last executing test programs:

1m27.604193151s ago: executing program 3 (id=240):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x9e7, 0x4)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @empty}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) (fail_nth: 4)

1m9.367722667s ago: executing program 3 (id=240):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x9e7, 0x4)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @empty}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) (fail_nth: 4)

53.847571252s ago: executing program 3 (id=240):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x9e7, 0x4)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @empty}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) (fail_nth: 4)

39.25784115s ago: executing program 3 (id=240):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x9e7, 0x4)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @empty}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) (fail_nth: 4)

21.065857024s ago: executing program 3 (id=240):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x9e7, 0x4)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @empty}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) (fail_nth: 4)

8.133094746s ago: executing program 3 (id=240):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x9e7, 0x4)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @empty}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) (fail_nth: 4)

3.838877833s ago: executing program 1 (id=2123):
unshare(0x62040200)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0x8, 0xa}}}, &(0x7f0000000200)='syzkaller\x00', 0x4, 0x100b, &(0x7f0000001e40)=""/4107}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000240)=ANY=[@ANYRES64], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r1, 0x0, 0x8005, 0x0, &(0x7f0000000000)='\a\x00\x00\x00\x00\x00\x00\x00', 0x0, 0x8005, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a1d010000000000000000020000000900010073797a3000000000080002400000000098000000030a01020000000000000000020000000900010073797a30000000000900030073797a32000000006b00030091abc12404cf378042f26c43"], 0xfc}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newtaction={0x6c, 0x30, 0x9, 0x0, 0x0, {}, [{0x58, 0x1, [@m_vlan={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x20000000}, 0x3}}, @TCA_VLAN_PUSH_VLAN_ID={0x6}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001940)={0x114, 0x2b, 0x1, 0x0, 0x0, "", [@nested={0x103, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@mcast2}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0)

3.725486528s ago: executing program 4 (id=2126):
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_aout(r0, &(0x7f0000000800)=ANY=[@ANYBLOB="000046dce4122393df69e33fce4c41ffff000000000000000000000000000000fa0061233d0ab8dfac"], 0xc1) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x12, r0, 0x0) (async)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000006c0)={'syztnl0\x00', &(0x7f0000000640)={'ip6_vti0\x00', <r1=>0x0, 0x30, 0x2, 0x7, 0xfffffff7, 0x78, @empty, @local, 0x10, 0x1, 0x0, 0x3}}) (async, rerun: 32)
socket$netlink(0x10, 0x3, 0x0) (async, rerun: 32)
r2 = socket(0x10, 0x803, 0x0)
write$binfmt_script(r2, 0x0, 0xfffffe5d) (async)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x44, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c00000010008506000000ff0100000000000000", @ANYRES32=r3, @ANYBLOB="01ff00e1c2ed00001c0012000c000100626f6e64000000000c0002000800010006", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x20008040}, 0x0) (async)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000001cc0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000480)={&(0x7f0000000140)=ANY=[@ANYBLOB="2020000042d3391fb0e13ac2afb7064e1b5ce173ca4a4c7ba9ab20dbceee3418d1", @ANYRES16=0x0, @ANYBLOB="200029bd7000fcdbdf25190000000c00018008000100", @ANYRES32=r1, @ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x40000c1}, 0x8880)
r4 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$IPSET_CMD_RENAME(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="34000000050601"], 0x34}}, 0x90) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x7ecff34ed9fc0875) (async, rerun: 32)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0) (async, rerun: 32)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYRES16=r1], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r6}, 0x10) (async, rerun: 64)
socket$nl_sock_diag(0x10, 0x3, 0x4) (async, rerun: 64)
ioctl$int_in(r5, 0x5452, &(0x7f0000000100)=0x3) (async, rerun: 64)
bind$inet6(r5, &(0x7f00000003c0)={0xa, 0x4e22, 0x3, @empty}, 0x1c) (async, rerun: 64)
connect$unix(r0, &(0x7f0000000400)=@file={0x42ece029b56185d9, './file0\x00'}, 0x6e) (async)
listen(r5, 0x0) (async)
r7 = epoll_create(0x689)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r5, &(0x7f00000000c0))
syz_emit_ethernet(0xfc0, &(0x7f0000002cc0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd606eb3bb0f8a1100fe8000000000000000000000000000bbff02000000000000000000000000000100080404004000000000000000000000000000000000000120010000000000000000000000000002fc000000000000000000000000000000000000000000000000000000000000010002040100000000000000000000000000000000000000010005000000000000c91000000000000000000000000000000000071800000000040000000000000000000000000000000000000000000000000e0000000000000758000000001400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000180000000000400000000000000000000000000000000000000000000000002040100000000fe8000000000000000000000000000aa00be000000000000000100008442af3b23b338ace6b89c51334f781702cc4526851fd44f0a58742a96dbd79d06252221b623ca59ea71ffc63fffa66e502862330f579e10fe27f0738402761d3d7048a0701b7e3970925ad124eba6dc488edee06ee43ae0ede46e3706c921baf6593ddea9c55c15e12a7118bf580eaf9dcf5f99a917349fa70a702c5ee99aa039fd9c2a26050200000062c7f8e99066b4532c0286b8f0199baab14663c8b855ccfc6e451e2e5521557db7b43c65fefd6eb748b55d2ac16a1189d573e61e700b608d6fe52c9e17172516b332f18507d9f2a758f0e62e721a0919d0b676a88a442879ce2bc750ab744d4920f3961a2f10dbebc068c5405ab823f34f3703ca670000b043123b558f985fded4b2b6499194dfa629bdd0ff5c20f7ace05669f22c7997efb9d845ec5bf794539acc77c605aa60c860e91c3c086272fbcb6b2a4d506e050b25818687d81c983a8c6f69dbc6ca9c80afc985e0bff6679406a33f41cd4444a5d1fc7665cadae0d089acca44797eb471401943ad571d1886e5b297962fb8b983fd10aca4c2e372aaf94fd2186deec776ef9f0aafd0adfd3237fc3425bae6cfee6155a05685aea458393f54c8e0e66b3ca4a50c2a88a6f6049edc392bfd9d8444f7aca48d54f5807e9b8295321492aaf9677fb1469fc228031c69615a3aef5d882f8f951c42dbf1f2db70ec37a637a2bbca4843a44c5d1f921284d2faa065c714807d2977dc8783868782176ce9c38aa877b04cb6b1ad28a0eac1698b332cbf28f32b3b21ba0e0eabeff883d326caae6c1efb326b0d2a4aeb97f53f5c6f82d4ba278fd4b84ebfed860aafa6e558b177a5495d07406d5c5e4876af22a287ac8339d1e218fdf8c2c2acbb8cc21490d89db9d068d84d03d1ff02f23fcf959e63efb4387f19e91ba8467bbaf40935a72ee0a9f6821222c2ff53bb4a696a5152dd812248148ab08b193cdc13a6e06e06a7ca3e26681fc1107c07e136e205b0ddc110dc5464fd1ada2675559e47f46dcaa5a8f47055963f2e8ef21da9c2968804e553ec55b0db9934f6590bca1452f2c0ef428a8ab5488535de85a2383f38a58c73331001e87799c5a1dbd7464eead1f80f1d10cadda8ebe2ee1059fa6ea088774a51fa8ea44e63cdd7c3dcd3dc47716425d31818d95aad3cc328de6166a10e174f437d98e64bdedf5b736bdf2e106f6d4a6d9423edd02e7072b33cbd0d7a0d750a61bab884b296d8cd3b33fa2df8b4366753acf6a2e1751eef6ea303247eef8d28c856921654334497259acf6a05d540ff2b509d55bb214c8ea311e7e4425aa3ac3a052a7d09ea3e5a3adf2bb345311cef5e30ebcef54aa6f2ad427f52e7aeb34b4d9c3a9ccdea9cf14c908e01277e2f923351f597125538f3ad5a0735de24268328a5041df95822a138ec6c7bdb0377cc5c428c5f5fab4731299008fe3a0dd890dda3e02b0ccd33da36bfe18d07188bf7afd8b60d13ff3fbba67ab47f79e76f7c5414bc6e6bfde0636cacdc90a1b41a2144b9793febee25f6dadf4534368161c2ae03a7adf69c882db6034e4d9d4745ba0b0ec6dc8a973cfeed85f0b129b1d4355eee124d64adb6f4f93abed57964d100b3d96b043b64440100000000000000098f47d831c39b832c9b5e9c86f7a5b93c95e751c581625e8f83bd900ec6755714ba53e0720d0ae13a14aec18dca9a0c1b52836232be76469da3b18e4e56cdde9f282f1203cced0d699f68cf4267788750041e0413ead1bc9cf33ed05e97c6e11f466bd10f812efe7f6e674f116b8552062d1f271740bb58765d8356d7cd2de1f8eea557170febc5830d3c36e86d40b4a3ce040cffec1c493bbc6da1e73ee4da9cd4043cb428ee25b51044c1a8ed438d1771c56a53ae9a8bd380166e7218a59a6d0e996955d91fe57f02a5f49827f670a34d38b8f0332c7b0dcfef4387f329ba78cb0cf73d754f3917d533d3da8221c0f14528f1ae22fa417dba68093b07dd40023cd51d51b50da72032deff5fab0afdc43d940ff5fdb92ecd9da360bdd1fa62eba07d34bfc5a9dd40b0a07e7d9477d2bb3b9a3fa46ed60a0715c8974482d19dde87038c34314c1fd1f479eadd7c0da28c4e31f4a14fa6963559462e69e136c2a8d534d7c50d6fe4c18c31cebda190564b916c0e318c0c589d31017f16925588379b08e91c3f29da734c61b6dd72c68c8f1e97208b023f09a1d9ea890d96cc4a6fc9656d760eedca9c4f2459e10880a88a11f00961e1d210187aa0cc13c7b5bd76e264acd03bc3bfed9149769072f7b09af8c90020500f0f0aa42ea5ff874e472d64c4be6706b2ccb17d4aa07e216a50811a0a3cb50bdf9189b34dc2f29d1406029737b719aa08732a854a137813f2db738068a98e0016e7237438be36dfffb8b55516cf672c15af594b6185d9c9000b7f0a5835df5eaa57ea14145152691eb3bb2aa55e567277cf36a735a06b3f5747410f43790c99b1a8c60196b3e482c3792451958ffc1679daaa2984f3eb313737f85bb6bba5bdec9ec6d16f4a8bec7f614f56ce971208d15051e3152b782a840f6e8a5ba8481dba43e4d68d69e788456f3bde403a6f207ddb95cef6971e719021431c8baaa62501d49ca90690478dbd7abed91d7d07e050395f29e5251e19f5d5e58d22200446984615c55f775888619c08b208b4c5a45e4b46f3126f5aa25553532d50e108a3c2206e98bb2e7b1bf56e8d3642f8616a1b245332a0914f090fd9705545d143ec2b1ee29d9defade5228c44c859888e0d02bbdbbb9c2f2fda2c3871a689424b74fc05f2e13e8b4052940d02bd80a76ef734dd2bc597351244af467f7663ecfa1dc06c789505274f8d3998c5fc774cb51477f1aa02d7b3059a8f6b99573094efa821769fe7bd93e8e8ea650495ff177876b84f89674fa40a50965da100f64c15a780a40b8d7d55d0e6008e178453f3eccaee57226cd9199d18d464412f572a18ebb4206f0a00eb396e1727569d63ba13875cc37d72ddde5654fda13b4b0aec3aa970a685f195f457ab254d72168fa137979c217db1ce489497b13b105413bf91386aeada658a33fa5de25ff42d17daef9e6f0c8f38fe29a58909bf0add3fa3da347a339ef3feb45805c685bcd401160d06ac19b02c142e61a496bd840ec97ad89d1d0c6009609bb77d225a9c3665f148fd41ae823d81bdacaaa316270df935b24e88be91788789d3274ab1deb62e7c970291ebf1c2a97d3a4269ad192ea5064ccbfb9a66e3c10e93055245c1b02697c105587ac1016d975de9f46a6f5ccbde7622cea3649eb8a10e28045287475e4dbf8d76b64c412ee994282d429e5afe608c9e73b459b81fbd9b6192f9b6d6bf544091c6d849ecd7eb1c70a50f830d58087800262395edbc68cad5b54cf80ae31df50cf9c2899b1d0e1edbba94d8cebfd8bef1db81f70a1ab5d1d907ed19508f83df0f1400b9d1fca8a48b7e267b80d8bdfff0730bb696c845b66303c899285a47832a6dd95d84191dce4ddbab13dff5065da64dc2de0fa36cb7c3419e6f8dc28f1e36e963ff7278bb3e0cd17687ed176d940b1daf473d6cfdd8a119314c6a065b9fce72dcf03209d792e201bb0624887169c22173888fb256635cceae7673b634134e87d7550213f0e9c03ec4ec4bf3710bbe0a4b5cff8dade9f1f6f727f0043ad5aa00f968fbd3cae5bd6f83c8ea33596a7ff9ef4b51687d77cdc1f33e16a6b374038f1db7316c25582bcd2b50e66baefc620766c00680c0d306d6aaa58224d17f3050b08ae492c7b96032574dee57f8c475b0055007f0edf41f6ad2192bc1aca2ad48fdedd024b8cea53e491d717aa76e0d2f7de4b9bc3617bbb2d4c3df3aec455bb4f17d93741e99b3053f13a31494f1f4d0f3caf3dae7286b9b4ec2a3802c9dfac7cb73ac58370469fe09f3834c54c88921c4038aa57318216cc6a49ec7070c0418ade746671286e161240e8c0de08f190211cfefe662dc5968bd90083a957815dbd29f9dbd14fbfa1a52bc3fed8fd2305be7e0b69eca6e0b1adbfa513c3c6f4c6d8c88ddbc39588d081e042025b7885e699272f085a7f2306e4d39f667ca5cfb6aeab1f4cfa3c0e07adb21e41cf37f709df601783f002aaa708edc777d2db455dcc9672d9edda9c871460671609af44dd4b54e4385a0efbeb3ba9eac3c16863a2bfd477ef084152261092c178b4d4a1561a2b60d8ebf19609ff41fdcc5bb3935e6786abca4d9a7bccb35e21ce7b3ed6c7e49df3afc3ff44f00fd49f7c00aa1ebb7598ee701984c8389731c827b3f1d797bbf0100008000000000a282062b63dd89db95c63349fe9747e8467c5cc7f7800fce43b00300000000000000d4910bfdf36096e80db5b0b7057c9c850f983cc5d8b9e2430974d73d9889df7ecf0cc6bc945b5a5972ddd73f82a2c812bed1478cfcb5caf4db95db71be54880b7cc585fb3a5ac47cc71889f3eb7571c167d08d7d6ff379644b32008e8ef14ed71930420647f3f8146928c0696f5cd9cfe889ebbea038c8f5db88cf9fbf98360bab3645f5473cb1220e6b5d5f417ba5d205a7957f29764eb0fc6752d715a01fd3cb0051da3319d32232e6ebe68bf0db8b8bc21d419ba67fea7c78e07d6671b706ed66e33e1c092d7101b6a027a64eeca0f0847f52f108617fd5f6b7b756a29fde2f1eec66766890fa462fcf505573891d2a7539925a6e9552fc4a05b16b0bc78169a222ac728d62b8ce25d17bc9bd9e62fdc586dbf1be531059d6a94c06c8201db1ac9203914b663a7a0eddd58f8b0c2cd29895e8805de5ffcd8afe430526409019cbd55f3ae4fb320661773d96cde096ec0cdf870d0a4aabdea471f2b07b7eac57dfe668500e903778472c1ae14b303c67ec619dee28aa96ded734db446aae160b58d6584b2916852e3315d7bdc4b95bc23495ae87b92d36c9009bccac7b720c9d61a30069db6b1e53bc48cdb236843cc74a71eed0349212225d915c75686759b83f17fa0a03d41dc8264151c36de218a0e1b4b8f36a4cb311f17453e145fa29b676bfaa4f38875103eb000000000000000000000000000000000000000052907801000000d60505f9b57f0c0a4aac4414a82490037ac331aaa6511c7755318ef0a2ffb1eaeef1443fe804d5357471a6c65ebc408afeb8fbd0b2e96659cd6037d94d0dc89b12d9042271ff00"/4041], 0x0) (async, rerun: 32)
r8 = socket$netlink(0x10, 0x3, 0x4) (rerun: 32)
writev(r8, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001500add427323b470c45b4560a067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async, rerun: 32)
r9 = socket$packet(0x11, 0x3, 0x300) (rerun: 32)
setsockopt$packet_int(r9, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)

3.396099588s ago: executing program 4 (id=2128):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000005dc0)=@delchain={0x20c, 0x65, 0x0, 0x0, 0x0, {}, [@filter_kind_options=@f_matchall={{0xd}, {0x1c, 0x2, [@TCA_MATCHALL_FLAGS={0x8}, @TCA_MATCHALL_FLAGS={0x8}, @TCA_MATCHALL_CLASSID={0x8}]}}, @TCA_RATE={0x6}, @TCA_RATE={0x6}, @filter_kind_options=@f_route={{0xa}, {0x1a0, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_ACT={0x18c, 0x6, [@m_ife={0x130, 0x0, 0x0, 0x0, {{0x8}, {0x64, 0x2, 0x0, 0x1, [@TCA_IFE_SMAC={0xa, 0x4, @dev}, @TCA_IFE_TYPE={0x6}, @TCA_IFE_PARMS={0x1c}, @TCA_IFE_METALST={0x14, 0x6, [@IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_SKBMARK={0x8}, @IFE_META_TCINDEX={0x4, 0x5, @void}]}, @TCA_IFE_PARMS={0x1c}]}, {0xa5, 0x6, "21b2caeba32a6f7c5900697624a17b85a9db3a31b129a4976a84cfb4f5d651fd8aa24a645c8f63c025fcca463a6b79a3d7e6c9a8b89a140805ef63939ac2e37b49004b0dc3b8446aa7038eceef52fe7bdca153fe865c65015a3b208b282c16472e451aa10a8631235c49cae271f5fc8ce5e34d9938e3d5f43ac7a0e31b0acfc73199ca90e81246819f4c740a4fa3247a2af88d6569da09be7179b89f9f024c9f46"}, {0xc}, {0xc}}}, @m_nat={0x58, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0x2d, 0x6, "ef93daeef78df7f9a037a0d7a2f92a1cc341deabba437fc636cbf66a843bc4e0304e79be1f16cfa199"}, {0xc}, {0xc}}}]}]}}]}, 0x20c}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x900}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

3.156241938s ago: executing program 4 (id=2132):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
recvmmsg$unix(r0, &(0x7f00000027c0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000100)=""/104, 0x68}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)

3.144937086s ago: executing program 2 (id=2133):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000003140)=""/4095, &(0x7f0000000000)=0xfff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000300009500000000000000"], &(0x7f00000003c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r3}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x8001000000000000, 0x40, &(0x7f0000000c40)=@raw={'raw\x00', 0x8, 0x3, 0x2c0, 0x0, 0x18c, 0x148, 0x0, 0x0, 0x228, 0x2a8, 0x2a8, 0x228, 0x2a8, 0x3, 0x0, {[{{@ip={@dev, @remote, 0x0, 0x0, 'gretap0\x00', 'veth0_to_bond\x00'}, 0x0, 0xb0, 0x110, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{}, {0xffffffffffffffff, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}}}}, {{@ip={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'veth0_to_bridge\x00', 'geneve1\x00'}, 0x0, 0xf8, 0x118, 0x0, {}, [@common=@unspec=@rateest={{0x68}, {'rose0\x00', 'pimreg0\x00'}}, @common=@socket0={{0x20}}]}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x320)
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r6, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000280)={'veth0_to_hsr\x00', <r7=>0x0})
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="850000006100000054000000000000009500000000000000b4a8b1541206000000e9c79077fa15ba36eca61299de54cf77c9062c30bc068829afff36b31fa7e358e95cfa"], &(0x7f0000281ffc)='GPL\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000200)={r8, 0x2000000, 0x14, 0x0, &(0x7f00000001c0)="5cdd3086ddffff6633c9bbac88a8861000dffd00", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$XDP_UMEM_COMPLETION_RING(r6, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r6, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r6, &(0x7f0000000100)={0x2c, 0x0, r7}, 0x10)
setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, &(0x7f0000000680)={0x0}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
getsockopt$bt_hci(r0, 0x84, 0x7b, &(0x7f0000000000)=""/4087, &(0x7f0000001080)=0xff7)
syz_extract_tcp_res(&(0x7f0000001000), 0x3ff, 0x100)

