086e97bcc5ca0e221a0e34323c129102b7b7a643e82e88a1940b3c02ed9c92d6f64b1282dc519b00159830d7617001154c46bd3ca96318c570f0721fc7aa2a580900000000000000b4f22cdf550ef091a78098534f0d973058594119d06d5ea9a8d085734000000000000000c12346e47ad97f4ead7cf754a52e4b2d0f22d428bd705414888700a30e2366c6a06b3367a389ca39059787790017b0689a1f3db9c24db65c1e00015c1d573dab18fd0600885f1ea8f2fd299fc3cdafda323e9c7080397bc49d70c060d57bc88fbe09baa058b040360ab9261503d2f363fb099408885afc2bf9a4f8c3506b669e889f5e4be1b8e0d634ebc1057b7e98186fc5141bd670dba6f43279f73db9dec75070cd9ab0fd969169ef6d2857b6bf955012cf7fe50d133da86e0477e42b98a6cc999dc21c3ef408e633dfa35f14d6e734837d365e63845f3c1092f8e34fc7eac9e8af3904ea0f3698cd9492794b82649b50d726bff873339c4cad4ead1348474250eda2c8067ab730c1d85969b95a2a5687f2ed690000522a0b7426000000000000000000000000000000000000000093fc7a82b98f99d9dedf7ba17f5f0b6d15e552fbd21f7eecff10243a43af03eea84c4304a5d3f93c02000000000000000043e1ed82b9aa0ae92a499984a009000000937523f5292d12659906005cde64f903c3415c458a2b32c2318f0858f19c6def80e1481e8e1c0098fc3f38b7a57211adb15d824cfdcf229628c0de49860a44286fe0e257cfa4ce50f3d10763d442824414a73c06837fe08de62f8710ca977960b74d0000ce73da6022a8671d1a3575b4e18c28c73203bf134686dd65808452cb6b76fcb134252c78de9b240de7b4cd015a77f76bb6470c05fc980b3d8f3f964f432a4bf6cddd6222c2da006b6fdb9c8468ae1d986a893b9519444d16a6dfa92c04331a6698507048fab5ae402acd05fe621f22712dfd09004770b4278fa14547d8ce3c21188e5e4e2baacd98e8e451d6aaaf090000006ed1d9018000008dd952595d78e9583bf4ea5de36099e3cddcb24ebb6eddb9e87c9ece87a42c0000abdfc6ea55887dfa18d0aea1b6eca5a883702b0bf3aeebb225895db90e237157a34e9f447237ea5b391bddd1290f7ce987a0e36b8e71b1779bbe95ffa9c3e0f6ba66e4d48e75253e3d633811e4b3220616aafbe7a3a18375ae593eb58fd500426286472466823cb8e1800aaaa0d9463c0c4ea5541a55df6eeffec0b66482228816cdfccb98374c644eea45de7867a0efbad0ab2bc33b350440a90b791b2b33f74a112a3b91b40bed8db2df8633207f8387e04ca52ab0f3f7b058b13523b896800b992972d9609551c27a5916ea16069c5bf55b98d926d3c27e7945b2999600000000f857bc1332d200194f658b930780603134ae6b7f5092772bd5d880dbe21b790c475b14b7fe4fe002dffd651faa79bb0cee0cdac23c3218f2ddaa6f7ba04b696a30d313bed30ba8f35569a9b07ee7308da09c01a4b827aa17bc2213fc1572b0204dd456b11a454d1f3f14179974aae624ea59500f5e048b2780666de81a040663c57f49af25be909984aea1b81f33426f86b4b941c08dfe2bc8ec246ec1aae120c42405e428923f3a83d9ba5c373f5e8a54120b451e2806370f1ed60c9fd5d9af4d16cb0f413c324da52d4bd2e01d3ac2d578d72e2d63322dfc9245ce3e3a097fb82f4e3b61a57094616020f72f1c55ee3d325c7496a7c2f10cfea516ae436751227378f00ca0f1f6c1dcf879700dd90b96a330f92bff736c83ca53e7f02b734d1a9292896f5d7f244bfab4946c7042e88206f641eafcc5b4ba7a7880533cdeac995d1caf6936f356ecf07a0084e7adc2dc12417997b03087c7b3b44b06f6158a2a18ce0e56ffbeb22f40521dd9972583d413098aa80db98ef324a2bfb7961c07b47521973cf0bb6f5530f6216b447b35d6e06b72b22b29de42bb1bc8ce0a0e3500000000000000000000000000b92eb197e4149627920000008000000000801792756f90b37f0858efc387f559203f314a4b0ed750fa72e5948ac3fe5921c14ef578d413e7b2a9e2f87f7b44949fe14c00000000000047030c09f62d444b4981db81799776eeb444000000009705fa8b56779bc876ad4f8d8c8e50815c4c3b27487996c09121caf47f76158362c74904f89cbc588aae84567a83571ff72bb65c082b5a8dee145ff221159aed2768edc05a3167d84205d5af86553c21e1f023a51c0e179fccfbc201982e3ddcaa45613899d19082453b180ca0c525b8d3cfaf7d0bcddeb5d5c7166038f276a92941393ba5e51f77172822bd903d9f8b436656771774ed88daab0d0cfdd1bf4d30ab566e1a4cb3ad66d830e10f7c1de13218aea21e7def613204c2b7c1ad48b01c208f4032e93408000000000000e96db049b92fc32ee34fe7a3419c8fbf03d61c159dc5864e030000a2c55b614d622b8de966c97e1940026f96db3c78ca18c9f08d1c47edf1a4d7298109f31b6078711ee72eacab84213bf50000000000000000000000000000001217887d0452aa6d26e4614d511710abeec84b78c027c160ba375dfa55a49b832ce4dfb91122193d514ed992c07f8cd6d897b314907e15642da228dbc03429e6e0e7ac118ed351c3b0c44bf5d8b58be573f8333aa8cc2ec5b5e305b3dee2562d415b4b9ed530797f55f9fe8510423409629a09000000000000009a35d9ca93e4b4591679547b8de8af1782451f7b8e1de508f1e9e525210d62bc850f8035040ad9e562be58797515b737bfb21d35ac560f99dbd18dad5e6345a464955e8141d75b6177e4fa176a020b0000000000006e76f0294fee7d19a0f327f8796d77b6e24b8df4bb438b527d10e657d49b844198ea9f93c4fd6fd2daa9bd87fd1e02ecc8075dca1280c201043257e9bd3c9a7aa150eb1711632b76d4dc0555d4bfcfd057980136d6e9000003b24fa300ef90bfe4ad364256937796f941c2faad94785f48777941f0cd3dba54ab6a5d5e91e90ac9ae994c3d4108b2fe7eca9413ac9bc138c74800487eb19c48db3f79be964808f109b5e36fc7fdd41def361427b6b9c118e5c9a0a1d5ca24886e33a7f81b2188ec75a5fc9302e3695bdcc9ab11201ef940569c995c21eeaefe2e8fc02e0433dc7371d1f72124ba263e554c30fdd7cd8c2da1e8706417da9ad8916551a1182fac08603dfc2f2279ba161c13984cd753b54a85e6f3010975e9ff51318b09fa13e2d38ce013aab41524c298c3719e31bcb1f102eaeee69a19e006bcdb1acc2664efa949a1a07bb3d7848d5e1381fbe63c522053a3bb32eb6345e10f7a12bf84e0e196a00833f464dd2f6547f14ebf137fce33efeb813211f31ff24d7dbb00f2574ccda59b3ea068fc2a18c37ee579f5a9ecc47da73684bcadd209ae5bbb7147df74d027d8d0adcdb54182c9de8053fc8b1b9d19c16c53d34db6e26f6a88d449f6abf3010100007e206a758a3f02816b4e097cfa3d46e45e7949c5b10691d49b9693a798a330a1ccb32d49772e80862df36dc0156b3f72cd85083f8e96ca1697457ec722766bd46ee2424975a38149bd57e5c0eb4087fc243e7e51b0aca9f0ab0668d7f2ee9ad9f267d8804417aa7e36a64d489bb84a1483fd3c3ecb024060002858cbb1f7708f5b41fca2fee7c03b1f862ce88dc313d913e041dd7583a1ac41c466757c5dd07ea2c5d62a000000000000000019a4e9a9c2cbc906f97fd6eb71b18d09a5df123ebbdb2827b43aed6a29e9942e402c1ae52e9cb98f3019d364fc21ea12023db91ced3c2f06550cef8a79ed39091e4776001187d0ab2f82478431d36470cc008d745ce8fd64c9aa64da230bb080945a557081b767beb75b1ea856a55c71b8fda672289aa6088630d48ac8039f19fec3acbcc5944a4e6fd44af8f10110db730a8d0d41b4ea36f9510f843a471963bd4621b9e43f08d341bb69df430ac6398c1b28bdd33b69b4b86d7c5f30cf728294e8ea1861ce50c367498945285f73c94d91210652eb4f3077cab6be2a3512eddbcb63d091d69fb1b26c8ada9a9f9355aea34fe55fd0d3011cb83ac03268dc66dd108a4e9944241e1d4ba69212ee0e7526e72c19346d08d3c3c82cb987f1bd2fd9ce2c88082ea23abbf23c6bd43fc9f9f8ea7656e25d3d73cd056b1f782de1fe349fc33546558366ed99940c0fda039272d277a3576d4e0469779d711e10b6bf040f7274fd9577c1c33326d2e60ee611ae226ef00e2944fb727832dc8dad36a6072aacfc4bcefb808ab7b3b95e0f60616320b2a9e1f8fac812daac9983639b35184803b7d192ce1f226e97fa23c37df95d067a54a8b412644cad9ecc251fbe418a81aaf00cc8d15758ff0eb885a40630396ba76b8fadc09e62ef70c8a0121e7e8322cb8bc0f50ad33a17143a29c14ecadd1b6244e31b888d8f3fa03208d3e9a4826a98f31995509015ebdc89f2f3106e54d5898d3758b9bfc9e4924e9cedf7f8fd584e7185703cc5f23741ffb480b5a87cd7efcceb409d354bdab211ebd50ab12b13c1b8ce93093a59a0f952153c2efd10e72ec9ee5fa2a00f9637851ddb81d059f9a363c4ada68dd25f19ee9e4841acee7c1b35ad6f9d54cf4939ce78a55a04e655d7746a3989c6f33b02f8497aacb6bfca7456111900000000000000000048d35af24acb66fdd4d1fb150138f0ee6abfc7049c94346868ed76d3a5df7335184386a5c532d425f1a098ff93efd05e5dd8b765121fbdfe5ef44f6472b939c31883f45889142e82086c2448da60d7a40774d71c2da2e7f6d4fe5d36923213cc7b7d71a1c90006e8f8d84953f284b0eb4366beff5df5595827dcd736e8cfab28cfa416e83c06213ca7fd21af56e3de1d80e77060447e20a8b317a4c06e24e99239824d08abf670a685bc46c8168bee4cfc30cc6d0dc030a592925bad3e0f805f0d4b2b600dc3f0c4c6f75bb4e49982f4198ac90ab77c5572c956d415858bad5ee117b3e5f1507bbd0d7a30388865deb11106a93225a81feb08f5"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002300)={r2, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000140)="b9ff0300600d698cff9e14f008004d", 0x0, 0xe00, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
openat$cgroup_procs(r3, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0) (async)
write$cgroup_pid(r4, &(0x7f00000000c0), 0x12) (async)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
openat$cgroup_procs(r5, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0) (async)
sendfile(r6, r6, 0x0, 0x40001) (async)
readv(r6, &(0x7f0000000340)=[{&(0x7f0000001740)=""/153, 0x99}], 0x1) (async)
syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0), 0xffffffffffffffff) (async)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000d00)=ANY=[@ANYBLOB="80000000", @ANYRES16=r7, @ANYBLOB="010c26bd7000fbdbdf250a00000008000600ffffffff04000180100001800c0007000000000020000000080005"], 0x80}}, 0x0) (async)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000330a03000000000000000000020000000900020073797a310000000208000340000000010900810073797a3000000000"], 0x34}}, 0x0) (async)
sendmsg$kcm(r1, &(0x7f0000000440)={&(0x7f0000000000)=@generic={0x29, "89bc1e1f53286a9195804ee37750f1cc7fd9c451b1dce444121caf84d4f48808bfcd9e8dc9f74722809dfcf439af4893e096a037a86427233f243c33b281fa63f396e49036c3b503d231fa66c4ed4af2656b74223d889eacde5e20543c4c7863c01885e5f9215fb321b3a7751156b666c9c1edddd8b358e720317fb145aa"}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000080)="794a97b06f79fbc8f735d664f79d00320993bc69103b80bfae167d571dc4260057f87a683df6917ce22187f168818e6f045a17300046d466054cd822d47f05004b09e8d073e881d4d306e5058ff77edc12971a77b5ba5dd553b12a316ef957d2cdee150bfa3fd8351ecc32a60d2c05317463c5834b66088911a06972c1e117b72d6267f978", 0x85}, {&(0x7f00000001c0)="9a030d429acea97301d6d21e469f990ac0b10e13396709e76665b2affda0f529c13ef40fdad781ebcc0ffce1dee9413cc3b83a4f80d75f268e8b4a201a827c8d07c1a3ed8598c25c806911", 0x4b}, {&(0x7f0000000240)="ceb4d7fe2566d58794a9b904be97", 0xe}], 0x3, &(0x7f00000002c0)=[{0xe0, 0x118, 0x7, "86f00bd5461ff8134d73f2d1779571676b5bdfaee257d3b019447d89cf37a7109dca76af4bd4ec3e5e37a64a2adaa7fd4476bd33f3563ce5bd91301ab66e0e88839b7a08c48818235c0ad3b060494f7525894d8e13ee873e3aeed3bd7c1d50ec2f249253c161f40dedbfb1fd0b1eb0639ae58bbdec999aac9f73d07aa625624c4c3798b048bb33dc608452707208d0a494499d3cc098d079edbc6511aaf607fe4754a08541c90cbdf67e48f5284da5e69af5db67dd88b25756a70b6496bf3cc466f5df79c8a1474a8a404c6c5a9018"}], 0xe0}, 0x80) (async)

2.510701439s ago: executing program 2 (id=2778):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x19, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x63, 0x11, 0x18}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x16}, 0x70)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x270}}, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000880)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000000000000000010010c"], 0x270}}, 0x0)
r3 = socket(0x15, 0x5, 0x0)
r4 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r4, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
sendmsg$xdp(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
getsockopt(r3, 0x200000000114, 0x2715, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r5, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e74657200500000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000002400038020000080080003400000000214000b"], 0xe4}}, 0x0)
write$binfmt_script(r6, &(0x7f0000000200), 0xfffffd9d)
close(r7)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x41, 0x3, 0x200, 0x0, 0x0, 0x0, 0x168, 0x0, 0x168, 0x1f0, 0x1f0, 0x168, 0x1f0, 0x3, 0x0, {[{{@ip={@dev, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'wlan1\x00', 'wg1\x00', {}, {}, 0x6}, 0x0, 0x70, 0x98, 0x0, {0x0, 0xffffffffa0028000}}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0x0, 'vlan0\x00'}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x260)
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000040)='htcp\x00', 0x5)
unshare(0x22020600)
sendfile(r5, r6, 0x0, 0x8000002b)

870.779217ms ago: executing program 2 (id=2779):
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000140), 0x4)
getsockopt$bt_hci(0xffffffffffffffff, 0x11a, 0x3, 0x0, &(0x7f0000000000))
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x800448d4, &(0x7f0000000080)={0x0, 0x200, "408b7c"})
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1f00030007"], 0xd)

707.172425ms ago: executing program 4 (id=2780):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0x18, 0x2a, 0x9, 0x0, 0x1600, {0x4, 0x0, 0x2c00}, [@nested={0x4, 0x16}]}, 0x18}, 0x1, 0x3000000}, 0x0)

554.875337ms ago: executing program 0 (id=2781):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0)
syz_emit_ethernet(0x7e, &(0x7f00000000c0)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa0486dd601200b00048000000000000000000000000000000000000ff02000000007c7b4602a63eada311416ce0010000000000000000000103009078000000006027738200002c00fc0100fcff010000000000000000000000005a84ff1c39117daecb621c0000012f01000000000000070822ebffff0000000000000000000037bcef00"/153], 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000b80)={'batadv_slave_1\x00', <r4=>0x0})
setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001600)=ANY=[@ANYBLOB="300000004a00010000000000000000000a008000", @ANYRES32=r6, @ANYBLOB="0000000014000100"/18, @ANYRES32], 0x30}}, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000300)={@remote, r4}, 0x14)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x5, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x7}, [@map_val={0x18, 0x1, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x9}]}, &(0x7f0000000180)='syzkaller\x00', 0x5d, 0xe9, &(0x7f0000000380)=""/233, 0x40f00, 0x1, '\x00', r4, 0x25, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f00000001c0)={0x3, 0x1, 0x1ff, 0x4}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7f}, 0x90)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000240), r7)
r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00', <r9=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000400)={'batadv0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r7, &(0x7f00000005c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x10801013}, 0xc, &(0x7f0000000580)={&(0x7f00000006c0)={0xc0, 0x0, 0x100, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x58, 0x2a, [@prep={0x83, 0x25, {{0x0, 0x1}, 0xf9, 0x4, @device_b, 0x9f, @value=@device_b, 0xd, 0xbf, @device_b, 0x6}}, @chsw_timing={0x68, 0x4, {0x81, 0x2}}, @gcr_ga={0xbd, 0x6, @broadcast}, @channel_switch={0x25, 0x3, {0x1, 0xc, 0x9}}, @rann={0x7e, 0x15, {{0x1, 0x1}, 0x7, 0x6, @device_a, 0x1ff, 0xdc, 0x80}}, @challenge={0x10, 0x1, 0x4b}]}, @fils_params=[@NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x9}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6}, @NL80211_ATTR_FILS_ERP_RRK={0x31, 0xfc, "10f94ee1068148a407a11fcb96111525add849f152dcbabbc6f76c3e9ee50d70c3c6b7886b88260ace1d0ca700"}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x4b}]]}, 0xc0}}, 0x40)
sendmsg$BATADV_CMD_SET_HARDIF(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000680)={0x34, r8, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r9}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r10}, @BATADV_ATTR_ELP_INTERVAL={0x8}]}, 0x34}}, 0x0)
sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f00000005c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x34, r8, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}]}, 0x34}}, 0x20048046)
ioctl$SIOCSIFHWADDR(r1, 0x8b14, &(0x7f0000000200)={'veth0_vlan\x00', @random})
bind$802154_dgram(r1, &(0x7f0000000240), 0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c00000010000304000000fee05645a5c5339d00", @ANYRES32=0x0, @ANYBLOB="00030000000000001c0012800900010069706970000000000c00028008000f00ffffffff"], 0x3c}, 0x1, 0xff7f, 0x0, 0x401}, 0x0)

554.628821ms ago: executing program 4 (id=2782):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@func_proto={0x2, 0x0, 0x0, 0x13, 0x2}]}, {0x0, [0x0, 0x61, 0x61, 0x2e]}}, 0x0, 0x2a, 0xfffff}, 0x20)

518.277172ms ago: executing program 4 (id=2783):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = accept4$x25(0xffffffffffffffff, &(0x7f0000000080)={0x9, @remote}, &(0x7f00000000c0)=0x12, 0x800)
connect$x25(r1, &(0x7f0000000100), 0x12)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000040000000160a01010000000000000000010000000900010073797a30000000000900020073797a300000000014000380080002400000000008000140000000002c000000180a05000000000000000000010000000900010073797a30000000000c000540000000000000000114000000020a01"], 0xc8}}, 0x0)

493.7258ms ago: executing program 2 (id=2784):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00, 0x0, 0x2219}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x40}}, 0x0)
r1 = socket(0x15, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000711227000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x90)
getsockopt(r1, 0x200000000114, 0x2718, 0x0, &(0x7f0000000040))

346.981131ms ago: executing program 4 (id=2785):
r0 = socket$packet(0x11, 0x3, 0x300)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="200000005e00010000000000000000000c00000001000000000000e6"], 0x20}], 0x1}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x8000}]}, 0x28}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000100), 0x1001)
ioctl$SIOCSIFHWADDR(r2, 0x4030582b, &(0x7f0000000000)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}})
getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000480)={{{@in=@empty, @in6=@remote}}, {{@in=@loopback}, 0x0, @in6=@local}}, &(0x7f0000000300)=0xe8)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000040)={0x1b, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, r2, 0x3, 0x2, 0x4}, 0x48)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000440)={0x0, 0x8005}, 0x4)
socket$inet6(0xa, 0x2, 0x0)
ioctl$FAT_IOCTL_GET_VOLUME_ID(r2, 0x80047213, &(0x7f0000000180))
r3 = socket$netlink(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB='8', @ANYRES16=r4, @ANYBLOB="1506000000000000004c0100000024000180060005004e22000008000300ac1414bb060001000200000008000600a7"], 0x38}}, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000380), r2)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000600)={0x30, r6, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x18, {0x0, @bearer=@l2={'ib', 0x3a, 'batadv0\x00'}}}}}, 0x30}}, 0x0)
sendmsg$TIPC_CMD_SET_LINK_TOL(r3, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x68, r6, 0x4, 0x70bd2a, 0x25dfdbfc, {{}, {}, {0x4c, 0x18, {0xbef, @media='udp\x00'}}}, ["", "", "", "", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x4)

193.292438ms ago: executing program 4 (id=2786):
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$IP_VS_SO_GET_INFO(r0, 0x0, 0x481, &(0x7f0000000040), &(0x7f0000000080)=0xc)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0x0, '.\x00'}})
