last executing test programs:

1m17.37039477s ago: executing program 4 (id=3615):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000000500)="b2", 0x1}, {&(0x7f0000002800)="cf", 0x1}, {&(0x7f00000005c0)="0b17d35c5f5ef9b4796cfd7d1c6fe8f37dcc84ad19471cc5fd96e24f20862075a33633127d9816020f0508db1cb902ae543f53645ea915e2dc0f932df0dd79e5c5df475b758c41f459a5e6d6c080984a5f5a050be3f18508d80eefcba61dcd31f445b730b88420b694880a3c1b9e44868aeca6b053b7d7b63f6e83a003728264604775c4a0098ba23232b021905b43ca143cd7decccc3897fe4e9eed2174eddab3fb0a029f", 0xa5}, {&(0x7f0000000400)="8a", 0x1}, {&(0x7f0000002b40)='-', 0x1}], 0x5}, 0x3000000}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000001580)="ce", 0x1}, {&(0x7f0000000540)="f2", 0x1}, {&(0x7f0000000680)="d4", 0xfffffd0d}], 0x3}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000003000)="e1", 0x1}, {&(0x7f00000010c0)="fa", 0x1}, {&(0x7f0000001600)="f2", 0x1}], 0x3}}, {{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000140)='N', 0x1}], 0x1}}], 0x4, 0x4004080)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000000)=0x7fffffff, 0x4)

1m4.824634749s ago: executing program 4 (id=3615):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000000500)="b2", 0x1}, {&(0x7f0000002800)="cf", 0x1}, {&(0x7f00000005c0)="0b17d35c5f5ef9b4796cfd7d1c6fe8f37dcc84ad19471cc5fd96e24f20862075a33633127d9816020f0508db1cb902ae543f53645ea915e2dc0f932df0dd79e5c5df475b758c41f459a5e6d6c080984a5f5a050be3f18508d80eefcba61dcd31f445b730b88420b694880a3c1b9e44868aeca6b053b7d7b63f6e83a003728264604775c4a0098ba23232b021905b43ca143cd7decccc3897fe4e9eed2174eddab3fb0a029f", 0xa5}, {&(0x7f0000000400)="8a", 0x1}, {&(0x7f0000002b40)='-', 0x1}], 0x5}, 0x3000000}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000001580)="ce", 0x1}, {&(0x7f0000000540)="f2", 0x1}, {&(0x7f0000000680)="d4", 0xfffffd0d}], 0x3}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000003000)="e1", 0x1}, {&(0x7f00000010c0)="fa", 0x1}, {&(0x7f0000001600)="f2", 0x1}], 0x3}}, {{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000140)='N', 0x1}], 0x1}}], 0x4, 0x4004080)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000000)=0x7fffffff, 0x4)

52.515519232s ago: executing program 4 (id=3615):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000000500)="b2", 0x1}, {&(0x7f0000002800)="cf", 0x1}, {&(0x7f00000005c0)="0b17d35c5f5ef9b4796cfd7d1c6fe8f37dcc84ad19471cc5fd96e24f20862075a33633127d9816020f0508db1cb902ae543f53645ea915e2dc0f932df0dd79e5c5df475b758c41f459a5e6d6c080984a5f5a050be3f18508d80eefcba61dcd31f445b730b88420b694880a3c1b9e44868aeca6b053b7d7b63f6e83a003728264604775c4a0098ba23232b021905b43ca143cd7decccc3897fe4e9eed2174eddab3fb0a029f", 0xa5}, {&(0x7f0000000400)="8a", 0x1}, {&(0x7f0000002b40)='-', 0x1}], 0x5}, 0x3000000}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000001580)="ce", 0x1}, {&(0x7f0000000540)="f2", 0x1}, {&(0x7f0000000680)="d4", 0xfffffd0d}], 0x3}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000003000)="e1", 0x1}, {&(0x7f00000010c0)="fa", 0x1}, {&(0x7f0000001600)="f2", 0x1}], 0x3}}, {{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000140)='N', 0x1}], 0x1}}], 0x4, 0x4004080)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000000)=0x7fffffff, 0x4)

39.58397188s ago: executing program 4 (id=3615):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000000500)="b2", 0x1}, {&(0x7f0000002800)="cf", 0x1}, {&(0x7f00000005c0)="0b17d35c5f5ef9b4796cfd7d1c6fe8f37dcc84ad19471cc5fd96e24f20862075a33633127d9816020f0508db1cb902ae543f53645ea915e2dc0f932df0dd79e5c5df475b758c41f459a5e6d6c080984a5f5a050be3f18508d80eefcba61dcd31f445b730b88420b694880a3c1b9e44868aeca6b053b7d7b63f6e83a003728264604775c4a0098ba23232b021905b43ca143cd7decccc3897fe4e9eed2174eddab3fb0a029f", 0xa5}, {&(0x7f0000000400)="8a", 0x1}, {&(0x7f0000002b40)='-', 0x1}], 0x5}, 0x3000000}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000001580)="ce", 0x1}, {&(0x7f0000000540)="f2", 0x1}, {&(0x7f0000000680)="d4", 0xfffffd0d}], 0x3}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000003000)="e1", 0x1}, {&(0x7f00000010c0)="fa", 0x1}, {&(0x7f0000001600)="f2", 0x1}], 0x3}}, {{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000140)='N', 0x1}], 0x1}}], 0x4, 0x4004080)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000000)=0x7fffffff, 0x4)

22.277357683s ago: executing program 4 (id=3615):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000000500)="b2", 0x1}, {&(0x7f0000002800)="cf", 0x1}, {&(0x7f00000005c0)="0b17d35c5f5ef9b4796cfd7d1c6fe8f37dcc84ad19471cc5fd96e24f20862075a33633127d9816020f0508db1cb902ae543f53645ea915e2dc0f932df0dd79e5c5df475b758c41f459a5e6d6c080984a5f5a050be3f18508d80eefcba61dcd31f445b730b88420b694880a3c1b9e44868aeca6b053b7d7b63f6e83a003728264604775c4a0098ba23232b021905b43ca143cd7decccc3897fe4e9eed2174eddab3fb0a029f", 0xa5}, {&(0x7f0000000400)="8a", 0x1}, {&(0x7f0000002b40)='-', 0x1}], 0x5}, 0x3000000}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000001580)="ce", 0x1}, {&(0x7f0000000540)="f2", 0x1}, {&(0x7f0000000680)="d4", 0xfffffd0d}], 0x3}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000003000)="e1", 0x1}, {&(0x7f00000010c0)="fa", 0x1}, {&(0x7f0000001600)="f2", 0x1}], 0x3}}, {{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000140)='N', 0x1}], 0x1}}], 0x4, 0x4004080)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000000)=0x7fffffff, 0x4)