2.688018075s ago: executing program 2 (id=2135):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet6(0xa, 0x6, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x5, 0x8, 0x8, 0x105}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000004c0), &(0x7f00000005c0)}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000740)={@map, 0xffffffffffffffff, 0x25, 0x14}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000090000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000f0000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_ext={0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000e80)={0x3, 0x0, 0x1000}, 0x10, 0x1b471, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000001640)=[{0x0, 0x1, 0x0, 0xb}, {0x5}, {0x2, 0x0, 0x9, 0xc}], 0x10, 0x1}, 0x90)
socket$inet_udplite(0x2, 0x2, 0x88)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000840)={0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x4, 0x0, @rand_addr=0x64010101}, {0x2, 0x4e23, @remote}, 0x184, 0x0, 0x0, 0x0, 0xffff})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)={0x2d0, r8, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_FRAME={0x2b1, 0x33, @beacon={{{}, {}, @device_b, @device_b}, 0x0, @random, 0x0, @void, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x3}, @void, @void, @val={0x3c, 0x4}, @void, @void, @void, @val={0x76, 0x6}, [{0xdd, 0xb7, "31851c27f0515dccb7554d54162c7b9db37edff2415d5589b53027d4db2f9527a9858f2910b19c7737136d933c4cb8b186a2cb77d33dc186120309d0107aae1822ca939dc88880a147e71f89f5936e8d68041d7e8bcc0f1b2831ed25db982a9cd8fcd5160c5cdc0cbe25dce28dc9925779fc4799284de17406d9ac3b5e35515e37ca5568297e0d3e19d80a5d5addb3184fec9543e41f70eb1bcd9a87da2f4b39e15dca2e549f43749edc5d2150d9349f08894e39ac26f6"}, {0xdd, 0xba, "1cb11f4c9767b25df19d1cb86cc9f4059996ff0021375555251d74cf6f777d24ac2b13bbd9b9d6f27b608e3a58d27ba7b7e16a8e13f0d8f288fa3e9a5e6c9ba0bd7028c0866f7cec56d3e0ae5cb3c8963c4d6e991fbd1547b046152bed86b40dc529d6663ed96a2f54759ca9fd4841407c6fb63f588fed1344890b04c3914826eaa5b022f53aa9fb6bffaa0370be496fc201cd5b33db589eb87730dee906175a89a626342c521f0b18b5cb5ed9de356bf155e503ca39d841b335"}, {0xdd, 0x25, "523a4aa23e4123ca5c555c2b2bf412911511b4b39a758f6e3a496d64414c19f01ba62cf366"}, {0xdd, 0x12, "0941a0e096d40b7d3b60bec79aa8aaa3f566"}, {0xdd, 0x3f, "7b1f666daa2c5732ac642cd918aea5ee68d9287e589b7d5326dd3b2bfb9e3d1679ee7c57f9ddfe7cc6179e25076e5fbf36bd5882a567a92f5c2ba4e5d1fe2e"}, {0xdd, 0x9, "0da71e815422994325"}, {0xdd, 0x6b, "30d8ac98fdedffdf2ad390d8c532101bdebf905f4f96a12b5400578c02f802cac6cedd077c38a52b4fb790de3ab2c28eed8f45baef37217a654a07159fd6efe9fc5a4effdb0327c0802a3a873e92979e62ab34d31a748ae171a86d656075c5a8c88eaba15c64afa0d2a1d2"}, {0xdd, 0x6, "4f3fef835ea8"}]}}]}, 0x2d0}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)

2.19945562s ago: executing program 4 (id=2137):
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000010200)='blkio.bfq.sectors\x00', 0x275a, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_PRI(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={0x0}}, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
recvmmsg(r2, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000040)=""/19, 0x13}, {&(0x7f0000000180)=""/109, 0x6d}, {0x0}], 0x3, &(0x7f0000000740)=""/202, 0xca}, 0x9}, {{&(0x7f0000000840)=@tipc=@name, 0x80, &(0x7f0000000080)=[{&(0x7f00000008c0)=""/209, 0xd1}], 0x1, &(0x7f0000000cc0)=""/4096, 0x1000}, 0x7}], 0x2, 0x0, &(0x7f0000000200)={0x0, 0x989680})
recvmmsg$unix(r2, &(0x7f00000027c0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000100)=""/104, 0x68}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000100)={'wg2\x00'})

1.655000264s ago: executing program 2 (id=2139):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000006c0), r1)
sendmsg$IEEE802154_LLSEC_DEL_KEY(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)={0x3c, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}]}, 0x3c}}, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xfecc)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x70}}, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(0x0, r4)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_GET_DAEMON(r6, &(0x7f0000000440)={0x0, 0x1400, &(0x7f0000000400)={&(0x7f0000001500)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="0d03000000000000000004"], 0x14}}, 0x0)

1.424251608s ago: executing program 2 (id=2141):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="a000000010003b0e2a1a86eb2636037f00000000", @ANYRES32], 0xa0}}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x9000000)

1.411454072s ago: executing program 0 (id=2142):
socket$key(0xf, 0x3, 0x2)
r0 = socket$key(0xf, 0x3, 0x2)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@ipv4_newrule={0x2c, 0x20, 0x1, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x4e20, 0x4e20}}, @FRA_GENERIC_POLICY=@FRA_DPORT_RANGE={0x8, 0x18, {0x4e21, 0x4e22}}]}, 0x2c}}, 0x0)
shutdown(r2, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000800)={<r4=>0x0, @in={{0x2, 0x4e24, @multicast2}}, 0xa, 0x8, 0x3, 0x8001, 0xedd8}, &(0x7f00000008c0)=0x98)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={r4, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e23, @private=0xa010101}]}, &(0x7f00000007c0)=0x10)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet6(r1, &(0x7f0000000740)=[{{&(0x7f0000000080)={0xa, 0x4e24, 0x9, @private0, 0x18}, 0x1c, &(0x7f0000000100)=[{&(0x7f00000001c0)="11f5d87262efcd319065635d76f3a0dfce9cd784682c8eea7499e4303295e393a40e3c35308070eae941a8f4ff0e658201f8e25cd7325a16f9c9cb7815c579e74336907b9c6eb0a3578ba77ff02c2cebbe03ce9dddca765d9f7d3d7709c28ef0da7a417fe88aaae958b7fea961c0220648dbc646104de65a3c59624f7da4242bb1bba92f7c75f8b12b63ca50e769040e73207ca60a806d77d7b8845e178f83853b3ab71af65f26095eeba211f2", 0xad}, {&(0x7f0000000380)="177d12f7b7d4037ec9e98ccee231abe4de8922e0b6e0a8ca04607aed083d3d5ffed8f5c86e87f5f65b49685659975374c993b87097a9e22dafd1234fd1315080b848f52a66ca0344a08cad33b4c8f1258c8efb479be2c4cb2049d61ce893b5bcdbee69af4a3b651cd0b97a2cbbce6bc0da073c4b4522a09c220f27ce812a80aa3ddda040804860fc02cfa735e8c2cef13f5211f63f72bac5c4ba63ec9fbe8d591689b88f909dc148a874a98d3c79f12817e825c71b29de95cb39099b543646e7c50e4ead73960c785907", 0xca}], 0x2, &(0x7f0000000140)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x2}}], 0x18}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000280)="809486b8e072d73bd9c161e65e874196693c489a923dae4e6be07b386987d1d42a6c1d06a71ba1a6acb16f020386c2e1318597827ca801a92506a9b46d588956c35e7f65794a41a0faf33e1ac362fd73e51b5c3f0d24c9ad83711352cec27d6e0c13870e0579aa91f79e2f19603fbae6dc0dbe46e40ccbefe47816094657e1ae3ac74b60ccf500ddbbe1812c71b4f3de427812d37f3942c2a039f979458f29de52675146de2e737332aae51416923875a60ee4b4", 0xb4}, {&(0x7f0000000480)="0dc0fdd656e2ab850ac46776bb72a4b1699f4ddaaf258a22c6eb2493276c9e4feefc1b7f5dce51ad0cd12081dd58c0c5ef6d8df3aa13522eb06a3c3138c9ebf502447f2de480f5b901fb7abd198e", 0x4e}, {&(0x7f0000000500)}, {&(0x7f0000000540)="543e881d172d955affa024a868b7762f1189b612e9165969758551417cec48abf29508040e4b332eacf68195e226953b1aeb5c3ec08a9346ba89c584c7f03653900faab1eca54003a4912b05ebd07769", 0x50}], 0x4, &(0x7f0000000600)=[@rthdrdstopts={{0xd0, 0x29, 0x37, {0x0, 0x16, '\x00', [@generic={0xb, 0xa5, "7b02cc24a30b9341b361abeefe5522bf2a5df7ce915f11fc8adde79b4c1a870f406e7c1df9f745aa7e22bd72c229f776146ecc4ab64f337d12378a0fc0ef6fa0d99135acfea5baa7c22ce4c953c841c6635cc578403435b28a433726c8da9a8237323d793067e1fe32adb03b309f7a45d4f9e2d3b749e3478cb89e4756e57a9f0a28388deeec9e33c8023ab2af94463561567eeb67b2e306c89543c4c88de183c46136e43c"}, @jumbo={0xc2, 0x4, 0x5}, @jumbo={0xc2, 0x4, 0x7fffffff}, @pad1]}}}, @hoplimit={{0x14}}, @dontfrag={{0x14, 0x29, 0x3e, 0x5}}, @rthdr={{0x18, 0x29, 0x39, {0x2f, 0x0, 0x2}}}], 0x118}}], 0x2, 0x24004041)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000340)=0x8)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000340)=0x8)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r6, 0x84, 0x71, &(0x7f00000000c0)={r8}, &(0x7f0000000180)=0x8)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x71, &(0x7f00000000c0)={r8, 0x31}, &(0x7f0000000500)=0xfffffdbb)
close(r0)

1.356191918s ago: executing program 1 (id=2143):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x58, 0x16, 0xa, 0x107, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'ip_vti0\x00'}]}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x80}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000940)=@newlink={0x40, 0x10, 0xfffffe17, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x8, 0x2, @loopback}, @IFLA_IPTUN_6RD_RELAY_PREFIX={0x8, 0xc, 0x6}]}}}]}, 0x40}}, 0x0) (fail_nth: 2)

1.248238826s ago: executing program 2 (id=2144):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="020200090f00000000000000000000000500060000000053000a000000000000000000000000000000000000000000000000000000000000000200010000000000000000020000000005000500000000000a00000000000000ff01000000000000000000000000000100000000000000000100140000000000"], 0x78}}, 0x0)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000000)=@sack_info={0x0, 0x0, 0x6}, 0xc)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000980)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)
connect$pppl2tp(r2, &(0x7f0000000980)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}, 0x1, 0x3}}, 0x26)
getsockopt$bt_BT_SECURITY(r2, 0x111, 0x5, 0x0, 0x20001f00)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

907.785738ms ago: executing program 4 (id=2145):
r0 = socket$tipc(0x1e, 0x5, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x1000042}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000080)={0x42}, 0x10)
syz_emit_ethernet(0x7a, &(0x7f0000000200)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa008100000086dd60f50400403a00fe8000000000000000000000000000bbff020c0000000000000000000000000102009078000000006050835900000000fc010000000000000000000000000000fc0100000000000000000000000000003a000000000000000000000000000000cb1213aac543d0e16d3eff40de9a1ae736de21cadf11d1dce230234a4d10c353e8dd7fbfe663db9375e51be22fb0eef75f7bc7a84ef15201e83d16c8f3ece83f9fe3126e1ab95a6d4f6035fa9bc3e204c5dfd2330cfc8f98c4e6e7b40e335eb36ef69cae2546ea28f819cf90618fd9749fb8c4a9d8f22c2851b645c218d03ac07f664e178118000000000000"], 0x0)

864.180988ms ago: executing program 0 (id=2146):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="06000005bbbbbbbbbbbbaaaaaaaaaabb8100000086dd1062fe54ac2c05"], 0x66)

768.214169ms ago: executing program 4 (id=2147):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
recvmmsg$unix(r0, &(0x7f00000027c0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000100)=""/104, 0x68}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)

767.933657ms ago: executing program 1 (id=2148):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x5}]}}, 0x0, 0x2a}, 0x20)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r2=>0x0})
r3 = socket$packet(0x11, 0x2, 0x300)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x9, 0x10, &(0x7f0000000040)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffff5}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdf0, 0x0, 0x0, 0x0}, 0x90)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'bond0\x00', <r5=>0x0})
ioctl$sock_TIOCOUTQ(r3, 0x5411, &(0x7f0000000000))
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$kcm(0xa, 0x922000000003, 0x11)
unshare(0x28000600)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'vlan1\x00', &(0x7f0000000140)=@ethtool_ts_info})
write$binfmt_script(r8, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r8, 0x0)
setsockopt$sock_attach_bpf(r7, 0x29, 0x24, &(0x7f00000000c0), 0x4)
socket(0x1, 0x803, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000500)=@newlink={0x74, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x44, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x34, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_EGRESS_QOS={0x28, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x1ff}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7f}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xffff}}]}]}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x74}}, 0x0)

567.17998ms ago: executing program 0 (id=2149):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet6(0xa, 0x6, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x5, 0x8, 0x8, 0x105}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f00000004c0), &(0x7f00000005c0)}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000740)={@map, 0xffffffffffffffff, 0x25, 0x14}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_ext={0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000e80)={0x3, 0x0, 0x1000}, 0x10, 0x1b471, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000001640)=[{0x0, 0x1, 0x0, 0xb}, {0x5}, {0x2, 0x0, 0x9, 0xc}], 0x10, 0x1}, 0x90)
socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000840)={0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x4, 0x0, @rand_addr=0x64010101}, {0x2, 0x4e23, @remote}, 0x184, 0x0, 0x0, 0x0, 0xffff})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)={0x2d0, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME={0x2b1, 0x33, @beacon={{{}, {}, @device_b, @device_b}, 0x0, @random, 0x0, @void, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x3}, @void, @void, @val={0x3c, 0x4}, @void, @void, @void, @val={0x76, 0x6}, [{0xdd, 0xb7, "31851c27f0515dccb7554d54162c7b9db37edff2415d5589b53027d4db2f9527a9858f2910b19c7737136d933c4cb8b186a2cb77d33dc186120309d0107aae1822ca939dc88880a147e71f89f5936e8d68041d7e8bcc0f1b2831ed25db982a9cd8fcd5160c5cdc0cbe25dce28dc9925779fc4799284de17406d9ac3b5e35515e37ca5568297e0d3e19d80a5d5addb3184fec9543e41f70eb1bcd9a87da2f4b39e15dca2e549f43749edc5d2150d9349f08894e39ac26f6"}, {0xdd, 0xba, "1cb11f4c9767b25df19d1cb86cc9f4059996ff0021375555251d74cf6f777d24ac2b13bbd9b9d6f27b608e3a58d27ba7b7e16a8e13f0d8f288fa3e9a5e6c9ba0bd7028c0866f7cec56d3e0ae5cb3c8963c4d6e991fbd1547b046152bed86b40dc529d6663ed96a2f54759ca9fd4841407c6fb63f588fed1344890b04c3914826eaa5b022f53aa9fb6bffaa0370be496fc201cd5b33db589eb87730dee906175a89a626342c521f0b18b5cb5ed9de356bf155e503ca39d841b335"}, {0xdd, 0x25, "523a4aa23e4123ca5c555c2b2bf412911511b4b39a758f6e3a496d64414c19f01ba62cf366"}, {0xdd, 0x12, "0941a0e096d40b7d3b60bec79aa8aaa3f566"}, {0xdd, 0x3f, "7b1f666daa2c5732ac642cd918aea5ee68d9287e589b7d5326dd3b2bfb9e3d1679ee7c57f9ddfe7cc6179e25076e5fbf36bd5882a567a92f5c2ba4e5d1fe2e"}, {0xdd, 0x9, "0da71e815422994325"}, {0xdd, 0x6b, "30d8ac98fdedffdf2ad390d8c532101bdebf905f4f96a12b5400578c02f802cac6cedd077c38a52b4fb790de3ab2c28eed8f45baef37217a654a07159fd6efe9fc5a4effdb0327c0802a3a873e92979e62ab34d31a748ae171a86d656075c5a8c88eaba15c64afa0d2a1d2"}, {0xdd, 0x6, "4f3fef835ea8"}]}}]}, 0x2d0}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)

565.942395ms ago: executing program 1 (id=2150):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)

448.325055ms ago: executing program 1 (id=2151):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000080)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) (async, rerun: 32)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_service_time\x00', 0x275a, 0x0) (async, rerun: 32)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[], &(0x7f0000000340)=""/4083, 0x1a, 0xff3, 0x1}, 0x20) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@newtaction={0x6c, 0x30, 0x1, 0x0, 0x0, {}, [{0x58, 0x1, [@m_mpls={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_MPLS_TTL={0x5, 0x7, 0x8}, @TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x4}}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
pwritev(r1, &(0x7f0000000280)=[{&(0x7f0000001340)="bcce17bb8bfc0619eeb2703c45d8a1f8239e07f5bd96eda362ada49bba06ac38b9e38b8ef07424ceff3b3c974b222bd39321ce84c3050a9705654c919027009cccea4958902a37e426e8e2e10688eb1c939936f1d17b361309ce14df5c70567a7f25307055a9e831023c92a97b46c7c253e02909f242416c442c213825c45a7651cf4374ace7d89e27d368c445eb7dc9b9baecd7580a591dfcd0c23942aa4937eb1f1d5b4c274c2ee5d2d368c562565ad36bf86aa56e50988bcccc452f21ed5156fea17b830e6f863ed734895513c9fa941a3da590df37815b600dddbc185cd74dd6c835eca0", 0xe6}], 0x1, 0x0, 0x0)

328.063441ms ago: executing program 0 (id=2152):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000100)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000300)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000bc0)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @match={{0xa}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x68}}, 0x0)
r2 = socket$inet(0x2, 0x4, 0xfffffffa)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'authenc(michael_mic-generic,pcbc(fcrypt-generic))\x00'}, 0x58)
sendfile(0xffffffffffffffff, r2, &(0x7f0000000040)=0x6, 0x2)
setsockopt$inet_mreqn(r2, 0x0, 0x24, 0x0, 0x0)

267.801453ms ago: executing program 1 (id=2153):
unshare(0x62040200)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0x8, 0xa}}}, &(0x7f0000000200)='syzkaller\x00', 0x4, 0x100b, &(0x7f0000001e40)=""/4107}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000240)=ANY=[@ANYRES64], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r1, 0x0, 0x8005, 0x0, &(0x7f0000000000)='\a\x00\x00\x00\x00\x00\x00\x00', 0x0, 0x8005, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a1d010000000000000000020000000900010073797a3000000000080002400000000098000000030a01020000000000000000020000000900010073797a30000000000900030073797a32000000006b00030091abc12404cf378042f26c43"], 0xfc}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newtaction={0x6c, 0x30, 0x9, 0x0, 0x0, {}, [{0x58, 0x1, [@m_vlan={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x20000000}, 0x3}}, @TCA_VLAN_PUSH_VLAN_ID={0x6}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001940)={0x114, 0x2b, 0x1, 0x0, 0x0, "", [@nested={0x103, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@mcast2}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0)

251.964995ms ago: executing program 0 (id=2154):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000140)={0x9, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0x300}, 0x10}}, 0x0)

129.396363ms ago: executing program 0 (id=2155):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="580000000206030000000000000000000000000005000100070000000900020073797a31000000000c00078008001200000000000500050002000000050004000000000012000300686173683a6e65742c706f727400000068f136079809734566c496731449d43533a17c556496d47168ea1639021948a1abaa08942575fa5717a2b8ac38be560d62ed7b97361ecb587127e52316275168f16f838313"], 0x58}}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22, 0x0, @rand_addr, 0x800}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ppoll(&(0x7f00000003c0)=[{r0, 0x300}, {r0, 0x1610}, {r2, 0x214}], 0x3, &(0x7f0000000400)={0x77359400}, &(0x7f0000000440)={[0x1]}, 0x8)
syz_emit_ethernet(0x4e, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaac4bc9cac968686dd6003000000180600fe8000000000000000000000000000aafe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="6ec200009078000002046702"], 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
r4 = socket(0x15, 0x5, 0x0)
bind$l2tp6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x20)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_int(r5, &(0x7f00000000c0)='cpuset.mems\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x4, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70200000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa94a0c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff730d00000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409eaa988dbc2fee9d313d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb61799257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae20bf279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522f7dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0fd9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627820d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67736ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b4047979379dc15c9056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221f05e6ca8c705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f12fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612aa25d61ce4e2c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008435f39381c2a77c001caae53db7316fa6d48d032ab6831ebb813c85855c7a9ad8140a4b29422fc20d4e75c848984a2e217ec9c2833b8fa9106ee1be2c05103a36fc1126f1aa5284ba7179843b08ecadc199b9038cf6b9ee4e1f321a6a32e03bd987ddfada1f69756651b73a7ed0f7e467081193b28448692686ac80d81a89f9c29e2768"], &(0x7f0000000140)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffec3}, 0x48)
r7 = epoll_create(0x8)
bind$bt_l2cap(r4, &(0x7f00000002c0)={0x1f, 0x5, @any, 0x1}, 0xe)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000040))
epoll_ctl$EPOLL_CTL_MOD(r7, 0x3, r6, &(0x7f0000000180))
write$cgroup_int(r6, &(0x7f0000000280), 0x12)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000180)={@dev, @loopback}, &(0x7f0000000200)=0xc)
sendmsg$key(r3, &(0x7f0000000140)={0x9, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x2, 0x0, 0x0, 0x9, 0x2}, 0x10}}, 0x0)