r1 = socket$netlink(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000140), 0xffffffffffffffff)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000004c0)={'wlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000004c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_BSS(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x2c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_BSS_CTS_PROT={0x5}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5}]}, 0x2c}}, 0x0)
sendmsg$NFNL_MSG_CTHELPER_NEW(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000005c0)={0x58, 0x0, 0x9, 0x3, 0x0, 0x0, {}, [@NFCTH_PRIV_DATA_LEN={0x8}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8}}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_TUPLE={0x24, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @rand_addr=0x64010102}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}]}]}, 0x58}}, 0x0)
socket(0x10, 0x803, 0x0) (async)
r6 = socket(0x10, 0x803, 0x0)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f0000000300), &(0x7f0000000540)=0x8) (async)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f0000000300), &(0x7f0000000540)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r6, 0x84, 0x76, &(0x7f00000003c0)={0x0, 0x42ee}, &(0x7f00000006c0)=0xd) (async)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r6, 0x84, 0x76, &(0x7f00000003c0)={0x0, 0x42ee}, &(0x7f00000006c0)=0xd)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000180), r7) (async)
r10 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000180), r7)
sendmsg$NLBL_UNLABEL_C_ACCEPT(r8, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x3c, r10, 0x800, 0x70bd2d, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast2}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @loopback}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4010}, 0x80)
connect$can_bcm(0xffffffffffffffff, &(0x7f0000000000), 0x10)
r11 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000580), r8)
openat$cgroup(0xffffffffffffffff, &(0x7f0000000700)='syz1\x00', 0x200002, 0x0)
sendmsg$NLBL_CIPSOV4_C_LIST(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r11, @ANYBLOB="0100000008000000000002000000080001"], 0x1c}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r12=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="4000000010000300"/20, @ANYRES32=r12, @ANYBLOB="0000000000000000140012800b00010067656e6576650000040002800c001a80"], 0x40}, 0x1, 0x2}, 0x0)
socket$inet6(0xa, 0x6, 0x47f0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=@delqdisc={0x34, 0x25, 0x0, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r12, {0x0, 0xfff2}, {0xe, 0x9}, {0xfff2, 0xfff3}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x8}}, @TCA_RATE={0x6, 0x5, {0x5}}]}, 0x34}}, 0x800) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=@delqdisc={0x34, 0x25, 0x0, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r12, {0x0, 0xfff2}, {0xe, 0x9}, {0xfff2, 0xfff3}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x8}}, @TCA_RATE={0x6, 0x5, {0x5}}]}, 0x34}}, 0x800)

144.540244ms ago: executing program 2 (id=2787):
r0 = socket$igmp6(0xa, 0x3, 0x2)
getsockopt$inet6_int(r0, 0x29, 0xa, 0x0, 0x0)

23.049505ms ago: executing program 2 (id=2788):
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, 0x1, 0x5, 0xd3})
r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$SEG6_CMD_DUMPHMAC(r0, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x4c, r1, 0x108, 0x70bd28, 0x25dfdbfd, {}, [@SEG6_ATTR_DST={0x14, 0x1, @mcast1}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x10001}, @SEG6_ATTR_DST={0x14, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40012}, 0x8044)
r2 = socket(0x10, 0x803, 0x0)
sendto(r2, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_MON_GET(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x6c, 0x0, 0x800, 0x70bd27, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0x44, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x10}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xc45}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x34fab27b}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9dd}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_REF={0x8}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4004}, 0x1)
recvmmsg(r2, &(0x7f00000037c0), 0x0, 0x2, &(0x7f0000000140)={0x0, 0x3938700})
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e23, @broadcast}, 0x10)

0s ago: executing program 0 (id=2789):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x1ac, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_CHAIN={0x8}, @TCA_RATE={0x6, 0x5, {0x9d}}, @filter_kind_options=@f_fw={{0x7}, {0x170, 0x2, [@TCA_FW_CLASSID={0x8}, @TCA_FW_INDEV={0x14, 0x3, 'batadv_slave_1\x00'}, @TCA_FW_INDEV={0x14, 0x3, 'veth0_to_bond\x00'}, @TCA_FW_ACT={0x4}, @TCA_FW_CLASSID={0x8}, @TCA_FW_POLICE={0x18, 0x2, [@TCA_POLICE_AVRATE={0x8}, @TCA_POLICE_RATE64={0xc}]}, @TCA_FW_CLASSID={0x8}, @TCA_FW_INDEV={0x14, 0x3, 'pimreg1\x00'}, @TCA_FW_ACT={0xfc, 0x4, [@m_simple={0xf8, 0x0, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18}, @TCA_DEF_PARMS={0x18}, @TCA_DEF_DATA={0xb, 0x3, 'skbmod\x00'}, @TCA_DEF_PARMS={0x18}, @TCA_DEF_DATA={0x9, 0x3, 'fd/3\x00'}]}, {0x69, 0x6, "4609dc63a7e2c1e8d8f3947bfe64049bafc10942cf56376c73961c5ee06f3a38e48c1a286e545dd4a521f2869b54fbcf1c7958eb636e54a910cbe3d0b34b67c9400d92c4bd68f2a5e196d558cfa1c8440806e82a3b539579ffad8fa8a57d9e0f03a55d685c"}, {0xc}, {0xc}}}]}]}}]}, 0x1ac}}, 0x0)
sendto(0xffffffffffffffff, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000000)={@link_local, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x3, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x6558, 0x0, 0x0, [0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x11}}}}}}, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040)}, 0x38)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000600))
sendmsg$NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x20, 0x0, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc, 0x99, {0x1}}}}}, 0x20}}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
close(r3)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000300)={'batadv_slave_1\x00', <r5=>0x0})
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000a00)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0503020000000000140012800c0001006d616376746170000400028009000500f9cb3bcbdcb803d6925e762430ba9eed6e17fd92901f62287ce78539872b73558530ae75d5e7ef042cec39175d60a115affc43b3b1d5ee5e35abcbc47210d5100647ddcdf1f0038d1b3bd24b25f441120d2101c691003ea98881e821a9ed1ae8eee4166f100c7fce9a3a8107f3cba466e787c3d70856", @ANYRES32=r7, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r7, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$inet(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000540)="cbf2f7df1ba7b55c981319d156b7e86d8854aeecfed7024afc61554427fdd367d4bf1d3dc0e8d4a00698ee04883dfbce356233f2b6dfd580f3813b39cfb8cc229ae4b866b372", 0x46}, {&(0x7f0000000880)="edc0f1667d32a766b9a9bb6e4fa068ef2107a140d048198f0dbf4268d9a53a5af5c0f2090dbf495f72cdb112928603a4a1dc0011483611067e00ff5b06725f58f62cafb36fe9dd6fb4b8eb5b17ee46c757664c5833846ae87591c3c1d8fd0253f4bbe5707a5abcd6f116021d01a07a4422733382983d13c76f017de8da5ff48afb26362564ee3117a02a79c3cccdacee5a9b2ed36b2f30598fc61d3de14641c35e615652b3c6f5188d1e26cbb95032de11efdb", 0xb3}], 0x2, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @private=0xa010102, @loopback}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x6}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @remote, @broadcast}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x125}}], 0x70}, 0x4008880)
r9 = socket$inet(0x2, 0x2, 0x1)
setsockopt$SO_BINDTODEVICE_wg(r9, 0x1, 0x19, &(0x7f0000000080)='wg0\x00', 0x4)
sendmsg$inet(r9, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2}, 0x0)
socket$kcm(0x2, 0x3, 0x106)
ioctl$SIOCSIFHWADDR(r3, 0x8b26, &(0x7f0000000000)={'wlan1\x00', @random="0202000400"})
recvmmsg(0xffffffffffffffff, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x7e}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0xb00}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

kernel console output (not intermixed with test programs):

strongly recommended to keep mac addresses unique to avoid problems!
[  452.034210][T12433] batman_adv: batadv0: Interface activated: batadv_slave_1
[  452.056776][T12758] FAULT_INJECTION: forcing a failure.
[  452.056776][T12758] name failslab, interval 1, probability 0, space 0, times 0
[  452.092459][T12758] CPU: 0 UID: 0 PID: 12758 Comm: syz.0.2388 Not tainted 6.11.0-rc6-syzkaller-00178-gd759ee240d3c #0
[  452.103283][T12758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  452.113365][T12758] Call Trace:
[  452.116656][T12758]  <TASK>
[  452.119616][T12758]  dump_stack_lvl+0x241/0x360
[  452.124340][T12758]  ? __pfx_dump_stack_lvl+0x10/0x10
[  452.129569][T12758]  ? __pfx__printk+0x10/0x10
[  452.134196][T12758]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  452.139694][T12758]  ? __pfx___might_resched+0x10/0x10
[  452.145019][T12758]  should_fail_ex+0x3b0/0x4e0
[  452.149731][T12758]  should_failslab+0xac/0x100
[  452.154444][T12758]  ? rtnl_newlink+0xf2/0x20a0
[  452.159220][T12758]  __kmalloc_cache_noprof+0x6c/0x2c0
[  452.164539][T12758]  rtnl_newlink+0xf2/0x20a0
[  452.169084][T12758]  ? __pfx_lock_acquire+0x10/0x10
[  452.174312][T12758]  ? __mutex_lock+0x99b/0xd70
[  452.176547][T12764] netlink: 84 bytes leftover after parsing attributes in process `syz.2.2390'.
[  452.178991][T12758]  ? __pfx_lock_release+0x10/0x10
[  452.179023][T12758]  ? do_raw_spin_lock+0x14f/0x370
[  452.198000][T12758]  ? __pfx_rtnl_newlink+0x10/0x10
[  452.203064][T12758]  ? do_raw_spin_unlock+0x13c/0x8b0
[  452.208311][T12758]  ? __mutex_lock+0x9a5/0xd70
[  452.213030][T12758]  ? __mutex_lock+0x527/0xd70
[  452.217820][T12758]  ? rtnetlink_rcv_msg+0x6e6/0xcf0
[  452.222965][T12758]  ? __pfx___mutex_lock+0x10/0x10
[  452.228032][T12758]  ? __pfx_rtnl_newlink+0x10/0x10
[  452.233093][T12758]  rtnetlink_rcv_msg+0x73f/0xcf0
[  452.238055][T12758]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  452.243197][T12758]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  452.248778][T12758]  ? ref_tracker_free+0x643/0x7e0
[  452.253831][T12758]  netlink_rcv_skb+0x1e3/0x430
[  452.258622][T12758]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  452.264148][T12758]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  452.269482][T12758]  ? netlink_deliver_tap+0x2e/0x1b0
[  452.274705][T12758]  netlink_unicast+0x7f6/0x990
[  452.279508][T12758]  ? __pfx_netlink_unicast+0x10/0x10
[  452.284830][T12758]  ? __virt_addr_valid+0x183/0x530
[  452.289973][T12758]  ? __check_object_size+0x49c/0x900
[  452.295295][T12758]  ? bpf_lsm_netlink_send+0x9/0x10
[  452.300434][T12758]  netlink_sendmsg+0x8e4/0xcb0
[  452.305247][T12758]  ? __pfx_netlink_sendmsg+0x10/0x10
[  452.310566][T12758]  ? __import_iovec+0x536/0x820
[  452.315492][T12758]  ? aa_sock_msg_perm+0x91/0x160
[  452.320556][T12758]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  452.325869][T12758]  ? security_socket_sendmsg+0x87/0xb0
[  452.331361][T12758]  ? __pfx_netlink_sendmsg+0x10/0x10
[  452.336679][T12758]  __sock_sendmsg+0x221/0x270
[  452.341393][T12758]  ____sys_sendmsg+0x525/0x7d0
[  452.346198][T12758]  ? __pfx_____sys_sendmsg+0x10/0x10
[  452.351537][T12758]  __sys_sendmsg+0x2b0/0x3a0
[  452.356158][T12758]  ? __pfx___sys_sendmsg+0x10/0x10
[  452.361291][T12758]  ? vfs_write+0x7c4/0xc90
[  452.365774][T12758]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  452.372132][T12758]  ? do_syscall_64+0x100/0x230
[  452.376928][T12758]  ? do_syscall_64+0xb6/0x230
[  452.381655][T12758]  do_syscall_64+0xf3/0x230
[  452.386188][T12758]  ? clear_bhb_loop+0x35/0x90
[  452.390900][T12758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.396822][T12758] RIP: 0033:0x7fd29477cef9
[  452.401256][T12758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  452.420892][T12758] RSP: 002b:00007fd295548038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  452.429342][T12758] RAX: ffffffffffffffda RBX: 00007fd294935f80 RCX: 00007fd29477cef9
[  452.437346][T12758] RDX: 0000000000000010 RSI: 0000000020000280 RDI: 0000000000000003
[  452.445393][T12758] RBP: 00007fd295548090 R08: 0000000000000000 R09: 0000000000000000
[  452.453396][T12758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  452.461396][T12758] R13: 0000000000000000 R14: 00007fd294935f80 R15: 00007ffcc1fcfbe8
[  452.469495][T12758]  </TASK>
[  452.484301][T12772] netlink: 'syz.2.2392': attribute type 10 has an invalid length.
[  452.498684][T12762] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2389'.
[  452.519389][T12762] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (64)
[  452.562303][T12433] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  452.571041][T12433] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  452.613809][T12433] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  452.631481][T12433] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  452.654784][T12480] 8021q: adding VLAN 0 to HW filter on device batadv0
[  452.677272][T12778] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2395'.
[  452.854995][ T1125] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  452.885315][ T1125] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  452.983274][T12788] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2400'.
[  453.014934][T12480] veth0_vlan: entered promiscuous mode
[  453.022898][T11539] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  453.042481][T11539] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  453.044355][T12788] netlink: 'syz.0.2400': attribute type 1 has an invalid length.
[  453.084586][T12480] veth1_vlan: entered promiscuous mode
[  453.146673][T12480] veth0_macvtap: entered promiscuous mode
[  453.189236][T12480] veth1_macvtap: entered promiscuous mode
[  453.218434][T12480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.229215][T12480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.241615][T12480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.270526][T12480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.298857][T12480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.311999][T12480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.322405][T12480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  453.333914][T12480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.370898][T12480] batman_adv: batadv0: Interface activated: batadv_slave_0
[  453.405864][T12480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  453.420222][T12480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.442945][T12480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  453.471486][T12480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.496014][T12480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  453.511524][T12480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.531524][T12480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  453.542604][T12480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  453.563984][T12480] batman_adv: batadv0: Interface activated: batadv_slave_1
[  453.613753][T12809] netlink: 'syz.4.2408': attribute type 10 has an invalid length.
[  453.638347][T12809] team0: Port device netdevsim0 added
[  453.656441][T12480] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  453.686315][T12480] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  453.701470][T12480] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  453.710327][T12480] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  453.908461][T12819] FAULT_INJECTION: forcing a failure.
[  453.908461][T12819] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  453.919667][ T1125] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  453.935530][ T1125] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  453.951975][T12819] CPU: 0 UID: 0 PID: 12819 Comm: syz.0.2413 Not tainted 6.11.0-rc6-syzkaller-00178-gd759ee240d3c #0
[  453.962791][T12819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  453.972866][T12819] Call Trace:
[  453.976193][T12819]  <TASK>
[  453.979136][T12819]  dump_stack_lvl+0x241/0x360
[  453.983852][T12819]  ? __pfx_dump_stack_lvl+0x10/0x10
[  453.986851][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  453.989054][T12819]  ? __pfx__printk+0x10/0x10
[  453.989084][T12819]  ? __pfx_lock_release+0x10/0x10
[  454.006555][T12819]  should_fail_ex+0x3b0/0x4e0
[  454.011268][T12819]  _copy_from_user+0x2f/0xe0
[  454.015877][T12819]  do_sock_getsockopt+0x1d1/0x7e0
[  454.020928][T12819]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  454.026478][T12819]  ? __fget_files+0x3f6/0x470
[  454.031159][T12819]  __sys_getsockopt+0x271/0x330
[  454.036022][T12819]  ? __pfx___sys_getsockopt+0x10/0x10
[  454.041402][T12819]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  454.047732][T12819]  ? do_syscall_64+0x100/0x230
[  454.052492][T12819]  __x64_sys_getsockopt+0xb5/0xd0
[  454.057519][T12819]  do_syscall_64+0xf3/0x230
[  454.062016][T12819]  ? clear_bhb_loop+0x35/0x90
[  454.066693][T12819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  454.072594][T12819] RIP: 0033:0x7fd29477cef9
[  454.077004][T12819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  454.096637][T12819] RSP: 002b:00007fd295548038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  454.105132][T12819] RAX: ffffffffffffffda RBX: 00007fd294935f80 RCX: 00007fd29477cef9
[  454.113108][T12819] RDX: 0000000000002721 RSI: 0000200000000114 RDI: 0000000000000003
[  454.121071][T12819] RBP: 00007fd295548090 R08: 0000000020000040 R09: 0000000000000000
[  454.129310][T12819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  454.137464][T12819] R13: 0000000000000000 R14: 00007fd294935f80 R15: 00007ffcc1fcfbe8
[  454.145726][T12819]  </TASK>
[  454.150435][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  454.411939][T12832] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  454.627344][ T1125] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  455.425521][ T1125] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  455.542561][T12844] __nla_validate_parse: 7 callbacks suppressed
[  455.542580][T12844] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2422'.