9.595213103s ago: executing program 4 (id=3615):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000000500)="b2", 0x1}, {&(0x7f0000002800)="cf", 0x1}, {&(0x7f00000005c0)="0b17d35c5f5ef9b4796cfd7d1c6fe8f37dcc84ad19471cc5fd96e24f20862075a33633127d9816020f0508db1cb902ae543f53645ea915e2dc0f932df0dd79e5c5df475b758c41f459a5e6d6c080984a5f5a050be3f18508d80eefcba61dcd31f445b730b88420b694880a3c1b9e44868aeca6b053b7d7b63f6e83a003728264604775c4a0098ba23232b021905b43ca143cd7decccc3897fe4e9eed2174eddab3fb0a029f", 0xa5}, {&(0x7f0000000400)="8a", 0x1}, {&(0x7f0000002b40)='-', 0x1}], 0x5}, 0x3000000}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000001580)="ce", 0x1}, {&(0x7f0000000540)="f2", 0x1}, {&(0x7f0000000680)="d4", 0xfffffd0d}], 0x3}}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000003000)="e1", 0x1}, {&(0x7f00000010c0)="fa", 0x1}, {&(0x7f0000001600)="f2", 0x1}], 0x3}}, {{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000140)='N', 0x1}], 0x1}}], 0x4, 0x4004080)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000000)=0x7fffffff, 0x4)

3.39632209s ago: executing program 0 (id=5737):
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x3c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_ID={0x8}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x84}}, 0x0)

3.362489653s ago: executing program 0 (id=5738):
socket$nl_sock_diag(0x10, 0x3, 0x4)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
socket(0x1, 0x3, 0x0)
socket$kcm(0xa, 0x5, 0x3a)
setsockopt(0xffffffffffffffff, 0x5, 0x7f, &(0x7f0000000500)="be880a5e3ff285ce68f89182fc7e7b7e6e3cb4e6844982533449497936630ae4f49e82938a6cb179106caa1a23c11aaa3954dcb445419c9ed2cf5a78ddc89c2d360c9dbb96cda08c317014effeca7a39a88bc3d6ead771b4032ad0718b7f78d101cfb639e9bef5", 0x67)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90724fc60", 0x14}], 0x1}, 0x0) (fail_nth: 1)
socket$kcm(0x10, 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

2.852143703s ago: executing program 0 (id=5744):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000500)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000640)="0036d551863e1902129da79f5986e05288f50e5398660c1a29b0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad61bd500a119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c76d7756bf4fcaff0c23374ec7c4aadbb8b985f14893a91d750e168350685e0f4f079d2d8e79be174ef9355b70719c712c5d15d2e7505a8696b50738", 0xba}, {&(0x7f0000000b80)="316f825a3d29f96a20931582d93d9e540ad20df649e8dcb466c43d055cbea62bb1d2c15e06ca1e5ecc6c138c8b5dab9b4070638a08121b606d605da0889dd7cab1cfe2b3d6285d5b77c466ed0c781870860c5af8acccb3b7f43a50b309e1f9953cea5c63b67aa601982c2bfb361d62e534ab02a97f7d60090a", 0x79}], 0x2}}], 0x1, 0x0)
sendmsg$inet(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="14fafa37bf25f04bda99eefbbdd8d76b8136ee6cfdee25bdb2d1873ce347c730020000400000006fa1bf9f1dc2375eeba25df45aefdb3c49a4e7ffab4ed7181180bde98af644d11f", 0x48}, {&(0x7f0000000300)="997a7e88616a566ed2d8da3839e9beaee15eb04f2e14ce0a50b05f956e43a51023566f7ba4383d0cbd427781ebc6bd5aa486dc6e7288fa16e3d341a77372159a37368b52de7954f729760365ab54daf94b20367e6087ad1a8402d8a067f7289bdd1772d87a9946eb030644abcb8e05ab2d42034a049bac3995dd2f889ccc24a34d0272a2167942f05bf197132abd010c5374d8f35be0865db1c8eb2e857bf586e3b59e1cd929683f911d16926b0225a3ee14fc8e564e51c45de412b14f2c", 0xbe}, {&(0x7f0000000a00)="8434335f6d8d91a2a3efe5291f7ebbc2424bb7ee30459376efe5541dc546f93c4ad4f9343e78f0ab4905fd5197956540e7a587c2be6b3d04eb4e90b3f388e9e046424d32db194919454c842247e2803e333358a28b755829ea3db1cb7dc8a36d06d4fa90d1a26703832ee2bd20d1de95e599e55607491f3fe7f5f93ba4e703e488d72a87f7451a8077dd2da26ca7594570b791064c0d83cac3c1d9e6f75fd0cf1874b4df59bde5209bc2f7350f0518ed7334589f44853ac709e7ff5f648dbe86cd62b8fd7b1268ececc1bf8bf6c793306be164a0db4bbf4911deb3ec61de64530c2af744835bd502371f3c575d0374f2919d36b746852db56cd2a2e090b291ac94e30f81bff4990914d8a6b9d57fc8eb3b4090010100005d5ab51359781a33e794df23103e9a365bf9bc5f4c1c36", 0x12e}, {&(0x7f0000000980)="dfc56286b56ecc486c04bc14504d983be1f4ef618879be74e47bb41ea0ec8db85da5cfdb43e07b8cc7860bc152943651075c35a9e715afc516b3c84a77236602539578c21fa41ba1a52740bba9669431751337c09f", 0x55}], 0x4}, 0xc0)

2.787802457s ago: executing program 1 (id=5746):
r0 = socket$inet(0x2, 0x3, 0x100)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000500)=0x8, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x3c)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000f2850000008200000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8918, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r4, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r5 = socket$kcm(0x29, 0x2, 0x0)
setsockopt$kcm_KCM_RECV_DISABLE(r5, 0x119, 0x1, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000745f0020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0x500d, 0x0, 0x0, 0x0, 0x0, 0xc00d, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x310)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f00000005c0)={0x1, {{0xa, 0x0, 0x0, @mcast1}}, 0x0, 0x2, [{{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @mcast2}}]}, 0x190)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
sendmmsg$alg(0xffffffffffffffff, &(0x7f00000000c0)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000002780)}], 0x1, 0x0)

1.951021591s ago: executing program 0 (id=5754):
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x22000004)
unshare(0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000100)=[{0x30, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = socket(0x2b, 0x1, 0x0)
listen(r2, 0x0)
ioctl$sock_SIOCOUTQNSD(r2, 0x894b, 0x0)
sendto$inet6(r1, &(0x7f0000000100)="ea", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)

1.860975234s ago: executing program 2 (id=5755):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x48}}, 0x0)

1.808003151s ago: executing program 1 (id=5756):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000004c0)={0x0, 0x7a, &(0x7f0000000480)={&(0x7f0000000140)=@updsa={0x138, 0x17, 0x1, 0x0, 0x0, {{@in6=@dev, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@private1}, @in=@multicast2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}}, 0x0)