0s ago: executing program 2 (id=2156):
socket$key(0xf, 0x3, 0x2)
r0 = socket$key(0xf, 0x3, 0x2)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@ipv4_newrule={0x2c, 0x20, 0x1, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x4e20, 0x4e20}}, @FRA_GENERIC_POLICY=@FRA_DPORT_RANGE={0x8, 0x18, {0x4e21, 0x4e22}}]}, 0x2c}}, 0x0)
shutdown(r2, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000800)={<r4=>0x0, @in={{0x2, 0x4e24, @multicast2}}, 0xa, 0x8, 0x3, 0x8001, 0xedd8}, &(0x7f00000008c0)=0x98)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={r4, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e23, @private=0xa010101}]}, &(0x7f00000007c0)=0x10)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet6(r1, &(0x7f0000000740)=[{{&(0x7f0000000080)={0xa, 0x4e24, 0x9, @private0, 0x18}, 0x1c, &(0x7f0000000100)=[{&(0x7f00000001c0)="11f5d87262efcd319065635d76f3a0dfce9cd784682c8eea7499e4303295e393a40e3c35308070eae941a8f4ff0e658201f8e25cd7325a16f9c9cb7815c579e74336907b9c6eb0a3578ba77ff02c2cebbe03ce9dddca765d9f7d3d7709c28ef0da7a417fe88aaae958b7fea961c0220648dbc646104de65a3c59624f7da4242bb1bba92f7c75f8b12b63ca50e769040e73207ca60a806d77d7b8845e178f83853b3ab71af65f26095eeba211f2", 0xad}, {&(0x7f0000000380)="177d12f7b7d4037ec9e98ccee231abe4de8922e0b6e0a8ca04607aed083d3d5ffed8f5c86e87f5f65b49685659975374c993b87097a9e22dafd1234fd1315080b848f52a66ca0344a08cad33b4c8f1258c8efb479be2c4cb2049d61ce893b5bcdbee69af4a3b651cd0b97a2cbbce6bc0da073c4b4522a09c220f27ce812a80aa3ddda040804860fc02cfa735e8c2cef13f5211f63f72bac5c4ba63ec9fbe8d591689b88f909dc148a874a98d3c79f12817e825c71b29de95cb39099b543646e7c50e4ead73960c785907", 0xca}], 0x2, &(0x7f0000000140)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x2}}], 0x18}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000280)="809486b8e072d73bd9c161e65e874196693c489a923dae4e6be07b386987d1d42a6c1d06a71ba1a6acb16f020386c2e1318597827ca801a92506a9b46d588956c35e7f65794a41a0faf33e1ac362fd73e51b5c3f0d24c9ad83711352cec27d6e0c13870e0579aa91f79e2f19603fbae6dc0dbe46e40ccbefe47816094657e1ae3ac74b60ccf500ddbbe1812c71b4f3de427812d37f3942c2a039f979458f29de52675146de2e737332aae51416923875a60ee4b4", 0xb4}, {&(0x7f0000000480)="0dc0fdd656e2ab850ac46776bb72a4b1699f4ddaaf258a22c6eb2493276c9e4feefc1b7f5dce51ad0cd12081dd58c0c5ef6d8df3aa13522eb06a3c3138c9ebf502447f2de480f5b901fb7abd198e", 0x4e}, {&(0x7f0000000500)}, {&(0x7f0000000540)="543e881d172d955affa024a868b7762f1189b612e9165969758551417cec48abf29508040e4b332eacf68195e226953b1aeb5c3ec08a9346ba89c584c7f03653900faab1eca54003a4912b05ebd07769", 0x50}], 0x4, &(0x7f0000000600)=[@rthdrdstopts={{0xd0, 0x29, 0x37, {0x0, 0x16, '\x00', [@generic={0xb, 0xa5, "7b02cc24a30b9341b361abeefe5522bf2a5df7ce915f11fc8adde79b4c1a870f406e7c1df9f745aa7e22bd72c229f776146ecc4ab64f337d12378a0fc0ef6fa0d99135acfea5baa7c22ce4c953c841c6635cc578403435b28a433726c8da9a8237323d793067e1fe32adb03b309f7a45d4f9e2d3b749e3478cb89e4756e57a9f0a28388deeec9e33c8023ab2af94463561567eeb67b2e306c89543c4c88de183c46136e43c"}, @jumbo={0xc2, 0x4, 0x5}, @jumbo={0xc2, 0x4, 0x7fffffff}, @pad1]}}}, @hoplimit={{0x14}}, @dontfrag={{0x14, 0x29, 0x3e, 0x5}}, @rthdr={{0x18, 0x29, 0x39, {0x2f, 0x0, 0x2}}}], 0x118}}], 0x2, 0x24004041)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000340)=0x8)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000340)=0x8)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r6, 0x84, 0x71, &(0x7f00000000c0)={r8}, &(0x7f0000000180)=0x8)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x71, &(0x7f00000000c0)={r8, 0x31}, &(0x7f0000000500)=0xfffffdbb)
close(r0)

kernel console output (not intermixed with test programs):

 Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  297.742771][T11385] Call Trace:
[  297.746083][T11385]  <TASK>
[  297.749045][T11385]  dump_stack_lvl+0x241/0x360
[  297.753957][T11385]  ? __pfx_dump_stack_lvl+0x10/0x10
[  297.759219][T11385]  ? __pfx__printk+0x10/0x10
[  297.763868][T11385]  ? ref_tracker_alloc+0x332/0x490
[  297.769038][T11385]  should_fail_ex+0x3b0/0x4e0
[  297.773779][T11385]  ? skb_clone+0x20c/0x390
[  297.778219][T11385]  should_failslab+0x9/0x20
[  297.782834][T11385]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  297.788234][T11385]  skb_clone+0x20c/0x390
[  297.792517][T11385]  __netlink_deliver_tap+0x3cc/0x7c0
[  297.797829][T11385]  ? netlink_deliver_tap+0x2e/0x1b0
[  297.803041][T11385]  netlink_deliver_tap+0x19d/0x1b0
[  297.808171][T11385]  netlink_unicast+0x7be/0x990
[  297.812955][T11385]  ? __pfx_netlink_unicast+0x10/0x10
[  297.818261][T11385]  ? __virt_addr_valid+0x183/0x520
[  297.823668][T11385]  ? __check_object_size+0x49c/0x900
[  297.828976][T11385]  ? bpf_lsm_netlink_send+0x9/0x10
[  297.834111][T11385]  netlink_sendmsg+0x8e4/0xcb0
[  297.838900][T11385]  ? __pfx_netlink_sendmsg+0x10/0x10
[  297.844206][T11385]  ? __import_iovec+0x536/0x820
[  297.849067][T11385]  ? aa_sock_msg_perm+0x91/0x160
[  297.855005][T11385]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  297.860309][T11385]  ? security_socket_sendmsg+0x87/0xb0
[  297.865792][T11385]  ? __pfx_netlink_sendmsg+0x10/0x10
[  297.871100][T11385]  __sock_sendmsg+0x221/0x270
[  297.875812][T11385]  ____sys_sendmsg+0x525/0x7d0
[  297.880606][T11385]  ? __pfx_____sys_sendmsg+0x10/0x10
[  297.885944][T11385]  __sys_sendmsg+0x2b0/0x3a0
[  297.890574][T11385]  ? __pfx___sys_sendmsg+0x10/0x10
[  297.895702][T11385]  ? vfs_write+0x7c4/0xc90
[  297.900168][T11385]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  297.906519][T11385]  ? do_syscall_64+0x100/0x230
[  297.911321][T11385]  ? do_syscall_64+0xb6/0x230
[  297.916013][T11385]  do_syscall_64+0xf3/0x230
[  297.920539][T11385]  ? clear_bhb_loop+0x35/0x90
[  297.925417][T11385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.931407][T11385] RIP: 0033:0x7f84e0f75bd9
[  297.936009][T11385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.955738][T11385] RSP: 002b:00007f84e1cbe048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  297.964175][T11385] RAX: ffffffffffffffda RBX: 00007f84e1103f60 RCX: 00007f84e0f75bd9
[  297.972161][T11385] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003
[  297.980144][T11385] RBP: 00007f84e1cbe0a0 R08: 0000000000000000 R09: 0000000000000000
[  297.988221][T11385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.996208][T11385] R13: 000000000000000b R14: 00007f84e1103f60 R15: 00007ffecc57d278
[  298.004207][T11385]  </TASK>
[  298.032839][T11385] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1574'.
[  298.059443][T11066] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  298.141029][T11066] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  298.200824][T11066] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  298.415358][T11406] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1578'.
[  298.483374][T11406] lo speed is unknown, defaulting to 1000
[  298.513341][T11403] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1578'.
[  298.626042][T11066] 8021q: adding VLAN 0 to HW filter on device bond0
[  298.699314][T11066] 8021q: adding VLAN 0 to HW filter on device team0
[  298.731558][ T5153] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.738914][ T5153] bridge0: port 1(bridge_slave_0) entered forwarding state
[  298.777006][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.784276][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  299.557954][T11066] 8021q: adding VLAN 0 to HW filter on device batadv0
[  299.804881][T11066] veth0_vlan: entered promiscuous mode
[  299.866995][T11066] veth1_vlan: entered promiscuous mode
[  299.989970][T11066] veth0_macvtap: entered promiscuous mode
[  300.050014][T11066] veth1_macvtap: entered promiscuous mode
[  300.111410][T11467] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1593'.
[  300.136906][T11066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  300.174872][T11066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.202335][T11066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  300.228110][T11066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.252129][T11066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  300.264120][T11066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.276938][T11066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  300.299139][T11066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.364961][T11066] batman_adv: batadv0: Interface activated: batadv_slave_0
[  300.410236][T11066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  300.472747][T11066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.499688][T11066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  300.529598][T11066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.555408][T11066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  300.576734][T11066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.609951][T11066] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  300.639046][T11066] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  300.661580][T11066] batman_adv: batadv0: Interface activated: batadv_slave_1
[  300.723300][T11066] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  300.762471][T11066] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  300.773035][T11487] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1599'.
[  300.795187][T11066] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  300.806183][T11491] FAULT_INJECTION: forcing a failure.
[  300.806183][T11491] name failslab, interval 1, probability 0, space 0, times 0
[  300.814384][T11066] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  300.822429][T11491] CPU: 1 PID: 11491 Comm: syz.0.1600 Not tainted 6.10.0-rc6-syzkaller-01259-g3abbd7ed8b76 #0
[  300.837766][T11491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  300.847868][T11491] Call Trace:
[  300.851200][T11491]  <TASK>
[  300.854157][T11491]  dump_stack_lvl+0x241/0x360
[  300.858874][T11491]  ? __pfx_dump_stack_lvl+0x10/0x10
[  300.864171][T11491]  ? __pfx__printk+0x10/0x10
[  300.868783][T11491]  ? ref_tracker_alloc+0x332/0x490
[  300.873921][T11491]  should_fail_ex+0x3b0/0x4e0
[  300.878621][T11491]  ? skb_clone+0x20c/0x390
[  300.883052][T11491]  should_failslab+0x9/0x20
[  300.887569][T11491]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  300.892964][T11491]  skb_clone+0x20c/0x390
[  300.897230][T11491]  __netlink_deliver_tap+0x3cc/0x7c0
[  300.902626][T11491]  ? netlink_deliver_tap+0x2e/0x1b0
[  300.907861][T11491]  netlink_deliver_tap+0x19d/0x1b0
[  300.913009][T11491]  netlink_unicast+0x7be/0x990
[  300.917805][T11491]  ? __pfx_netlink_unicast+0x10/0x10
[  300.923096][T11491]  ? __virt_addr_valid+0x183/0x520
[  300.928247][T11491]  ? __check_object_size+0x49c/0x900
[  300.933556][T11491]  ? bpf_lsm_netlink_send+0x9/0x10
[  300.938707][T11491]  netlink_sendmsg+0x8e4/0xcb0
[  300.943567][T11491]  ? __pfx_netlink_sendmsg+0x10/0x10
[  300.948866][T11491]  ? __import_iovec+0x536/0x820
[  300.953741][T11491]  ? aa_sock_msg_perm+0x91/0x160
[  300.958707][T11491]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  300.964008][T11491]  ? security_socket_sendmsg+0x87/0xb0
[  300.969508][T11491]  ? __pfx_netlink_sendmsg+0x10/0x10
[  300.974807][T11491]  __sock_sendmsg+0x221/0x270
[  300.979528][T11491]  ____sys_sendmsg+0x525/0x7d0
[  300.984407][T11491]  ? __pfx_____sys_sendmsg+0x10/0x10
[  300.989733][T11491]  __sys_sendmsg+0x2b0/0x3a0
[  300.994359][T11491]  ? __pfx___sys_sendmsg+0x10/0x10
[  300.999572][T11491]  ? vfs_write+0x7c4/0xc90
[  301.004061][T11491]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  301.010422][T11491]  ? do_syscall_64+0x100/0x230
[  301.015204][T11491]  ? do_syscall_64+0xb6/0x230
[  301.019895][T11491]  do_syscall_64+0xf3/0x230
[  301.024410][T11491]  ? clear_bhb_loop+0x35/0x90
[  301.029106][T11491]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.035017][T11491] RIP: 0033:0x7fe2c3375bd9
[  301.039441][T11491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  301.059093][T11491] RSP: 002b:00007fe2c40bb048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  301.067612][T11491] RAX: ffffffffffffffda RBX: 00007fe2c3503f60 RCX: 00007fe2c3375bd9
[  301.076115][T11491] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[  301.084096][T11491] RBP: 00007fe2c40bb0a0 R08: 0000000000000000 R09: 0000000000000000
[  301.092084][T11491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  301.100074][T11491] R13: 000000000000000b R14: 00007fe2c3503f60 R15: 00007ffd843451b8
[  301.108160][T11491]  </TASK>
[  301.143878][T11484] ip6tnl0: Caught tx_queue_len zero misconfig
[  301.344049][T11468] hsr0: entered promiscuous mode
[  301.593210][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  301.630153][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  301.818830][T11505] ipip0: entered promiscuous mode
[  301.862813][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  301.870779][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  302.233138][T11527] FAULT_INJECTION: forcing a failure.
[  302.233138][T11527] name failslab, interval 1, probability 0, space 0, times 0
[  302.266630][T11527] CPU: 1 PID: 11527 Comm: syz.2.1608 Not tainted 6.10.0-rc6-syzkaller-01259-g3abbd7ed8b76 #0
[  302.276864][T11527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  302.286976][T11527] Call Trace:
[  302.290295][T11527]  <TASK>
[  302.293307][T11527]  dump_stack_lvl+0x241/0x360
[  302.298126][T11527]  ? __pfx_dump_stack_lvl+0x10/0x10
[  302.303458][T11527]  ? __pfx__printk+0x10/0x10
[  302.308109][T11527]  ? ref_tracker_alloc+0x332/0x490
[  302.313283][T11527]  should_fail_ex+0x3b0/0x4e0
[  302.318052][T11527]  ? skb_clone+0x20c/0x390
[  302.322609][T11527]  should_failslab+0x9/0x20
[  302.327169][T11527]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  302.332600][T11527]  skb_clone+0x20c/0x390
[  302.336902][T11527]  __netlink_deliver_tap+0x3cc/0x7c0
[  302.342262][T11527]  ? netlink_deliver_tap+0x2e/0x1b0
[  302.347540][T11527]  netlink_deliver_tap+0x19d/0x1b0
[  302.352699][T11527]  netlink_unicast+0x7be/0x990
[  302.357522][T11527]  ? __pfx_netlink_unicast+0x10/0x10
[  302.362849][T11527]  ? __virt_addr_valid+0x183/0x520
[  302.368019][T11527]  ? __check_object_size+0x49c/0x900
[  302.373350][T11527]  ? bpf_lsm_netlink_send+0x9/0x10
[  302.378511][T11527]  netlink_sendmsg+0x8e4/0xcb0
[  302.383335][T11527]  ? __pfx_netlink_sendmsg+0x10/0x10
[  302.388667][T11527]  ? __import_iovec+0x536/0x820
[  302.393561][T11527]  ? aa_sock_msg_perm+0x91/0x160
[  302.398558][T11527]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  302.403886][T11527]  ? security_socket_sendmsg+0x87/0xb0
[  302.409396][T11527]  ? __pfx_netlink_sendmsg+0x10/0x10
[  302.414755][T11527]  __sock_sendmsg+0x221/0x270
[  302.419485][T11527]  ____sys_sendmsg+0x525/0x7d0
[  302.424311][T11527]  ? __pfx_____sys_sendmsg+0x10/0x10
[  302.429665][T11527]  __sys_sendmsg+0x2b0/0x3a0
[  302.434582][T11527]  ? __pfx___sys_sendmsg+0x10/0x10
[  302.439906][T11527]  ? vfs_write+0x7c4/0xc90
[  302.444433][T11527]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  302.450836][T11527]  ? do_syscall_64+0x100/0x230
[  302.455651][T11527]  ? do_syscall_64+0xb6/0x230
[  302.460380][T11527]  do_syscall_64+0xf3/0x230
[  302.464933][T11527]  ? clear_bhb_loop+0x35/0x90
[  302.469679][T11527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.475723][T11527] RIP: 0033:0x7f84e0f75bd9
[  302.480176][T11527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.500012][T11527] RSP: 002b:00007f84e1c9d048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  302.508477][T11527] RAX: ffffffffffffffda RBX: 00007f84e1104038 RCX: 00007f84e0f75bd9
[  302.516610][T11527] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000004
[  302.524632][T11527] RBP: 00007f84e1c9d0a0 R08: 0000000000000000 R09: 0000000000000000
[  302.532650][T11527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  302.540660][T11527] R13: 000000000000006e R14: 00007f84e1104038 R15: 00007ffecc57d278
[  302.548778][T11527]  </TASK>
[  302.844974][T11539] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.1610'.
[  303.381183][T11562] FAULT_INJECTION: forcing a failure.
[  303.381183][T11562] name failslab, interval 1, probability 0, space 0, times 0
[  303.410728][T11562] CPU: 0 PID: 11562 Comm: syz.2.1616 Not tainted 6.10.0-rc6-syzkaller-01259-g3abbd7ed8b76 #0
[  303.421051][T11562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  303.431306][T11562] Call Trace:
[  303.434599][T11562]  <TASK>
[  303.437539][T11562]  dump_stack_lvl+0x241/0x360
[  303.442239][T11562]  ? __pfx_dump_stack_lvl+0x10/0x10
[  303.447541][T11562]  ? __pfx__printk+0x10/0x10
[  303.452150][T11562]  should_fail_ex+0x3b0/0x4e0
[  303.456846][T11562]  ? __alloc_skb+0x1c3/0x440
[  303.461450][T11562]  should_failslab+0x9/0x20
[  303.465975][T11562]  kmem_cache_alloc_node_noprof+0x71/0x320
[  303.471814][T11562]  __alloc_skb+0x1c3/0x440
[  303.476279][T11562]  ? __pfx___alloc_skb+0x10/0x10
[  303.481240][T11562]  ? netlink_ack_tlv_len+0x6e/0x200
[  303.486464][T11562]  netlink_ack+0x13f/0xa30
[  303.490894][T11562]  ? __up_read+0x2c2/0x6b0
[  303.495346][T11562]  rdma_nl_rcv+0x3f6/0x9e0
[  303.499795][T11562]  ? __pfx_rdma_nl_rcv+0x10/0x10
[  303.504773][T11562]  ? netlink_deliver_tap+0x2e/0x1b0
[  303.509988][T11562]  netlink_unicast+0x7f0/0x990
[  303.514774][T11562]  ? __pfx_netlink_unicast+0x10/0x10
[  303.520101][T11562]  ? __virt_addr_valid+0x183/0x520
[  303.525239][T11562]  ? __check_object_size+0x49c/0x900
[  303.530543][T11562]  ? bpf_lsm_netlink_send+0x9/0x10
[  303.535678][T11562]  netlink_sendmsg+0x8e4/0xcb0
[  303.540480][T11562]  ? __pfx_netlink_sendmsg+0x10/0x10
[  303.545787][T11562]  ? __import_iovec+0x536/0x820
[  303.550683][T11562]  ? aa_sock_msg_perm+0x91/0x160
[  303.555661][T11562]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  303.561150][T11562]  ? security_socket_sendmsg+0x87/0xb0
[  303.566646][T11562]  ? __pfx_netlink_sendmsg+0x10/0x10
[  303.572120][T11562]  __sock_sendmsg+0x221/0x270
[  303.576903][T11562]  ____sys_sendmsg+0x525/0x7d0
[  303.581717][T11562]  ? __pfx_____sys_sendmsg+0x10/0x10
[  303.587205][T11562]  __sys_sendmsg+0x2b0/0x3a0
[  303.591832][T11562]  ? __pfx___sys_sendmsg+0x10/0x10
[  303.596969][T11562]  ? vfs_write+0x7c4/0xc90
[  303.601500][T11562]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  303.607850][T11562]  ? do_syscall_64+0x100/0x230
[  303.612651][T11562]  ? do_syscall_64+0xb6/0x230
[  303.617361][T11562]  do_syscall_64+0xf3/0x230
[  303.621896][T11562]  ? clear_bhb_loop+0x35/0x90
[  303.626597][T11562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.632509][T11562] RIP: 0033:0x7f84e0f75bd9
[  303.637110][T11562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.656921][T11562] RSP: 002b:00007f84e1c9d048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  303.665357][T11562] RAX: ffffffffffffffda RBX: 00007f84e1104038 RCX: 00007f84e0f75bd9
[  303.673357][T11562] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000004
[  303.681336][T11562] RBP: 00007f84e1c9d0a0 R08: 0000000000000000 R09: 0000000000000000
[  303.689406][T11562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.697388][T11562] R13: 000000000000006e R14: 00007f84e1104038 R15: 00007ffecc57d278
[  303.705499][T11562]  </TASK>
[  303.953022][T11568] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1617'.
[  304.028066][T11573] dummy0: entered promiscuous mode
[  304.042084][T11573] dummy0: left promiscuous mode
[  304.056700][T11573] RDS: rds_bind could not find a transport for ::ffff:172.30.0.1, load rds_tcp or rds_rdma?
[  304.495440][T11591] sctp: [Deprecated]: syz.1.1622 (pid 11591) Use of int in maxseg socket option.
[  304.495440][T11591] Use struct sctp_assoc_value instead
[  304.619551][   T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.206666][   T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.303816][   T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.397667][   T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.584539][   T35] bridge_slave_1: left allmulticast mode
[  305.590354][   T35] bridge_slave_1: left promiscuous mode
[  305.602730][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.619639][   T35] bridge_slave_0: left allmulticast mode
[  305.625481][   T35] bridge_slave_0: left promiscuous mode
[  305.631401][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  306.363889][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  306.384870][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  306.410819][   T35] bond0 (unregistering): Released all slaves
[  306.436043][T11648] netlink: 'syz.0.1624': attribute type 1 has an invalid length.
[  306.458025][T11648] netlink: 'syz.0.1624': attribute type 1 has an invalid length.
[  306.472490][T11648] netlink: 10 bytes leftover after parsing attributes in process `syz.0.1624'.
[  306.525526][ T5105] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  306.537586][ T5105] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  306.563196][ T5105] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  306.583151][ T5105] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  306.618947][ T5105] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  306.628542][T11644] lo speed is unknown, defaulting to 1000
[  306.635501][ T5105] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  306.652583][T11654] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1627'.
[  307.227977][T11655] lo speed is unknown, defaulting to 1000
[  307.738303][T11686] veth0_vlan: left promiscuous mode
[  308.009437][   T35] hsr_slave_0: left promiscuous mode
[  308.048407][   T35] hsr_slave_1: left promiscuous mode
[  308.075971][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  308.092720][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  308.118178][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  308.144259][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  308.219960][   T35] veth1_macvtap: left promiscuous mode
[  308.226242][   T35] veth0_macvtap: left promiscuous mode
[  308.240030][   T35] veth1_vlan: left promiscuous mode
[  308.249235][   T35] veth0_vlan: left promiscuous mode
[  308.492034][T11685] delete_channel: no stack
[  308.712725][ T5105] Bluetooth: hci3: command tx timeout
[  308.794742][T11705] FAULT_INJECTION: forcing a failure.
[  308.794742][T11705] name failslab, interval 1, probability 0, space 0, times 0
[  308.808715][T11705] CPU: 0 PID: 11705 Comm: syz.2.1635 Not tainted 6.10.0-rc6-syzkaller-01259-g3abbd7ed8b76 #0
[  308.818922][T11705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  308.828999][T11705] Call Trace:
[  308.832291][T11705]  <TASK>
[  308.835255][T11705]  dump_stack_lvl+0x241/0x360
[  308.839994][T11705]  ? __pfx_dump_stack_lvl+0x10/0x10
[  308.845202][T11705]  ? __pfx__printk+0x10/0x10
[  308.849831][T11705]  ? ref_tracker_alloc+0x332/0x490
[  308.854967][T11705]  should_fail_ex+0x3b0/0x4e0
[  308.859670][T11705]  ? skb_clone+0x20c/0x390
[  308.864133][T11705]  should_failslab+0x9/0x20
[  308.868668][T11705]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  308.874072][T11705]  skb_clone+0x20c/0x390
[  308.878327][T11705]  __netlink_deliver_tap+0x3cc/0x7c0
[  308.883637][T11705]  ? netlink_deliver_tap+0x2e/0x1b0
[  308.888853][T11705]  netlink_deliver_tap+0x19d/0x1b0
[  308.894002][T11705]  netlink_unicast+0x7be/0x990
[  308.898819][T11705]  ? __pfx_netlink_unicast+0x10/0x10
[  308.904131][T11705]  ? __virt_addr_valid+0x183/0x520
[  308.909453][T11705]  ? __check_object_size+0x49c/0x900
[  308.914928][T11705]  ? bpf_lsm_netlink_send+0x9/0x10
[  308.920193][T11705]  netlink_sendmsg+0x8e4/0xcb0
[  308.925114][T11705]  ? __pfx_netlink_sendmsg+0x10/0x10
[  308.930423][T11705]  ? __import_iovec+0x536/0x820
[  308.935329][T11705]  ? aa_sock_msg_perm+0x91/0x160
[  308.940289][T11705]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  308.945763][T11705]  ? security_socket_sendmsg+0x87/0xb0
[  308.951264][T11705]  ? __pfx_netlink_sendmsg+0x10/0x10
[  308.956562][T11705]  __sock_sendmsg+0x221/0x270
[  308.961606][T11705]  ____sys_sendmsg+0x525/0x7d0
[  308.966409][T11705]  ? __pfx_____sys_sendmsg+0x10/0x10
[  308.971820][T11705]  __sys_sendmsg+0x2b0/0x3a0
[  308.976443][T11705]  ? __pfx___sys_sendmsg+0x10/0x10
[  308.981748][T11705]  ? vfs_write+0x7c4/0xc90
[  308.986215][T11705]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  308.992662][T11705]  ? do_syscall_64+0x100/0x230
[  308.997441][T11705]  ? do_syscall_64+0xb6/0x230
[  309.002216][T11705]  do_syscall_64+0xf3/0x230
[  309.006754][T11705]  ? clear_bhb_loop+0x35/0x90
[  309.011463][T11705]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.017395][T11705] RIP: 0033:0x7f84e0f75bd9
[  309.021840][T11705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  309.041735][T11705] RSP: 002b:00007f84e1cbe048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  309.050180][T11705] RAX: ffffffffffffffda RBX: 00007f84e1103f60 RCX: 00007f84e0f75bd9
[  309.058198][T11705] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  309.066217][T11705] RBP: 00007f84e1cbe0a0 R08: 0000000000000000 R09: 0000000000000000
[  309.074322][T11705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  309.082322][T11705] R13: 000000000000000b R14: 00007f84e1103f60 R15: 00007ffecc57d278
[  309.090322][T11705]  </TASK>
[  309.241862][   T35] team0 (unregistering): Port device team_slave_1 removed
[  309.289314][   T35] team0 (unregistering): Port device team_slave_0 removed
[  309.873321][T11711] FAULT_INJECTION: forcing a failure.
[  309.873321][T11711] name failslab, interval 1, probability 0, space 0, times 0
[  309.888044][T11711] CPU: 1 PID: 11711 Comm: syz.1.1636 Not tainted 6.10.0-rc6-syzkaller-01259-g3abbd7ed8b76 #0
[  309.898811][T11711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  309.908982][T11711] Call Trace:
[  309.912509][T11711]  <TASK>
[  309.915455][T11711]  dump_stack_lvl+0x241/0x360
[  309.920335][T11711]  ? __pfx_dump_stack_lvl+0x10/0x10
[  309.925570][T11711]  ? __pfx__printk+0x10/0x10
[  309.930176][T11711]  ? __pfx___might_resched+0x10/0x10
[  309.935565][T11711]  ? trace_contention_end+0x3c/0x120
[  309.941042][T11711]  ? __mutex_lock+0x2ef/0xd70
[  309.945749][T11711]  should_fail_ex+0x3b0/0x4e0
[  309.950450][T11711]  ? genl_start+0x1cb/0x6d0
[  309.955068][T11711]  should_failslab+0x9/0x20
[  309.959593][T11711]  kmalloc_trace_noprof+0x6c/0x2c0
[  309.964739][T11711]  genl_start+0x1cb/0x6d0
[  309.969102][T11711]  __netlink_dump_start+0x45c/0x780
[  309.974330][T11711]  genl_rcv_msg+0x88c/0xec0
[  309.978863][T11711]  ? mark_lock+0x9a/0x350
[  309.983254][T11711]  ? __pfx_genl_rcv_msg+0x10/0x10
[  309.988309][T11711]  ? __pfx_genl_start+0x10/0x10
[  309.993179][T11711]  ? __pfx_genl_dumpit+0x10/0x10
[  309.998141][T11711]  ? __pfx_genl_done+0x10/0x10
[  310.002940][T11711]  ? __pfx_lock_acquire+0x10/0x10
[  310.008063][T11711]  ? __pfx_nfc_genl_dump_devices+0x10/0x10
[  310.013893][T11711]  ? __pfx_nfc_genl_dump_devices_done+0x10/0x10
[  310.020155][T11711]  ? __pfx___might_resched+0x10/0x10
[  310.025464][T11711]  netlink_rcv_skb+0x1e3/0x430
[  310.030244][T11711]  ? __pfx_genl_rcv_msg+0x10/0x10
[  310.035287][T11711]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  310.040627][T11711]  genl_rcv+0x28/0x40
[  310.044629][T11711]  netlink_unicast+0x7f0/0x990
[  310.049600][T11711]  ? __pfx_netlink_unicast+0x10/0x10
[  310.054925][T11711]  ? __virt_addr_valid+0x183/0x520
[  310.060064][T11711]  ? __check_object_size+0x49c/0x900
[  310.065373][T11711]  ? bpf_lsm_netlink_send+0x9/0x10
[  310.070865][T11711]  netlink_sendmsg+0x8e4/0xcb0
[  310.075660][T11711]  ? __pfx_netlink_sendmsg+0x10/0x10
[  310.080962][T11711]  ? __import_iovec+0x536/0x820
[  310.085822][T11711]  ? aa_sock_msg_perm+0x91/0x160
[  310.090779][T11711]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  310.096274][T11711]  ? security_socket_sendmsg+0x87/0xb0
[  310.101750][T11711]  ? __pfx_netlink_sendmsg+0x10/0x10
[  310.107048][T11711]  __sock_sendmsg+0x221/0x270
[  310.111777][T11711]  ____sys_sendmsg+0x525/0x7d0
[  310.116570][T11711]  ? __pfx_____sys_sendmsg+0x10/0x10
[  310.121891][T11711]  __sys_sendmsg+0x2b0/0x3a0
[  310.126505][T11711]  ? __pfx___sys_sendmsg+0x10/0x10
[  310.131629][T11711]  ? vfs_write+0x7c4/0xc90
[  310.136101][T11711]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  310.142467][T11711]  ? do_syscall_64+0x100/0x230