[  455.630486][ T1125] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  455.729541][ T1125] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  455.780636][T12854] netem: incorrect ge model size
[  455.801604][T12854] netem: change failed
[  455.819672][T12854] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2426'.
[  455.859346][ T5233] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  455.869474][ T5233] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  455.877869][ T5233] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  455.891763][ T5233] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  455.901081][ T5233] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  455.910989][ T5233] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  455.911662][T12858] FAULT_INJECTION: forcing a failure.
[  455.911662][T12858] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  455.939186][T12858] CPU: 0 UID: 0 PID: 12858 Comm: syz.0.2427 Not tainted 6.11.0-rc6-syzkaller-00178-gd759ee240d3c #0
[  455.949992][T12858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  455.960080][T12858] Call Trace:
[  455.963391][T12858]  <TASK>
[  455.966339][T12858]  dump_stack_lvl+0x241/0x360
[  455.971043][T12858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  455.976352][T12858]  ? __pfx__printk+0x10/0x10
[  455.980977][T12858]  should_fail_ex+0x3b0/0x4e0
[  455.985689][T12858]  prepare_alloc_pages+0x1da/0x5d0
[  455.990844][T12858]  __alloc_pages_noprof+0x166/0x6c0
[  455.996076][T12858]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  456.002623][T12858]  ? __pfx_validate_chain+0x10/0x10
[  456.007862][T12858]  alloc_pages_mpol_noprof+0x3e8/0x680
[  456.013379][T12858]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  456.019400][T12858]  vma_alloc_folio_noprof+0x12e/0x230
[  456.024807][T12858]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  456.030735][T12858]  ? __lock_acquire+0x137a/0x2040
[  456.035790][T12858]  folio_prealloc+0x31/0x170
[  456.040411][T12858]  handle_pte_fault+0x255e/0x6fc0
[  456.045478][T12858]  ? __pfx_lock_acquire+0x10/0x10
[  456.050540][T12858]  ? __pfx_handle_pte_fault+0x10/0x10
[  456.055934][T12858]  ? do_raw_spin_lock+0x14f/0x370
[  456.061005][T12858]  ? follow_page_pte+0x29a/0x1ee0
[  456.066059][T12858]  ? follow_page_pte+0x83f/0x1ee0
[  456.071109][T12858]  ? __pfx_lock_release+0x10/0x10
[  456.076164][T12858]  ? do_raw_spin_unlock+0x13c/0x8b0
[  456.081393][T12858]  handle_mm_fault+0x1109/0x1bc0
[  456.086383][T12858]  ? __pfx_handle_mm_fault+0x10/0x10
[  456.091709][T12858]  ? __pfx_find_vma+0x10/0x10
[  456.096409][T12858]  ? vma_is_secretmem+0xd/0x50
[  456.101192][T12858]  ? check_vma_flags+0x531/0x5a0
[  456.106159][T12858]  __get_user_pages+0x6ec/0x16a0
[  456.111158][T12858]  ? __pfx___get_user_pages+0x10/0x10
[  456.116567][T12858]  __gup_longterm_locked+0xed7/0x17d0
[  456.121985][T12858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  456.128344][T12858]  ? sanity_check_pinned_pages+0x12c2/0x13c0
[  456.134363][T12858]  ? gup_fast_fallback+0x221d/0x2b50
[  456.139686][T12858]  gup_fast_fallback+0x2742/0x2b50
[  456.144860][T12858]  ? __pfx_gup_fast_fallback+0x10/0x10
[  456.150349][T12858]  ? __sys_getsockopt+0x271/0x330
[  456.155398][T12858]  ? __x64_sys_getsockopt+0xb5/0xd0
[  456.160616][T12858]  ? do_syscall_64+0xf3/0x230
[  456.165354][T12858]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  456.171568][T12858]  ? is_valid_gup_args+0x124/0x200
[  456.176707][T12858]  pin_user_pages_fast+0xcc/0x160
[  456.181769][T12858]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  456.187426][T12858]  ? rds_info_getsockopt+0x20c/0x600
[  456.192733][T12858]  ? rds_info_getsockopt+0x20c/0x600
[  456.198126][T12858]  ? rds_info_getsockopt+0x20c/0x600
[  456.203523][T12858]  ? __kmalloc_noprof+0x21a/0x400
[  456.208586][T12858]  rds_info_getsockopt+0x22e/0x600
[  456.213731][T12858]  ? __might_fault+0xaa/0x120
[  456.218460][T12858]  ? __pfx_lock_release+0x10/0x10
[  456.223521][T12858]  ? __pfx_rds_info_getsockopt+0x10/0x10
[  456.229193][T12858]  ? __might_fault+0xc6/0x120
[  456.233914][T12858]  ? rds_getsockopt+0x2c2/0x530
[  456.238880][T12858]  ? __pfx_rds_getsockopt+0x10/0x10
[  456.244211][T12858]  do_sock_getsockopt+0x3c4/0x7e0
[  456.249284][T12858]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  456.254860][T12858]  ? __fget_files+0x3f6/0x470
[  456.259581][T12858]  __sys_getsockopt+0x271/0x330
[  456.261479][T12855] chnl_net:caif_netlink_parms(): no params data found
[  456.264444][T12858]  ? __pfx___sys_getsockopt+0x10/0x10
[  456.264474][T12858]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  456.282946][T12858]  ? do_syscall_64+0x100/0x230
[  456.287738][T12858]  __x64_sys_getsockopt+0xb5/0xd0
[  456.292791][T12858]  do_syscall_64+0xf3/0x230
[  456.297324][T12858]  ? clear_bhb_loop+0x35/0x90
[  456.302039][T12858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  456.307958][T12858] RIP: 0033:0x7fd29477cef9
[  456.312395][T12858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  456.332023][T12858] RSP: 002b:00007fd295548038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  456.340458][T12858] RAX: ffffffffffffffda RBX: 00007fd294935f80 RCX: 00007fd29477cef9
[  456.348536][T12858] RDX: 0000000000002711 RSI: 0000200000000114 RDI: 0000000000000003
[  456.356531][T12858] RBP: 00007fd295548090 R08: 0000000020000040 R09: 0000000000000000
[  456.364526][T12858] R10: 0000000020005ec0 R11: 0000000000000246 R12: 0000000000000002
[  456.372521][T12858] R13: 0000000000000000 R14: 00007fd294935f80 R15: 00007ffcc1fcfbe8
[  456.380534][T12858]  </TASK>
[  456.399165][ T1125] bridge_slave_1: left allmulticast mode
[  456.405021][ T1125] bridge_slave_1: left promiscuous mode
[  456.413232][ T1125] bridge0: port 2(bridge_slave_1) entered disabled state
[  456.428914][ T1125] bridge_slave_0: left allmulticast mode
[  456.448099][ T1125] bridge_slave_0: left promiscuous mode
[  456.454123][ T1125] bridge0: port 1(bridge_slave_0) entered disabled state
[  456.607236][T12876] netlink: 84 bytes leftover after parsing attributes in process `syz.2.2432'.
[  457.181144][ T1125] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  457.195259][ T1125] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  457.207130][ T1125] bond0 (unregistering): Released all slaves
[  457.386777][T12855] bridge0: port 1(bridge_slave_0) entered blocking state
[  457.394780][T12855] bridge0: port 1(bridge_slave_0) entered disabled state
[  457.404688][T12855] bridge_slave_0: entered allmulticast mode
[  457.421883][T12855] bridge_slave_0: entered promiscuous mode
[  457.430257][T12899] netlink: 'syz.2.2439': attribute type 10 has an invalid length.
[  457.459274][T12899] team0: Port device netdevsim0 added
[  457.506642][T12855] bridge0: port 2(bridge_slave_1) entered blocking state
[  457.514662][T12855] bridge0: port 2(bridge_slave_1) entered disabled state
[  457.525097][T12855] bridge_slave_1: entered allmulticast mode
[  457.532664][T12855] bridge_slave_1: entered promiscuous mode
[  457.545656][T12904] netlink: 592 bytes leftover after parsing attributes in process `syz.0.2441'.
[  457.553764][T12906] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  457.709846][T12855] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  457.723164][T12855] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  457.808706][T12855] team0: Port device team_slave_0 added
[  457.836694][ T1125] hsr_slave_0: left promiscuous mode
[  457.853537][ T1125] hsr_slave_1: left promiscuous mode
[  457.867892][ T1125] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  457.881712][ T1125] batman_adv: batadv0: Removing interface: batadv_slave_0
[  457.900244][ T1125] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  457.911261][ T1125] batman_adv: batadv0: Removing interface: batadv_slave_1
[  457.939215][ T1125] veth1_macvtap: left promiscuous mode
[  457.945947][ T1125] veth0_macvtap: left promiscuous mode
[  457.951854][ T1125] veth1_vlan: left promiscuous mode
[  457.957229][ T1125] veth0_vlan: left promiscuous mode
[  457.991555][ T5233] Bluetooth: hci1: command tx timeout
[  458.598790][ T1125] team0 (unregistering): Port device team_slave_1 removed
[  458.651168][ T1125] team0 (unregistering): Port device team_slave_0 removed
[  459.188002][T12855] team0: Port device team_slave_1 added
[  459.248506][T12855] batman_adv: batadv0: Adding interface: batadv_slave_0
[  459.258521][T12855] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  459.288262][T12855] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  459.302266][T12855] batman_adv: batadv0: Adding interface: batadv_slave_1
[  459.309286][T12855] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  459.338300][T12855] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  459.557888][T12855] hsr_slave_0: entered promiscuous mode
[  459.581882][T12926] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2448'.
[  459.609302][T12855] hsr_slave_1: entered promiscuous mode
[  459.646355][T12928] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2449'.
[  459.658511][T12855] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  459.674223][T12855] Cannot create hsr debugfs directory
[  459.712941][T12931] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2450'.
[  459.811538][T12935] FAULT_INJECTION: forcing a failure.
[  459.811538][T12935] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  459.842461][T12935] CPU: 0 UID: 0 PID: 12935 Comm: syz.0.2452 Not tainted 6.11.0-rc6-syzkaller-00178-gd759ee240d3c #0
[  459.853373][T12935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  459.863535][T12935] Call Trace:
[  459.866836][T12935]  <TASK>
[  459.869778][T12935]  dump_stack_lvl+0x241/0x360
[  459.874480][T12935]  ? __pfx_dump_stack_lvl+0x10/0x10
[  459.879704][T12935]  ? __pfx__printk+0x10/0x10
[  459.884325][T12935]  ? __pfx_lock_release+0x10/0x10
[  459.888040][   T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  459.889372][T12935]  should_fail_ex+0x3b0/0x4e0
[  459.889413][T12935]  _copy_from_user+0x2f/0xe0
[  459.899761][   T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  459.901185][T12935]  copy_msghdr_from_user+0xae/0x680
[  459.901227][T12935]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  459.913059][   T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  459.918005][T12935]  __sys_sendmsg+0x23d/0x3a0
[  459.918046][T12935]  ? __pfx___sys_sendmsg+0x10/0x10
[  459.927605][   T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  459.930741][T12935]  ? vfs_write+0x7c4/0xc90
[  459.930809][T12935]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  459.936373][   T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  459.940451][T12935]  ? do_syscall_64+0x100/0x230
[  459.940483][T12935]  ? do_syscall_64+0xb6/0x230
[  459.948239][   T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  459.951809][T12935]  do_syscall_64+0xf3/0x230
[  459.951839][T12935]  ? clear_bhb_loop+0x35/0x90
[  459.951864][T12935]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  459.951886][T12935] RIP: 0033:0x7fd29477cef9
[  459.951903][T12935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  459.951919][T12935] RSP: 002b:00007fd295548038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  459.951940][T12935] RAX: ffffffffffffffda RBX: 00007fd294935f80 RCX: 00007fd29477cef9
[  459.951954][T12935] RDX: 0000000000000000 RSI: 0000000020000cc0 RDI: 0000000000000003
[  459.951966][T12935] RBP: 00007fd295548090 R08: 0000000000000000 R09: 0000000000000000
[  459.951979][T12935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  459.951991][T12935] R13: 0000000000000000 R14: 00007fd294935f80 R15: 00007ffcc1fcfbe8
[  459.952022][T12935]  </TASK>
[  459.957735][T12940] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  460.072134][   T54] Bluetooth: hci1: command tx timeout
[  460.090609][T12937] netlink: 592 bytes leftover after parsing attributes in process `syz.4.2453'.
[  460.299112][ T1125] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  460.406392][ T1125] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  460.489452][ T1125] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  460.584958][ T1125] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  460.625845][T12938] chnl_net:caif_netlink_parms(): no params data found
[  460.708404][T12957] FAULT_INJECTION: forcing a failure.
[  460.708404][T12957] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  460.724499][T12957] CPU: 0 UID: 0 PID: 12957 Comm: syz.2.2457 Not tainted 6.11.0-rc6-syzkaller-00178-gd759ee240d3c #0
[  460.735307][T12957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  460.745393][T12957] Call Trace:
[  460.748666][T12957]  <TASK>
[  460.751676][T12957]  dump_stack_lvl+0x241/0x360
[  460.756368][T12957]  ? __pfx_dump_stack_lvl+0x10/0x10
[  460.761601][T12957]  ? __pfx__printk+0x10/0x10
[  460.766232][T12957]  should_fail_ex+0x3b0/0x4e0
[  460.770948][T12957]  prepare_alloc_pages+0x1da/0x5d0
[  460.776106][T12957]  __alloc_pages_noprof+0x166/0x6c0
[  460.781438][T12957]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  460.787218][T12957]  ? __pfx_validate_chain+0x10/0x10
[  460.792423][T12957]  alloc_pages_mpol_noprof+0x3e8/0x680
[  460.797901][T12957]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  460.803893][T12957]  vma_alloc_folio_noprof+0x12e/0x230
[  460.809273][T12957]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  460.815181][T12957]  ? __lock_acquire+0x137a/0x2040
[  460.820213][T12957]  folio_prealloc+0x31/0x170
[  460.824800][T12957]  handle_pte_fault+0x255e/0x6fc0
[  460.829833][T12957]  ? __pfx_lock_acquire+0x10/0x10
[  460.834863][T12957]  ? __pfx_handle_pte_fault+0x10/0x10
[  460.840228][T12957]  ? do_raw_spin_lock+0x14f/0x370
[  460.845260][T12957]  ? follow_page_pte+0x29a/0x1ee0
[  460.850280][T12957]  ? follow_page_pte+0x83f/0x1ee0
[  460.855388][T12957]  ? __pfx_lock_release+0x10/0x10
[  460.860586][T12957]  ? do_raw_spin_unlock+0x13c/0x8b0
[  460.866131][T12957]  handle_mm_fault+0x1109/0x1bc0
[  460.871083][T12957]  ? __pfx_handle_mm_fault+0x10/0x10
[  460.876372][T12957]  ? __pfx_find_vma+0x10/0x10
[  460.881152][T12957]  ? vma_is_secretmem+0xd/0x50
[  460.885911][T12957]  ? check_vma_flags+0x531/0x5a0
[  460.890937][T12957]  __get_user_pages+0x6ec/0x16a0
[  460.895884][T12957]  ? __pfx___get_user_pages+0x10/0x10
[  460.901348][T12957]  __gup_longterm_locked+0xed7/0x17d0
[  460.906832][T12957]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  460.913156][T12957]  ? sanity_check_pinned_pages+0x12c2/0x13c0
[  460.919135][T12957]  ? gup_fast_fallback+0x221d/0x2b50
[  460.924516][T12957]  gup_fast_fallback+0x2742/0x2b50
[  460.929653][T12957]  ? __pfx_gup_fast_fallback+0x10/0x10
[  460.935112][T12957]  ? __sys_getsockopt+0x271/0x330
[  460.940132][T12957]  ? __x64_sys_getsockopt+0xb5/0xd0
[  460.945324][T12957]  ? do_syscall_64+0xf3/0x230
[  460.950019][T12957]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.956111][T12957]  ? is_valid_gup_args+0x124/0x200
[  460.961219][T12957]  pin_user_pages_fast+0xcc/0x160
[  460.966243][T12957]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  460.971871][T12957]  ? rds_info_getsockopt+0x20c/0x600
[  460.977152][T12957]  ? rds_info_getsockopt+0x20c/0x600
[  460.982436][T12957]  ? rds_info_getsockopt+0x20c/0x600
[  460.987850][T12957]  ? __kmalloc_noprof+0x21a/0x400
[  460.992884][T12957]  rds_info_getsockopt+0x22e/0x600
[  460.997993][T12957]  ? __might_fault+0xaa/0x120
[  461.002704][T12957]  ? __pfx_lock_release+0x10/0x10
[  461.007727][T12957]  ? __pfx_rds_info_getsockopt+0x10/0x10
[  461.013364][T12957]  ? __might_fault+0xc6/0x120
[  461.018038][T12957]  ? rds_getsockopt+0x2c2/0x530
[  461.022877][T12957]  ? __pfx_rds_getsockopt+0x10/0x10
[  461.028067][T12957]  do_sock_getsockopt+0x3c4/0x7e0
[  461.033097][T12957]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  461.038643][T12957]  ? __fget_files+0x3f6/0x470
[  461.043322][T12957]  __sys_getsockopt+0x271/0x330
[  461.048169][T12957]  ? __pfx___sys_getsockopt+0x10/0x10
[  461.053536][T12957]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  461.060034][T12957]  __x64_sys_getsockopt+0xb5/0xd0
[  461.065067][T12957]  do_syscall_64+0xf3/0x230
[  461.069568][T12957]  ? clear_bhb_loop+0x35/0x90
[  461.074243][T12957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  461.080126][T12957] RIP: 0033:0x7f1095b7cef9
[  461.084561][T12957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  461.104155][T12957] RSP: 002b:00007f1096975038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  461.112561][T12957] RAX: ffffffffffffffda RBX: 00007f1095d35f80 RCX: 00007f1095b7cef9
[  461.120612][T12957] RDX: 0000000000002711 RSI: 0000200000000114 RDI: 0000000000000003
[  461.128605][T12957] RBP: 00007f1096975090 R08: 0000000020000040 R09: 0000000000000000
[  461.136571][T12957] R10: 0000000020005ec0 R11: 0000000000000246 R12: 0000000000000002
[  461.144534][T12957] R13: 0000000000000000 R14: 00007f1095d35f80 R15: 00007ffedf4a76a8
[  461.152602][T12957]  </TASK>
[  461.317549][T12938] bridge0: port 1(bridge_slave_0) entered blocking state
[  461.340018][T12938] bridge0: port 1(bridge_slave_0) entered disabled state
[  461.358260][T12938] bridge_slave_0: entered allmulticast mode
[  461.365709][T12938] bridge_slave_0: entered promiscuous mode
[  461.379073][T12938] bridge0: port 2(bridge_slave_1) entered blocking state
[  461.387978][T12938] bridge0: port 2(bridge_slave_1) entered disabled state
[  461.398827][T12938] bridge_slave_1: entered allmulticast mode
[  461.417009][T12938] bridge_slave_1: entered promiscuous mode
[  461.502543][ T1125] bridge_slave_1: left allmulticast mode
[  461.508324][ T1125] bridge_slave_1: left promiscuous mode
[  461.537114][ T1125] bridge0: port 2(bridge_slave_1) entered disabled state
[  461.559738][T12976] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2463'.