1.789708647s ago: executing program 3 (id=5757):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x3}, 0x4)
getsockopt$packet_int(r0, 0x107, 0x15, 0x0, &(0x7f0000000100))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000240), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r4=>0x0})
sendmsg$NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, r2, 0x1, 0x0, 0xfffffff0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001540)=ANY=[@ANYBLOB="600000000206050000000000000000000000000011000300686173683a69702c6d61726b000000000900020073797a30000000000500040000000000050005000200000005000100060000001400078008000b40000004f6080008"], 0x60}}, 0x0)
r8 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r8, 0x1}, 0x14}}, 0x0)
sendmsg$SEG6_CMD_DUMPHMAC(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x30, r8, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@SEG6_ATTR_DST={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0xd}}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x26}]}, 0x30}, 0x1, 0x0, 0x0, 0x20008080}, 0x24040091)
r9 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r9, 0x107, 0xd, &(0x7f0000000380)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'veth0_macvtap\x00', <r10=>0x0})
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r11, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r11, 0x0)
r12 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r12, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r12, 0x6, 0x14, &(0x7f0000000900), 0x4)
bind$packet(r9, &(0x7f0000000140)={0x11, 0x0, r10, 0x1, 0x0, 0x6, @remote}, 0x14)
sendmmsg$sock(r9, &(0x7f0000000040)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[@timestamping={{0x14, 0x1, 0x25, 0x7}}], 0x18}}], 0x1, 0x0)

1.727966276s ago: executing program 2 (id=5758):
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)=0xdc39, 0x4)
socket$inet_sctp(0x2, 0x0, 0x84)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000040)="07000000010001", 0x7)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
socket$inet6(0xa, 0x3, 0x2c)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='rdma.current\x00', 0x26e1, 0x0)
r4 = socket$kcm(0x2, 0x1000000000000002, 0x0)
pipe(&(0x7f00000002c0)={<r5=>0xffffffffffffffff})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="88010000100033010000000000000000e0000002000000000000000000000000fe8000000000000000000000000000bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000033000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000eeffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000a00000000000000000000004c00120061656769733132386c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004c001400686d616328736861312d6e656f6e2900"/320, @ANYRESOCT=r1, @ANYRESOCT, @ANYRES32], 0x188}}, 0x40000000)
setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f0000000400)=r5, 0x4)
sendmsg$inet(r4, &(0x7f0000007940)={&(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x20}, 0x10, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="10000008000000000000000007000004"], 0x10}, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_linger(r6, 0x1, 0xd, &(0x7f0000000440)={0x2, 0x3}, 0x8)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r6, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10)
close(r6)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000380)={0x6, 0x200, 0x1, 0x401}, &(0x7f00000003c0)=0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)={0x34, r8, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x200, 0x0, @udp='udp:syz1\x00'}}}}, 0x34}}, 0x0)
r9 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r9, 0x89f2, &(0x7f00000000c0)={'gre0\x00', &(0x7f0000000040)={'syztnl2\x00', 0x0, 0x0, 0x7f81, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}})
ioctl$sock_bt_hci(r0, 0x400448e6, &(0x7f00000000c0)="aa910c8034c3f1a684a62396df0e6b84c9ef7bf08838aa39fe0ee271f7a5db2933c9a0a486519474062938d23e21d44bad66471235b4424181ea438cebd80403d9fdafd1e64ba1eaa8e157f399c5df5e319cae4f508d053272707caed49173f10a8101d13ffecc0f3f7ed64cf8ea5fa1dc98384384d97d1902ff692530674c5893d569909fc8d4fd576bb623b941d2fcdfdd5b07d870bc721ec1fb040517abecbfb8e7e639e47a1f90b0c4112f93416d7fdeacef95b5f0465a4601790aa1f18b11df5ef7e5cb10c6895ea3a090fa6a2a807c007f21c335f20c14149ecb67f9516f3ae4dd0c36df3a0bd430ae09c5906bb99e4b15c93b")

1.679300415s ago: executing program 1 (id=5759):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)

1.526339977s ago: executing program 1 (id=5760):
r0 = socket(0x10, 0x80003, 0x0)
write(r0, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x85)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r3, @ANYBLOB="0c00990000000000000000000800a100ffff0000080026008d0300000800"], 0x40}}, 0x0) (async)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000080)={'veth0_virt_wifi\x00'}) (async)
syz_genetlink_get_family_id$batadv(&(0x7f00000004c0), r0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wg1\x00'}) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa, 0x0, 0x2}}, {{0x5, 0x0, 0x3}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$nl_route(r4, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYRES64, @ANYRESDEC, @ANYBLOB="0000000000000000140012800b0001006d61637365630000040002800c001a800800028004000180"], 0x40}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000006000000030000000200000c00000000000000615f00b99797bbaa11b4c2908f5ebd59a7edebc640a8b3c25d391c2a421c6c52fac9d02cc62c1d646f96d051db413ef06dec399c466591b3cf96a0f3ecb072102241e05ae5cfc1a0318cb29d0a293024f1bef519a197ddd5bcf24c6fe15fbbac8117290f2ee9853b25c567b0a336f512e8288f89bb7b2979a11655cf840ea718b673eba10ab845eae2adb125e381e9b9ef9f6a9f229b543f30f1b996b05605b5105e1d7c95282eb94c3fc3299b141d4888f7c7da825f7af43c9ce2d9c741076c5893ef30a3540dc0a74c206c35733d4f807b863f786bc70d410dfc818a6ab0f72c2766837d2e67fafe36a3a6a6ac8cc719ba6b981894ca350a0f5e4723a3541c8f"], 0x0, 0x2a}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007a000000850000000e00000095"], &(0x7f0000000000)='syzkaller\x00', 0x4, 0xe0, &(0x7f00000000c0)=""/224}, 0x90) (async)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r8 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000180)={'bond0\x00', <r9=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @random="df559fdab89a"}, 0x14) (async)
r10 = socket$nl_route(0x10, 0x3, 0x0) (async)
r11 = socket(0x1, 0x803, 0x0)
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
socket(0x1, 0x803, 0x0) (async)
getsockname$packet(r11, &(0x7f0000000200)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000380)=0x14)
sendmsg$nl_route(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)=ANY=[@ANYBLOB="940000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="444dc9fe000000006400128009000100766c616e000000005400028006000100000000000c000200020000000a000000040004801c0003800c00010068e30000030000000c0001007f000000070000001c0004800c0001000200000060d506000c000100000000000200000008000500", @ANYRES32=r12, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r13], 0x94}}, 0x0) (async)
sendmsg$IPCTNL_MSG_EXP_NEW(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6c0000000002010400000000000000000a00000004000180180002801400018008000100ac14140008000200000000003c0002802c00018014000300fc02000000000000000000000000000014000400200100000000000000000000000000000c0002800500010000000000"], 0x6c}}, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)