[  310.147278][T11711]  ? do_syscall_64+0xb6/0x230
[  310.151986][T11711]  do_syscall_64+0xf3/0x230
[  310.156518][T11711]  ? clear_bhb_loop+0x35/0x90
[  310.161507][T11711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.167434][T11711] RIP: 0033:0x7faf21975bd9
[  310.171873][T11711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.191502][T11711] RSP: 002b:00007faf2279b048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  310.199956][T11711] RAX: ffffffffffffffda RBX: 00007faf21b03f60 RCX: 00007faf21975bd9
[  310.207975][T11711] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000006
[  310.215966][T11711] RBP: 00007faf2279b0a0 R08: 0000000000000000 R09: 0000000000000000
[  310.223967][T11711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  310.231955][T11711] R13: 000000000000000b R14: 00007faf21b03f60 R15: 00007ffd4fe49cc8
[  310.239975][T11711]  </TASK>
[  310.602155][T11722] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1639'.
[  310.669834][T11655] chnl_net:caif_netlink_parms(): no params data found
[  310.711707][T11722] netlink: 'syz.0.1639': attribute type 15 has an invalid length.
[  310.792997][ T5105] Bluetooth: hci3: command tx timeout
[  311.050117][T11655] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.059886][T11655] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.088549][T11655] bridge_slave_0: entered allmulticast mode
[  311.115245][T11655] bridge_slave_0: entered promiscuous mode
[  311.163720][T11655] bridge0: port 2(bridge_slave_1) entered blocking state
[  311.170968][T11655] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.206120][T11655] bridge_slave_1: entered allmulticast mode
[  311.217908][T11655] bridge_slave_1: entered promiscuous mode
[  311.358859][T11655] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  311.387366][T11756] Bluetooth: MGMT ver 1.22
[  311.408666][T11655] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  311.583937][T11655] team0: Port device team_slave_0 added
[  311.599465][T11655] team0: Port device team_slave_1 added
[  311.713432][T11763] 
@ÿ: renamed from veth0_vlan (while UP)
[  311.754896][T11655] batman_adv: batadv0: Adding interface: batadv_slave_0
[  311.798199][T11655] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  311.827878][T11655] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  311.886189][T11655] batman_adv: batadv0: Adding interface: batadv_slave_1
[  311.919934][T11655] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  311.961132][T11655] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  312.133182][T11655] hsr_slave_0: entered promiscuous mode
[  312.146819][T11655] hsr_slave_1: entered promiscuous mode
[  312.171323][T11655] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  312.189978][T11785] FAULT_INJECTION: forcing a failure.
[  312.189978][T11785] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  312.220776][T11655] Cannot create hsr debugfs directory
[  312.233306][T11785] CPU: 1 PID: 11785 Comm: syz.0.1654 Not tainted 6.10.0-rc6-syzkaller-01259-g3abbd7ed8b76 #0
[  312.243528][T11785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  312.253598][T11785] Call Trace:
[  312.256886][T11785]  <TASK>
[  312.259825][T11785]  dump_stack_lvl+0x241/0x360
[  312.264518][T11785]  ? __pfx_dump_stack_lvl+0x10/0x10
[  312.269725][T11785]  ? __pfx__printk+0x10/0x10
[  312.274331][T11785]  should_fail_ex+0x3b0/0x4e0
[  312.279028][T11785]  _copy_from_user+0x2f/0xe0
[  312.283628][T11785]  bpf_test_init+0x11f/0x180
[  312.288338][T11785]  bpf_prog_test_run_xdp+0x48e/0x11b0
[  312.293724][T11785]  ? __pfx_lock_acquire+0x10/0x10
[  312.298771][T11785]  ? __pfx_lock_release+0x10/0x10
[  312.303915][T11785]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  312.309761][T11785]  ? __fget_files+0x29/0x470
[  312.314412][T11785]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  312.320234][T11785]  bpf_prog_test_run+0x33a/0x3b0
[  312.325210][T11785]  __sys_bpf+0x48d/0x810
[  312.329476][T11785]  ? __pfx___sys_bpf+0x10/0x10
[  312.334268][T11785]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  312.340359][T11785]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  312.347222][T11785]  ? do_syscall_64+0x100/0x230
[  312.352000][T11785]  __x64_sys_bpf+0x7c/0x90
[  312.356457][T11785]  do_syscall_64+0xf3/0x230
[  312.360990][T11785]  ? clear_bhb_loop+0x35/0x90
[  312.365717][T11785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.371636][T11785] RIP: 0033:0x7fe2c3375bd9
[  312.376098][T11785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.395823][T11785] RSP: 002b:00007fe2c40bb048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  312.404488][T11785] RAX: ffffffffffffffda RBX: 00007fe2c3503f60 RCX: 00007fe2c3375bd9
[  312.412567][T11785] RDX: 0000000000000050 RSI: 0000000020000340 RDI: 000000000000000a
[  312.420696][T11785] RBP: 00007fe2c40bb0a0 R08: 0000000000000000 R09: 0000000000000000
[  312.428697][T11785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  312.436689][T11785] R13: 000000000000000b R14: 00007fe2c3503f60 R15: 00007ffd843451b8
[  312.444882][T11785]  </TASK>
[  312.872989][ T5105] Bluetooth: hci3: command tx timeout
[  312.991834][T11809] dccp_invalid_packet: P.Data Offset(0) too small
[  314.061605][T11862] xt_cgroup: invalid path, errno=-2
[  314.086280][T11655] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  314.125351][T11655] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  314.156876][T11655] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  314.209375][T11655] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  314.534843][T11878] dummy0: entered promiscuous mode
[  314.607694][T11878] dummy0: left promiscuous mode
[  314.648929][T11878] RDS: rds_bind could not find a transport for ::ffff:172.30.0.2, load rds_tcp or rds_rdma?
[  314.666685][T11655] 8021q: adding VLAN 0 to HW filter on device bond0
[  314.717620][T11655] 8021q: adding VLAN 0 to HW filter on device team0
[  314.778501][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.785842][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  314.879707][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.887166][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  314.963412][ T5105] Bluetooth: hci3: command tx timeout
[  314.976244][T11893] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  315.518451][T11906] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  315.666728][   T51] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  315.706181][ T5111] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  315.717505][ T5111] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  315.729384][ T5111] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  315.740049][ T5111] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  315.749757][ T5111] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  315.759399][ T5111] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  315.765113][   T51] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.871443][T11914] lo speed is unknown, defaulting to 1000
[  315.940760][   T51] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  315.974913][   T51] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.021293][T11923] FAULT_INJECTION: forcing a failure.
[  316.021293][T11923] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  316.044307][T11923] CPU: 0 PID: 11923 Comm: syz.0.1688 Not tainted 6.10.0-rc6-syzkaller-01259-g3abbd7ed8b76 #0
[  316.054541][T11923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  316.064663][T11923] Call Trace:
[  316.068062][T11923]  <TASK>
[  316.071016][T11923]  dump_stack_lvl+0x241/0x360
[  316.075732][T11923]  ? __pfx_dump_stack_lvl+0x10/0x10
[  316.080996][T11923]  ? __pfx__printk+0x10/0x10
[  316.086413][T11923]  should_fail_ex+0x3b0/0x4e0
[  316.091154][T11923]  _copy_from_user+0x2f/0xe0
[  316.095781][T11923]  bpf_test_init+0x11f/0x180
[  316.100409][T11923]  bpf_prog_test_run_xdp+0x48e/0x11b0
[  316.105820][T11923]  ? __pfx_lock_acquire+0x10/0x10
[  316.110887][T11923]  ? __pfx_lock_release+0x10/0x10
[  316.115970][T11923]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  316.121822][T11923]  ? __fget_files+0x29/0x470
[  316.126472][T11923]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  316.132327][T11923]  bpf_prog_test_run+0x33a/0x3b0
[  316.137287][T11923]  __sys_bpf+0x48d/0x810
[  316.141551][T11923]  ? __pfx___sys_bpf+0x10/0x10
[  316.146351][T11923]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  316.152348][T11923]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  316.158701][T11923]  ? do_syscall_64+0x100/0x230
[  316.163483][T11923]  __x64_sys_bpf+0x7c/0x90
[  316.167919][T11923]  do_syscall_64+0xf3/0x230
[  316.172433][T11923]  ? clear_bhb_loop+0x35/0x90
[  316.177124][T11923]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.183029][T11923] RIP: 0033:0x7fe2c3375bd9
[  316.187467][T11923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.207090][T11923] RSP: 002b:00007fe2c40bb048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  316.215518][T11923] RAX: ffffffffffffffda RBX: 00007fe2c3503f60 RCX: 00007fe2c3375bd9
[  316.223504][T11923] RDX: 0000000000000050 RSI: 0000000020000600 RDI: 000000000000000a
[  316.231501][T11923] RBP: 00007fe2c40bb0a0 R08: 0000000000000000 R09: 0000000000000000
[  316.239695][T11923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  316.247761][T11923] R13: 000000000000000b R14: 00007fe2c3503f60 R15: 00007ffd843451b8
[  316.255781][T11923]  </TASK>
[  316.514033][   T51] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  316.538825][   T51] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.568896][T11655] 8021q: adding VLAN 0 to HW filter on device batadv0
[  316.732846][   T51] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  316.752983][   T51] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.908148][T11947] FAULT_INJECTION: forcing a failure.
[  316.908148][T11947] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  316.930881][T11947] CPU: 0 PID: 11947 Comm: syz.0.1694 Not tainted 6.10.0-rc6-syzkaller-01259-g3abbd7ed8b76 #0
[  316.941156][T11947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  316.951397][T11947] Call Trace:
[  316.954721][T11947]  <TASK>
[  316.957694][T11947]  dump_stack_lvl+0x241/0x360
[  316.962517][T11947]  ? __pfx_dump_stack_lvl+0x10/0x10
[  316.967855][T11947]  ? __pfx__printk+0x10/0x10
[  316.972599][T11947]  should_fail_ex+0x3b0/0x4e0
[  316.977339][T11947]  _copy_from_user+0x2f/0xe0
[  316.981985][T11947]  bpf_test_init+0x11f/0x180
[  316.986726][T11947]  bpf_prog_test_run_xdp+0x48e/0x11b0
[  316.992177][T11947]  ? __pfx_lock_acquire+0x10/0x10
[  316.997262][T11947]  ? __pfx_lock_release+0x10/0x10
[  317.002363][T11947]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  317.008335][T11947]  ? __fget_files+0x29/0x470
[  317.012992][T11947]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  317.018854][T11947]  bpf_prog_test_run+0x33a/0x3b0
[  317.023843][T11947]  __sys_bpf+0x48d/0x810
[  317.028198][T11947]  ? __pfx___sys_bpf+0x10/0x10
[  317.033038][T11947]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  317.039064][T11947]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  317.045527][T11947]  ? do_syscall_64+0x100/0x230
[  317.047228][T11655] veth0_vlan: entered promiscuous mode
[  317.050750][T11947]  __x64_sys_bpf+0x7c/0x90
[  317.050795][T11947]  do_syscall_64+0xf3/0x230
[  317.065421][T11947]  ? clear_bhb_loop+0x35/0x90
[  317.070160][T11947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.076140][T11947] RIP: 0033:0x7fe2c3375bd9
[  317.080600][T11947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.100513][T11947] RSP: 002b:00007fe2c40bb048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  317.109502][T11947] RAX: ffffffffffffffda RBX: 00007fe2c3503f60 RCX: 00007fe2c3375bd9
[  317.117697][T11947] RDX: 0000000000000050 RSI: 0000000020000340 RDI: 000000000000000a
[  317.125712][T11947] RBP: 00007fe2c40bb0a0 R08: 0000000000000000 R09: 0000000000000000
[  317.133730][T11947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  317.141744][T11947] R13: 000000000000000b R14: 00007fe2c3503f60 R15: 00007ffd843451b8
[  317.149787][T11947]  </TASK>
[  317.263171][T11655] veth1_vlan: entered promiscuous mode
[  317.523108][ T1251] ieee802154 phy1 wpan1: encryption failed: -22
[  317.585399][T11655] veth0_macvtap: entered promiscuous mode
[  317.639523][   T51] bridge_slave_1: left allmulticast mode
[  317.651743][   T51] bridge_slave_1: left promiscuous mode
[  317.662887][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.707185][   T51] bridge_slave_0: left allmulticast mode
[  317.720656][   T51] bridge_slave_0: left promiscuous mode
[  317.736595][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.833645][ T5105] Bluetooth: hci0: command tx timeout
[  318.336013][T11987] netlink: 'syz.0.1704': attribute type 20 has an invalid length.
[  318.397496][   T51] team0: Port device bond0 removed
[  318.406370][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  318.420866][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  318.432589][   T51] bond0 (unregistering): Released all slaves
[  318.448498][T11914] chnl_net:caif_netlink_parms(): no params data found
[  318.556878][T11655] veth1_macvtap: entered promiscuous mode
[  318.636277][   T51] ɶƣ0GCTw
�: left promiscuous mode
[  318.863469][T11914] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.870881][T11914] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.878843][T11914] bridge_slave_0: entered allmulticast mode
[  318.888524][T11914] bridge_slave_0: entered promiscuous mode
[  318.935816][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  318.947808][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  318.960192][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  318.970851][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  318.981144][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  318.991901][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.002199][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  319.013076][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.027414][T11655] batman_adv: batadv0: Interface activated: batadv_slave_0
[  319.039839][T11914] bridge0: port 2(bridge_slave_1) entered blocking state
[  319.052085][T11914] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.070994][T11914] bridge_slave_1: entered allmulticast mode
[  319.080010][T11914] bridge_slave_1: entered promiscuous mode
[  319.100155][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  319.122091][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.141762][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  319.158494][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.172504][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  319.184176][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.194812][T11655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  319.205762][T11655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  319.218136][T11655] batman_adv: batadv0: Interface activated: batadv_slave_1
[  319.328751][T11914] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  319.354974][T11655] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  319.377620][T11655] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  319.387123][T11655] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  319.404574][T11655] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  319.443251][T12011] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1711'.
[  319.524738][T11914] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  319.594050][T12011] lo speed is unknown, defaulting to 1000
[  319.620171][T12007] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1711'.
[  319.642676][T12020] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1712'.
[  319.700145][T11914] team0: Port device team_slave_0 added
[  319.808023][T11914] team0: Port device team_slave_1 added
[  319.913055][ T5105] Bluetooth: hci0: command tx timeout
[  319.925943][T11914] batman_adv: batadv0: Adding interface: batadv_slave_0
[  319.942345][T11914] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  319.969075][T11914] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  319.983092][T11914] batman_adv: batadv0: Adding interface: batadv_slave_1
[  319.990343][T11914] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  320.017365][T11914] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  320.230137][T12032] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1714'.
[  320.406677][T11914] hsr_slave_0: entered promiscuous mode
[  320.429532][T11914] hsr_slave_1: entered promiscuous mode
[  320.447369][T11914] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  320.461316][T11914] Cannot create hsr debugfs directory
[  320.532704][   T51] hsr_slave_0: left promiscuous mode
[  320.549510][   T51] hsr_slave_1: left promiscuous mode
[  320.564711][   T51] batman_adv: batadv0: Removing interface: team0
[  320.577266][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  320.590928][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  320.600962][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  320.615093][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  320.660140][   T51] veth1_macvtap: left promiscuous mode
[  320.668457][   T51] veth0_macvtap: left promiscuous mode
[  320.675752][   T51] veth1_vlan: left promiscuous mode
[  320.680315][T12048] ax25_connect(): syz.4.1716 uses autobind, please contact jreuter@yaina.de
[  321.157150][   T51] batadv_slave_0 (unregistering): left allmulticast mode
[  321.213007][   T51] team0 (unregistering): Port device team_slave_1 removed
[  321.256747][   T51] team0 (unregistering): Port device team_slave_0 removed
[  321.546483][   T51] team0 (unregistering): Port device dummy0 removed
[  321.719738][T12044] syz.4.1716 (12044) used obsolete PPPIOCDETACH ioctl
[  321.902427][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  321.924970][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  321.992416][ T5105] Bluetooth: hci0: command tx timeout
[  322.133700][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  322.172625][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  322.763422][ T2464] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.811950][T12074] ip6gretap0: entered promiscuous mode
[  322.853253][T12074] batadv_slave_0: entered promiscuous mode
[  323.061741][ T2464] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.199296][ T2464] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.282190][ T2464] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.311966][T11914] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  323.334883][T11914] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  323.353293][T11914] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  323.371097][T11914] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  323.604480][ T2464] bridge_slave_1: left allmulticast mode
[  323.610467][ T2464] bridge_slave_1: left promiscuous mode
[  323.618377][ T2464] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.634814][ T2464] bridge_slave_0: left allmulticast mode
[  323.640544][ T2464] bridge_slave_0: left promiscuous mode
[  323.653636][ T2464] bridge0: port 1(bridge_slave_0) entered disabled state
[  324.083210][ T5105] Bluetooth: hci0: command tx timeout
[  324.233571][ T2464] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  324.246807][ T2464] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  324.258007][ T2464] bond0 (unregistering): Released all slaves
[  324.344899][T11914] 8021q: adding VLAN 0 to HW filter on device bond0
[  324.408004][T11914] 8021q: adding VLAN 0 to HW filter on device team0
[  324.440302][  T784] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.447589][  T784] bridge0: port 1(bridge_slave_0) entered forwarding state
[  324.516935][ T5150] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.524282][ T5150] bridge0: port 2(bridge_slave_1) entered forwarding state
[  324.541936][T12115] FAULT_INJECTION: forcing a failure.
[  324.541936][T12115] name failslab, interval 1, probability 0, space 0, times 0
[  324.553361][T12111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1726'.
[  324.567349][T12115] CPU: 0 PID: 12115 Comm: syz.0.1725 Not tainted 6.10.0-rc6-syzkaller-01259-g3abbd7ed8b76 #0
[  324.577577][T12115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  324.587766][T12115] Call Trace:
[  324.591177][T12115]  <TASK>
[  324.594161][T12115]  dump_stack_lvl+0x241/0x360
[  324.598885][T12115]  ? __pfx_dump_stack_lvl+0x10/0x10
[  324.604135][T12115]  ? __pfx__printk+0x10/0x10
[  324.608760][T12115]  ? ref_tracker_alloc+0x332/0x490
[  324.614015][T12115]  should_fail_ex+0x3b0/0x4e0
[  324.618750][T12115]  ? skb_clone+0x20c/0x390
[  324.623218][T12115]  should_failslab+0x9/0x20
[  324.627765][T12115]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  324.633188][T12115]  skb_clone+0x20c/0x390
[  324.637486][T12115]  __netlink_deliver_tap+0x3cc/0x7c0
[  324.642827][T12115]  ? netlink_deliver_tap+0x2e/0x1b0
[  324.648068][T12115]  netlink_deliver_tap+0x19d/0x1b0
[  324.653225][T12115]  netlink_unicast+0x7be/0x990
[  324.658039][T12115]  ? __pfx_netlink_unicast+0x10/0x10
[  324.663534][T12115]  ? __virt_addr_valid+0x183/0x520
[  324.668782][T12115]  ? __check_object_size+0x49c/0x900
[  324.674112][T12115]  ? bpf_lsm_netlink_send+0x9/0x10
[  324.679268][T12115]  netlink_sendmsg+0x8e4/0xcb0
[  324.684065][T12115]  ? __pfx_netlink_sendmsg+0x10/0x10
[  324.689366][T12115]  ? __import_iovec+0x536/0x820
[  324.694232][T12115]  ? aa_sock_msg_perm+0x91/0x160
[  324.699194][T12115]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  324.704500][T12115]  ? security_socket_sendmsg+0x87/0xb0
[  324.709986][T12115]  ? __pfx_netlink_sendmsg+0x10/0x10
[  324.715296][T12115]  __sock_sendmsg+0x221/0x270
[  324.720003][T12115]  ____sys_sendmsg+0x525/0x7d0
[  324.724801][T12115]  ? __pfx_____sys_sendmsg+0x10/0x10
[  324.730125][T12115]  __sys_sendmsg+0x2b0/0x3a0
[  324.734823][T12115]  ? __pfx___sys_sendmsg+0x10/0x10
[  324.739949][T12115]  ? vfs_write+0x7c4/0xc90
[  324.744416][T12115]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  324.750753][T12115]  ? do_syscall_64+0x100/0x230
[  324.755529][T12115]  ? do_syscall_64+0xb6/0x230
[  324.760219][T12115]  do_syscall_64+0xf3/0x230
[  324.764731][T12115]  ? clear_bhb_loop+0x35/0x90
[  324.769421][T12115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.775327][T12115] RIP: 0033:0x7fe2c3375bd9
[  324.779762][T12115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  324.799399][T12115] RSP: 002b:00007fe2c40bb048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  324.807844][T12115] RAX: ffffffffffffffda RBX: 00007fe2c3503f60 RCX: 00007fe2c3375bd9
[  324.815916][T12115] RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000000007
[  324.823894][T12115] RBP: 00007fe2c40bb0a0 R08: 0000000000000000 R09: 0000000000000000
[  324.831874][T12115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  324.839854][T12115] R13: 000000000000000b R14: 00007fe2c3503f60 R15: 00007ffd843451b8
[  324.847851][T12115]  </TASK>
[  324.965314][T12115] netlink: 'syz.0.1725': attribute type 10 has an invalid length.
[  325.054769][ T5111] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  325.068646][T12115] team0: Failed to send options change via netlink (err -105)
[  325.070638][ T5111] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  325.085294][ T5111] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  325.103214][ T5111] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  325.111691][T12115] team0: Port device netdevsim0 added
[  325.121728][ T5111] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  325.129517][ T5111] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  325.636435][T11914] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  325.697119][T12121] lo speed is unknown, defaulting to 1000
[  325.855895][T12152] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1732'.
[  325.880093][T12152] lo speed is unknown, defaulting to 1000
[  325.889468][T12144] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1732'.
[  326.158946][T11914] 8021q: adding VLAN 0 to HW filter on device batadv0
[  326.470799][T11914] veth0_vlan: entered promiscuous mode
[  326.644695][ T2464] hsr_slave_0: left promiscuous mode
[  326.673517][ T2464] hsr_slave_1: left promiscuous mode
[  326.682985][ T2464] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  326.690471][ T2464] batman_adv: batadv0: Removing interface: batadv_slave_0