[  461.572047][ T1125] bridge_slave_0: left allmulticast mode
[  461.579058][T12978] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2462'.
[  461.591982][ T1125] bridge_slave_0: left promiscuous mode
[  461.597793][ T1125] bridge0: port 1(bridge_slave_0) entered disabled state
[  461.619142][T12980] netlink: 'syz.2.2463': attribute type 1 has an invalid length.
[  461.632372][T12980] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2463'.
[  462.083344][ T5233] Bluetooth: hci3: command tx timeout
[  462.126455][ T1125] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  462.139228][ T1125] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  462.150903][ T1125] bond0 (unregistering): Released all slaves
[  462.162852][ T5233] Bluetooth: hci1: command tx timeout
[  462.298142][T12987] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2466'.
[  462.318154][T12938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  462.375972][T12938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  462.398878][T12855] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  462.413805][T12989] netlink: 592 bytes leftover after parsing attributes in process `syz.4.2465'.
[  462.497541][T12989] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  462.537060][T12855] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  462.634640][T12855] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  462.726435][T12938] team0: Port device team_slave_0 added
[  462.749447][T12855] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  462.780017][T12938] team0: Port device team_slave_1 added
[  462.862338][T12938] batman_adv: batadv0: Adding interface: batadv_slave_0
[  462.869348][T12938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  462.961353][T12938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  462.992329][ T1125] hsr_slave_0: left promiscuous mode
[  462.998427][ T1125] hsr_slave_1: left promiscuous mode
[  463.011568][ T1125] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  463.019215][ T1125] batman_adv: batadv0: Removing interface: batadv_slave_0
[  463.038166][ T1125] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  463.046247][ T1125] batman_adv: batadv0: Removing interface: batadv_slave_1
[  463.123865][ T1125] veth1_macvtap: left promiscuous mode
[  463.135073][ T1125] veth0_macvtap: left promiscuous mode
[  463.156698][ T1125] veth1_vlan: left promiscuous mode
[  463.162442][ T1125] veth0_vlan: left promiscuous mode
[  463.338037][T13017] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2477'.
[  463.405854][T13018] netlink: 'syz.4.2477': attribute type 1 has an invalid length.
[  463.426848][T13018] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2477'.
[  463.458730][T13020] netlink: 4552 bytes leftover after parsing attributes in process `syz.2.2478'.
[  463.470313][T13020] netlink: 4552 bytes leftover after parsing attributes in process `syz.2.2478'.
[  463.540771][T13020] xt_CT: No such helper "syz0"
[  464.000205][ T1125] team0 (unregistering): Port device team_slave_1 removed
[  464.067516][ T1125] team0 (unregistering): Port device team_slave_0 removed
[  464.154115][ T5233] Bluetooth: hci3: command tx timeout
[  464.241559][ T5233] Bluetooth: hci1: command tx timeout
[  464.628949][T12938] batman_adv: batadv0: Adding interface: batadv_slave_1
[  464.637154][T12938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  464.663470][T12938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  464.680818][T13020] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2478'.
[  464.900425][T13030] Bluetooth: MGMT ver 1.23
[  464.906115][T13030] Bluetooth: hci3: unsupported parameter 64512
[  464.912784][T13030] Bluetooth: hci3: invalid length 0, exp 2 for type 29
[  464.948642][T13026] netem: incorrect ge model size
[  465.065108][T12938] hsr_slave_0: entered promiscuous mode
[  465.091158][T12938] hsr_slave_1: entered promiscuous mode
[  465.110593][T12938] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  465.130265][T12938] Cannot create hsr debugfs directory
[  465.499494][T13043] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  465.598475][T12855] 8021q: adding VLAN 0 to HW filter on device bond0
[  465.736754][T12855] 8021q: adding VLAN 0 to HW filter on device team0
[  465.806392][ T2964] bridge0: port 1(bridge_slave_0) entered blocking state
[  465.813742][ T2964] bridge0: port 1(bridge_slave_0) entered forwarding state
[  465.900112][T11539] bridge0: port 2(bridge_slave_1) entered blocking state
[  465.907315][T11539] bridge0: port 2(bridge_slave_1) entered forwarding state
[  466.099040][T12855] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  466.244676][ T5233] Bluetooth: hci3: command tx timeout
[  466.430576][T12938] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  466.522438][T12938] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  466.539313][T12938] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  466.566008][T12938] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  466.589227][T12855] 8021q: adding VLAN 0 to HW filter on device batadv0
[  466.769601][T12855] veth0_vlan: entered promiscuous mode
[  466.840039][T12855] veth1_vlan: entered promiscuous mode
[  466.859081][T13097] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  466.886409][T12938] 8021q: adding VLAN 0 to HW filter on device bond0
[  466.948106][T12938] 8021q: adding VLAN 0 to HW filter on device team0
[  466.973632][T13099] __nla_validate_parse: 6 callbacks suppressed
[  466.973652][T13099] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2502'.
[  466.992837][T12855] veth0_macvtap: entered promiscuous mode
[  467.008155][T13099] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2502'.
[  467.034651][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  467.041960][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  467.063561][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  467.070790][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  467.095416][T12855] veth1_macvtap: entered promiscuous mode
[  467.215811][T12855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  467.227603][T12855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.237988][T12855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  467.250202][T12855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.272807][T12855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  467.283700][T12855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.305697][T12855] batman_adv: batadv0: Interface activated: batadv_slave_0
[  467.327327][T12855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.350506][T12855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.371248][T12855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.387795][T12855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.398656][T12855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.409372][T12855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.409493][T13101] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2503'.
[  467.421751][T12855] batman_adv: batadv0: Interface activated: batadv_slave_1
[  467.485528][T12855] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  467.507999][T12855] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  467.527314][T12855] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  467.552719][T12855] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  467.622914][T13106] netlink: 'syz.2.2505': attribute type 10 has an invalid length.
[  467.657054][T13106] team0: Port device netdevsim0 removed
[  467.727449][T13108] netlink: 592 bytes leftover after parsing attributes in process `syz.0.2506'.
[  467.853334][T13115] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  467.878745][ T1125] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  467.901558][ T1125] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  467.987693][ T2964] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  468.031013][ T2964] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  468.107150][T13122] netlink: 'syz.4.2510': attribute type 1 has an invalid length.
[  468.127922][T13122] netlink: 'syz.4.2510': attribute type 2 has an invalid length.
[  468.199198][T12938] 8021q: adding VLAN 0 to HW filter on device batadv0
[  468.311686][ T5233] Bluetooth: hci3: command tx timeout
[  468.468734][T12938] veth0_vlan: entered promiscuous mode
[  468.495500][T12938] veth1_vlan: entered promiscuous mode
[  468.592296][T12938] veth0_macvtap: entered promiscuous mode
[  468.617358][T12938] veth1_macvtap: entered promiscuous mode
[  468.684437][T12938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  468.709412][T13140] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  468.711351][T12938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  468.749519][T12938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  468.771773][T12938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  468.790443][T12938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  468.805965][T12938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  468.807500][T13142] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2515'.
[  468.823890][T12938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  468.845410][T12938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  468.864236][T12938] batman_adv: batadv0: Interface activated: batadv_slave_0
[  468.899051][T12938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  468.919894][T12938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  468.935687][T12938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  468.951817][T12938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  468.967652][T12938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  468.996600][T12938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  469.010281][T12938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  469.021409][T12938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  469.033662][T13145] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2516'.
[  469.034030][T12938] batman_adv: batadv0: Interface activated: batadv_slave_1
[  469.057970][T12938] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  469.067735][T12938] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  469.077545][T12938] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  469.087599][T12938] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  469.103664][T13146] netlink: 'syz.0.2516': attribute type 1 has an invalid length.
[  469.114327][T13146] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2516'.
[  469.126462][T13145] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2516'.
[  469.294001][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  469.307447][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  469.355172][ T1125] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  469.391398][ T1125] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  469.477365][T13151] FAULT_INJECTION: forcing a failure.
[  469.477365][T13151] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  469.513360][T13151] CPU: 0 UID: 0 PID: 13151 Comm: syz.0.2519 Not tainted 6.11.0-rc6-syzkaller-00178-gd759ee240d3c #0
[  469.524354][T13151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  469.534442][T13151] Call Trace:
[  469.537737][T13151]  <TASK>
[  469.540705][T13151]  dump_stack_lvl+0x241/0x360
[  469.545414][T13151]  ? __pfx_dump_stack_lvl+0x10/0x10
[  469.550653][T13151]  ? __pfx__printk+0x10/0x10
[  469.555276][T13151]  ? __pfx_lock_release+0x10/0x10
[  469.560343][T13151]  should_fail_ex+0x3b0/0x4e0
[  469.565060][T13151]  _copy_from_user+0x2f/0xe0
[  469.569689][T13151]  copy_msghdr_from_user+0xae/0x680
[  469.574936][T13151]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  469.580785][T13151]  __sys_sendmsg+0x23d/0x3a0
[  469.585403][T13151]  ? __pfx___sys_sendmsg+0x10/0x10
[  469.590539][T13151]  ? vfs_write+0x7c4/0xc90
[  469.595024][T13151]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  469.601387][T13151]  ? do_syscall_64+0x100/0x230
[  469.606177][T13151]  ? do_syscall_64+0xb6/0x230
[  469.610877][T13151]  do_syscall_64+0xf3/0x230
[  469.615403][T13151]  ? clear_bhb_loop+0x35/0x90
[  469.620114][T13151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.626036][T13151] RIP: 0033:0x7fd29477cef9
[  469.630471][T13151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  469.650461][T13151] RSP: 002b:00007fd295548038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  469.658906][T13151] RAX: ffffffffffffffda RBX: 00007fd294935f80 RCX: 00007fd29477cef9
[  469.667001][T13151] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  469.675004][T13151] RBP: 00007fd295548090 R08: 0000000000000000 R09: 0000000000000000
[  469.683007][T13151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  469.691091][T13151] R13: 0000000000000000 R14: 00007fd294935f80 R15: 00007ffcc1fcfbe8
[  469.699108][T13151]  </TASK>
[  469.960368][T13172] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2526'.
[  469.983388][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  470.006238][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  470.270008][ T2964] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  470.309156][T13182] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2532'.
[  470.863476][ T2964] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  470.935999][ T2964] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.011070][ T2964] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.154929][ T2964] bridge_slave_1: left allmulticast mode
[  471.160637][ T2964] bridge_slave_1: left promiscuous mode
[  471.192122][ T2964] bridge0: port 2(bridge_slave_1) entered disabled state
[  471.224252][ T2964] bridge_slave_0: left allmulticast mode
[  471.240252][ T2964] bridge_slave_0: left promiscuous mode
[  471.249721][ T2964] bridge0: port 1(bridge_slave_0) entered disabled state
[  471.298605][T13195] nbd: couldn't find a device at index 0
[  471.568795][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  471.584238][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  471.594142][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  471.605442][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  471.615517][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  471.623312][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  472.005096][ T2964] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  472.032274][ T2964] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  472.055993][ T2964] bond0 (unregistering): Released all slaves
[  472.074691][T13192] __nla_validate_parse: 1 callbacks suppressed
[  472.074723][T13192] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2535'.
[  472.354600][T13206] chnl_net:caif_netlink_parms(): no params data found
[  472.447489][T13206] bridge0: port 1(bridge_slave_0) entered blocking state
[  472.454948][T13206] bridge0: port 1(bridge_slave_0) entered disabled state
[  472.464309][T13206] bridge_slave_0: entered allmulticast mode
[  472.471147][T13206] bridge_slave_0: entered promiscuous mode
[  472.486948][ T2964] hsr_slave_0: left promiscuous mode
[  472.493204][ T2964] hsr_slave_1: left promiscuous mode
[  472.499310][ T2964] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  472.508017][ T2964] batman_adv: batadv0: Removing interface: batadv_slave_0
[  472.516359][ T2964] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  472.524109][ T2964] batman_adv: batadv0: Removing interface: batadv_slave_1
[  472.546771][ T2964] veth1_macvtap: left promiscuous mode
[  472.552464][ T2964] veth0_macvtap: left promiscuous mode
[  472.558115][ T2964] veth1_vlan: left promiscuous mode
[  472.563527][ T2964] veth0_vlan: left promiscuous mode
[  473.155954][ T2964] team0 (unregistering): Port device team_slave_1 removed
[  473.212363][ T2964] team0 (unregistering): Port device team_slave_0 removed
[  473.694424][   T54] Bluetooth: hci1: command tx timeout
[  473.832181][ T5233] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  473.845357][ T5233] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  473.863627][ T5233] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  473.872109][ T5233] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  473.888724][ T5233] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  473.898159][ T5233] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  474.090610][T13206] bridge0: port 2(bridge_slave_1) entered blocking state
[  474.098366][T13206] bridge0: port 2(bridge_slave_1) entered disabled state
[  474.106124][T13206] bridge_slave_1: entered allmulticast mode
[  474.116342][T13206] bridge_slave_1: entered promiscuous mode
[  474.143479][T13219] netlink: 'syz.0.2538': attribute type 10 has an invalid length.
[  474.162933][T13219] netdevsim netdevsim0 netdevsim0: left promiscuous mode
[  474.175230][T13219] netdevsim netdevsim0 netdevsim0: left allmulticast mode
[  474.190526][T13219] team0: Port device netdevsim0 removed
[  474.229758][T13206] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  474.275943][T13206] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  474.418245][T13206] team0: Port device team_slave_0 added
[  474.426224][T13232] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 232
[  474.444532][T13234] Bluetooth: MGMT ver 1.23
[  474.482819][T13206] team0: Port device team_slave_1 added
[  474.551756][T13206] batman_adv: batadv0: Adding interface: batadv_slave_0
[  474.571446][T13206] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  474.617226][T13206] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  474.652001][T13206] batman_adv: batadv0: Adding interface: batadv_slave_1
[  474.681227][T13206] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  474.729204][T13206] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  474.805506][T13248] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2548'.
[  474.876826][T13250] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2549'.
[  474.935262][T13206] hsr_slave_0: entered promiscuous mode
[  474.953282][T13206] hsr_slave_1: entered promiscuous mode
[  474.966701][T13206] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  474.982430][T13206] Cannot create hsr debugfs directory
[  475.205445][ T2964] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.357984][ T2964] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.382771][T13270] bridge0: port 1(bridge_slave_0) entered disabled state
[  475.447074][T13271] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  475.496300][ T2964] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.660964][ T2964] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.736523][T13225] chnl_net:caif_netlink_parms(): no params data found
[  475.751813][   T54] Bluetooth: hci1: command tx timeout
[  475.852803][T13280] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2558'.
[  475.992694][   T54] Bluetooth: hci3: command tx timeout
[  476.071670][T13285] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2560'.
[  476.090394][T13285] netlink: 'syz.2.2560': attribute type 1 has an invalid length.
[  476.143362][T13285] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2560'.
[  476.223290][T13225] bridge0: port 1(bridge_slave_0) entered blocking state
[  476.252454][T13225] bridge0: port 1(bridge_slave_0) entered disabled state
[  476.271938][T13225] bridge_slave_0: entered allmulticast mode
[  476.279346][T13225] bridge_slave_0: entered promiscuous mode
[  476.303945][ T2964] bridge_slave_1: left allmulticast mode
[  476.314908][ T2964] bridge_slave_1: left promiscuous mode
[  476.320674][ T2964] bridge0: port 2(bridge_slave_1) entered disabled state
[  476.372196][ T2964] bridge_slave_0: left allmulticast mode
[  476.401516][ T2964] bridge_slave_0: left promiscuous mode
[  476.407311][ T2964] bridge0: port 1(bridge_slave_0) entered disabled state
[  476.621934][T13307] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  477.069423][ T2964] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  477.082937][ T2964] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  477.096050][ T2964] bond0 (unregistering): Released all slaves
[  477.112166][T13225] bridge0: port 2(bridge_slave_1) entered blocking state
[  477.119863][T13225] bridge0: port 2(bridge_slave_1) entered disabled state
[  477.143300][T13225] bridge_slave_1: entered allmulticast mode
[  477.154910][T13225] bridge_slave_1: entered promiscuous mode
[  477.178269][T13305] netlink: 592 bytes leftover after parsing attributes in process `syz.4.2566'.
[  477.315190][T13225] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  477.467076][T13225] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  477.559363][T13319] IPVS: set_ctl: invalid protocol: 29 172.20.20.170:0
[  477.594882][T13225] team0: Port device team_slave_0 added
[  477.694314][T13225] team0: Port device team_slave_1 added
[  477.702441][T13318] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  477.802507][ T2964] hsr_slave_0: left promiscuous mode
[  477.831425][   T54] Bluetooth: hci1: command tx timeout
[  477.836993][ T2964] hsr_slave_1: left promiscuous mode
[  477.847865][ T2964] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  477.871097][ T2964] batman_adv: batadv0: Removing interface: batadv_slave_0
[  477.895519][ T2964] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  477.912855][ T2964] batman_adv: batadv0: Removing interface: batadv_slave_1
[  477.973012][ T2964] veth1_macvtap: left promiscuous mode
[  477.987410][ T2964] veth0_macvtap: left promiscuous mode
[  477.998557][ T2964] veth1_vlan: left promiscuous mode
[  478.016530][ T2964] veth0_vlan: left promiscuous mode
[  478.072026][   T54] Bluetooth: hci3: command tx timeout
[  478.783394][ T2964] team0 (unregistering): Port device team_slave_1 removed
[  478.839708][ T2964] team0 (unregistering): Port device team_slave_0 removed
[  479.409230][T13206] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  479.434361][T13206] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  479.455430][T13206] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  479.499506][T13331] netlink: 372 bytes leftover after parsing attributes in process `syz.0.2575'.
[  479.522275][T13331] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2575'.
[  479.538157][T13225] batman_adv: batadv0: Adding interface: batadv_slave_0
[  479.547398][T13335] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2576'.