1.500786048s ago: executing program 3 (id=5761):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={&(0x7f00000017c0)={0x278, r1, 0x200, 0x70bd29, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x92a, 0x7b}}}}, [@NL80211_ATTR_TX_RATES={0x114, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x80, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x18, 0x2, [{0x0, 0xa}, {0x1}, {0x5, 0x2}, {0x0, 0x6}, {0x7, 0xa}, {0x0, 0x2}, {0x7, 0x6}, {0x1, 0x6}, {0x4, 0x9}, {0x4, 0x8}, {0x4, 0x9}, {0x6}, {0x0, 0x9}, {0x1, 0x7}, {0x3, 0x4}, {0x5}, {0x0, 0x6}, {0x2, 0x1}, {0x1, 0x1}, {0x6, 0x9}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0x800, 0x5, 0x1000, 0xb, 0x0, 0x2, 0x7]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x0, 0x3e, 0x81, 0x5b, 0x0, 0x7, 0x5ab4]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x6, 0x8, 0x6662, 0x0, 0x0, 0x0, 0x1]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_60GHZ={0x2c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0xff, 0x180, 0x9, 0x8000, 0x1, 0x2, 0x2]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x3, 0xaf6, 0x2, 0x4, 0x6, 0x2, 0x9]}}]}, @NL80211_BAND_60GHZ={0x64, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xa, 0x6, 0x5, 0x2800, 0x0, 0x6, 0x8, 0x4c]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0x1e, 0x1, [0x6c, 0x6, 0x6, 0x12, 0x9, 0x1b, 0xb, 0x4, 0x24, 0xb, 0x12, 0x18, 0x36, 0x1, 0x1, 0x48, 0x6, 0x60, 0x6c, 0x24, 0x16, 0x3, 0x6, 0x30, 0x48, 0x60]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x6, 0x3, 0x5d6f, 0x1, 0xfffb, 0x1, 0x5]}}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x36, 0x60, 0x48, 0x2]}]}]}, @NL80211_ATTR_TX_RATES={0x8c, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x84, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x4}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x19, 0x1, [0x6c, 0x1b, 0x30, 0x6c, 0x2c, 0xc, 0x30, 0x48, 0x0, 0x6, 0x1, 0x1, 0x4, 0x9, 0x30, 0xc, 0x30, 0x12, 0x4f, 0x24, 0x1d]}, @NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xb613, 0x7409, 0x7, 0x3c00, 0x400, 0xd, 0x7]}}, @NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x16, 0x0, 0x1b, 0xc, 0x60, 0x2, 0x24, 0x5, 0x17, 0x3, 0x16, 0x13, 0x5, 0x18, 0x2, 0xb, 0xd, 0x2, 0x5, 0x5, 0x48, 0x4, 0xc, 0x6]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xffff, 0x7, 0x1, 0x42c, 0x7, 0x63d6, 0x5, 0x1]}}, @NL80211_TXRATE_HT={0xa, 0x2, [{0x3, 0x9}, {0x4, 0x1}, {0x5, 0x4}, {0x5, 0x6}, {0x6, 0x2}, {0x4, 0xa}]}]}, @NL80211_BAND_60GHZ={0x4}]}, @NL80211_ATTR_TX_RATES={0xb8, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x18, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0xa, 0x2, [{0x1, 0x7}, {0x4, 0x2}, {0x1, 0x7}, {0x1, 0x6}, {0x7, 0x2}, {}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_60GHZ={0x10, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0xc, 0x2, [{0x2, 0x7}, {0x3, 0x9}, {0x3}, {0x1, 0x9}, {0x4, 0xa}, {0x2, 0x8}, {0x4}, {0x0, 0x6}]}]}, @NL80211_BAND_60GHZ={0x4}, @NL80211_BAND_6GHZ={0x3c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x6, 0x1, [0x0, 0x0]}, @NL80211_TXRATE_HT={0x19, 0x2, [{0x1, 0x4}, {0x3, 0x4}, {0x0, 0x4}, {0x4, 0xa}, {0x0, 0x5}, {0x0, 0x5}, {0x1}, {0x1, 0x7}, {0x1, 0x8}, {0x0, 0x9}, {0x4, 0x7}, {0x4, 0x2}, {0x7, 0x7}, {0x7, 0x5}, {0x0, 0x5}, {0x2, 0x9}, {0x7, 0x6}, {0x7, 0x7}, {0x6, 0x5}, {0x6, 0x1}, {0x5}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x0, 0x0, 0x4754]}}]}, @NL80211_BAND_2GHZ={0x4c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xb46f, 0xf99b, 0x7f, 0x5ca, 0x4, 0x7, 0x3, 0x7]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0x0, 0x1ff, 0xff, 0x4f8, 0x3, 0x9]}}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x48, 0x3, 0x30, 0x18]}]}]}]}, 0x278}, 0x1, 0x0, 0x0, 0x20000000}, 0x4040010)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000600)=ANY=[@ANYBLOB="b702000009000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2e6405000000000065060400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002c3f2cc2b7956244cef7baf48e6d2885a09a87507ebfc75b5b0f4e4309ebcdac5f7a860c008cbdd3b4c3b7f28754860c9c781f6410457253e89ad528d985636a86ec0f68f59cd1159a2c2e85d726859a919cc9548a349980d1ccdce27f94bc074c27f81078545c146a0857153b7b8f00034debae58a4ab415b0d7ff0575cc272cd3d7e8d974927676468ff2d86e0ffa894792ed9cf6b40b3cf252a47c05ae8a70d57cc3e067d1867b54d24e20000000000000020009ebf84d3b042d6e432cd080e3b57239f0127473e6ba922aff649609d40b47ec331ccba3cf96f9483ff19a6471bf5abc742d9cbcfb964b11b31034694a6aad86cf08a6c7b2235dc99de9aa3e6b77c7a2877261ed32da90864987f30926c9013eec3b86836ae50447aa5a79f40c235000000453302712c3d8fc4e2b61adb0695e800000000d4f4e91f0000002c33df424d1bafe5725c8a404724f8a4f1cda7997b65954f74097579b91da309b887af2485c2d9ab09b506000000000000000bf7b2ff4602aec1eea200000064881c5630521a08e051374cf05c921a06fb7818000000009dc8d95e0e5b365d10e1004dae58b3b5b89709b0ff47b200000000004000cbef88811dc8c1b27ac7d9a6bb70f60eb9c01dd2fc79b85e4d961498f3a80131d21d856177a2189f45d011ef1da5c6d57bb8fd387ccea9c3899a914e47e82f040000009d81003f927355408f87264797d3fa970949793b94329d580500d1f91c0d22587e05a61e3d8576ca168e88d7a9af95b04a37c27bfffab9abbb31fa8c0080258cfa6d3f166e695f3c56490aeef464d9965d70a50f1282619344f223548e75fa39643adac1322c87ca253ff2fb1882760d6feab16bacdf83c11816dbe959ebc5ec479c8319f73e2249eab0486b110702a481d3b51976a52303056e800b4ae5acc2df636a65eb1d672bf2000000cda8462cc9b16624998be65683321e970000000009b8e20762c1bf4a3eb6769f2b23e842bacd9c685edea0ffa3e975424f8ede49e61a4de808a38ba3512d64dc71867df4eee3f1ff791cf7c9862f98b45852e4b2f78721b978a2df2f2a29a387c6f0576b36038f819286eca99a6a434811cf2a117d775fe986a49fb82cf5f15972d5ab18f1045384501adabb20f7b0e15ff47f1744e2341b59034959a1289ba6e243668e6735305707e3de7652bfc5b60c76deff43a1d6fd6a4180ab723735abbeffe7f2ec3a0bb86f9eddfc0f3d1d503d7a54b49e1ae6c5aa620d27e91aa0aa0ed6fcacfc91fbb4c256409e54daefbb107c381fa729ff5f3907d93430da178d685d7730f5e129438a5214f722096d2986334c2576bef69145d3fbd78a9059e454474f92e65828b018174a9f4738b8c71fbdeac26ab95e02f9a847182766964976b1fccdb9f35721e43e33883cf16ed1343fb7429eb395123b0a4262b7023c22039b9002589a378ed4c6267965af78b861bd025312538cec97966b8973d4e299d9802264d06e40ae118e1d242d1128dcedeb44030df12ef68f78215d65f96eb55db8cbcb060008000d988374f85451a694ffe38a1d03916ff1eec72b31c98d42e1a1bda1290de1a499a5a385b31112a48ba3e6d6849914c1788a7aca37177cc341fff44fec5c5e0abae01c439a1b0311e074e81ae9993b5b3459553e4ece78d4c1501c70f5d81e0725d5b273755c0000000000000000aa4234ff82182952a76233d18e7d49638aeb04e7a9e9e7eafb7c255372795d2d192a0a33cab0f5bf2e93e0544fcdf2df2bc6ce96e5a11993d54f97a23754ac828674dbb93c0ad345715be4a13678b01edf76d8a923655800a2c88