[  326.725174][ T2464] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  326.743321][ T2464] batman_adv: batadv0: Removing interface: batadv_slave_1
[  326.789802][ T2464] veth1_macvtap: left promiscuous mode
[  326.799089][ T2464] veth0_macvtap: left promiscuous mode
[  326.805898][ T2464] veth1_vlan: left promiscuous mode
[  326.811453][ T2464] veth0_vlan: left promiscuous mode
[  327.192805][ T5105] Bluetooth: hci3: command tx timeout
[  327.389998][ T2464] team0 (unregistering): Port device team_slave_1 removed
[  327.436784][ T2464] team0 (unregistering): Port device team_slave_0 removed
[  328.135193][T11914] veth1_vlan: entered promiscuous mode
[  328.572131][T11914] veth0_macvtap: entered promiscuous mode
[  328.654236][T11914] veth1_macvtap: entered promiscuous mode
[  328.718161][T12121] chnl_net:caif_netlink_parms(): no params data found
[  328.861836][T11914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.876708][T11914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.899667][T11914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.929216][T11914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.954614][T11914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.991701][T11914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.014734][T11914] batman_adv: batadv0: Interface activated: batadv_slave_0
[  329.122824][T11914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  329.158050][T11914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.202044][T11914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  329.245690][T11914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.262091][T11914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  329.282669][T11914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.283228][ T5105] Bluetooth: hci3: command tx timeout
[  329.306964][T11914] batman_adv: batadv0: Interface activated: batadv_slave_1
[  329.465889][T11914] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  329.483778][T11914] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  329.522297][T11914] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  329.540774][T11914] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  329.562956][T12121] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.575996][T12121] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.588765][T12121] bridge_slave_0: entered allmulticast mode
[  329.600522][T12121] bridge_slave_0: entered promiscuous mode
[  329.647121][T12121] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.661950][T12121] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.688537][T12121] bridge_slave_1: entered allmulticast mode
[  329.709415][T12121] bridge_slave_1: entered promiscuous mode
[  329.940155][T12232] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1750'.
[  329.977671][T12121] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  330.028237][T12121] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  330.086930][T12241] vlan2: entered promiscuous mode
[  330.104931][T12241] gretap0: entered promiscuous mode
[  330.148447][T12241] gretap0: left promiscuous mode
[  330.375724][T12121] team0: Port device team_slave_0 added
[  330.426985][ T1108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  330.440929][T12121] team0: Port device team_slave_1 added
[  330.458783][ T1108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  330.696279][T12121] batman_adv: batadv0: Adding interface: batadv_slave_0
[  330.711325][T12272] Timeout policy `syz0' can only be used by L3 protocol number 0
[  330.717130][T12121] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  330.781719][T12121] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  330.811394][T12121] batman_adv: batadv0: Adding interface: batadv_slave_1
[  330.823518][T12121] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  330.852548][T12121] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  330.871802][ T1108] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  330.903357][ T1108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  330.974614][T12121] hsr_slave_0: entered promiscuous mode
[  330.991213][T12121] hsr_slave_1: entered promiscuous mode
[  331.072052][T12280] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1756'.
[  331.096694][T12280] block nbd0: not configured, cannot reconfigure
[  331.352925][ T5105] Bluetooth: hci3: command tx timeout
[  331.388325][T12283] xt_CONNSECMARK: invalid mode: 0
[  333.104660][T12121] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  333.140658][T12121] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  333.158074][T12380] Bluetooth: MGMT ver 1.22
[  333.168685][T12121] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  333.179046][T12380] Bluetooth: hci3: invalid length 0, exp 2 for type 12
[  333.233771][T12121] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  333.433500][ T5105] Bluetooth: hci3: command tx timeout
[  333.513286][T12399] lo speed is unknown, defaulting to 1000
[  333.626537][T12121] 8021q: adding VLAN 0 to HW filter on device bond0
[  333.632768][T12400] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1771'.
[  333.738664][T12121] 8021q: adding VLAN 0 to HW filter on device team0
[  333.848030][T12410] xt_CONNSECMARK: invalid mode: 0
[  333.919266][ T5150] bridge0: port 1(bridge_slave_0) entered blocking state
[  333.926522][ T5150] bridge0: port 1(bridge_slave_0) entered forwarding state
[  334.005436][ T5150] bridge0: port 2(bridge_slave_1) entered blocking state
[  334.012726][ T5150] bridge0: port 2(bridge_slave_1) entered forwarding state
[  335.163664][T12121] 8021q: adding VLAN 0 to HW filter on device batadv0
[  335.355509][T12121] veth0_vlan: entered promiscuous mode
[  335.410631][T12121] veth1_vlan: entered promiscuous mode
[  335.575440][T12121] veth0_macvtap: entered promiscuous mode
[  335.597334][T12121] veth1_macvtap: entered promiscuous mode
[  335.620878][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  335.655599][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  335.696989][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  335.732779][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  335.761481][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  335.799833][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  335.813469][T12480] xt_policy: output policy not valid in PREROUTING and INPUT
[  335.821036][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  335.842078][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  335.874588][T12121] batman_adv: batadv0: Interface activated: batadv_slave_0
[  335.925646][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  335.978965][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.019480][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  336.041026][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.059259][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  336.083893][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.105222][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  336.125379][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.149582][T12121] batman_adv: batadv0: Interface activated: batadv_slave_1
[  336.208910][T12121] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  336.249337][T12121] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  336.290021][T12121] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  336.317249][T12121] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  336.599808][ T2808] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  336.635162][ T2808] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  336.738038][ T2464] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  336.755737][ T2464] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  336.971032][T12518] netlink: 'syz.0.1792': attribute type 9 has an invalid length.
[  337.015382][T12518] bond0: entered promiscuous mode
[  337.022648][T12518] bond_slave_0: entered promiscuous mode
[  337.042623][T12518] bond_slave_1: entered promiscuous mode
[  337.082011][T12518] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  337.114882][T12518] bond0: left promiscuous mode
[  337.119736][T12518] bond_slave_0: left promiscuous mode
[  337.135748][T12518] bond_slave_1: left promiscuous mode
[  337.377993][T12528] ip6t_REJECT: ECHOREPLY is not supported
[  337.454228][T12525] netlink: 'syz.4.1793': attribute type 1 has an invalid length.
[  337.490120][T12525] netlink: 9388 bytes leftover after parsing attributes in process `syz.4.1793'.
[  337.607886][T12528] netlink: 'syz.4.1793': attribute type 3 has an invalid length.
[  338.100912][T12556] xt_CT: You must specify a L4 protocol and not use inversions on it
[  338.348779][T12338] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.838536][T12338] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.964597][T12338] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.064177][T12338] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.243807][T12338] bridge_slave_1: left allmulticast mode
[  339.249529][T12338] bridge_slave_1: left promiscuous mode
[  339.257380][T12338] bridge0: port 2(bridge_slave_1) entered disabled state
[  339.268057][T12338] bridge_slave_0: left allmulticast mode
[  339.276683][T12338] bridge_slave_0: left promiscuous mode
[  339.287062][T12338] bridge0: port 1(bridge_slave_0) entered disabled state
[  339.432636][ T5111] Bluetooth: hci0: command 0x0405 tx timeout
[  339.699960][T12338] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  339.712172][T12338] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  339.724818][T12338] bond0 (unregistering): Released all slaves
[  340.153601][T12604] netlink: 'syz.0.1804': attribute type 1 has an invalid length.
[  340.242969][   T11] wlan1: Trigger new scan to find an IBSS to join
[  340.279990][T12604] bond1: entered promiscuous mode
[  340.466875][T12611] ip6gretap1: entered promiscuous mode
[  340.532499][T12611] ip6gretap1: entered allmulticast mode
[  340.591290][T12611] bond1: (slave ip6gretap1): making interface the new active one
[  340.621980][T12611] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  340.693340][T12623] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1810'.
[  340.818903][T12338] hsr_slave_0: left promiscuous mode
[  340.868050][T12338] hsr_slave_1: left promiscuous mode
[  340.917806][T12338] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  340.932324][T12338] batman_adv: batadv0: Removing interface: batadv_slave_0
[  340.960476][T12338] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  340.988999][ T5111] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  340.992731][T12338] batman_adv: batadv0: Removing interface: batadv_slave_1
[  341.008882][ T5111] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  341.017394][ T5111] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  341.026775][ T5111] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  341.035682][ T5111] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  341.046375][ T5111] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  341.098313][T12338] veth1_macvtap: left promiscuous mode
[  341.106510][T12338] veth0_macvtap: left promiscuous mode
[  341.119133][T12338] veth1_vlan: left promiscuous mode
[  341.126303][T12338] veth0_vlan: left promiscuous mode
[  341.746080][T12338] team0 (unregistering): Port device team_slave_1 removed
[  341.840976][T12338] team0 (unregistering): Port device team_slave_0 removed
[  342.648240][T12641] lo speed is unknown, defaulting to 1000
[  342.753642][T12676] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1823'.
[  343.010085][T12690] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1827'.
[  343.127631][ T5105] Bluetooth: hci3: command tx timeout
[  343.224641][ T5147] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.286812][T12346] wlan1: Trigger new scan to find an IBSS to join
[  343.727938][T12641] chnl_net:caif_netlink_parms(): no params data found
[  344.060106][T12726] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1831'.
[  344.172161][T12641] bridge0: port 1(bridge_slave_0) entered blocking state
[  344.199023][T12641] bridge0: port 1(bridge_slave_0) entered disabled state
[  344.207098][ T2464] wlan1: Creating new IBSS network, BSSID de:50:17:77:cc:10
[  344.215227][T12641] bridge_slave_0: entered allmulticast mode
[  344.233982][T12641] bridge_slave_0: entered promiscuous mode
[  344.255014][T12641] bridge0: port 2(bridge_slave_1) entered blocking state
[  344.263129][T12641] bridge0: port 2(bridge_slave_1) entered disabled state
[  344.280652][T12641] bridge_slave_1: entered allmulticast mode
[  344.301288][T12641] bridge_slave_1: entered promiscuous mode
[  344.317138][T12729] lo speed is unknown, defaulting to 1000
[  344.493580][T12641] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  344.558679][T12641] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  344.684265][T12641] team0: Port device team_slave_0 added
[  344.706228][T12641] team0: Port device team_slave_1 added
[  344.940049][T12641] batman_adv: batadv0: Adding interface: batadv_slave_0
[  344.963119][T12641] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  345.025844][T12641] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  345.062810][T12641] batman_adv: batadv0: Adding interface: batadv_slave_1
[  345.071200][T12641] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  345.136356][T12641] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  345.192671][ T5105] Bluetooth: hci3: command tx timeout
[  345.308116][T12766] lo speed is unknown, defaulting to 1000
[  345.319563][T12768] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1839'.
[  345.353651][T12641] hsr_slave_0: entered promiscuous mode
[  345.381319][T12641] hsr_slave_1: entered promiscuous mode
[  346.700967][T12803] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1844'.
[  346.763562][T12803] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1844'.
[  347.283692][ T5105] Bluetooth: hci3: command tx timeout
[  347.335626][T12641] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  347.412891][T12641] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  347.460454][T12641] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  347.496914][T12641] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  347.854384][T12641] 8021q: adding VLAN 0 to HW filter on device bond0
[  347.937340][T12641] 8021q: adding VLAN 0 to HW filter on device team0
[  347.959427][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  347.966751][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  348.012051][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  348.019476][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  348.288339][T12865] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1858'.
[  348.369382][T12860] lo speed is unknown, defaulting to 1000
[  348.541827][T12864] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1859'.
[  349.035635][T12641] 8021q: adding VLAN 0 to HW filter on device batadv0
[  349.058843][T12888] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1861'.
[  349.221432][T12865] lo speed is unknown, defaulting to 1000
[  349.256390][T12641] veth0_vlan: entered promiscuous mode
[  349.353218][ T5105] Bluetooth: hci3: command tx timeout
[  349.388047][T12641] veth1_vlan: entered promiscuous mode
[  349.746165][T12641] veth0_macvtap: entered promiscuous mode
[  349.779175][T12641] veth1_macvtap: entered promiscuous mode
[  349.805250][T12911] netlink: 'syz.4.1866': attribute type 22 has an invalid length.
[  349.926435][T12911] bridge_slave_0: Caught tx_queue_len zero misconfig
[  349.934942][T12911] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1866'.
[  349.966930][T12641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  350.005467][T12641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.035423][T12641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  350.056831][T12641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.075568][T12641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  350.087803][T12641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.098049][T12641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  350.110825][T12641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.198960][T12641] batman_adv: batadv0: Interface activated: batadv_slave_0
[  350.258284][T12641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  350.282965][T12641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.303921][T12641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  350.322317][T12641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.341963][T12641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  350.356610][T12641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.367150][T12641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  350.381267][T12641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.395385][T12641] batman_adv: batadv0: Interface activated: batadv_slave_1
[  350.484986][T12641] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  350.508861][T12641] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  350.520282][T12641] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  350.529826][T12641] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  350.905902][T12344] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  350.927486][T12344] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  350.976316][T12940] lo speed is unknown, defaulting to 1000
[  351.008108][T12940] lo speed is unknown, defaulting to 1000
[  351.037588][T12346] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  351.037690][T12940] lo speed is unknown, defaulting to 1000
[  351.076460][T12346] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  351.136640][T12940] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  351.247135][T12940] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  351.392182][T12937] lo speed is unknown, defaulting to 1000
[  351.470613][T12940] lo speed is unknown, defaulting to 1000
[  351.598980][T12940] lo speed is unknown, defaulting to 1000
[  351.649180][T12940] lo speed is unknown, defaulting to 1000
[  351.858432][T12940] lo speed is unknown, defaulting to 1000
[  351.952643][T12940] lo speed is unknown, defaulting to 1000
[  352.018526][T12940] lo speed is unknown, defaulting to 1000
[  352.732141][T12986] netlink: 'syz.2.1879': attribute type 10 has an invalid length.
[  352.748179][T12986] tipc: Resetting bearer <eth:team0>
[  352.896820][T12986] batman_adv: batadv0: Adding interface: team0
[  352.920630][T12986] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  352.959052][T12986] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  352.976874][T12990] netlink: 'syz.2.1879': attribute type 10 has an invalid length.
[  352.998774][T12990] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1879'.
[  353.021264][T12990] team0: entered promiscuous mode
[  353.044992][T12990] team_slave_0: entered promiscuous mode
[  353.067280][T12990] team_slave_1: entered promiscuous mode
[  353.081183][T12990] 8021q: adding VLAN 0 to HW filter on device team0
[  353.098054][T12990] batman_adv: batadv0: Interface activated: team0
[  353.109854][T12990] batman_adv: batadv0: Interface deactivated: team0
[  353.124868][T12990] batman_adv: batadv0: Removing interface: team0
[  353.135949][T12990] bridge0: port 3(team0) entered blocking state
[  353.142816][T12990] bridge0: port 3(team0) entered disabled state
[  353.149364][T12990] team0: entered allmulticast mode
[  353.155054][T12990] team_slave_0: entered allmulticast mode
[  353.162093][T12990] team_slave_1: entered allmulticast mode
[  353.168154][T12990] bond0: entered allmulticast mode
[  353.173604][T12990] bond_slave_0: entered allmulticast mode
[  353.179447][T12990] bond_slave_1: entered allmulticast mode
[  353.185511][T12990] bridge0: entered allmulticast mode
[  353.198466][T12990] team0: left allmulticast mode
[  353.203766][T12990] team_slave_0: left allmulticast mode
[  353.209588][T12990] team_slave_1: left allmulticast mode
[  353.218091][T12990] bond0: left allmulticast mode
[  353.223222][T12990] bond_slave_0: left allmulticast mode
[  353.228725][T12990] bond_slave_1: left allmulticast mode
[  353.234507][T12990] bridge0: left allmulticast mode
[  353.566456][T12344] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.649727][T12344] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.730754][T12344] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.809006][T12344] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.937929][T12344] bridge_slave_1: left allmulticast mode
[  353.946353][T12344] bridge_slave_1: left promiscuous mode
[  353.952169][T12344] bridge0: port 2(bridge_slave_1) entered disabled state
[  353.965302][T12344] bridge_slave_0: left allmulticast mode
[  353.970989][T12344] bridge_slave_0: left promiscuous mode
[  353.978114][T12344] bridge0: port 1(bridge_slave_0) entered disabled state
[  354.308205][T12344] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  354.321712][T12344] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  354.343659][T12344] bond0 (unregistering): Released all slaves
[  355.308600][T12344] hsr_slave_0: left promiscuous mode
[  355.360951][T12344] hsr_slave_1: left promiscuous mode
[  355.385627][T12344] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  355.412066][T12344] batman_adv: batadv0: Removing interface: batadv_slave_0
[  355.422803][T13043] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1889'.
[  355.448298][T12344] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  355.467819][T12344] batman_adv: batadv0: Removing interface: batadv_slave_1
[  355.509070][T13024] Bluetooth: MGMT ver 1.22
[  355.511496][T13043] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1889'.
[  355.596164][T12344] veth1_macvtap: left promiscuous mode
[  355.627725][T12344] veth0_macvtap: left promiscuous mode
[  355.635323][ T5111] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  355.646999][ T5111] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  355.662703][ T5111] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  355.676500][ T5111] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  355.679825][T12344] veth1_vlan: left promiscuous mode
[  355.691574][ T5111] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  355.701101][ T5111] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  355.711485][T12344] veth0_vlan: left promiscuous mode
[  355.713608][T13055] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  355.785796][T13050] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  355.882459][T13050] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  356.059144][T13064] xt_l2tp: v2 sid > 0xffff: 16777216
[  356.719910][T12344] team0 (unregistering): Port device team_slave_1 removed
[  356.761742][T12344] team0 (unregistering): Port device team_slave_0 removed
[  357.244014][T13065] lo speed is unknown, defaulting to 1000
[  357.599765][ T5111] Bluetooth: hci0: command 0x0405 tx timeout
[  357.752660][ T5111] Bluetooth: hci3: command tx timeout
[  357.964218][T13065] lo speed is unknown, defaulting to 1000
[  357.978212][T13052] lo speed is unknown, defaulting to 1000
[  358.122953][T13108] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1901'.
[  358.475294][T13116] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1902'.
[  358.672145][T13052] lo speed is unknown, defaulting to 1000
[  358.683743][T13125] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1903'.
[  358.713130][T13125] lo speed is unknown, defaulting to 1000
[  358.733654][T13118] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1903'.
[  358.906773][T13128] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1906'.
[  359.627845][T13160] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1909'.
[  359.654401][T13155] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1909'.
[  359.714049][T13052] chnl_net:caif_netlink_parms(): no params data found
[  359.802775][T13166] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1912'.
[  359.837865][ T5111] Bluetooth: hci3: command tx timeout
[  360.096774][T13052] bridge0: port 1(bridge_slave_0) entered blocking state
[  360.117549][T13052] bridge0: port 1(bridge_slave_0) entered disabled state
[  360.134759][T13052] bridge_slave_0: entered allmulticast mode
[  360.143277][T13052] bridge_slave_0: entered promiscuous mode
[  360.196219][T13052] bridge0: port 2(bridge_slave_1) entered blocking state
[  360.220475][T13052] bridge0: port 2(bridge_slave_1) entered disabled state
[  360.240527][T13052] bridge_slave_1: entered allmulticast mode