[  479.558131][T13225] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  479.581184][T13335] FAULT_INJECTION: forcing a failure.
[  479.581184][T13335] name failslab, interval 1, probability 0, space 0, times 0
[  479.609813][T13335] CPU: 0 UID: 0 PID: 13335 Comm: syz.2.2576 Not tainted 6.11.0-rc6-syzkaller-00178-gd759ee240d3c #0
[  479.618390][T13225] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  479.620867][T13335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  479.641942][T13335] Call Trace:
[  479.645253][T13335]  <TASK>
[  479.648203][T13335]  dump_stack_lvl+0x241/0x360
[  479.652996][T13335]  ? __pfx_dump_stack_lvl+0x10/0x10
[  479.658176][T13225] batman_adv: batadv0: Adding interface: batadv_slave_1
[  479.658214][T13335]  ? __pfx__printk+0x10/0x10
[  479.666071][T13225] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  479.670362][T13335]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[  479.701966][T13335]  ? __pfx___might_resched+0x10/0x10
[  479.703722][T13225] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  479.707280][T13335]  should_fail_ex+0x3b0/0x4e0
[  479.722564][T13335]  ? skb_clone+0x20c/0x390
[  479.727017][T13335]  should_failslab+0xac/0x100
[  479.731734][T13335]  ? skb_clone+0x20c/0x390
[  479.736214][T13335]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  479.741698][T13335]  skb_clone+0x20c/0x390
[  479.745984][T13335]  nfnetlink_rcv+0x575/0x2ad0
[  479.750702][T13335]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  479.756439][T13335]  ? __dev_queue_xmit+0x1763/0x3e90
[  479.761648][T13335]  ? kasan_save_track+0x51/0x80
[  479.766532][T13335]  ? do_syscall_64+0xf3/0x230
[  479.771244][T13335]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  479.776396][T13335]  ? ref_tracker_free+0x643/0x7e0
[  479.781698][T13335]  ? __asan_memcpy+0x40/0x70
[  479.786302][T13335]  ? __pfx_ref_tracker_free+0x10/0x10
[  479.791743][T13335]  ? netlink_deliver_tap+0x2e/0x1b0
[  479.797066][T13335]  ? skb_clone+0x240/0x390
[  479.801507][T13335]  ? __pfx_lock_release+0x10/0x10
[  479.806559][T13335]  ? __netlink_deliver_tap+0x77e/0x7c0
[  479.812036][T13335]  ? netlink_deliver_tap+0x2e/0x1b0
[  479.817256][T13335]  netlink_unicast+0x7f6/0x990
[  479.822051][T13335]  ? __pfx_netlink_unicast+0x10/0x10
[  479.827341][T13335]  ? __virt_addr_valid+0x183/0x530
[  479.832458][T13335]  ? __check_object_size+0x49c/0x900
[  479.837751][T13335]  ? bpf_lsm_netlink_send+0x9/0x10
[  479.842873][T13335]  netlink_sendmsg+0x8e4/0xcb0
[  479.847723][T13335]  ? __pfx_netlink_sendmsg+0x10/0x10
[  479.853045][T13335]  ? __import_iovec+0x536/0x820
[  479.857985][T13335]  ? aa_sock_msg_perm+0x91/0x160
[  479.862947][T13335]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  479.868254][T13335]  ? security_socket_sendmsg+0x87/0xb0
[  479.873929][T13335]  ? __pfx_netlink_sendmsg+0x10/0x10
[  479.879220][T13335]  __sock_sendmsg+0x221/0x270
[  479.883915][T13335]  ____sys_sendmsg+0x525/0x7d0
[  479.888728][T13335]  ? __pfx_____sys_sendmsg+0x10/0x10
[  479.894062][T13335]  __sys_sendmsg+0x2b0/0x3a0
[  479.898656][T13335]  ? __pfx___sys_sendmsg+0x10/0x10
[  479.903788][T13335]  ? vfs_write+0x7c4/0xc90
[  479.908219][T13335]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  479.914639][T13335]  ? do_syscall_64+0x100/0x230
[  479.919420][T13335]  ? do_syscall_64+0xb6/0x230
[  479.924090][T13335]  do_syscall_64+0xf3/0x230
[  479.928585][T13335]  ? clear_bhb_loop+0x35/0x90
[  479.933428][T13335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  479.939311][T13335] RIP: 0033:0x7f1095b7cef9
[  479.941669][ T5233] Bluetooth: hci1: command tx timeout
[  479.943708][T13335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  479.943729][T13335] RSP: 002b:00007f1096975038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  479.977096][T13335] RAX: ffffffffffffffda RBX: 00007f1095d35f80 RCX: 00007f1095b7cef9
[  479.985157][T13335] RDX: 0000000000000000 RSI: 0000000020000cc0 RDI: 0000000000000003
[  479.993142][T13335] RBP: 00007f1096975090 R08: 0000000000000000 R09: 0000000000000000
[  480.001146][T13335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  480.009135][T13335] R13: 0000000000000000 R14: 00007f1095d35f80 R15: 00007ffedf4a76a8
[  480.017153][T13335]  </TASK>
[  480.063197][T13206] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  480.151643][ T5233] Bluetooth: hci3: command tx timeout
[  480.179308][T13346] netlink: 592 bytes leftover after parsing attributes in process `syz.2.2579'.
[  480.260553][T13225] hsr_slave_0: entered promiscuous mode
[  480.278883][T13225] hsr_slave_1: entered promiscuous mode
[  480.300084][T13351] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  480.339462][T13225] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  480.372198][T13225] Cannot create hsr debugfs directory
[  480.804242][T13367] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2587'.
[  480.940915][T13206] 8021q: adding VLAN 0 to HW filter on device bond0
[  481.016782][T13371] IPVS: set_ctl: invalid protocol: 29 172.20.20.170:0
[  481.057692][T13206] 8021q: adding VLAN 0 to HW filter on device team0
[  481.128647][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  481.136096][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  481.197087][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  481.204588][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  481.303233][T13376] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  481.517744][T13225] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  481.528786][T13225] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  481.554803][T13225] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  481.583148][T13225] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  481.596172][T13390] Cannot find map_set index 4 as target
[  481.604611][T13391] FAULT_INJECTION: forcing a failure.
[  481.604611][T13391] name failslab, interval 1, probability 0, space 0, times 0
[  481.618240][T13391] CPU: 1 UID: 0 PID: 13391 Comm: syz.2.2593 Not tainted 6.11.0-rc6-syzkaller-00178-gd759ee240d3c #0
[  481.629116][T13391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  481.639282][T13391] Call Trace:
[  481.642596][T13391]  <TASK>
[  481.645581][T13391]  dump_stack_lvl+0x241/0x360
[  481.650305][T13391]  ? __pfx_dump_stack_lvl+0x10/0x10
[  481.655587][T13391]  ? __pfx__printk+0x10/0x10
[  481.660223][T13391]  should_fail_ex+0x3b0/0x4e0
[  481.664917][T13391]  ? skb_clone+0x20c/0x390
[  481.669345][T13391]  should_failslab+0xac/0x100
[  481.674040][T13391]  ? skb_clone+0x20c/0x390
[  481.678564][T13391]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  481.683971][T13391]  skb_clone+0x20c/0x390
[  481.688389][T13391]  ? dev_queue_xmit_nit+0x220/0xc10
[  481.693586][T13391]  dev_queue_xmit_nit+0x419/0xc10
[  481.698695][T13391]  ? dev_queue_xmit_nit+0x2b/0xc10
[  481.703809][T13391]  ? validate_xmit_skb+0x9f9/0x1120
[  481.709009][T13391]  dev_hard_start_xmit+0x15f/0x7e0
[  481.714119][T13391]  ? __pfx_validate_xmit_skb+0x10/0x10
[  481.719579][T13391]  __dev_queue_xmit+0x1b63/0x3e90
[  481.724594][T13391]  ? kasan_save_track+0x51/0x80
[  481.729443][T13391]  ? do_syscall_64+0xf3/0x230
[  481.734122][T13391]  ? __dev_queue_xmit+0x2da/0x3e90
[  481.740278][T13391]  ? __pfx___dev_queue_xmit+0x10/0x10
[  481.745660][T13391]  ? __copy_skb_header+0x437/0x5b0
[  481.750773][T13391]  ? __asan_memcpy+0x40/0x70
[  481.755357][T13391]  ? __copy_skb_header+0x437/0x5b0
[  481.760461][T13391]  ? __skb_clone+0x454/0x6c0
[  481.765158][T13391]  ? skb_clone+0x240/0x390
[  481.769598][T13391]  __netlink_deliver_tap+0x54d/0x7c0
[  481.774903][T13391]  ? netlink_deliver_tap+0x2e/0x1b0
[  481.780183][T13391]  netlink_deliver_tap+0x19d/0x1b0
[  481.785289][T13391]  netlink_unicast+0x7c4/0x990
[  481.790078][T13391]  ? __pfx_netlink_unicast+0x10/0x10
[  481.795356][T13391]  ? __virt_addr_valid+0x183/0x530
[  481.800462][T13391]  ? __check_object_size+0x49c/0x900
[  481.805749][T13391]  ? bpf_lsm_netlink_send+0x9/0x10
[  481.810867][T13391]  netlink_sendmsg+0x8e4/0xcb0
[  481.815637][T13391]  ? __pfx_netlink_sendmsg+0x10/0x10
[  481.820912][T13391]  ? __import_iovec+0x536/0x820
[  481.825754][T13391]  ? aa_sock_msg_perm+0x91/0x160
[  481.830719][T13391]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  481.836017][T13391]  ? security_socket_sendmsg+0x87/0xb0
[  481.841523][T13391]  ? __pfx_netlink_sendmsg+0x10/0x10
[  481.846822][T13391]  __sock_sendmsg+0x221/0x270
[  481.851510][T13391]  ____sys_sendmsg+0x525/0x7d0
[  481.856283][T13391]  ? __pfx_____sys_sendmsg+0x10/0x10
[  481.861666][T13391]  __sys_sendmsg+0x2b0/0x3a0
[  481.866255][T13391]  ? __pfx___sys_sendmsg+0x10/0x10
[  481.871359][T13391]  ? vfs_write+0x7c4/0xc90
[  481.875872][T13391]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  481.882232][T13391]  ? do_syscall_64+0x100/0x230
[  481.887028][T13391]  ? do_syscall_64+0xb6/0x230
[  481.891794][T13391]  do_syscall_64+0xf3/0x230
[  481.896295][T13391]  ? clear_bhb_loop+0x35/0x90
[  481.900994][T13391]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.906985][T13391] RIP: 0033:0x7f1095b7cef9
[  481.911574][T13391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  481.931193][T13391] RSP: 002b:00007f1096975038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  481.939737][T13391] RAX: ffffffffffffffda RBX: 00007f1095d35f80 RCX: 00007f1095b7cef9
[  481.947767][T13391] RDX: 0000000000000000 RSI: 0000000020000cc0 RDI: 0000000000000003
[  481.955743][T13391] RBP: 00007f1096975090 R08: 0000000000000000 R09: 0000000000000000
[  481.963724][T13391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  481.971731][T13391] R13: 0000000000000000 R14: 00007f1095d35f80 R15: 00007ffedf4a76a8
[  481.979710][T13391]  </TASK>
[  482.021402][T13391] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2593'.
[  482.041610][T13393] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2592'.
[  482.097471][T13206] 8021q: adding VLAN 0 to HW filter on device batadv0
[  482.171199][T13225] 8021q: adding VLAN 0 to HW filter on device bond0
[  482.242318][ T5233] Bluetooth: hci3: command tx timeout
[  482.249452][T13225] 8021q: adding VLAN 0 to HW filter on device team0
[  482.296652][T13403] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2596'.
[  482.322779][T11541] bridge0: port 1(bridge_slave_0) entered blocking state
[  482.330105][T11541] bridge0: port 1(bridge_slave_0) entered forwarding state
[  482.347369][T13206] veth0_vlan: entered promiscuous mode
[  482.384539][T11539] bridge0: port 2(bridge_slave_1) entered blocking state
[  482.391752][T11539] bridge0: port 2(bridge_slave_1) entered forwarding state
[  482.506858][T13206] veth1_vlan: entered promiscuous mode
[  482.593327][T13413] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2600'.
[  482.597832][T13225] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  482.669528][T13413] netlink: 'syz.0.2600': attribute type 1 has an invalid length.
[  482.694413][T13413] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2600'.
[  482.727526][T13419] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2602'.
[  482.739012][T13206] veth0_macvtap: entered promiscuous mode
[  482.747810][T13413] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2600'.
[  482.792920][T13206] veth1_macvtap: entered promiscuous mode
[  482.839548][T13206] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  482.880947][T13206] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  482.901705][T13206] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  482.927427][T13206] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  482.941407][T13206] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  482.952637][T13206] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  482.964358][T13206] batman_adv: batadv0: Interface activated: batadv_slave_0
[  482.979204][T13206] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  482.992825][T13206] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  483.002849][T13206] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  483.013327][T13206] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  483.025160][T13206] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  483.036251][T13206] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  483.049535][T13206] batman_adv: batadv0: Interface activated: batadv_slave_1
[  483.058413][T13428] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2605'.
[  483.115383][T13206] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  483.145701][T13206] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  483.171421][T13206] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  483.182008][T13206] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  483.244255][T13436] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2608'.
[  483.267488][T13225] 8021q: adding VLAN 0 to HW filter on device batadv0
[  483.295088][T13439] FAULT_INJECTION: forcing a failure.
[  483.295088][T13439] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  483.315943][T13439] CPU: 1 UID: 0 PID: 13439 Comm: syz.4.2609 Not tainted 6.11.0-rc6-syzkaller-00178-gd759ee240d3c #0
[  483.326771][T13439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  483.336856][T13439] Call Trace:
[  483.340174][T13439]  <TASK>
[  483.343167][T13439]  dump_stack_lvl+0x241/0x360
[  483.347880][T13439]  ? __pfx_dump_stack_lvl+0x10/0x10
[  483.353111][T13439]  ? __pfx__printk+0x10/0x10
[  483.357751][T13439]  ? snprintf+0xda/0x120
[  483.362031][T13439]  should_fail_ex+0x3b0/0x4e0
[  483.366752][T13439]  _copy_to_user+0x2f/0xb0
[  483.371204][T13439]  simple_read_from_buffer+0xca/0x150
[  483.376622][T13439]  proc_fail_nth_read+0x1ec/0x260
[  483.381770][T13439]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  483.387346][T13439]  ? rw_verify_area+0x520/0x6b0
[  483.392227][T13439]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  483.397856][T13439]  vfs_read+0x204/0xbc0
[  483.402012][T13439]  ? __pfx_lock_release+0x10/0x10
[  483.407045][T13439]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  483.413124][T13439]  ? __pfx_vfs_read+0x10/0x10
[  483.417830][T13439]  ? __fget_files+0x29/0x470
[  483.422424][T13439]  ? __fget_files+0x3f6/0x470
[  483.427291][T13439]  ksys_read+0x1a0/0x2c0
[  483.431639][T13439]  ? __pfx_ksys_read+0x10/0x10
[  483.436453][T13439]  ? do_syscall_64+0x100/0x230
[  483.441231][T13439]  ? do_syscall_64+0xb6/0x230
[  483.445910][T13439]  do_syscall_64+0xf3/0x230
[  483.450408][T13439]  ? clear_bhb_loop+0x35/0x90
[  483.455089][T13439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  483.461061][T13439] RIP: 0033:0x7f007297b93c
[  483.465478][T13439] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  483.485350][T13439] RSP: 002b:00007f007385b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  483.493871][T13439] RAX: ffffffffffffffda RBX: 00007f0072b35f80 RCX: 00007f007297b93c
[  483.501953][T13439] RDX: 000000000000000f RSI: 00007f007385b0a0 RDI: 0000000000000004
[  483.510027][T13439] RBP: 00007f007385b090 R08: 0000000000000000 R09: 0000000000000000
[  483.518105][T13439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  483.526268][T13439] R13: 0000000000000000 R14: 00007f0072b35f80 R15: 00007ffdd1be8d78
[  483.534281][T13439]  </TASK>
[  483.648651][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  483.665970][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  483.703477][T13225] veth0_vlan: entered promiscuous mode
[  483.721753][T13442] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2610'.
[  483.761033][T11541] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  483.781632][T13225] veth1_vlan: entered promiscuous mode
[  483.796656][T11541] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  483.877653][T13225] veth0_macvtap: entered promiscuous mode
[  483.894026][T13225] veth1_macvtap: entered promiscuous mode
[  483.930696][T13225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  483.944543][T13225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  483.958068][T13225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  483.969526][T13225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  483.979722][T13225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  483.990614][T13225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.002086][T13225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  484.012925][T13225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.033670][T13225] batman_adv: batadv0: Interface activated: batadv_slave_0
[  484.050831][T13225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  484.070195][T13225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.087042][T13225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  484.107251][T13225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.119948][T13225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  484.132210][T13225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.142262][T13225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  484.153214][T13457] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2614'.
[  484.165446][T13225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.198161][T13225] batman_adv: batadv0: Interface activated: batadv_slave_1
[  484.219968][T13457] bridge0: entered allmulticast mode
[  484.289548][T13225] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  484.301730][T13225] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  484.310477][T13225] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  484.320328][T13225] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  484.343469][T13457] pim6reg: entered allmulticast mode
[  484.350726][T13457] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2614'.
[  484.449922][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88807bc05c00: rx timeout, send abort
[  484.488247][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  484.505199][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  484.555470][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  484.572373][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  484.583601][T13464] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  484.958320][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88807bc05c00: abort rx timeout. Force session deactivation
[  485.052548][T13471] FAULT_INJECTION: forcing a failure.