cce004505ab45d8f5f88aa887bbce5c18970428516f6099bdbb2cd7a2356397f1a0a23e662e2a6c4834400cbaa41c3c574e6e6aefb7a68da5ec1ae49f968bbe0e0bf9878516f553639f5b4828e92019b61f5874be1c7cdd9482df50bc24a8a1fa10d291390eb84e26a2e8dbeaa45604b05a116c1210a7540bf81005044273f5a8ffc538db289350eb248e483bd8920efcf30a798c2b636243e0a37262ca47dfeefa753ba528f7ba77e825051ce69b4475d7d714ba0c636e6ae9f710411d30ef424aeaabe057c7df6ff8f767bcd9012e1047c686f5ccb76ab3a5df53cbc22ba7ea8f6a8e220bb4d83de1e4dc19d6c1be841503850803bc2c2d5e0e34270a7f1cca0c6c53a8e5f891f7a793a70da62d6d88fbb90d220acc687931b42d6be83ab870da3c0a567f5e65ec0457f4ad2a4ec0b671b36388afd5520a8483a4b11f7d02a41b315f0f9e59f47668d68a74838d6976e12fd45200014041dffacbf60892ec8bd7560686f137a806d3dfaba900b47cac62f828342fff009adb5b2251461a1b9d6ba625b8fe04e69a1a4be2696f0000000086e172932e03000000000000005942e1015642faf21eef40d6e7de3ef62c4bc5ff17e7aeb2841098f845d1cc9ec4eee79c298fb0ba939b13707044e2e9cc0d350438c1c8c6bb9a38c6ac5ca0d9cf1f3d6915f25cb26edfc28b3079b97df32601240e454db103fb0c4a143673a3f160d3a7b83ecd0509ce9eba0c7bf7843799b1b56a234f9eaab8a3f14f1472bb6aaeb8ac9ee4054605558ab31f339f6a4caf2ee2fd01f34dca3300000000000080000000000000000000f59f8e6e00000000c44130098d833a24000000000095e6f945ba9a941cef5e70b8c152321e24b5b29bcf374dcf5a29a35d76e6e2bf8df95462690a4fc9ec8129e92b6ebb4b40a992a75d3c5954d0bfc87db24d856359079b29b3c374d081c300b2cfaa596d24e800ef8e2201f2fb7a9946f89f9f31f7cbd603fd7f8898c70b5c65f2e28f22e1a79a6af3a54861b07f124642e98389557affbdede09b5566a4a1ee73b20846810030a754acddcdafe3ceeeebc0b5f2fedfe7d198e3067f3dbac9441a9ab8409cbbb7e15b9ae3944097de34de2001c8533a3766e6e4c4c4702ccb932a27a3962814cd6aa8fc684beeaa3932efae3a9052be8eec1e95f6ad8d41dd34829503ba4b66e27154cb6e34aa13450522df1723130b6fe347c93f00e40e293c98d849a33f773c743728992f40faccd5c23130a1c6bfd6fc661bca1598137ddd1090ded672f5a48a40cab3f640c8241a364cbdd3f188eec7da7bccafbd5bf28a46f0eecc6b550471b0b0770c6a5a411c0e0b19e15a461e7c6e33ba936e214b013f2819ec6572a43b5cd32b11d7e4f8dcf8f7820a17b7b2ee6178a03351dd25091e46bfd82a3979b9cad109fd6217cd52aa81bdabd50826a674bd16b8f7e6aed12a305366599f5f029a7b24558c027518c669760500002f1c19d16a6f391906000000cc0bbbfb8c698ecc137d96711100e0108d3bd2afed0b2724b14ffbb815622bfd2f635855bed1b164d0a56bd104be069854111c5b26ec3c652b5f0a6b9676dae987ec23456ba05a4dfb15321ef6b76e7e547a688c67ab531cfc784c9f940d9fb0464a6cce635e14b80dc5c1c64e75e6bd5355d84f8df272f18f58c570e7afd83ee77f157c146aa747b728969aeb4aba1d8f9de1b3fb8ab6ea50e884c2ea98e6400bf0c5ae2887cd1da0e57ccfdf5eca2b455247efcc13102846c0a85f20c80007c0ce6efce627b95b8ad3003385de97101678fb2163ecea6e70a77a6fbc089e31a5ccece932229b8f79faa6863d6857c3d9a9710f9f8ad16eeb8342278f311cbc226498028234d21466892983378fe64acbb44f694cd78e43c74aa75505cb1c91b189f8f89f233a05f5cd4e173a373178557843dd705268f74a9e5429945503195aefd6706b584d8408c9652b3fe68500747f7ee8375fa559c3ad195d3795df1a8364cd13acc3256ee4634c73eeb6954d0fcf09ab84df0b8900e0c6fea2ccb600ae7a4b128cae19df160e7c207b89132d1d5bdc9ffc79f0549b82df521817651d5fead5128205b92ccdccc69407ab556217af277af911dbd456dfc43dd061b6c91485dcc208cf0b3d0bf851de413f5de5ec015e296914afab6411109355e027ce04990d9aae251b9deb11b7db45b9f15b7b55d8fdbedd9e6cf891205694f02be8b9ea8ecd41308a0e1b93ae3435bfa88b440b1f701b4d0fc49c82193f27f8023b630ea97edbf3bf421a0a1a2b4ac7bb30bcd1cdd172c0df37408fd6827bb03e8742fc1c7a2befd1299928c5f79e846a8dc7ca648d960a759e6711b69776896a9656d59af6d44bc5348229fa84ae78af8421a22c4b4c17a3d24a4a0104000000000000d77cc4eef51c2b417c8c7458ddd7dd9d1a863bf0a9e1a30a19020490038017a5c7e474c83302a2c2b5c976dacf3dda7191c757f208000000000000005f7ed983f65723fbb36b9b51abb0dbcd335700000000000000000000000000000086666201251aa4f139d0485ffcf89f01639fd1579a3802f720a0215c720a97071f5065a23642a58275dbca444b00e2e5835185d5d5b2796eb0fe32cf3b0633f58ecc7648c3c6efe82f93a3008052416512eea30ea9472e0b456a652883c0907323cf03be193ad0438cdef7a98a1671a1918df310dc4bfd61c3db4819ab1c57b348a8ff1ed36364a20fe846f11d045de81f069bac8425b31c5d08b433562ffb318c1285011f9b78b2401989384311101e452f54661ecdb2514a6ae50dbdd422de0f0f8c670000000000390be79688f80c4c314cb1b14afcaa5d23f9032e0ec51f45f447d6a7c798fcf7e60e2180e289410801e4f03a0e140f388f25b92da1025d8409e171a2336ed71cca86eb4658fe06df286e0e20276b0618eeffd05774f15686cd9d3182ca2fec863875f305fed6baf48a594db12582a38cfdffffffffffffff0cf8d920517835fe7d09cfcb624f6931f1cc6f6b71f58de9ddc38e0c43992f6bc57a718d0cfd197b5324b4e05ef1caa96db3ae1f2f2e5791faba2ebbe1a6faf21f2748fb1fb6743c3ca8af4e6b02518c9b7fdc1b5721eb1c3ed98db25536f74ac7861afc94544e52dcb5c60460a05802e3b437ac977bfa26b887a2443e8d559c58187f004eb82b07937df6e96f77ed551926bec4e0188fae10a35d1c5f1768ac6be829be1827f9df303160df18597efba46f1babc3d74adc31ca71bdab9079e4288881b434484eadde9da6b81802842abd462d546c59d87acc014f81d3414759bda12d2a2c6bc1bfa807bd3101eb227184a61107b6d0618e2a3b842671e084ac3f0ff94dc48b51601247318ab4d1c5106458000000000008000000000000cfee0107e6c2fe8639d926829fdbbd86bf591a8c3c235d8939af9d923f648165881a6c29997234406200b3b1c321cc158dbe17123eace3000000000000000000000000000000000000796de6ae4ae40bdf9a6e8c5dc29562262af9cd54e8e3ecc7e3c8cba0ecc791683496c4e5c1a5729714d9f9031f49b400cd2667b4ea6df54809615a4f973f93e6ccec72f16ff998e29ed99df733680a9d5cea57f99cc139b6ea9014f3000000000000000000000000000000000000feeab45a4046a622b0dceb413e4e39b7317e92cbed46b41ab5115bfb542c933783d750852dfdc6656aaf15e10615a88821f2f1bc53969b52d6852755e7681ad5beda80b38ccd34116b99f50b4fdd967b3f20f260455412b675639a26c76840cce40e323bde9d673fceda0ad6981565c8a183d928903b4f4472dde41b6dcd75314c31e704dfcb222c8359fe88944f852242270c932abfaeece0843d708f5cd25b2a63ae1e79723c1c3c013836b47da0a35d0f34c070000000000000422ae2c148d444dd437a7d2f5e575009bc2d17a199802409329dae8baa58d3de63ad45328a9d4dc1ace543dfe11913c6c6413f8f7a15657d012fea460bb4656a20df1ba474eeaf083ca429689da94ea26932b0ef49f8ea88d7b4c1289314ba789661640f1b5d7cbae103fa95b0035f1e8e866307d4796eab0992704f9e00be4b1af8dfa9e94ad74e607ea9d7d7a95ed5e25cca4db93ea65175973de08f0b4a4dfc90314466b2b94de855c26187581ad809dd2791a0b27ed668ce5357f8a0ce583b26758cbd271e842e7ba84f749d86818435ec52017ed5a927aa27640aff407e0cc59b19ab334e306852008ec8ddcb400da98432dcb6e2373a926024d6df726b4e0d4b07257cb778b9d445663e5bb3490494397bc6b402afc6ad4fdab3a1cc363cc8c7285adbe90de4874f5d886160e173be8c7e7a8f00451202d4ed03a2ae77a8428a67"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x20e, 0xe40, 0xfd000004, &(0x7f00000004c0)="b9180bb76003070c009e40f086dd1fff310000003c0020010010ac14142ee0080001c699da153f0ae0e6e380f60115f683317585d7473ce0ab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x31, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4}, 0x28)