[  360.258635][T13052] bridge_slave_1: entered promiscuous mode
[  360.382893][T13052] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  360.427052][T13052] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  360.488762][T13195] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1919'.
[  360.525044][T13195] 8021q: adding VLAN 0 to HW filter on device batadv1
[  360.661802][T13052] team0: Port device team_slave_0 added
[  360.695329][T13052] team0: Port device team_slave_1 added
[  360.886585][T13052] batman_adv: batadv0: Adding interface: batadv_slave_0
[  360.898407][T13221] netlink: 'syz.4.1923': attribute type 7 has an invalid length.
[  360.915221][T13052] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  360.943106][T13221] netlink: 134780 bytes leftover after parsing attributes in process `syz.4.1923'.
[  360.980310][T13052] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  361.026930][T13052] batman_adv: batadv0: Adding interface: batadv_slave_1
[  361.070708][T13052] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  361.119628][T13052] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  361.284824][T13235] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1926'.
[  361.453544][T13052] hsr_slave_0: entered promiscuous mode
[  361.490431][T13052] hsr_slave_1: entered promiscuous mode
[  361.765348][T13248] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  361.912662][ T5111] Bluetooth: hci3: command tx timeout
[  362.339589][T13257] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1933'.
[  363.919530][T13281] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1940'.
[  363.953914][T13293] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1943'.
[  363.992570][ T5111] Bluetooth: hci3: command tx timeout
[  364.471284][T13052] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  364.494973][T13052] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  364.517546][T13052] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  364.593289][T13052] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  364.717606][T13320] FAULT_INJECTION: forcing a failure.
[  364.717606][T13320] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  364.751058][T13320] CPU: 0 PID: 13320 Comm: syz.2.1951 Not tainted 6.10.0-rc6-syzkaller-01259-g3abbd7ed8b76 #0
[  364.761299][T13320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  364.771396][T13320] Call Trace:
[  364.774724][T13320]  <TASK>
[  364.777699][T13320]  dump_stack_lvl+0x241/0x360
[  364.782431][T13320]  ? __pfx_dump_stack_lvl+0x10/0x10
[  364.787674][T13320]  ? __pfx__printk+0x10/0x10
[  364.792660][T13320]  ? __pfx_lock_release+0x10/0x10
[  364.797775][T13320]  should_fail_ex+0x3b0/0x4e0
[  364.802598][T13320]  _copy_from_user+0x2f/0xe0
[  364.807253][T13320]  tcp_repair_options_est+0x19c/0x690
[  364.812769][T13320]  ? __pfx_tcp_repair_options_est+0x10/0x10
[  364.818738][T13320]  do_tcp_setsockopt+0x1a9d/0x2540
[  364.824079][T13320]  ? __pfx_do_tcp_setsockopt+0x10/0x10
[  364.829588][T13320]  ? __pfx_aa_sk_perm+0x10/0x10
[  364.834577][T13320]  ? __pfx_lock_acquire+0x10/0x10
[  364.839641][T13320]  ? aa_sock_opt_perm+0x79/0x120
[  364.844677][T13320]  ? tcp_setsockopt+0x3e/0xf0
[  364.849401][T13320]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  364.855860][T13320]  do_sock_setsockopt+0x3af/0x720
[  364.860947][T13320]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  364.866540][T13320]  ? __fget_files+0x29/0x470
[  364.871189][T13320]  ? __fget_files+0x3f6/0x470
[  364.875930][T13320]  __sys_setsockopt+0x1ae/0x250
[  364.880845][T13320]  __x64_sys_setsockopt+0xb5/0xd0
[  364.885924][T13320]  do_syscall_64+0xf3/0x230
[  364.890254][T13325] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1952'.
[  364.890453][T13320]  ? clear_bhb_loop+0x35/0x90
[  364.901851][T13052] 8021q: adding VLAN 0 to HW filter on device bond0
[  364.904049][T13320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.904082][T13320] RIP: 0033:0x7f84e0f75bd9
[  364.904105][T13320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  364.904125][T13320] RSP: 002b:00007f84e1cbe048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  364.904153][T13320] RAX: ffffffffffffffda RBX: 00007f84e1103f60 RCX: 00007f84e0f75bd9
[  364.904172][T13320] RDX: 0000000000000016 RSI: 0000000000000006 RDI: 0000000000000003
[  364.904187][T13320] RBP: 00007f84e1cbe0a0 R08: 0000000020000149 R09: 0000000000000000
[  364.904204][T13320] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000002
[  364.904219][T13320] R13: 000000000000000b R14: 00007f84e1103f60 R15: 00007ffecc57d278
[  364.904255][T13320]  </TASK>
[  365.119574][T13052] 8021q: adding VLAN 0 to HW filter on device team0
[  365.165294][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  365.172546][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  365.227231][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  365.234506][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  365.651743][T13352] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  366.109360][T13052] 8021q: adding VLAN 0 to HW filter on device batadv0
[  366.318015][T13052] veth0_vlan: entered promiscuous mode
[  366.361843][T13052] veth1_vlan: entered promiscuous mode
[  366.436884][T13387] netlink: 'syz.4.1969': attribute type 1 has an invalid length.
[  366.448082][T13387] netlink: 'syz.4.1969': attribute type 3 has an invalid length.
[  366.460985][T13387] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.1969'.
[  366.591876][T13052] veth0_macvtap: entered promiscuous mode
[  366.627228][T13052] veth1_macvtap: entered promiscuous mode
[  366.695324][T13052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  366.732278][T13052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  366.742176][T13052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  366.776462][T13052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  366.802816][T13052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  366.852418][T13052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  366.862606][T13400] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  366.882409][T13052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  366.912416][T13052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  366.944537][T13052] batman_adv: batadv0: Interface activated: batadv_slave_0
[  366.998623][T13052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  367.037461][T13052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.068324][T13052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  367.090122][T13052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.101865][T13052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  367.113642][T13052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.124384][T13052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  367.135660][T13052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.147969][T13052] batman_adv: batadv0: Interface activated: batadv_slave_1
[  367.191649][T13052] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  367.233559][T13052] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  367.255152][T13052] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  367.264599][T13052] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  367.310713][T13416] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1978'.
[  367.452567][T13419] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1978'.
[  367.636679][T12346] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  367.640803][T13429] FAULT_INJECTION: forcing a failure.
[  367.640803][T13429] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  367.670414][T12346] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  367.726364][T13429] CPU: 1 PID: 13429 Comm: syz.4.1983 Not tainted 6.10.0-rc6-syzkaller-01259-g3abbd7ed8b76 #0
[  367.736595][T13429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  367.746693][T13429] Call Trace:
[  367.750008][T13429]  <TASK>
[  367.752976][T13429]  dump_stack_lvl+0x241/0x360
[  367.757702][T13429]  ? __pfx_dump_stack_lvl+0x10/0x10
[  367.762943][T13429]  ? __pfx__printk+0x10/0x10
[  367.767585][T13429]  ? snprintf+0xda/0x120
[  367.771913][T13429]  should_fail_ex+0x3b0/0x4e0
[  367.776653][T13429]  _copy_to_user+0x2f/0xb0
[  367.781115][T13429]  simple_read_from_buffer+0xca/0x150
[  367.786541][T13429]  proc_fail_nth_read+0x1e9/0x250
[  367.791632][T13429]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  367.797223][T13429]  ? rw_verify_area+0x520/0x6b0
[  367.802092][T13429]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  367.807652][T13429]  vfs_read+0x204/0xbc0
[  367.811854][T13429]  ? __pfx_lock_release+0x10/0x10
[  367.816894][T13429]  ? do_sock_setsockopt+0x3e2/0x720
[  367.822141][T13429]  ? __pfx_vfs_read+0x10/0x10
[  367.826922][T13429]  ? __fget_files+0x29/0x470
[  367.831547][T13429]  ? __fget_files+0x3f6/0x470
[  367.836269][T13429]  ksys_read+0x1a0/0x2c0
[  367.840544][T13429]  ? __pfx_ksys_read+0x10/0x10
[  367.845410][T13429]  ? do_syscall_64+0x100/0x230
[  367.850210][T13429]  ? do_syscall_64+0xb6/0x230
[  367.854915][T13429]  do_syscall_64+0xf3/0x230
[  367.859426][T13429]  ? clear_bhb_loop+0x35/0x90
[  367.864116][T13429]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.870023][T13429] RIP: 0033:0x7fbc20b746bc
[  367.874544][T13429] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  367.894180][T13429] RSP: 002b:00007fbc21a32040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  367.902617][T13429] RAX: ffffffffffffffda RBX: 00007fbc20d03f60 RCX: 00007fbc20b746bc
[  367.910609][T13429] RDX: 000000000000000f RSI: 00007fbc21a320b0 RDI: 0000000000000004
[  367.918589][T13429] RBP: 00007fbc21a320a0 R08: 0000000000000000 R09: 0000000000000000
[  367.926569][T13429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.934546][T13429] R13: 000000000000004d R14: 00007fbc20d03f60 R15: 00007ffe3f689938
[  367.942540][T13429]  </TASK>
[  367.950076][T12346] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  367.958046][T12346] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  367.981130][T13427] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  368.077574][T13437] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1987'.
[  368.129187][T13439] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  368.856007][T13459] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1997'.
[  368.887920][T13462] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1996'.
[  369.241848][T13468] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1999'.
[  369.322751][T13471] netlink: 9412 bytes leftover after parsing attributes in process `syz.0.2001'.
[  369.358817][T13471] tunl0: entered promiscuous mode
[  369.366959][T13473] FAULT_INJECTION: forcing a failure.
[  369.366959][T13473] name failslab, interval 1, probability 0, space 0, times 0
[  369.370078][T13471] netlink: 'syz.0.2001': attribute type 1 has an invalid length.
[  369.388808][T13473] CPU: 0 PID: 13473 Comm: syz.1.2002 Not tainted 6.10.0-rc6-syzkaller-01259-g3abbd7ed8b76 #0
[  369.399019][T13473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  369.403588][T13471] netlink: 9 bytes leftover after parsing attributes in process `syz.0.2001'.
[  369.409087][T13473] Call Trace:
[  369.409131][T13473]  <TASK>
[  369.409144][T13473]  dump_stack_lvl+0x241/0x360
[  369.429007][T13473]  ? __pfx_dump_stack_lvl+0x10/0x10
[  369.434270][T13473]  ? __pfx__printk+0x10/0x10
[  369.438901][T13473]  ? __pfx___might_resched+0x10/0x10
[  369.444235][T13473]  ? dynamic_dname+0x141/0x1b0
[  369.449052][T13473]  should_fail_ex+0x3b0/0x4e0
[  369.453782][T13473]  ? tomoyo_encode+0x26f/0x540
[  369.459104][T13473]  should_failslab+0x9/0x20
[  369.463655][T13473]  __kmalloc_noprof+0xd8/0x400
[  369.468477][T13473]  tomoyo_encode+0x26f/0x540
[  369.473108][T13473]  ? __pfx_sockfs_dname+0x10/0x10
[  369.478185][T13473]  tomoyo_realpath_from_path+0x59e/0x5e0
[  369.483869][T13473]  tomoyo_path_number_perm+0x23a/0x880
[  369.489388][T13473]  ? tomoyo_path_number_perm+0x208/0x880
[  369.495066][T13473]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  369.501135][T13473]  ? __fget_files+0x29/0x470
[  369.505773][T13473]  ? __fget_files+0x3f6/0x470
[  369.510492][T13473]  ? __fget_files+0x29/0x470
[  369.515142][T13473]  security_file_ioctl+0x75/0xb0
[  369.520353][T13473]  __se_sys_ioctl+0x47/0x170
[  369.525169][T13473]  do_syscall_64+0xf3/0x230
[  369.529720][T13473]  ? clear_bhb_loop+0x35/0x90
[  369.534451][T13473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.540385][T13473] RIP: 0033:0x7f2f47175bd9
[  369.544843][T13473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  369.564584][T13473] RSP: 002b:00007f2f46bff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  369.573053][T13473] RAX: ffffffffffffffda RBX: 00007f2f47303f60 RCX: 00007f2f47175bd9
[  369.581068][T13473] RDX: 0000000020000000 RSI: 00000000000089e0 RDI: 0000000000000005
[  369.589090][T13473] RBP: 00007f2f46bff0a0 R08: 0000000000000000 R09: 0000000000000000
[  369.597138][T13473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  369.605150][T13473] R13: 000000000000000b R14: 00007f2f47303f60 R15: 00007fff4839e4e8
[  369.613181][T13473]  </TASK>
[  369.632737][T13473] ERROR: Out of memory at tomoyo_realpath_from_path.
[  370.004394][T13493] netlink: 'syz.4.2010': attribute type 10 has an invalid length.
[  370.273629][T13501] FAULT_INJECTION: forcing a failure.
[  370.273629][T13501] name failslab, interval 1, probability 0, space 0, times 0
[  370.310716][T13501] CPU: 1 PID: 13501 Comm: syz.0.2013 Not tainted 6.10.0-rc6-syzkaller-01259-g3abbd7ed8b76 #0
[  370.321104][T13501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  370.331203][T13501] Call Trace:
[  370.334520][T13501]  <TASK>
[  370.337500][T13501]  dump_stack_lvl+0x241/0x360
[  370.342226][T13501]  ? __pfx_dump_stack_lvl+0x10/0x10
[  370.347479][T13501]  ? __pfx__printk+0x10/0x10
[  370.352121][T13501]  ? ref_tracker_alloc+0x332/0x490
[  370.357288][T13501]  should_fail_ex+0x3b0/0x4e0
[  370.362023][T13501]  ? skb_clone+0x20c/0x390
[  370.366499][T13501]  should_failslab+0x9/0x20
[  370.371055][T13501]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  370.376503][T13501]  skb_clone+0x20c/0x390
[  370.380888][T13501]  __netlink_deliver_tap+0x3cc/0x7c0
[  370.386241][T13501]  ? netlink_deliver_tap+0x2e/0x1b0
[  370.391485][T13501]  netlink_deliver_tap+0x19d/0x1b0
[  370.397175][T13501]  netlink_unicast+0x7be/0x990
[  370.402025][T13501]  ? __pfx_netlink_unicast+0x10/0x10
[  370.407425][T13501]  ? __virt_addr_valid+0x183/0x520
[  370.412637][T13501]  ? __check_object_size+0x49c/0x900
[  370.417986][T13501]  ? bpf_lsm_netlink_send+0x9/0x10
[  370.423160][T13501]  netlink_sendmsg+0x8e4/0xcb0
[  370.427993][T13501]  ? __pfx_netlink_sendmsg+0x10/0x10
[  370.433427][T13501]  ? __import_iovec+0x536/0x820
[  370.438320][T13501]  ? aa_sock_msg_perm+0x91/0x160
[  370.443310][T13501]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  370.448633][T13501]  ? security_socket_sendmsg+0x87/0xb0
[  370.454145][T13501]  ? __pfx_netlink_sendmsg+0x10/0x10
[  370.459559][T13501]  __sock_sendmsg+0x221/0x270
[  370.464283][T13501]  ____sys_sendmsg+0x525/0x7d0
[  370.469109][T13501]  ? __pfx_____sys_sendmsg+0x10/0x10
[  370.474475][T13501]  __sys_sendmsg+0x2b0/0x3a0
[  370.479116][T13501]  ? __pfx___sys_sendmsg+0x10/0x10
[  370.484276][T13501]  ? vfs_write+0x7c4/0xc90
[  370.488783][T13501]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  370.495160][T13501]  ? do_syscall_64+0x100/0x230
[  370.499976][T13501]  ? do_syscall_64+0xb6/0x230
[  370.504704][T13501]  do_syscall_64+0xf3/0x230
[  370.509243][T13501]  ? clear_bhb_loop+0x35/0x90
[  370.513973][T13501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.519909][T13501] RIP: 0033:0x7fe2c3375bd9
[  370.524361][T13501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  370.544011][T13501] RSP: 002b:00007fe2c40bb048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  370.552475][T13501] RAX: ffffffffffffffda RBX: 00007fe2c3503f60 RCX: 00007fe2c3375bd9
[  370.560495][T13501] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  370.568512][T13501] RBP: 00007fe2c40bb0a0 R08: 0000000000000000 R09: 0000000000000000
[  370.576526][T13501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  370.584524][T13501] R13: 000000000000000b R14: 00007fe2c3503f60 R15: 00007ffd843451b8
[  370.592623][T13501]  </TASK>
[  370.807801][T13515] netlink: 596 bytes leftover after parsing attributes in process `syz.0.2016'.
[  370.861895][T13515] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  370.872037][T13515] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  370.881639][T13515] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  370.890857][T13515] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  371.146523][  T990] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  371.541143][  T990] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  371.604955][  T990] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  371.669418][  T990] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  371.803176][  T990] bridge_slave_1: left allmulticast mode
[  371.808996][  T990] bridge_slave_1: left promiscuous mode
[  371.817286][  T990] bridge0: port 2(bridge_slave_1) entered disabled state
[  371.836334][  T990] bridge_slave_0: left allmulticast mode
[  371.842645][  T990] bridge_slave_0: left promiscuous mode
[  371.848462][  T990] bridge0: port 1(bridge_slave_0) entered disabled state
[  372.206799][  T990] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  372.219383][  T990] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  372.231178][  T990] bond0 (unregistering): Released all slaves
[  372.621999][  T990] hsr_slave_0: left promiscuous mode
[  372.631533][  T990] hsr_slave_1: left promiscuous mode
[  372.638436][  T990] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  372.646091][  T990] batman_adv: batadv0: Removing interface: batadv_slave_0
[  372.655185][  T990] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  372.663630][  T990] batman_adv: batadv0: Removing interface: batadv_slave_1
[  372.690212][  T990] veth1_macvtap: left promiscuous mode
[  372.702403][  T990] veth0_macvtap: left promiscuous mode
[  372.708148][  T990] veth1_vlan: left promiscuous mode
[  372.717465][  T990] veth0_vlan: left promiscuous mode
[  373.173670][T13536] x_tables: duplicate underflow at hook 1
[  373.528570][ T5105] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  373.541048][ T5105] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  373.550039][ T5105] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  373.563383][ T5105] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  373.572951][ T5105] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  373.582510][ T5105] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  373.879717][  T990] team0 (unregistering): Port device team_slave_1 removed
[  373.935362][  T990] team0 (unregistering): Port device team_slave_0 removed
[  374.591041][T13548] lo speed is unknown, defaulting to 1000
[  375.139209][T13564] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  375.278787][T13548] lo speed is unknown, defaulting to 1000
[  375.293954][T13580] lo speed is unknown, defaulting to 1000
[  375.387254][T13587] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2039'.
[  375.650430][T13548] chnl_net:caif_netlink_parms(): no params data found
[  375.682500][ T5111] Bluetooth: hci3: command tx timeout
[  375.728720][T13580] lo speed is unknown, defaulting to 1000
[  375.728734][T13585] lo speed is unknown, defaulting to 1000
[  375.812953][T13595] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2040'.
[  376.132641][T13548] bridge0: port 1(bridge_slave_0) entered blocking state
[  376.139808][T13548] bridge0: port 1(bridge_slave_0) entered disabled state
[  376.152761][T13548] bridge_slave_0: entered allmulticast mode
[  376.160125][T13548] bridge_slave_0: entered promiscuous mode
[  376.173919][T13585] lo speed is unknown, defaulting to 1000
[  376.179970][T13548] bridge0: port 2(bridge_slave_1) entered blocking state
[  376.189140][T13548] bridge0: port 2(bridge_slave_1) entered disabled state
[  376.208231][T13548] bridge_slave_1: entered allmulticast mode
[  376.226924][T13548] bridge_slave_1: entered promiscuous mode
[  376.395313][   T11] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  376.449279][T13548] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  376.541503][T13548] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  376.621683][T13548] team0: Port device team_slave_0 added
[  376.660496][T13548] team0: Port device team_slave_1 added
[  376.880839][T13548] batman_adv: batadv0: Adding interface: batadv_slave_0
[  376.892418][T13548] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  376.972293][T13548] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  377.021120][T13548] batman_adv: batadv0: Adding interface: batadv_slave_1
[  377.038077][T13548] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  377.065066][T13548] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  377.199115][T13627] Bluetooth: MGMT ver 1.22
[  377.203943][T13627] Bluetooth: hci3: service_discovery: expected 4 bytes, got 7 bytes
[  377.228865][T13626] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2050'.
[  377.249194][T13626] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2050'.
[  377.260891][T13548] hsr_slave_0: entered promiscuous mode
[  377.281234][T13548] hsr_slave_1: entered promiscuous mode
[  377.669837][T13641] tipc: Enabling of bearer <eth:team0> rejected, failed to enable media
[  377.752822][ T5111] Bluetooth: hci3: command tx timeout
[  378.079763][T13650] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2056'.
[  378.094911][T13548] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  378.127819][T13548] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  378.158818][T13548] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  378.210517][T13548] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  378.239538][T13653] x_tables: duplicate underflow at hook 1
[  378.434153][ T5150] lo speed is unknown, defaulting to 1000
[  378.551817][T13548] 8021q: adding VLAN 0 to HW filter on device bond0
[  378.671351][T13548] 8021q: adding VLAN 0 to HW filter on device team0
[  378.704006][ T5153] bridge0: port 1(bridge_slave_0) entered blocking state
[  378.711308][ T5153] bridge0: port 1(bridge_slave_0) entered forwarding state
[  378.755225][T13663] lo speed is unknown, defaulting to 1000
[  378.789163][ T5153] bridge0: port 2(bridge_slave_1) entered blocking state
[  378.796395][ T5153] bridge0: port 2(bridge_slave_1) entered forwarding state
[  378.972868][ T1251] ieee802154 phy1 wpan1: encryption failed: -22
[  378.982048][T13548] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  379.128863][T13672] Bluetooth: hci3: service_discovery: expected 4 bytes, got 7 bytes
[  379.277583][T13663] lo speed is unknown, defaulting to 1000
[  379.526976][T13548] 8021q: adding VLAN 0 to HW filter on device batadv0
[  379.626346][T13548] veth0_vlan: entered promiscuous mode
[  379.833704][ T5111] Bluetooth: hci3: command tx timeout
[  379.937108][T13548] veth1_vlan: entered promiscuous mode
[  380.109283][T13548] veth0_macvtap: entered promiscuous mode
[  380.197592][T13548] veth1_macvtap: entered promiscuous mode
[  380.477447][T13548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  380.494448][T13717] netlink: 'syz.4.2076': attribute type 1 has an invalid length.
[  380.517051][T13548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  380.531008][T13548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  380.559436][T13548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  380.587978][T13548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  380.600043][T13548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  380.611025][T13548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  380.622498][T13548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  380.637295][T13548] batman_adv: batadv0: Interface activated: batadv_slave_0
[  380.725504][T13548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  380.748608][T13548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  380.758962][T13548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  380.769849][T13548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  380.811513][T13548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  380.832215][T13548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  380.882614][T13548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  380.907199][T13548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  380.925086][T13548] batman_adv: batadv0: Interface activated: batadv_slave_1