[  485.052548][T13471] name failslab, interval 1, probability 0, space 0, times 0
[  485.072328][T13471] CPU: 1 UID: 0 PID: 13471 Comm: syz.0.2618 Not tainted 6.11.0-rc6-syzkaller-00178-gd759ee240d3c #0
[  485.083313][T13471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  485.093393][T13471] Call Trace:
[  485.096700][T13471]  <TASK>
[  485.099652][T13471]  dump_stack_lvl+0x241/0x360
[  485.104451][T13471]  ? __pfx_dump_stack_lvl+0x10/0x10
[  485.109696][T13471]  ? __pfx__printk+0x10/0x10
[  485.114320][T13471]  ? ref_tracker_alloc+0x332/0x490
[  485.119444][T13471]  should_fail_ex+0x3b0/0x4e0
[  485.124140][T13471]  ? skb_clone+0x20c/0x390
[  485.128553][T13471]  should_failslab+0xac/0x100
[  485.133345][T13471]  ? skb_clone+0x20c/0x390
[  485.137752][T13471]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  485.143121][T13471]  skb_clone+0x20c/0x390
[  485.147459][T13471]  __netlink_deliver_tap+0x3cc/0x7c0
[  485.152750][T13471]  ? netlink_deliver_tap+0x2e/0x1b0
[  485.157937][T13471]  netlink_deliver_tap+0x19d/0x1b0
[  485.163127][T13471]  netlink_unicast+0x7c4/0x990
[  485.167898][T13471]  ? __pfx_netlink_unicast+0x10/0x10
[  485.173180][T13471]  ? __virt_addr_valid+0x183/0x530
[  485.178308][T13471]  ? __check_object_size+0x49c/0x900
[  485.183599][T13471]  ? bpf_lsm_netlink_send+0x9/0x10
[  485.188721][T13471]  netlink_sendmsg+0x8e4/0xcb0
[  485.193498][T13471]  ? __pfx_netlink_sendmsg+0x10/0x10
[  485.198781][T13471]  ? __import_iovec+0x536/0x820
[  485.203631][T13471]  ? aa_sock_msg_perm+0x91/0x160
[  485.208594][T13471]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  485.213883][T13471]  ? security_socket_sendmsg+0x87/0xb0
[  485.219397][T13471]  ? __pfx_netlink_sendmsg+0x10/0x10
[  485.224701][T13471]  __sock_sendmsg+0x221/0x270
[  485.229415][T13471]  ____sys_sendmsg+0x525/0x7d0
[  485.234203][T13471]  ? __pfx_____sys_sendmsg+0x10/0x10
[  485.239586][T13471]  __sys_sendmsg+0x2b0/0x3a0
[  485.244190][T13471]  ? __pfx___sys_sendmsg+0x10/0x10
[  485.249337][T13471]  ? vfs_write+0x7c4/0xc90
[  485.253792][T13471]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  485.260206][T13471]  ? do_syscall_64+0x100/0x230
[  485.264975][T13471]  ? do_syscall_64+0xb6/0x230
[  485.269714][T13471]  do_syscall_64+0xf3/0x230
[  485.274330][T13471]  ? clear_bhb_loop+0x35/0x90
[  485.279195][T13471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  485.285181][T13471] RIP: 0033:0x7fd29477cef9
[  485.289730][T13471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  485.309566][T13471] RSP: 002b:00007fd295548038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  485.318071][T13471] RAX: ffffffffffffffda RBX: 00007fd294935f80 RCX: 00007fd29477cef9
[  485.326037][T13471] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  485.333999][T13471] RBP: 00007fd295548090 R08: 0000000000000000 R09: 0000000000000000
[  485.341967][T13471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  485.350016][T13471] R13: 0000000000000000 R14: 00007fd294935f80 R15: 00007ffcc1fcfbe8
[  485.357998][T13471]  </TASK>
[  485.818966][T13498] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  486.203627][T13512] tipc: Failed to remove unknown binding: 66,1,1/0:3879828974/3879828976
[  486.223191][T13512] tipc: Failed to remove unknown binding: 66,1,1/0:3879828974/3879828976
[  486.239746][T13512] tipc: Failed to remove unknown binding: 66,1,1/0:3879828974/3879828976
[  486.493448][   T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.024640][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  487.038803][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  487.047784][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  487.057736][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  487.066160][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  487.078494][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  487.226379][T13527] chnl_net:caif_netlink_parms(): no params data found
[  487.316332][   T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.331286][T13527] bridge0: port 1(bridge_slave_0) entered blocking state
[  487.340063][T13527] bridge0: port 1(bridge_slave_0) entered disabled state
[  487.349431][T13527] bridge_slave_0: entered allmulticast mode
[  487.356973][T13527] bridge_slave_0: entered promiscuous mode
[  487.394459][   T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.408912][T13527] bridge0: port 2(bridge_slave_1) entered blocking state
[  487.416262][T13527] bridge0: port 2(bridge_slave_1) entered disabled state
[  487.423863][T13527] bridge_slave_1: entered allmulticast mode
[  487.430712][T13527] bridge_slave_1: entered promiscuous mode
[  487.467677][   T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.508111][T13527] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  487.525803][T13527] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  487.568534][T13527] team0: Port device team_slave_0 added
[  487.580355][T13527] team0: Port device team_slave_1 added
[  487.626609][T13527] batman_adv: batadv0: Adding interface: batadv_slave_0
[  487.639320][T13527] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  487.666373][T13527] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  487.690352][T13527] batman_adv: batadv0: Adding interface: batadv_slave_1
[  487.697805][T13527] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  487.724244][T13527] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  487.760114][   T11] bridge_slave_1: left allmulticast mode
[  487.768377][   T11] bridge_slave_1: left promiscuous mode
[  487.774555][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  487.785410][   T11] bridge_slave_0: left allmulticast mode
[  487.791082][   T11] bridge_slave_0: left promiscuous mode
[  487.797630][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  488.249177][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  488.260884][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  488.277211][   T11] bond0 (unregistering): Released all slaves
[  488.326248][T13527] hsr_slave_0: entered promiscuous mode
[  488.336486][T13527] hsr_slave_1: entered promiscuous mode
[  488.359562][T13527] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  488.370877][T13527] Cannot create hsr debugfs directory
[  488.504245][T13539] __nla_validate_parse: 7 callbacks suppressed
[  488.504266][T13539] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2642'.
[  488.579658][T13541] netem: incorrect ge model size
[  488.581913][T13542] netlink: 'syz.2.2642': attribute type 1 has an invalid length.
[  488.604990][T13541] netem: change failed
[  488.611645][T13542] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2642'.
[  488.632504][T13544] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2641'.
[  488.657861][T13537] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  488.965475][ T5233] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  488.977282][ T5233] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  489.002614][ T5233] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  489.030305][ T5233] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  489.041098][ T5233] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  489.048748][ T5233] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  489.111610][ T5233] Bluetooth: hci1: command tx timeout
[  489.201910][   T11] hsr_slave_0: left promiscuous mode
[  489.218745][   T11] hsr_slave_1: left promiscuous mode
[  489.235167][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  489.257724][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  489.281629][T13561] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  489.283525][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  489.313124][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  489.376157][   T11] veth1_macvtap: left promiscuous mode
[  489.382931][   T11] veth0_macvtap: left promiscuous mode
[  489.388994][   T11] veth1_vlan: left promiscuous mode
[  489.394408][   T11] veth0_vlan: left promiscuous mode
[  489.789056][T13567] FAULT_INJECTION: forcing a failure.
[  489.789056][T13567] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  489.811618][T13567] CPU: 1 UID: 0 PID: 13567 Comm: syz.4.2649 Not tainted 6.11.0-rc6-syzkaller-00178-gd759ee240d3c #0
[  489.822529][T13567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  489.832620][T13567] Call Trace:
[  489.835999][T13567]  <TASK>
[  489.838938][T13567]  dump_stack_lvl+0x241/0x360
[  489.843642][T13567]  ? __pfx_dump_stack_lvl+0x10/0x10
[  489.849475][T13567]  ? __pfx__printk+0x10/0x10
[  489.854095][T13567]  should_fail_ex+0x3b0/0x4e0
[  489.858805][T13567]  prepare_alloc_pages+0x1da/0x5d0
[  489.863938][T13567]  __alloc_pages_noprof+0x166/0x6c0
[  489.869182][T13567]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  489.874939][T13567]  ? __pfx_validate_chain+0x10/0x10
[  489.880158][T13567]  alloc_pages_mpol_noprof+0x3e8/0x680
[  489.885646][T13567]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  489.891690][T13567]  vma_alloc_folio_noprof+0x12e/0x230
[  489.897132][T13567]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  489.903064][T13567]  ? __lock_acquire+0x137a/0x2040
[  489.908105][T13567]  folio_prealloc+0x31/0x170
[  489.912723][T13567]  handle_pte_fault+0x255e/0x6fc0
[  489.917794][T13567]  ? __pfx_lock_acquire+0x10/0x10
[  489.922852][T13567]  ? __pfx_handle_pte_fault+0x10/0x10
[  489.928274][T13567]  ? do_raw_spin_lock+0x14f/0x370
[  489.933433][T13567]  ? follow_page_pte+0x29a/0x1ee0
[  489.938485][T13567]  ? follow_page_pte+0x83f/0x1ee0
[  489.943523][T13567]  ? __pfx_lock_release+0x10/0x10
[  489.948568][T13567]  ? do_raw_spin_unlock+0x13c/0x8b0
[  489.953790][T13567]  handle_mm_fault+0x1109/0x1bc0
[  489.958769][T13567]  ? __pfx_handle_mm_fault+0x10/0x10
[  489.964083][T13567]  ? __pfx_find_vma+0x10/0x10
[  489.968873][T13567]  ? vma_is_secretmem+0xd/0x50
[  489.973740][T13567]  ? check_vma_flags+0x531/0x5a0
[  489.978742][T13567]  __get_user_pages+0x6ec/0x16a0
[  489.983723][T13567]  ? __pfx___get_user_pages+0x10/0x10
[  489.989142][T13567]  __gup_longterm_locked+0xed7/0x17d0
[  489.994902][T13567]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  490.001287][T13567]  ? sanity_check_pinned_pages+0x12c2/0x13c0
[  490.007308][T13567]  ? gup_fast_fallback+0x221d/0x2b50
[  490.012639][T13567]  gup_fast_fallback+0x2742/0x2b50
[  490.017833][T13567]  ? __pfx_gup_fast_fallback+0x10/0x10
[  490.023489][T13567]  ? __sys_getsockopt+0x271/0x330
[  490.028547][T13567]  ? __x64_sys_getsockopt+0xb5/0xd0
[  490.033758][T13567]  ? do_syscall_64+0xf3/0x230
[  490.038456][T13567]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.044689][T13567]  ? is_valid_gup_args+0x124/0x200
[  490.049829][T13567]  pin_user_pages_fast+0xcc/0x160
[  490.054893][T13567]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  490.060647][T13567]  ? rds_info_getsockopt+0x20c/0x600
[  490.065936][T13567]  ? rds_info_getsockopt+0x20c/0x600
[  490.071228][T13567]  ? rds_info_getsockopt+0x20c/0x600
[  490.076545][T13567]  ? __kmalloc_noprof+0x21a/0x400
[  490.081685][T13567]  rds_info_getsockopt+0x22e/0x600
[  490.086850][T13567]  ? __might_fault+0xaa/0x120
[  490.091535][T13567]  ? __pfx_lock_release+0x10/0x10
[  490.096584][T13567]  ? __pfx_rds_info_getsockopt+0x10/0x10
[  490.102246][T13567]  ? __might_fault+0xc6/0x120
[  490.106942][T13567]  ? rds_getsockopt+0x2c2/0x530
[  490.111796][T13567]  ? __pfx_rds_getsockopt+0x10/0x10
[  490.117177][T13567]  do_sock_getsockopt+0x3c4/0x7e0
[  490.122215][T13567]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  490.127776][T13567]  ? __fget_files+0x3f6/0x470
[  490.132567][T13567]  __sys_getsockopt+0x271/0x330
[  490.137431][T13567]  ? __pfx___sys_getsockopt+0x10/0x10
[  490.142818][T13567]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  490.149164][T13567]  ? do_syscall_64+0x100/0x230
[  490.153931][T13567]  __x64_sys_getsockopt+0xb5/0xd0
[  490.158969][T13567]  do_syscall_64+0xf3/0x230
[  490.163473][T13567]  ? clear_bhb_loop+0x35/0x90
[  490.168169][T13567]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.174064][T13567] RIP: 0033:0x7f007297cef9
[  490.178493][T13567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  490.198094][T13567] RSP: 002b:00007f007385b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  490.206580][T13567] RAX: ffffffffffffffda RBX: 00007f0072b35f80 RCX: 00007f007297cef9
[  490.214563][T13567] RDX: 0000000000002711 RSI: 0000200000000114 RDI: 0000000000000003
[  490.222554][T13567] RBP: 00007f007385b090 R08: 0000000020000040 R09: 0000000000000000
[  490.230557][T13567] R10: 0000000020005ec0 R11: 0000000000000246 R12: 0000000000000002
[  490.238525][T13567] R13: 0000000000000000 R14: 00007f0072b35f80 R15: 00007ffdd1be8d78
[  490.246504][T13567]  </TASK>
[  490.686460][   T11] team0 (unregistering): Port device team_slave_1 removed
[  490.749143][   T11] team0 (unregistering): Port device team_slave_0 removed
[  491.113001][ T5233] Bluetooth: hci3: command tx timeout
[  491.194884][ T5233] Bluetooth: hci1: command tx timeout
[  491.300815][T13559] netlink: 592 bytes leftover after parsing attributes in process `syz.0.2646'.
[  491.390554][T13570] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2650'.
[  491.636259][T13580] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2653'.
[  491.691866][T13582] netlink: 'syz.4.2653': attribute type 1 has an invalid length.
[  491.729919][T13582] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2653'.
[  492.079298][T13594] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2657'.
[  492.330547][   T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  492.360417][T13548] chnl_net:caif_netlink_parms(): no params data found
[  492.395194][T13610] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2661'.
[  492.448643][   T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  492.653848][T13622] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2664'.
[  492.693612][   T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  492.764513][T13548] bridge0: port 1(bridge_slave_0) entered blocking state
[  492.778434][T13548] bridge0: port 1(bridge_slave_0) entered disabled state
[  492.789800][T13548] bridge_slave_0: entered allmulticast mode
[  492.799670][T13548] bridge_slave_0: entered promiscuous mode
[  492.838850][   T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  492.852940][T13630] netlink: 'syz.0.2666': attribute type 1 has an invalid length.
[  492.888427][T13548] bridge0: port 2(bridge_slave_1) entered blocking state
[  492.905549][T13548] bridge0: port 2(bridge_slave_1) entered disabled state
[  492.913303][T13548] bridge_slave_1: entered allmulticast mode
[  492.923357][T13548] bridge_slave_1: entered promiscuous mode
[  493.055643][T13548] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  493.069966][T13527] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  493.104375][T13548] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  493.130976][T13527] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  493.172640][T13527] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  493.191603][ T5233] Bluetooth: hci3: command tx timeout
[  493.256307][T13642] netem: incorrect ge model size
[  493.272001][ T5233] Bluetooth: hci1: command tx timeout
[  493.279653][T13642] netem: change failed
[  493.306567][T13527] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  493.415385][T13548] team0: Port device team_slave_0 added
[  493.451281][T13548] team0: Port device team_slave_1 added
[  493.470546][T13651] tipc: Enabling of bearer <ud{:syz1> rejected, media not registered
[  493.665068][T13548] batman_adv: batadv0: Adding interface: batadv_slave_0
[  493.680078][T13548] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  493.707776][T13548] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  493.730447][T13548] batman_adv: batadv0: Adding interface: batadv_slave_1
[  493.741596][T13548] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  493.787634][T13548] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  493.855660][   T11] bridge_slave_1: left allmulticast mode
[  493.864541][   T11] bridge_slave_1: left promiscuous mode
[  493.877110][T13673] __nla_validate_parse: 4 callbacks suppressed
[  493.877120][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  493.877131][T13673] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2680'.
[  493.877159][T13673] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes.
[  493.912522][   T11] bridge_slave_0: left allmulticast mode
[  493.924747][   T11] bridge_slave_0: left promiscuous mode
[  493.937319][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  494.468553][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  494.480821][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  494.496414][   T11] bond0 (unregistering): Released all slaves
[  494.537838][T13548] hsr_slave_0: entered promiscuous mode
[  494.545212][T13548] hsr_slave_1: entered promiscuous mode
[  494.557983][T13548] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  494.570941][T13548] Cannot create hsr debugfs directory
[  494.852323][T13527] 8021q: adding VLAN 0 to HW filter on device bond0
[  494.947803][T13684] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2686'.
[  495.120586][   T11] hsr_slave_0: left promiscuous mode
[  495.146377][   T11] hsr_slave_1: left promiscuous mode
[  495.161015][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  495.169140][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  495.180044][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  495.188153][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  495.238641][   T11] veth1_macvtap: left promiscuous mode
[  495.247597][   T11] veth0_macvtap: left promiscuous mode
[  495.257285][   T11] veth1_vlan: left promiscuous mode
[  495.263128][   T11] veth0_vlan: left promiscuous mode
[  495.271577][ T5233] Bluetooth: hci3: command tx timeout
[  495.323588][T13699] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  495.353295][ T5233] Bluetooth: hci1: command tx timeout
[  496.081706][   T11] team0 (unregistering): Port device team_slave_1 removed
[  496.141010][   T11] team0 (unregistering): Port device team_slave_0 removed
[  496.798453][T13527] 8021q: adding VLAN 0 to HW filter on device team0
[  496.932422][ T2964] bridge0: port 1(bridge_slave_0) entered blocking state
[  496.939594][ T2964] bridge0: port 1(bridge_slave_0) entered forwarding state
[  497.006316][T11539] bridge0: port 2(bridge_slave_1) entered blocking state
[  497.013498][T11539] bridge0: port 2(bridge_slave_1) entered forwarding state
[  497.087730][T13710] netlink: 'syz.4.2693': attribute type 10 has an invalid length.
[  497.136982][T13712] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  497.352786][ T5233] Bluetooth: hci3: command tx timeout
[  497.551037][T13728] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2702'.
[  497.566148][T13548] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  497.577176][T13548] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  497.585771][T13728] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2702'.
[  497.591929][T13548] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  497.642156][T13548] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  497.723110][T13527] 8021q: adding VLAN 0 to HW filter on device batadv0
[  497.976913][T13527] veth0_vlan: entered promiscuous mode
[  498.028434][T13527] veth1_vlan: entered promiscuous mode
[  498.057352][T13548] 8021q: adding VLAN 0 to HW filter on device bond0
[  498.158406][T13548] 8021q: adding VLAN 0 to HW filter on device team0
[  498.183182][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  498.190379][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  498.230717][T13527] veth0_macvtap: entered promiscuous mode
[  498.249343][T13527] veth1_macvtap: entered promiscuous mode
[  498.263187][T13756] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2712'.
[  498.291028][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  498.298249][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  498.329054][T13527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  498.332500][T13756] netlink: 'syz.0.2712': attribute type 1 has an invalid length.
[  498.353600][T13527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.368911][T13527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  498.368940][T13756] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2712'.
[  498.388199][T13527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.407456][T13527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  498.418097][T13527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.434951][T13527] batman_adv: batadv0: Interface activated: batadv_slave_0
[  498.445568][T13761] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2714'.
[  498.517663][T13527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  498.535351][T13527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.546578][T13527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  498.558829][T13527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.569006][T13527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  498.579953][T13527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  498.606455][T13527] batman_adv: batadv0: Interface activated: batadv_slave_1
[  498.628456][T13527] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  498.637675][T13527] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  498.663944][T13766] FAULT_INJECTION: forcing a failure.