1.436566518s ago: executing program 1 (id=5762):
pipe(&(0x7f0000000d00)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x6, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x1, 0x3}]}, @struct, @int]}, {0x0, [0x61, 0x30, 0x2e, 0x5f]}}, 0x0, 0x4e}, 0x20)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x30, 0x0, 0x0, 0xfffbf038}, {0x6}]}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0xc7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x7151, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={0xffffffffffffffff, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, &(0x7f0000000400), &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r6=>0x0, 0x49, &(0x7f0000000480)=[{}, {}, {}, {}, {}], 0x28, 0x0, 0x0, &(0x7f0000000580), 0x8, 0x6c, 0x8, 0x8, &(0x7f0000000500)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0}, 0x90)
ioctl$SIOCSIFHWADDR(r5, 0x8922, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r7 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18003d000000000000000000009500000000000000", @ANYRESDEC=r1], &(0x7f0000000440)='GPL\x00', 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x3c}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r8}, 0x10)
getsockopt$sock_buf(r7, 0x1, 0x1f, &(0x7f0000000340)=""/166, &(0x7f0000000140)=0xa6)
r9 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000035000b0fd25a806c8c6f94f90424fc60", 0x14}], 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r10 = socket$inet6_dccp(0xa, 0x6, 0x0)
connect$inet6(r10, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x6}, 0x1c)
setsockopt$inet6_int(r10, 0x10d, 0xb, &(0x7f0000000040)=0xd, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet(0x2, 0x3, 0x100)