[  380.939967][T13548] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  380.951586][T13548] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  380.965579][T13548] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  380.975245][T13548] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  381.037852][T13720] lo speed is unknown, defaulting to 1000
[  381.305558][T12346] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  381.342199][T12346] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  381.410813][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  381.434917][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  381.733642][T13720] lo speed is unknown, defaulting to 1000
[  381.774394][T13755] netlink: 'syz.4.2088': attribute type 21 has an invalid length.
[  381.783067][T13755] netlink: 128 bytes leftover after parsing attributes in process `syz.4.2088'.
[  381.792893][T13755] netlink: 'syz.4.2088': attribute type 5 has an invalid length.
[  381.800898][T13755] netlink: 3 bytes leftover after parsing attributes in process `syz.4.2088'.
[  381.987132][T13758] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2089'.
[  382.203124][T13762] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2091'.
[  382.665627][T13779] FAULT_INJECTION: forcing a failure.
[  382.665627][T13779] name failslab, interval 1, probability 0, space 0, times 0
[  382.685796][T13779] CPU: 1 PID: 13779 Comm: syz.0.2097 Not tainted 6.10.0-rc6-syzkaller-01259-g3abbd7ed8b76 #0
[  382.696031][T13779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  382.706319][T13779] Call Trace:
[  382.709639][T13779]  <TASK>
[  382.712608][T13779]  dump_stack_lvl+0x241/0x360
[  382.717358][T13779]  ? __pfx_dump_stack_lvl+0x10/0x10
[  382.722619][T13779]  ? __pfx__printk+0x10/0x10
[  382.727302][T13779]  should_fail_ex+0x3b0/0x4e0
[  382.732046][T13779]  ? __alloc_skb+0x1c3/0x440
[  382.736690][T13779]  should_failslab+0x9/0x20
[  382.741245][T13779]  kmem_cache_alloc_node_noprof+0x71/0x320
[  382.747119][T13779]  __alloc_skb+0x1c3/0x440
[  382.751586][T13779]  ? __pfx___might_resched+0x10/0x10
[  382.756933][T13779]  ? __pfx___alloc_skb+0x10/0x10
[  382.761920][T13779]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[  382.768081][T13779]  ? security_socket_getpeersec_dgram+0x88/0xb0
[  382.774404][T13779]  netlink_sendmsg+0x638/0xcb0
[  382.779210][T13779]  ? __pfx_netlink_sendmsg+0x10/0x10
[  382.784532][T13779]  ? __import_iovec+0x536/0x820
[  382.789400][T13779]  ? aa_sock_msg_perm+0x91/0x160
[  382.794370][T13779]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  382.799674][T13779]  ? security_socket_sendmsg+0x87/0xb0
[  382.805244][T13779]  ? __pfx_netlink_sendmsg+0x10/0x10
[  382.810552][T13779]  __sock_sendmsg+0x221/0x270
[  382.815263][T13779]  ____sys_sendmsg+0x525/0x7d0
[  382.820077][T13779]  ? __pfx_____sys_sendmsg+0x10/0x10
[  382.825402][T13779]  __sys_sendmsg+0x2b0/0x3a0
[  382.830038][T13779]  ? __pfx___sys_sendmsg+0x10/0x10
[  382.835172][T13779]  ? vfs_write+0x7c4/0xc90
[  382.839641][T13779]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  382.845989][T13779]  ? do_syscall_64+0x100/0x230
[  382.850780][T13779]  ? do_syscall_64+0xb6/0x230
[  382.855482][T13779]  do_syscall_64+0xf3/0x230
[  382.860004][T13779]  ? clear_bhb_loop+0x35/0x90
[  382.864710][T13779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.870624][T13779] RIP: 0033:0x7fe2c3375bd9
[  382.875054][T13779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  382.894680][T13779] RSP: 002b:00007fe2c40bb048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  382.903112][T13779] RAX: ffffffffffffffda RBX: 00007fe2c3503f60 RCX: 00007fe2c3375bd9
[  382.911095][T13779] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 000000000000000b
[  382.919081][T13779] RBP: 00007fe2c40bb0a0 R08: 0000000000000000 R09: 0000000000000000
[  382.927077][T13779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  382.935066][T13779] R13: 000000000000000b R14: 00007fe2c3503f60 R15: 00007ffd843451b8
[  382.943071][T13779]  </TASK>
[  383.297982][T13806] lo speed is unknown, defaulting to 1000
[  383.321553][T13809] FAULT_INJECTION: forcing a failure.
[  383.321553][T13809] name failslab, interval 1, probability 0, space 0, times 0
[  383.340907][T13809] CPU: 0 PID: 13809 Comm: syz.1.2104 Not tainted 6.10.0-rc6-syzkaller-01259-g3abbd7ed8b76 #0
[  383.351133][T13809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  383.361496][T13809] Call Trace:
[  383.364832][T13809]  <TASK>
[  383.367798][T13809]  dump_stack_lvl+0x241/0x360
[  383.372532][T13809]  ? __pfx_dump_stack_lvl+0x10/0x10
[  383.378044][T13809]  ? __pfx__printk+0x10/0x10
[  383.382858][T13809]  ? __pfx___might_resched+0x10/0x10
[  383.388289][T13809]  should_fail_ex+0x3b0/0x4e0
[  383.393029][T13809]  ? rxrpc_alloc_peer+0x80/0x340
[  383.398023][T13809]  should_failslab+0x9/0x20
[  383.402577][T13809]  kmalloc_trace_noprof+0x6c/0x2c0
[  383.407916][T13809]  rxrpc_alloc_peer+0x80/0x340
[  383.412741][T13809]  ? rxrpc_lookup_peer+0x259/0x8b0
[  383.417934][T13809]  rxrpc_lookup_peer+0x3ea/0x8b0
[  383.422930][T13809]  rxrpc_do_sendmsg+0xdaf/0x1910
[  383.427951][T13809]  ? __pfx_rxrpc_do_sendmsg+0x10/0x10
[  383.433388][T13809]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  383.439241][T13809]  ? do_raw_spin_unlock+0x13c/0x8b0
[  383.444593][T13809]  ? rxrpc_sendmsg+0x578/0x920
[  383.449493][T13809]  ? __pfx_rxrpc_sendmsg+0x10/0x10
[  383.454629][T13809]  __sock_sendmsg+0x221/0x270
[  383.459420][T13809]  ____sys_sendmsg+0x525/0x7d0
[  383.464222][T13809]  ? __pfx_____sys_sendmsg+0x10/0x10
[  383.469553][T13809]  __sys_sendmsg+0x2b0/0x3a0
[  383.474176][T13809]  ? __pfx___sys_sendmsg+0x10/0x10
[  383.479311][T13809]  ? vfs_write+0x7c4/0xc90
[  383.483785][T13809]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  383.490133][T13809]  ? do_syscall_64+0x100/0x230
[  383.494931][T13809]  ? do_syscall_64+0xb6/0x230
[  383.499625][T13809]  do_syscall_64+0xf3/0x230
[  383.504144][T13809]  ? clear_bhb_loop+0x35/0x90
[  383.508846][T13809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.514757][T13809] RIP: 0033:0x7f2f47175bd9
[  383.519186][T13809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  383.539247][T13809] RSP: 002b:00007f2f46bff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  383.547685][T13809] RAX: ffffffffffffffda RBX: 00007f2f47303f60 RCX: 00007f2f47175bd9
[  383.555762][T13809] RDX: 000000000000ff00 RSI: 0000000020000000 RDI: 0000000000000005
[  383.563755][T13809] RBP: 00007f2f46bff0a0 R08: 0000000000000000 R09: 0000000000000000
[  383.571831][T13809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  383.579835][T13809] R13: 000000000000000b R14: 00007f2f47303f60 R15: 00007fff4839e4e8
[  383.587874][T13809]  </TASK>
[  383.628177][T13810] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2105'.
[  384.036050][T12338] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.191156][T13814] lo speed is unknown, defaulting to 1000
[  384.193339][T13806] lo speed is unknown, defaulting to 1000
[  384.494558][T12338] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.525348][T13814] lo speed is unknown, defaulting to 1000
[  384.697753][T12338] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.871140][T12338] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.112040][T12338] bridge_slave_1: left allmulticast mode
[  385.131283][T12338] bridge_slave_1: left promiscuous mode
[  385.137489][T12338] bridge0: port 2(bridge_slave_1) entered disabled state
[  385.178333][T12338] bridge_slave_0: left allmulticast mode
[  385.191259][T12338] bridge_slave_0: left promiscuous mode
[  385.209909][T12338] bridge0: port 1(bridge_slave_0) entered disabled state
[  385.635130][T12338] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  385.648090][T12338] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  385.660680][T12338] bond0 (unregistering): Released all slaves
[  386.394373][T12338] hsr_slave_0: left promiscuous mode
[  386.413274][T12338] hsr_slave_1: left promiscuous mode
[  386.423481][T12338] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  386.430966][T12338] batman_adv: batadv0: Removing interface: batadv_slave_0
[  386.451592][T12338] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  386.467845][T12338] batman_adv: batadv0: Removing interface: batadv_slave_1
[  386.562638][T12338] veth1_macvtap: left promiscuous mode
[  386.568263][T12338] veth0_macvtap: left promiscuous mode
[  386.583270][T12338] veth1_vlan: left promiscuous mode
[  386.588809][T12338] veth0_vlan: left promiscuous mode
[  386.746545][ T5105] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  386.758550][ T5105] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  386.783633][ T5105] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  386.801026][ T5105] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  386.813219][ T5105] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  386.821952][ T5105] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  387.511940][T12338] team0 (unregistering): Port device team_slave_1 removed
[  387.579825][T12338] team0 (unregistering): Port device team_slave_0 removed
[  388.242349][T13868] lo speed is unknown, defaulting to 1000
[  388.424732][T13887] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2123'.
[  388.807020][T13868] lo speed is unknown, defaulting to 1000
[  388.807074][T13884] lo speed is unknown, defaulting to 1000
[  388.873432][ T5111] Bluetooth: hci3: command tx timeout
[  389.010202][T13914] SET target dimension over the limit!
[  389.184197][T13884] lo speed is unknown, defaulting to 1000
[  389.600275][T13868] chnl_net:caif_netlink_parms(): no params data found
[  390.109983][T13868] bridge0: port 1(bridge_slave_0) entered blocking state
[  390.128079][T13868] bridge0: port 1(bridge_slave_0) entered disabled state
[  390.139876][T13868] bridge_slave_0: entered allmulticast mode
[  390.162484][T13868] bridge_slave_0: entered promiscuous mode
[  390.193591][T13868] bridge0: port 2(bridge_slave_1) entered blocking state
[  390.228445][T13868] bridge0: port 2(bridge_slave_1) entered disabled state
[  390.247287][T13868] bridge_slave_1: entered allmulticast mode
[  390.272937][T13868] bridge_slave_1: entered promiscuous mode
[  390.376325][T13868] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  390.425655][T13868] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  390.650307][T13868] team0: Port device team_slave_0 added
[  390.673082][T13955] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2141'.
[  390.701261][T13868] team0: Port device team_slave_1 added
[  390.748697][T13959] FAULT_INJECTION: forcing a failure.
[  390.748697][T13959] name failslab, interval 1, probability 0, space 0, times 0
[  390.802659][T13959] CPU: 0 PID: 13959 Comm: syz.1.2143 Not tainted 6.10.0-rc6-syzkaller-01259-g3abbd7ed8b76 #0
[  390.812896][T13959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  390.822969][T13959] Call Trace:
[  390.826261][T13959]  <TASK>
[  390.829218][T13959]  dump_stack_lvl+0x241/0x360
[  390.834104][T13959]  ? __pfx_dump_stack_lvl+0x10/0x10
[  390.839333][T13959]  ? __pfx__printk+0x10/0x10
[  390.843954][T13959]  ? netlink_insert+0x10b7/0x14b0
[  390.849000][T13959]  should_fail_ex+0x3b0/0x4e0
[  390.853704][T13959]  ? __alloc_skb+0x1c3/0x440
[  390.858487][T13959]  should_failslab+0x9/0x20
[  390.863015][T13959]  kmem_cache_alloc_node_noprof+0x71/0x320
[  390.868851][T13959]  __alloc_skb+0x1c3/0x440
[  390.873297][T13959]  ? __pfx___alloc_skb+0x10/0x10
[  390.878252][T13959]  ? netlink_autobind+0xd6/0x2f0
[  390.883203][T13959]  ? netlink_autobind+0x2b0/0x2f0
[  390.888256][T13959]  netlink_sendmsg+0x638/0xcb0
[  390.893045][T13959]  ? __pfx_netlink_sendmsg+0x10/0x10
[  390.898349][T13959]  ? __import_iovec+0x536/0x820
[  390.903217][T13959]  ? aa_sock_msg_perm+0x91/0x160
[  390.908176][T13959]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  390.913472][T13959]  ? security_socket_sendmsg+0x87/0xb0
[  390.918948][T13959]  ? __pfx_netlink_sendmsg+0x10/0x10
[  390.924335][T13959]  __sock_sendmsg+0x221/0x270
[  390.929040][T13959]  ____sys_sendmsg+0x525/0x7d0
[  390.933834][T13959]  ? __pfx_____sys_sendmsg+0x10/0x10
[  390.939153][T13959]  __sys_sendmsg+0x2b0/0x3a0
[  390.944028][T13959]  ? __pfx___sys_sendmsg+0x10/0x10
[  390.949164][T13959]  ? vfs_write+0x7c4/0xc90
[  390.953632][T13959]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  390.959972][T13959]  ? do_syscall_64+0x100/0x230
[  390.964755][T13959]  ? do_syscall_64+0xb6/0x230
[  390.969538][T13959]  do_syscall_64+0xf3/0x230
[  390.974064][T13959]  ? clear_bhb_loop+0x35/0x90
[  390.978820][T13959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.984730][T13959] RIP: 0033:0x7f2f47175bd9
[  390.989176][T13959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  391.008795][T13959] RSP: 002b:00007f2f46bff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  391.017227][T13959] RAX: ffffffffffffffda RBX: 00007f2f47303f60 RCX: 00007f2f47175bd9
[  391.025246][T13959] RDX: 0000000000000000 RSI: 0000000020001240 RDI: 0000000000000006
[  391.033242][T13959] RBP: 00007f2f46bff0a0 R08: 0000000000000000 R09: 0000000000000000
[  391.041226][T13959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  391.049211][T13959] R13: 000000000000000b R14: 00007f2f47303f60 R15: 00007fff4839e4e8
[  391.057219][T13959]  </TASK>
[  391.068860][ T5111] Bluetooth: hci3: command tx timeout
[  391.192127][T13868] batman_adv: batadv0: Adding interface: batadv_slave_0
[  391.209363][T13868] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  391.265728][T13868] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  391.280249][T13868] batman_adv: batadv0: Adding interface: batadv_slave_1
[  391.291307][T13868] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  391.318909][T13868] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  391.437669][T13868] hsr_slave_0: entered promiscuous mode
[  391.463256][T13868] hsr_slave_1: entered promiscuous mode
[  391.814952][T13984] lo speed is unknown, defaulting to 1000
[  391.895765][T13986] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2153'.
[  391.996005][T12344] ==================================================================
[  392.004130][T12344] BUG: KASAN: slab-use-after-free in l2tp_session_delete+0x28/0x9e0
[  392.012153][T12344] Write of size 8 at addr ffff88806b359808 by task kworker/u8:14/12344
[  392.020511][T12344] 
[  392.022863][T12344] CPU: 0 PID: 12344 Comm: kworker/u8:14 Not tainted 6.10.0-rc6-syzkaller-01259-g3abbd7ed8b76 #0
[  392.033570][T12344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  392.043666][T12344] Workqueue: l2tp l2tp_tunnel_del_work
[  392.049191][T12344] Call Trace:
[  392.052507][T12344]  <TASK>
[  392.055472][T12344]  dump_stack_lvl+0x241/0x360
[  392.060193][T12344]  ? __pfx_dump_stack_lvl+0x10/0x10
[  392.065434][T12344]  ? __pfx__printk+0x10/0x10
[  392.070062][T12344]  ? _printk+0xd5/0x120
[  392.074255][T12344]  ? __virt_addr_valid+0x183/0x520
[  392.079390][T12344]  ? __virt_addr_valid+0x183/0x520
[  392.084534][T12344]  print_report+0x169/0x550
[  392.089051][T12344]  ? __virt_addr_valid+0x183/0x520
[  392.094175][T12344]  ? __virt_addr_valid+0x183/0x520
[  392.099381][T12344]  ? __virt_addr_valid+0x44e/0x520
[  392.104593][T12344]  ? __phys_addr+0xba/0x170
[  392.109109][T12344]  ? l2tp_session_delete+0x28/0x9e0
[  392.114326][T12344]  kasan_report+0x143/0x180
[  392.118842][T12344]  ? l2tp_session_delete+0x28/0x9e0
[  392.124053][T12344]  kasan_check_range+0x282/0x290
[  392.129007][T12344]  l2tp_session_delete+0x28/0x9e0
[  392.134042][T12344]  ? l2tp_tunnel_del_work+0x1d3/0x330
[  392.139522][T12344]  l2tp_tunnel_del_work+0x1cb/0x330
[  392.144734][T12344]  ? process_scheduled_works+0x945/0x1830
[  392.150481][T12344]  process_scheduled_works+0xa2c/0x1830
[  392.156052][T12344]  ? __pfx_process_scheduled_works+0x10/0x10
[  392.162048][T12344]  ? assign_work+0x364/0x3d0
[  392.166746][T12344]  worker_thread+0x86d/0xd50
[  392.171359][T12344]  ? __kthread_parkme+0x169/0x1d0
[  392.176397][T12344]  ? __pfx_worker_thread+0x10/0x10
[  392.181684][T12344]  kthread+0x2f0/0x390
[  392.185773][T12344]  ? __pfx_worker_thread+0x10/0x10
[  392.190892][T12344]  ? __pfx_kthread+0x10/0x10
[  392.195497][T12344]  ret_from_fork+0x4b/0x80
[  392.199931][T12344]  ? __pfx_kthread+0x10/0x10
[  392.204663][T12344]  ret_from_fork_asm+0x1a/0x30
[  392.209455][T12344]  </TASK>
[  392.212479][T12344] 
[  392.214802][T12344] Allocated by task 13962:
[  392.219316][T12344]  kasan_save_track+0x3f/0x80
[  392.224005][T12344]  __kasan_kmalloc+0x98/0xb0
[  392.228609][T12344]  __kmalloc_noprof+0x1f9/0x400
[  392.233477][T12344]  l2tp_session_create+0x3b/0xc20
[  392.238516][T12344]  pppol2tp_connect+0xca3/0x17a0
[  392.243467][T12344]  __sys_connect+0x2df/0x310
[  392.248414][T12344]  __x64_sys_connect+0x7a/0x90
[  392.253188][T12344]  do_syscall_64+0xf3/0x230
[  392.257876][T12344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.263786][T12344] 
[  392.266285][T12344] Freed by task 5108:
[  392.270383][T12344]  kasan_save_track+0x3f/0x80
[  392.275090][T12344]  kasan_save_free_info+0x40/0x50
[  392.280141][T12344]  poison_slab_object+0xe0/0x150
[  392.285087][T12344]  __kasan_slab_free+0x37/0x60
[  392.289948][T12344]  kfree+0x149/0x360
[  392.293855][T12344]  __sk_destruct+0x58/0x5f0
[  392.298456][T12344]  rcu_core+0xafd/0x1830
[  392.302709][T12344]  handle_softirqs+0x2c4/0x970
[  392.307483][T12344]  __irq_exit_rcu+0xf4/0x1c0
[  392.312085][T12344]  irq_exit_rcu+0x9/0x30
[  392.316333][T12344]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  392.321977][T12344]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  392.328146][T12344] 
[  392.330477][T12344] Last potentially related work creation:
[  392.336388][T12344]  kasan_save_stack+0x3f/0x60
[  392.341077][T12344]  __kasan_record_aux_stack+0xac/0xc0
[  392.346484][T12344]  call_rcu+0x167/0xa70
[  392.350745][T12344]  pppol2tp_release+0x24b/0x350
[  392.355649][T12344]  sock_close+0xbc/0x240
[  392.359932][T12344]  __fput+0x24a/0x8a0
[  392.364017][T12344]  task_work_run+0x24f/0x310
[  392.368624][T12344]  syscall_exit_to_user_mode+0x168/0x360
[  392.374268][T12344]  do_syscall_64+0x100/0x230
[  392.378906][T12344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.384836][T12344] 
[  392.387184][T12344] The buggy address belongs to the object at ffff88806b359800
[  392.387184][T12344]  which belongs to the cache kmalloc-1k of size 1024
[  392.401332][T12344] The buggy address is located 8 bytes inside of
[  392.401332][T12344]  freed 1024-byte region [ffff88806b359800, ffff88806b359c00)
[  392.415146][T12344] 
[  392.417741][T12344] The buggy address belongs to the physical page:
[  392.424254][T12344] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x6b358
[  392.433030][T12344] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  392.441583][T12344] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  392.449178][T12344] page_type: 0xffffefff(slab)
[  392.453872][T12344] raw: 00fff00000000040 ffff888015041dc0 dead000000000100 dead000000000122
[  392.462614][T12344] raw: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000
[  392.471391][T12344] head: 00fff00000000040 ffff888015041dc0 dead000000000100 dead000000000122
[  392.480199][T12344] head: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000
[  392.488893][T12344] head: 00fff00000000003 ffffea0001acd601 ffffffffffffffff 0000000000000000
[  392.497747][T12344] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  392.506433][T12344] page dumped because: kasan: bad access detected
[  392.512866][T12344] page_owner tracks the page as allocated
[  392.518588][T12344] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 990, tgid 990 (kworker/u8:5), ts 379371557557, free_ts 379366318450
[  392.539439][T12344]  post_alloc_hook+0x1f3/0x230
[  392.544222][T12344]  get_page_from_freelist+0x2e4c/0x2f10
[  392.549889][T12344]  __alloc_pages_noprof+0x256/0x6c0
[  392.555105][T12344]  alloc_slab_page+0x5f/0x120
[  392.559793][T12344]  allocate_slab+0x5a/0x2f0
[  392.564400][T12344]  ___slab_alloc+0xcd1/0x14b0
[  392.569081][T12344]  __slab_alloc+0x58/0xa0
[  392.573524][T12344]  __kmalloc_noprof+0x257/0x400
[  392.578388][T12344]  ieee802_11_parse_elems_full+0xdb/0x2880
[  392.584388][T12344]  ieee80211_ibss_rx_queued_mgmt+0x4c8/0x2d70
[  392.590477][T12344]  ieee80211_iface_work+0x8a5/0xf20
[  392.595693][T12344]  cfg80211_wiphy_work+0x2db/0x490
[  392.600836][T12344]  process_scheduled_works+0xa2c/0x1830
[  392.606502][T12344]  worker_thread+0x86d/0xd50
[  392.611228][T12344]  kthread+0x2f0/0x390
[  392.615338][T12344]  ret_from_fork+0x4b/0x80
[  392.620396][T12344] page last free pid 13681 tgid 13681 stack trace:
[  392.627249][T12344]  free_unref_page+0xd22/0xea0
[  392.632052][T12344]  __slab_free+0x31b/0x3d0
[  392.636641][T12344]  qlist_free_all+0x9e/0x140
[  392.641265][T12344]  kasan_quarantine_reduce+0x14f/0x170
[  392.646750][T12344]  __kasan_slab_alloc+0x23/0x80
[  392.651635][T12344]  __kmalloc_noprof+0x1a3/0x400
[  392.656563][T12344]  tomoyo_realpath_from_path+0xcf/0x5e0
[  392.662407][T12344]  tomoyo_path_perm+0x2b7/0x740
[  392.667274][T12344]  security_inode_getattr+0xd8/0x130
[  392.672600][T12344]  vfs_getattr+0x45/0x430
[  392.676965][T12344]  vfs_fstatat+0xd6/0x190
[  392.681308][T12344]  __x64_sys_newfstatat+0x125/0x1b0
[  392.686631][T12344]  do_syscall_64+0xf3/0x230
[  392.691208][T12344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.697125][T12344] 
[  392.699466][T12344] Memory state around the buggy address:
[  392.705102][T12344]  ffff88806b359700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  392.713256][T12344]  ffff88806b359780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  392.721414][T12344] >ffff88806b359800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  392.729566][T12344]                       ^
[  392.733917][T12344]  ffff88806b359880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  392.742094][T12344]  ffff88806b359900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  392.750166][T12344] ==================================================================
[  392.820820][T12344] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  392.828163][T12344] CPU: 1 PID: 12344 Comm: kworker/u8:14 Not tainted 6.10.0-rc6-syzkaller-01259-g3abbd7ed8b76 #0
[  392.838791][T12344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  392.848940][T12344] Workqueue: l2tp l2tp_tunnel_del_work
[  392.854447][T12344] Call Trace:
[  392.857764][T12344]  <TASK>
[  392.860726][T12344]  dump_stack_lvl+0x241/0x360
[  392.865491][T12344]  ? __pfx_dump_stack_lvl+0x10/0x10
[  392.870734][T12344]  ? __pfx__printk+0x10/0x10
[  392.875366][T12344]  ? preempt_schedule+0xe1/0xf0
[  392.880303][T12344]  ? vscnprintf+0x5d/0x90
[  392.884681][T12344]  panic+0x349/0x860
[  392.888633][T12344]  ? check_panic_on_warn+0x21/0xb0
[  392.893790][T12344]  ? __pfx_panic+0x10/0x10
[  392.898257][T12344]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  392.904366][T12344]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  392.910765][T12344]  ? print_report+0x502/0x550
[  392.915678][T12344]  check_panic_on_warn+0x86/0xb0
[  392.920708][T12344]  ? l2tp_session_delete+0x28/0x9e0
[  392.925962][T12344]  end_report+0x77/0x160
[  392.930250][T12344]  kasan_report+0x154/0x180
[  392.934803][T12344]  ? l2tp_session_delete+0x28/0x9e0
[  392.940052][T12344]  kasan_check_range+0x282/0x290
[  392.945125][T12344]  l2tp_session_delete+0x28/0x9e0
[  392.950194][T12344]  ? l2tp_tunnel_del_work+0x1d3/0x330
[  392.955613][T12344]  l2tp_tunnel_del_work+0x1cb/0x330
[  392.960859][T12344]  ? process_scheduled_works+0x945/0x1830
[  392.966718][T12344]  process_scheduled_works+0xa2c/0x1830
[  392.972336][T12344]  ? __pfx_process_scheduled_works+0x10/0x10
[  392.978361][T12344]  ? assign_work+0x364/0x3d0
[  392.983094][T12344]  worker_thread+0x86d/0xd50
[  392.987733][T12344]  ? __kthread_parkme+0x169/0x1d0
[  392.992809][T12344]  ? __pfx_worker_thread+0x10/0x10
[  392.997966][T12344]  kthread+0x2f0/0x390
[  393.002197][T12344]  ? __pfx_worker_thread+0x10/0x10
[  393.007361][T12344]  ? __pfx_kthread+0x10/0x10
[  393.011995][T12344]  ret_from_fork+0x4b/0x80
[  393.016455][T12344]  ? __pfx_kthread+0x10/0x10
[  393.021088][T12344]  ret_from_fork_asm+0x1a/0x30
[  393.025914][T12344]  </TASK>
[  393.029261][T12344] Kernel Offset: disabled
[  393.033606][T12344] Rebooting in 86400 seconds..