[  498.663944][T13766] name failslab, interval 1, probability 0, space 0, times 0
[  498.667481][T13527] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  498.697017][T13766] CPU: 1 UID: 0 PID: 13766 Comm: syz.2.2716 Not tainted 6.11.0-rc6-syzkaller-00178-gd759ee240d3c #0
[  498.706130][T13527] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  498.707869][T13766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  498.726612][T13766] Call Trace:
[  498.729926][T13766]  <TASK>
[  498.732880][T13766]  dump_stack_lvl+0x241/0x360
[  498.737680][T13766]  ? __pfx_dump_stack_lvl+0x10/0x10
[  498.742922][T13766]  ? __pfx__printk+0x10/0x10
[  498.747739][T13766]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  498.749100][T13548] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  498.753205][T13766]  ? __pfx___might_resched+0x10/0x10
[  498.753232][T13766]  ? lockdep_init_map_type+0xa1/0x910
[  498.753258][T13766]  should_fail_ex+0x3b0/0x4e0
[  498.753289][T13766]  should_failslab+0xac/0x100
[  498.753315][T13766]  ? nft_trans_table_add+0x57/0x400
[  498.753335][T13766]  __kmalloc_cache_noprof+0x6c/0x2c0
[  498.753362][T13766]  nft_trans_table_add+0x57/0x400
[  498.753390][T13766]  nf_tables_newtable+0x10f6/0x1dc0
[  498.753431][T13766]  ? __pfx_nf_tables_newtable+0x10/0x10
[  498.753467][T13766]  ? __nla_parse+0x40/0x60
[  498.753494][T13766]  nfnetlink_rcv+0x14dc/0x2ad0
[  498.753555][T13766]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  498.753635][T13766]  ? netlink_deliver_tap+0x2e/0x1b0
[  498.753654][T13766]  ? skb_clone+0x240/0x390
[  498.753679][T13766]  ? __pfx_lock_release+0x10/0x10
[  498.753721][T13766]  ? netlink_deliver_tap+0x2e/0x1b0
[  498.753745][T13766]  netlink_unicast+0x7f6/0x990
[  498.753780][T13766]  ? __pfx_netlink_unicast+0x10/0x10
[  498.753804][T13766]  ? __virt_addr_valid+0x183/0x530
[  498.753835][T13766]  ? __check_object_size+0x49c/0x900
[  498.753860][T13766]  ? bpf_lsm_netlink_send+0x9/0x10
[  498.753887][T13766]  netlink_sendmsg+0x8e4/0xcb0
[  498.753922][T13766]  ? __pfx_netlink_sendmsg+0x10/0x10
[  498.753945][T13766]  ? __import_iovec+0x536/0x820
[  498.753966][T13766]  ? aa_sock_msg_perm+0x91/0x160
[  498.769581][T13548] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  498.770036][T13766]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  498.907560][T13766]  ? security_socket_sendmsg+0x87/0xb0
[  498.913066][T13766]  ? __pfx_netlink_sendmsg+0x10/0x10
[  498.918383][T13766]  __sock_sendmsg+0x221/0x270
[  498.923098][T13766]  ____sys_sendmsg+0x525/0x7d0
[  498.927904][T13766]  ? __pfx_____sys_sendmsg+0x10/0x10
[  498.933245][T13766]  __sys_sendmsg+0x2b0/0x3a0
[  498.937872][T13766]  ? __pfx___sys_sendmsg+0x10/0x10
[  498.943010][T13766]  ? vfs_write+0x7c4/0xc90
[  498.947762][T13766]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  498.954142][T13766]  ? do_syscall_64+0x100/0x230
[  498.958951][T13766]  ? do_syscall_64+0xb6/0x230
[  498.963667][T13766]  do_syscall_64+0xf3/0x230
[  498.968206][T13766]  ? clear_bhb_loop+0x35/0x90
[  498.972948][T13766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  498.978874][T13766] RIP: 0033:0x7f1095b7cef9
[  498.983319][T13766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  499.003050][T13766] RSP: 002b:00007f1096975038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  499.011462][T13766] RAX: ffffffffffffffda RBX: 00007f1095d35f80 RCX: 00007f1095b7cef9
[  499.019513][T13766] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  499.027479][T13766] RBP: 00007f1096975090 R08: 0000000000000000 R09: 0000000000000000
[  499.035446][T13766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  499.043673][T13766] R13: 0000000000000000 R14: 00007f1095d35f80 R15: 00007ffedf4a76a8
[  499.051745][T13766]  </TASK>
[  499.243860][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  499.259651][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  499.299421][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  499.308047][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  499.344886][T13548] 8021q: adding VLAN 0 to HW filter on device batadv0
[  499.583712][T13548] veth0_vlan: entered promiscuous mode
[  499.614601][T13548] veth1_vlan: entered promiscuous mode
[  499.630877][T13798] FAULT_INJECTION: forcing a failure.
[  499.630877][T13798] name failslab, interval 1, probability 0, space 0, times 0
[  499.656584][T13798] CPU: 1 UID: 0 PID: 13798 Comm: syz.0.2725 Not tainted 6.11.0-rc6-syzkaller-00178-gd759ee240d3c #0
[  499.667584][T13798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  499.677665][T13798] Call Trace:
[  499.680993][T13798]  <TASK>
[  499.683962][T13798]  dump_stack_lvl+0x241/0x360
[  499.688676][T13798]  ? __pfx_dump_stack_lvl+0x10/0x10
[  499.693259][T13548] veth0_macvtap: entered promiscuous mode
[  499.693913][T13798]  ? __pfx__printk+0x10/0x10
[  499.704231][T13798]  ? mark_lock+0x9a/0x350
[  499.708172][T13548] veth1_macvtap: entered promiscuous mode
[  499.708586][T13798]  should_fail_ex+0x3b0/0x4e0
[  499.718991][T13798]  should_failslab+0xac/0x100
[  499.723711][T13798]  ? __alloc_skb+0x1c3/0x440
[  499.728340][T13798]  kmem_cache_alloc_node_noprof+0x71/0x320
[  499.734245][T13798]  __alloc_skb+0x1c3/0x440
[  499.738664][T13798]  ? __pfx___alloc_skb+0x10/0x10
[  499.743682][T13798]  ? aa_get_newest_label+0xff/0x6f0
[  499.748986][T13798]  create_monitor_ctrl_open+0x20c/0xc50
[  499.754528][T13798]  ? __pfx_lock_release+0x10/0x10
[  499.759554][T13798]  ? __pfx_create_monitor_ctrl_open+0x10/0x10
[  499.765613][T13798]  ? bpf_lsm_capable+0x9/0x10
[  499.770286][T13798]  ? security_capable+0x90/0xb0
[  499.775139][T13798]  hci_sock_ioctl+0x3b1/0xa40
[  499.779826][T13798]  sock_do_ioctl+0x158/0x460
[  499.784429][T13798]  ? __pfx_sock_do_ioctl+0x10/0x10
[  499.789568][T13798]  sock_ioctl+0x629/0x8e0
[  499.793904][T13798]  ? __pfx_sock_ioctl+0x10/0x10
[  499.798837][T13798]  ? __fget_files+0x29/0x470
[  499.803424][T13798]  ? __fget_files+0x3f6/0x470
[  499.808089][T13798]  ? __fget_files+0x29/0x470
[  499.812675][T13798]  ? bpf_lsm_file_ioctl+0x9/0x10
[  499.817606][T13798]  ? security_file_ioctl+0x87/0xb0
[  499.822731][T13798]  ? __pfx_sock_ioctl+0x10/0x10
[  499.827581][T13798]  __se_sys_ioctl+0xfc/0x170
[  499.832165][T13798]  do_syscall_64+0xf3/0x230
[  499.836660][T13798]  ? clear_bhb_loop+0x35/0x90
[  499.841429][T13798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.847443][T13798] RIP: 0033:0x7fd29477cef9
[  499.851867][T13798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  499.871648][T13798] RSP: 002b:00007fd295548038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  499.880230][T13798] RAX: ffffffffffffffda RBX: 00007fd294935f80 RCX: 00007fd29477cef9
[  499.888278][T13798] RDX: 00000000200000c0 RSI: 00000000800448f0 RDI: 0000000000000004
[  499.896499][T13798] RBP: 00007fd295548090 R08: 0000000000000000 R09: 0000000000000000
[  499.904547][T13798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  499.912695][T13798] R13: 0000000000000000 R14: 00007fd294935f80 R15: 00007ffcc1fcfbe8
[  499.920758][T13798]  </TASK>
[  499.963978][T13548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  499.990000][T13548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.014346][T13548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  500.047622][T13548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.069320][T13548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  500.080878][T13548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.104639][T13548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  500.118676][T13806] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2729'.
[  500.135354][T13548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.165164][T13548] batman_adv: batadv0: Interface activated: batadv_slave_0
[  500.204249][T13548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.224952][T13548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.242742][T13548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.267336][T13548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.282182][T13548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.301264][T13548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.311818][T13548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.331634][T13548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.344784][T13548] batman_adv: batadv0: Interface activated: batadv_slave_1
[  500.394444][T13548] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  500.412009][T13548] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  500.431080][T13548] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  500.448730][T13548] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  500.737371][ T2964] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  500.859188][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  500.873617][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  500.898978][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  500.907103][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  501.154344][ T2964] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  501.535019][ T2964] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  501.619569][ T2964] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  501.772760][ T1271] ieee802154 phy0 wpan0: encryption failed: -22
[  501.789930][ T2964] bridge_slave_1: left allmulticast mode
[  501.795963][ T2964] bridge_slave_1: left promiscuous mode
[  501.805537][ T2964] bridge0: port 2(bridge_slave_1) entered disabled state
[  501.834528][ T2964] bridge_slave_0: left allmulticast mode
[  501.850485][ T2964] bridge_slave_0: left promiscuous mode
[  501.860807][ T2964] bridge0: port 1(bridge_slave_0) entered disabled state
[  502.024004][T13840] netlink: 'syz.2.2740': attribute type 1 has an invalid length.
[  502.035863][T13841] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2738'.
[  502.061513][T13840] netlink: 9372 bytes leftover after parsing attributes in process `syz.2.2740'.
[  502.091155][T13840] netlink: 11 bytes leftover after parsing attributes in process `syz.2.2740'.
[  502.132793][T13840] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2740'.
[  502.154827][T13846] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  502.290024][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  502.321078][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  502.337459][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  502.353232][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  502.381434][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  502.389714][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  502.767584][ T2964] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  502.779806][ T2964] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  502.791122][ T2964] bond0 (unregistering): Released all slaves
[  502.809777][T13837] netlink: 592 bytes leftover after parsing attributes in process `syz.0.2739'.
[  503.496310][ T2964] hsr_slave_0: left promiscuous mode
[  503.504882][ T2964] hsr_slave_1: left promiscuous mode
[  503.522415][ T2964] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  503.531259][ T2964] batman_adv: batadv0: Removing interface: batadv_slave_0
[  503.542226][ T2964] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  503.549676][ T2964] batman_adv: batadv0: Removing interface: batadv_slave_1
[  503.610256][ T2964] veth1_macvtap: left promiscuous mode
[  503.619344][ T2964] veth0_macvtap: left promiscuous mode
[  503.630657][ T2964] veth1_vlan: left promiscuous mode
[  503.640654][ T2964] veth0_vlan: left promiscuous mode
[  504.472813][ T5233] Bluetooth: hci1: command tx timeout
[  504.735346][ T2964] team0 (unregistering): Port device team_slave_1 removed
[  504.849936][ T2964] team0 (unregistering): Port device team_slave_0 removed
[  505.802995][   T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  505.825004][   T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  505.834485][   T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  505.860784][   T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  505.881276][   T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  505.888921][   T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  506.254359][T13847] chnl_net:caif_netlink_parms(): no params data found
[  506.401911][T13887] netem: incorrect ge model size
[  506.460198][T13887] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2749'.
[  506.516837][T13898] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2752'.
[  506.551637][ T5233] Bluetooth: hci1: command tx timeout
[  506.559813][T13847] bridge0: port 1(bridge_slave_0) entered blocking state
[  506.568628][T13847] bridge0: port 1(bridge_slave_0) entered disabled state
[  506.576269][T13847] bridge_slave_0: entered allmulticast mode
[  506.584056][T13847] bridge_slave_0: entered promiscuous mode
[  506.606000][T13847] bridge0: port 2(bridge_slave_1) entered blocking state
[  506.632719][T13847] bridge0: port 2(bridge_slave_1) entered disabled state
[  506.640009][T13847] bridge_slave_1: entered allmulticast mode
[  506.679160][T13847] bridge_slave_1: entered promiscuous mode
[  506.714503][T13906] sctp: [Deprecated]: syz.0.2754 (pid 13906) Use of int in max_burst socket option.
[  506.714503][T13906] Use struct sctp_assoc_value instead
[  506.741231][T13907] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2755'.
[  506.770044][T13911] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  506.822569][T13902] netlink: 592 bytes leftover after parsing attributes in process `syz.4.2753'.
[  506.839670][T13847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  506.986126][T13847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  507.079817][T13918] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2758'.
[  507.157382][T13847] team0: Port device team_slave_0 added
[  507.189271][T13847] team0: Port device team_slave_1 added
[  507.504982][ T2964] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  507.577869][T13847] batman_adv: batadv0: Adding interface: batadv_slave_0
[  507.590603][T13847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  507.630373][T13847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  507.765137][ T2964] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  507.801942][T13878] chnl_net:caif_netlink_parms(): no params data found
[  507.853605][T13847] batman_adv: batadv0: Adding interface: batadv_slave_1
[  507.870901][T13847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  507.901713][T13847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  507.912426][ T5233] Bluetooth: hci3: command tx timeout
[  507.968944][ T2964] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  508.002084][T13939] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  508.124710][ T2964] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  508.196514][T13944] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2767'.
[  508.316589][T13847] hsr_slave_0: entered promiscuous mode
[  508.327235][T13847] hsr_slave_1: entered promiscuous mode
[  508.336205][T13847] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  508.349587][T13847] Cannot create hsr debugfs directory
[  508.359856][T13878] bridge0: port 1(bridge_slave_0) entered blocking state
[  508.381642][T13878] bridge0: port 1(bridge_slave_0) entered disabled state
[  508.389392][T13878] bridge_slave_0: entered allmulticast mode
[  508.423129][T13878] bridge_slave_0: entered promiscuous mode
[  508.485564][T13878] bridge0: port 2(bridge_slave_1) entered blocking state
[  508.495784][T13878] bridge0: port 2(bridge_slave_1) entered disabled state
[  508.503333][T13878] bridge_slave_1: entered allmulticast mode
[  508.511745][T13878] bridge_slave_1: entered promiscuous mode
[  508.518459][T13951] FAULT_INJECTION: forcing a failure.
[  508.518459][T13951] name failslab, interval 1, probability 0, space 0, times 0
[  508.548309][T13951] CPU: 0 UID: 0 PID: 13951 Comm: syz.4.2769 Not tainted 6.11.0-rc6-syzkaller-00178-gd759ee240d3c #0
[  508.559211][T13951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  508.569391][T13951] Call Trace:
[  508.572707][T13951]  <TASK>
[  508.575669][T13951]  dump_stack_lvl+0x241/0x360
[  508.580380][T13951]  ? __pfx_dump_stack_lvl+0x10/0x10
[  508.585696][T13951]  ? __pfx__printk+0x10/0x10
[  508.590333][T13951]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  508.595824][T13951]  ? __pfx___might_resched+0x10/0x10
[  508.601239][T13951]  should_fail_ex+0x3b0/0x4e0
[  508.605954][T13951]  should_failslab+0xac/0x100
[  508.610677][T13951]  ? nft_delflowtable+0x57/0x470
[  508.615800][T13951]  __kmalloc_cache_noprof+0x6c/0x2c0
[  508.621209][T13951]  nft_delflowtable+0x57/0x470
[  508.625994][T13951]  ? nla_memcpy+0x8b/0xc0
[  508.630331][T13951]  nf_tables_delflowtable+0x1498/0x1ac0
[  508.635900][T13951]  ? __pfx_nf_tables_delflowtable+0x10/0x10
[  508.641789][T13951]  ? nfnl_pernet+0x23/0x240
[  508.646295][T13951]  ? __pfx_lock_release+0x10/0x10
[  508.651348][T13951]  ? __nla_parse+0x40/0x60
[  508.655770][T13951]  nfnetlink_rcv+0x14dc/0x2ad0
[  508.660639][T13951]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  508.665786][T13951]  ? netlink_deliver_tap+0x2e/0x1b0
[  508.671069][T13951]  ? skb_clone+0x240/0x390
[  508.675479][T13951]  ? __pfx_lock_release+0x10/0x10
[  508.680539][T13951]  ? netlink_deliver_tap+0x2e/0x1b0
[  508.685761][T13951]  netlink_unicast+0x7f6/0x990
[  508.690543][T13951]  ? __pfx_netlink_unicast+0x10/0x10
[  508.695919][T13951]  ? __virt_addr_valid+0x183/0x530
[  508.701039][T13951]  ? __check_object_size+0x49c/0x900
[  508.706326][T13951]  ? bpf_lsm_netlink_send+0x9/0x10
[  508.711547][T13951]  netlink_sendmsg+0x8e4/0xcb0
[  508.716314][T13951]  ? __pfx_netlink_sendmsg+0x10/0x10
[  508.721682][T13951]  ? __import_iovec+0x536/0x820
[  508.726527][T13951]  ? aa_sock_msg_perm+0x91/0x160
[  508.731544][T13951]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  508.736854][T13951]  ? security_socket_sendmsg+0x87/0xb0
[  508.742398][T13951]  ? __pfx_netlink_sendmsg+0x10/0x10
[  508.747674][T13951]  __sock_sendmsg+0x221/0x270
[  508.752352][T13951]  ____sys_sendmsg+0x525/0x7d0
[  508.757113][T13951]  ? __pfx_____sys_sendmsg+0x10/0x10
[  508.762401][T13951]  __sys_sendmsg+0x2b0/0x3a0
[  508.766989][T13951]  ? __pfx___sys_sendmsg+0x10/0x10
[  508.772098][T13951]  ? vfs_write+0x7c4/0xc90
[  508.776536][T13951]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  508.782873][T13951]  ? do_syscall_64+0x100/0x230
[  508.787631][T13951]  ? do_syscall_64+0xb6/0x230
[  508.792307][T13951]  do_syscall_64+0xf3/0x230
[  508.796808][T13951]  ? clear_bhb_loop+0x35/0x90
[  508.801487][T13951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.807391][T13951] RIP: 0033:0x7f007297cef9
[  508.811887][T13951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  508.832263][T13951] RSP: 002b:00007f007385b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  508.840759][T13951] RAX: ffffffffffffffda RBX: 00007f0072b35f80 RCX: 00007f007297cef9
[  508.848812][T13951] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  508.856967][T13951] RBP: 00007f007385b090 R08: 0000000000000000 R09: 0000000000000000
[  508.865027][T13951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  508.873002][T13951] R13: 0000000000000000 R14: 00007f0072b35f80 R15: 00007ffdd1be8d78
[  508.880993][T13951]  </TASK>
[  508.915693][ T5233] Bluetooth: hci1: command tx timeout
[  509.079120][T13878] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  509.124488][T13878] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  509.329125][T13878] team0: Port device team_slave_0 added
[  509.359292][ T2964] bridge_slave_1: left allmulticast mode
[  509.370130][ T2964] bridge_slave_1: left promiscuous mode
[  509.387875][ T2964] bridge0: port 2(bridge_slave_1) entered disabled state
[  509.418148][ T2964] bridge_slave_0: left allmulticast mode
[  509.429651][ T2964] bridge_slave_0: left promiscuous mode
[  509.436565][ T2964] bridge0: port 1(bridge_slave_0) entered disabled state
[  509.446141][T13975] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2773'.