1.420883653s ago: executing program 2 (id=5763):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x28, r1, 0x1, 0x0, 0x0, {0x9, 0x0, 0x4000}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x28}}, 0x0)

1.381288495s ago: executing program 3 (id=5764):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
recvfrom(r0, 0x0, 0x300, 0x400000000000000, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000180)="0100000000000000", 0x8, 0x0, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10)

1.224170718s ago: executing program 2 (id=5765):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x2e}, @printk={@llx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x72}}]}, &(0x7f0000000080)='GPL\x00'}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x9, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x40}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.222720028s ago: executing program 3 (id=5766):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0xf, 0x0, 0x0, 0x0, 0x0, 0x23000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

1.166682246s ago: executing program 2 (id=5767):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_STATS(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x5, 0x1, 0x801, 0x0, 0x0, {0x1, 0x0, 0x4}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_int(r1, 0x29, 0x46, 0x0, 0x0)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x80, @local, 0x4}]}, &(0x7f0000000140)=0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DIRECTION={0x5}, @NFTA_CT_DREG={0x8}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x7}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)

309.417061ms ago: executing program 3 (id=5768):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = socket$inet6(0xa, 0x3, 0x81)
ioctl$sock_inet6_udp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000000)) (async)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e24, 0x1, @private1, 0x699}, 0x1c) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=@newtaction={0xd8, 0x30, 0xffff, 0x0, 0x0, {}, [{0xc4, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x54, 0x2, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18}, @TCA_GACT_PROB={0xc, 0x3, {0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xd8}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x10, &(0x7f0000000180)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0x10, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000000c0)=r6, 0x4) (async)
sendmsg$unix(r5, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0xa, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0x31}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x76}, @exit={0x95, 0x0, 0x1008}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000040)='syzkaller\x00', 0x2, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x70)

236.068415ms ago: executing program 1 (id=5769):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
ioctl$AUTOFS_IOC_CATATONIC(r0, 0x800443d2, 0x20000002)
connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e24, @loopback}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r3, 0x10d, 0xcf, 0x0, &(0x7f00000000c0))
accept4(r0, &(0x7f0000000000)=@ieee802154={0x24, @long}, &(0x7f0000000080)=0x80, 0x80000)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000140)=0x14)
r4 = socket(0x3, 0x800, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0xb, &(0x7f00000000c0)=@framed={{}, [@printk={@x, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xcf}}]}, &(0x7f0000000080)='syzkaller\x00'}, 0x90)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000880)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x4}, @qdisc_kind_options=@q_ingress={0xc}, @TCA_EGRESS_BLOCK={0x8}]}, 0x40}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x3, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000580), 0xffffffffffffffff)
r11 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r11, 0xc004743e, 0x20001400)
ioctl$TUNSETOFFLOAD(r11, 0x4010744d, 0x20000000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r12, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000000)=[{0x74, 0x0, 0x0, 0x1}, {0x6}]}, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), r9)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r9, 0x8008f511, &(0x7f00000000c0))
sendmsg$SEG6_CMD_GET_TUNSRC(r8, &(0x7f0000000400)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000b00)=ANY=[@ANYBLOB="1000000086dfa63f009de2f82e327590457ba4f60d7fb8b50200c167ddd7c2e011dbc7993b88a286961d8f4e7ca1bdffd9aa18cba9553e606ace3ad58bf00a56c6cc30bd9f7927f02ebdc587253c8bcb6fce4a6bdbf0d402c228e972f022a8491ec45291952b3bb77516e30de58bca47bfab00000000000000000b8c012d43e54117ecae025f1ecdbd3e0a720e3ae5271767f7035a95800d77b9beb3e7cc45709c11b6be30564f4fb700853f5de90ddee2319eb014c96698c66f5e5456287264f7388e43c0fa49a34b9f74088cd7d03c606c1ee47e78f5b520f1e36c665edd8ba91711de2b36968aa371643152c6ddcde6816aaf2ae33c0969d8738f279e5ff6edb61f73998501027d3a81998cdbcec1e4dccb02852e18f8f46bcccc0f89e1194958c61b4646d3e5d020ce1409a84b33051e372f5119c207033334849227d548b8fd26a97ec8ed11a9e564f15dc173baa208267b0de51093c41b1d6dd17661ec049db6f6c957d6", @ANYRES16=r10, @ANYBLOB="02002abd7000fedbdf2504000000080003000400000005000600fa00000005000500000000000500060004000000", @ANYRESDEC], 0x34}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000800)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x32b}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r13}, @IFLA_MASTER={0x8, 0xa, r13}]}, 0x44}}, 0x0)

234.441412ms ago: executing program 0 (id=5770):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x5, 0xff}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000020000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000bfa2000000000000"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xb0ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

217.205646ms ago: executing program 2 (id=5771):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r1, 0x701, 0x0, 0xffffff7f, {0x6}}, 0x57}}, 0x0)