[  509.463493][ T2964] bridge_slave_1: left allmulticast mode
[  509.469347][ T2964] bridge_slave_1: left promiscuous mode
[  509.475715][ T2964] bridge0: port 2(bridge_slave_1) entered disabled state
[  509.498505][ T2964] bridge_slave_0: left allmulticast mode
[  509.526016][ T2964] bridge_slave_0: left promiscuous mode
[  509.538575][ T2964] bridge0: port 1(bridge_slave_0) entered disabled state
[  509.804332][ T2964] bond2: left allmulticast mode
[  509.832313][ T2964] ip6gretap1: left allmulticast mode
[  509.839044][ T2964] bond2: left promiscuous mode
[  509.991559][ T5233] Bluetooth: hci3: command tx timeout
[  510.132941][ T2964] bond2 (unregistering): (slave ip6gretap1): Releasing active interface
[  510.453435][T13994] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  510.951632][ T5233] Bluetooth: hci1: command tx timeout
[  511.253006][ T2964] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  511.266930][ T2964] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  511.282300][ T2964] bond0 (unregistering): Released all slaves
[  511.462570][ T2964] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  511.479045][ T2964] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  511.493513][ T2964] bond0 (unregistering): Released all slaves
[  511.517902][ T2964] bond1 (unregistering): Released all slaves
[  511.722693][ T2964] bond2 (unregistering): Released all slaves
[  511.759029][T13878] team0: Port device team_slave_1 added
[  512.063846][T13878] batman_adv: batadv0: Adding interface: batadv_slave_0
[  512.070854][T13878] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  512.124322][ T5233] Bluetooth: hci3: command tx timeout
[  512.129990][T13878] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  512.141252][T13997] Bluetooth: MGMT ver 1.23
[  512.338356][T13878] batman_adv: batadv0: Adding interface: batadv_slave_1
[  512.358604][T13878] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  512.393402][T13878] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  512.410764][T14004] batadv1: entered allmulticast mode
[  512.444026][T14007] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2785'.
[  512.598426][T14011] netlink: 'syz.0.2781': attribute type 15 has an invalid length.
[  512.665655][T14014] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  512.674822][T14014] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  512.684205][T14014] netdevsim netdevsim4: Falling back to sysfs fallback for: .
[  512.730754][T14017] netlink: 'syz.4.2786': attribute type 1 has an invalid length.
[  512.743639][    C1] ------------[ cut here ]------------
[  512.749213][    C1] WARNING: CPU: 1 PID: 14021 at net/hsr/hsr_forward.c:602 hsr_fill_frame_info+0x3da/0x570
[  512.756495][T14017] netlink: 'syz.4.2786': attribute type 2 has an invalid length.
[  512.759167][    C1] Modules linked in:
[  512.770869][    C1] CPU: 1 UID: 0 PID: 14021 Comm: syz.0.2789 Not tainted 6.11.0-rc6-syzkaller-00178-gd759ee240d3c #0
[  512.781689][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  512.792011][    C1] RIP: 0010:hsr_fill_frame_info+0x3da/0x570
[  512.797946][    C1] Code: 00 31 c0 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 e5 16 f9 f5 90 0f 0b 90 e9 09 ff ff ff e8 d7 16 f9 f5 90 <0f> 0b 90 eb 93 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c a3 fc ff ff 48
[  512.817622][    C1] RSP: 0018:ffffc90000a18278 EFLAGS: 00010246
[  512.823772][    C1] RAX: ffffffff8b9a75d9 RBX: 0000000000000000 RCX: ffff8880203a9e00
[  512.831852][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  512.839842][    C1] RBP: ffff8880623a0cc0 R08: ffffffff8b9a7429 R09: 0000000000000000
[  512.847869][    C1] R10: ffffc90000a183c8 R11: fffff5200014307b R12: dffffc0000000000
[  512.855893][    C1] R13: 0000000000000008 R14: ffff888051827020 R15: ffffc90000a183c0
[  512.863934][    C1] FS:  00007fd2955486c0(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000
[  512.873126][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  512.879750][    C1] CR2: 000000110c31e49b CR3: 000000004f5d2000 CR4: 00000000003506f0
[  512.887799][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  512.895842][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  512.903885][    C1] Call Trace:
[  512.907172][    C1]  <IRQ>
[  512.910011][    C1]  ? __warn+0x163/0x4e0
[  512.914188][    C1]  ? hsr_fill_frame_info+0x3da/0x570
[  512.919702][    C1]  ? report_bug+0x2b3/0x500
[  512.924254][    C1]  ? hsr_fill_frame_info+0x3da/0x570
[  512.929598][    C1]  ? handle_bug+0x3e/0x70
[  512.933991][    C1]  ? exc_invalid_op+0x1a/0x50
[  512.938716][    C1]  ? asm_exc_invalid_op+0x1a/0x20
[  512.943817][    C1]  ? hsr_fill_frame_info+0x229/0x570
[  512.949165][    C1]  ? hsr_fill_frame_info+0x3d9/0x570
[  512.954517][    C1]  ? hsr_fill_frame_info+0x3da/0x570
[  512.959838][    C1]  ? hsr_fill_frame_info+0x3d9/0x570
[  512.965194][    C1]  hsr_forward_skb+0x847/0x2b60
[  512.970088][    C1]  ? validate_chain+0x11e/0x5900
[  512.975088][    C1]  ? hsr_forward_skb+0xaf/0x2b60
[  512.980049][    C1]  ? __pfx_hsr_forward_skb+0x10/0x10
[  512.985401][    C1]  ? migrate_enable+0x3b5/0x520
[  512.990301][    C1]  ? skb_push+0x97/0x100
[  512.994625][    C1]  hsr_handle_frame+0x51b/0x7d0
[  512.999616][    C1]  ? __pfx_hsr_handle_frame+0x10/0x10
[  513.005059][    C1]  __netif_receive_skb_core+0x13e8/0x4570
[  513.010835][    C1]  ? validate_chain+0x11e/0x5900
[  513.015842][    C1]  ? __pfx_validate_chain+0x10/0x10
[  513.021076][    C1]  ? validate_chain+0x11e/0x5900
[  513.026089][    C1]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  513.032252][    C1]  ? mark_lock+0x9a/0x350
[  513.036630][    C1]  __netif_receive_skb_list_core+0x2b7/0x980
[  513.042673][    C1]  ? mark_lock+0x9a/0x350
[  513.047050][    C1]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  513.053632][    C1]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  513.060005][    C1]  netif_receive_skb_list_internal+0xa51/0xe30
[  513.066257][    C1]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  513.072651][    C1]  ? dev_gro_receive+0x108f/0x24b0
[  513.077798][    C1]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  513.084562][    C1]  napi_complete_done+0x310/0x8e0
[  513.089626][    C1]  ? __pfx_napi_complete_done+0x10/0x10
[  513.095254][    C1]  ? rcu_is_watching+0x15/0xb0
[  513.100053][    C1]  ? napi_gro_receive+0x6f3/0xc90
[  513.105149][    C1]  gro_cell_poll+0x19a/0x1c0
[  513.109784][    C1]  __napi_poll+0xcb/0x490
[  513.114197][    C1]  net_rx_action+0x89b/0x1240
[  513.118930][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  513.124207][    C1]  ? sched_clock+0x4a/0x70
[  513.128664][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  513.135066][    C1]  handle_softirqs+0x2c4/0x970
[  513.140299][    C1]  ? do_softirq+0x11b/0x1e0
[  513.144882][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  513.150228][    C1]  do_softirq+0x11b/0x1e0
[  513.154809][    C1]  </IRQ>
[  513.157769][    C1]  <TASK>
[  513.160711][    C1]  ? __pfx_do_softirq+0x10/0x10
[  513.165611][    C1]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[  513.171265][    C1]  ? rcu_is_watching+0x15/0xb0
[  513.176090][    C1]  __local_bh_enable_ip+0x1bb/0x200
[  513.181352][    C1]  ? __pfx_netif_receive_skb+0x10/0x10
[  513.186829][    C1]  ? tun_rx_batched+0x160/0x8f0
[  513.191721][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  513.197484][    C1]  ? tun_rx_batched+0x160/0x8f0
[  513.202404][    C1]  tun_rx_batched+0x732/0x8f0
[  513.207151][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  513.213524][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  513.218584][    C1]  ? __pfx_tun_rx_batched+0x10/0x10
[  513.223876][    C1]  tun_get_user+0x2f84/0x4720
[  513.228579][    C1]  ? tun_get_user+0x2a78/0x4720
[  513.233530][    C1]  ? __lock_acquire+0x137a/0x2040
[  513.238587][    C1]  ? __pfx_tun_get_user+0x10/0x10
[  513.243678][    C1]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  513.249169][    C1]  ? tun_get+0x1e/0x2f0
[  513.253374][    C1]  ? __pfx_lock_release+0x10/0x10
[  513.258461][    C1]  ? tun_get+0x1e/0x2f0
[  513.262685][    C1]  ? tun_get+0x27d/0x2f0
[  513.266961][    C1]  tun_chr_write_iter+0x113/0x1f0
[  513.272062][    C1]  vfs_write+0xa72/0xc90
[  513.276373][    C1]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  513.282079][    C1]  ? __pfx_vfs_write+0x10/0x10
[  513.286860][    C1]  ? do_futex+0x33b/0x560
[  513.291201][    C1]  ksys_write+0x1a0/0x2c0
[  513.295587][    C1]  ? __pfx_ksys_write+0x10/0x10
[  513.300461][    C1]  ? do_syscall_64+0x100/0x230
[  513.305372][    C1]  ? do_syscall_64+0xb6/0x230
[  513.310140][    C1]  do_syscall_64+0xf3/0x230
[  513.314735][    C1]  ? clear_bhb_loop+0x35/0x90
[  513.319445][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.325388][    C1] RIP: 0033:0x7fd29477b9df
[  513.329919][    C1] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  513.349843][    C1] RSP: 002b:00007fd295548000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  513.358449][    C1] RAX: ffffffffffffffda RBX: 00007fd294935f80 RCX: 00007fd29477b9df
[  513.366481][    C1] RDX: 000000000000006a RSI: 0000000020000000 RDI: 00000000000000c8
[  513.374612][    C1] RBP: 00007fd2947ef01e R08: 0000000000000000 R09: 0000000000000000
[  513.382739][    C1] R10: 000000000000006a R11: 0000000000000293 R12: 0000000000000000
[  513.390742][    C1] R13: 0000000000000000 R14: 00007fd294935f80 R15: 00007ffcc1fcfbe8
[  513.398804][    C1]  </TASK>
[  513.401884][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  513.409456][    C1] CPU: 1 UID: 0 PID: 14021 Comm: syz.0.2789 Not tainted 6.11.0-rc6-syzkaller-00178-gd759ee240d3c #0
[  513.420314][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  513.430414][    C1] Call Trace:
[  513.433776][    C1]  <IRQ>
[  513.436632][    C1]  dump_stack_lvl+0x241/0x360
[  513.441341][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  513.446576][    C1]  ? __pfx__printk+0x10/0x10
[  513.451186][    C1]  ? _printk+0xd5/0x120
[  513.455366][    C1]  ? vscnprintf+0x5d/0x90
[  513.459723][    C1]  panic+0x349/0x860
[  513.463642][    C1]  ? __warn+0x172/0x4e0
[  513.467824][    C1]  ? __pfx_panic+0x10/0x10
[  513.472267][    C1]  ? show_trace_log_lvl+0x4e6/0x520
[  513.477530][    C1]  __warn+0x346/0x4e0
[  513.481642][    C1]  ? hsr_fill_frame_info+0x3da/0x570
[  513.486966][    C1]  report_bug+0x2b3/0x500
[  513.491341][    C1]  ? hsr_fill_frame_info+0x3da/0x570
[  513.496661][    C1]  handle_bug+0x3e/0x70
[  513.500836][    C1]  exc_invalid_op+0x1a/0x50
[  513.505364][    C1]  asm_exc_invalid_op+0x1a/0x20
[  513.510248][    C1] RIP: 0010:hsr_fill_frame_info+0x3da/0x570
[  513.516158][    C1] Code: 00 31 c0 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 e5 16 f9 f5 90 0f 0b 90 e9 09 ff ff ff e8 d7 16 f9 f5 90 <0f> 0b 90 eb 93 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c a3 fc ff ff 48
[  513.535770][    C1] RSP: 0018:ffffc90000a18278 EFLAGS: 00010246
[  513.541836][    C1] RAX: ffffffff8b9a75d9 RBX: 0000000000000000 RCX: ffff8880203a9e00
[  513.549804][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  513.557769][    C1] RBP: ffff8880623a0cc0 R08: ffffffff8b9a7429 R09: 0000000000000000
[  513.565825][    C1] R10: ffffc90000a183c8 R11: fffff5200014307b R12: dffffc0000000000
[  513.573791][    C1] R13: 0000000000000008 R14: ffff888051827020 R15: ffffc90000a183c0
[  513.581763][    C1]  ? hsr_fill_frame_info+0x229/0x570
[  513.587049][    C1]  ? hsr_fill_frame_info+0x3d9/0x570
[  513.592329][    C1]  ? hsr_fill_frame_info+0x3d9/0x570
[  513.597611][    C1]  hsr_forward_skb+0x847/0x2b60
[  513.602487][    C1]  ? validate_chain+0x11e/0x5900
[  513.607426][    C1]  ? hsr_forward_skb+0xaf/0x2b60
[  513.612372][    C1]  ? __pfx_hsr_forward_skb+0x10/0x10
[  513.617665][    C1]  ? migrate_enable+0x3b5/0x520
[  513.622636][    C1]  ? skb_push+0x97/0x100
[  513.626879][    C1]  hsr_handle_frame+0x51b/0x7d0
[  513.631828][    C1]  ? __pfx_hsr_handle_frame+0x10/0x10
[  513.637198][    C1]  __netif_receive_skb_core+0x13e8/0x4570
[  513.643013][    C1]  ? validate_chain+0x11e/0x5900
[  513.647941][    C1]  ? __pfx_validate_chain+0x10/0x10
[  513.653147][    C1]  ? validate_chain+0x11e/0x5900
[  513.658167][    C1]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  513.664253][    C1]  ? mark_lock+0x9a/0x350
[  513.668706][    C1]  __netif_receive_skb_list_core+0x2b7/0x980
[  513.674832][    C1]  ? mark_lock+0x9a/0x350
[  513.679190][    C1]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  513.685716][    C1]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  513.692051][    C1]  netif_receive_skb_list_internal+0xa51/0xe30
[  513.698212][    C1]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  513.704535][    C1]  ? dev_gro_receive+0x108f/0x24b0
[  513.709647][    C1]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  513.716335][    C1]  napi_complete_done+0x310/0x8e0
[  513.721370][    C1]  ? __pfx_napi_complete_done+0x10/0x10
[  513.726918][    C1]  ? rcu_is_watching+0x15/0xb0
[  513.731692][    C1]  ? napi_gro_receive+0x6f3/0xc90
[  513.736715][    C1]  gro_cell_poll+0x19a/0x1c0
[  513.741392][    C1]  __napi_poll+0xcb/0x490
[  513.745721][    C1]  net_rx_action+0x89b/0x1240
[  513.750413][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  513.755534][    C1]  ? sched_clock+0x4a/0x70
[  513.759959][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  513.766296][    C1]  handle_softirqs+0x2c4/0x970
[  513.771061][    C1]  ? do_softirq+0x11b/0x1e0
[  513.775560][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  513.780844][    C1]  do_softirq+0x11b/0x1e0
[  513.785169][    C1]  </IRQ>
[  513.788089][    C1]  <TASK>
[  513.791039][    C1]  ? __pfx_do_softirq+0x10/0x10
[  513.795892][    C1]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[  513.801576][    C1]  ? rcu_is_watching+0x15/0xb0
[  513.806514][    C1]  __local_bh_enable_ip+0x1bb/0x200
[  513.811709][    C1]  ? __pfx_netif_receive_skb+0x10/0x10
[  513.817166][    C1]  ? tun_rx_batched+0x160/0x8f0
[  513.822009][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  513.827734][    C1]  ? tun_rx_batched+0x160/0x8f0
[  513.832617][    C1]  tun_rx_batched+0x732/0x8f0
[  513.837290][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  513.843623][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  513.848647][    C1]  ? __pfx_tun_rx_batched+0x10/0x10
[  513.853988][    C1]  tun_get_user+0x2f84/0x4720
[  513.858745][    C1]  ? tun_get_user+0x2a78/0x4720
[  513.863598][    C1]  ? __lock_acquire+0x137a/0x2040
[  513.868629][    C1]  ? __pfx_tun_get_user+0x10/0x10
[  513.873682][    C1]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  513.879168][    C1]  ? tun_get+0x1e/0x2f0
[  513.883331][    C1]  ? __pfx_lock_release+0x10/0x10
[  513.888374][    C1]  ? tun_get+0x1e/0x2f0
[  513.892526][    C1]  ? tun_get+0x27d/0x2f0
[  513.896881][    C1]  tun_chr_write_iter+0x113/0x1f0
[  513.901915][    C1]  vfs_write+0xa72/0xc90
[  513.906160][    C1]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  513.911714][    C1]  ? __pfx_vfs_write+0x10/0x10
[  513.916495][    C1]  ? do_futex+0x33b/0x560
[  513.920842][    C1]  ksys_write+0x1a0/0x2c0
[  513.925262][    C1]  ? __pfx_ksys_write+0x10/0x10
[  513.930115][    C1]  ? do_syscall_64+0x100/0x230
[  513.934878][    C1]  ? do_syscall_64+0xb6/0x230
[  513.939576][    C1]  do_syscall_64+0xf3/0x230
[  513.944093][    C1]  ? clear_bhb_loop+0x35/0x90
[  513.948775][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.954673][    C1] RIP: 0033:0x7fd29477b9df
[  513.959090][    C1] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  513.978693][    C1] RSP: 002b:00007fd295548000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  513.987121][    C1] RAX: ffffffffffffffda RBX: 00007fd294935f80 RCX: 00007fd29477b9df
[  513.995091][    C1] RDX: 000000000000006a RSI: 0000000020000000 RDI: 00000000000000c8
[  514.003149][    C1] RBP: 00007fd2947ef01e R08: 0000000000000000 R09: 0000000000000000
[  514.011108][    C1] R10: 000000000000006a R11: 0000000000000293 R12: 0000000000000000
[  514.019067][    C1] R13: 0000000000000000 R14: 00007fd294935f80 R15: 00007ffcc1fcfbe8
[  514.027042][    C1]  </TASK>
[  514.030315][    C1] Kernel Offset: disabled
[  514.034679][    C1] Rebooting in 86400 seconds..