173.896475ms ago: executing program 3 (id=5772):
r0 = socket(0x2a, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f00000012c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc5"], 0x0}, 0x90)
r1 = socket(0x11, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r3=>0x0})
bind$packet(r1, &(0x7f0000000180)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0x4, 0x4)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000280)={@map, 0xffffffffffffffff, 0x31}, 0x20)
socket$packet(0x11, 0x3, 0x300)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002b00)=ANY=[@ANYBLOB="bf16000000000000b7070000ff030000487000000000000050000000000000009500000000000000e83d24a394a293b3bd23212fb56fa54f0b71d0e6adfefc41d86b60717142fa9ea4318123741c0a0f168c1886bf0fccf8d56ccb659427cf8593dbe3a2a3ad358061011fbc5ba1f07318988e6e01a41cc0990d0dc800974a0000503ceb9fc474c2a10000000077beee1cebf45fab73962fa8f6296b32a8343881dcc7b1b85f3c3da4cd36414e90a61965c3de4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d0054ce21fa41181a9580cfca031e5388ee5c9a7ddd04201f5200001fcadf95e5a4725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f588cb211624f40401691721715f46e0080000074943c3ba663739a190a4e825c908c0abc85d457ec5a57cb706eef32a3ed12d63c9c4c508530e173650a8a8f2a9c81bcffe437bccbe158024d8d4939e6fd9adc43f0f4b049218db92bf466e934330ed79bc9f626d68b0000600057d14854eef851bc8c30f5d0df6b94ea0b852d495085ff4eabaac9606f0497958c2c357a7124a69f6770ea6702bc53896a15fad5e55c64efd217450a975221b20d78e445e3da74a3c1e59bae44546bde4ac6de55a480f3ad5dc0f2d1818b696492285f60d914283f8d687b0bdb46261277671bba2c550bfef679bddf38ab35eaaf0268c4efa45b56a188a9195044a222ec06bb49784d5608d87c4832e4305bf8889e5db2a70f6a83d4b3cdc12546d2e9f6720dec489b6276856de6d895704ba3e8ee12c8121ffc4f5d2ae03f0227dcc4f38699d3db16f69ed45e918b07ce58bf576e253364fe0000000084f897400d4f5503a6e9ea4a480e3221f3c247ee8c55e487eaa25a7689689c9c305da4b0181f0f653fec399fcc0cc800e82bde039cc29c19b538c76e65642875bddbef61e5985751d9ebd37d2f32375357b5d2b4dc24baa6a7010038380f7029a292f1ad05000000e4e801a819aef69d081e2cacaa8ad1b4ca6df5dc37962eff0300009e00645b6d2bec249c0612510000000000a7060d8d9b9ad109b62d1dab0eec6beabc76d765b9caf70900000399772ddfe89be4338e70d0ecfed537780a31fcaf4acaf9bd3711a4359d68ec71b0693ede07e7d18e797697901fbae4a9d9966b68eadae75ef1b8931b0818a57e5136fb8c61d73b17d8fd55c2b8d321a6cba8743114fcff01e5c10200c512000800009a021d377e477ea807cc00919ee8bfbd090034f67609cfde8877b5bb072572b421d6b1fdae83e5e250190628d02d01f978323fe36685e652ceb218a9cc9e125a4880faccaf5ac2345f20b1ee403885790500d0bc75c7e95d23904dc446e0201aafea0d3f4cc0cf285ccd000000000100005aee4199a34686905441c1fa62ed20328a10690432f59a4d3e05bd00997ea2b6f5213cb883d05b620f31869f6cce80f1ae09009ed7e3c5f3aa61bfd240cb9726bc512ba0eb1f68579c76144feb0100809f12bcf79c4d57f66703c2aee08e52de3eff160623e1af555dc7481128ed0bab22dcb6e5b6ac5e4010eaf2510fa440aabfdc80c77108c769ed2d666c555c6c38b30899a688d96a6c6dc0dd4309f6548765d3f53261b4890aa004e7f667a230b22bc6e248bf56b219d9a547b6e1c5077c9ba463329323b53910e7358b4d0c6882c590cf25e4d044a6afb10a070f285e3c94ed405aa8dc41718dd3f4bf474868538aad9a23f85a707e325c10a9f22e37c4213d0ca2910726de8e62d2e3ae7f64e40c7af3dc00bab70cf607869c5a11a03bce8aa43fa010348bc2fb420ba5e344fcdcb302548e571157d323f5fd535800284d32ffff000088ccd685f07309101a3196b705479897f4c9d97c4c7b77db7b15bfb4305d5e954a34385418e665af882a7d505323070929b228bc94b70300000066dab8c4e63debff054621a0ac7dd85b14cb7616ca23f044bd0ccd1c79292c3aa8f6e4a1c27315ef8d55781edbe368f72aeb2f48256131aaab707451c14747dfa3bb5f8725a98f6d3c797573f18810bf378e38107ece5cb7cf3b98975e9254248af60de2f04e2429d9b6eba525fd1b1b665f77710fa49426eb32e775acd535fc78696fc980573c35e9916f0000000000002c8ee5ec55faffffffffffffffcd59cc0600000053d0a1f4ea4477022c9f376b3191efeb46be3c174fb24009379bbc949fd2923715540556450f12d1645177ce3eca0d65d17deff51a024f0180000000006100499e829bda469048c70e5968375feb39e6918e591a384851ba3079ad9c376bdaf0650e212eb4185cbbb6c0dc0e699afc34ca3b9a307cd2519cd9b192d678492ea2228ff0817d68f97b18402d271036067c141b911c4e0207e2c9d37ac203f440e1a065a2d227c6ec860c0104000000000000fe7144ec680c0dac7b5906a6197c8173080c9ab3ecb72820f0ee36d744b20fae962c4a42e4a43ee3f325f93edb3a204b9c9dc8953375e37c83876f248d91f166676b54781c6855c5e067ab2c2c6d22b20a703d68d77312333deff80883cb5a25c738f4e7cbb075e10f5c36396156abb221adebb9303342bfa2b745a5e045d5db847e4810270ed1c5bbb1548ec3184ff9b8ed1687333d0e0412d452ba6b390199bd684ff458d6c8114833efde87215e5f9569d92d24579f3ef473bce24e61eb21336ad441eea93cbcb69d2156b9b6e3000000000000000000fc411d2eadcadc7c0a2c12410e4b9d634807f2a6f1c3a13508e274ecef5cfccb707a1640973973fd2d1d60138d9b7a778827fd07fbd093a0ba779dcd32556613e1fac161825da91acde7fa964e689b1f0ea96047a98260270c3a3ccb2142b074db79aa88614663ff33f9966502a2361e49aabe58eb086c5827dd9d92fa4ff0c0e8b949d585f2cbc111de478905cb37f3cbfb019c6daace508b92671850ff577234468f9279a52360d1a80b88b4eb1cda949ca77b6ec43bdf5f5a400989705746b86b400947891b33d591ec5ea9ae45983273f62027998d72f83625021a72e27e0449fa154ade55071546d4000000000000000000000000000000002f907c5db9c967a1f86c57bb5062fed7c37ec16a7e62b6e370c3c5a32adee9032367814394a7a7fd12c44b81fb5ac2ad92220a72aa"], 0x0}, 0x90)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000040)=r4, 0x4)
sendmsg$netlink(r1, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001340)=ANY=[@ANYBLOB="03011400ff1e431200000800ad0001140000002f2500ac14141fe000e502808a8972bd0f72e401010c520f068c3f1fe4fdfe4b449430ebb52997e36e039b1c598825f80100a3c06376c3304176a167d50261a67a34a09e5fe2bb07b6f158f918a54bf8"], 0xdd12}], 0x1}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f00000003c0)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$FIGETBSZ(r1, 0x2, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000280)={@cgroup, r5, 0x0, 0x0, 0x4, @link_id}, 0x20)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/77, 0x2000}, 0x20)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89b0, 0x0)

0s ago: executing program 0 (id=5773):
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)=0xdc39, 0x4)
socket$inet_sctp(0x2, 0x0, 0x84)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000040)="07000000010001", 0x7)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
socket$inet6(0xa, 0x3, 0x2c)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='rdma.current\x00', 0x26e1, 0x0)
r4 = socket$kcm(0x2, 0x1000000000000002, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="88010000100033010000000000000000e0000002000000000000000000000000fe8000000000000000000000000000bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000033000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000eeffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000a00000000000000000000004c00120061656769733132386c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004c001400686d616328736861312d6e656f6e2900"/320, @ANYRESOCT=r1, @ANYRESOCT=r5, @ANYRES32], 0x188}}, 0x40000000)
setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f0000000400), 0x4)
sendmsg$inet(r4, &(0x7f0000007940)={&(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x20}, 0x10, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="10000008000000000000000007000004"], 0x10}, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_linger(r6, 0x1, 0xd, &(0x7f0000000440)={0x2, 0x3}, 0x8)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r6, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10)
close(r6)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000380)={0x6, 0x200, 0x1, 0x401}, &(0x7f00000003c0)=0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)={0x34, r8, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x200, 0x0, @udp='udp:syz1\x00'}}}}, 0x34}}, 0x0)
r9 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r9, 0x89f2, &(0x7f00000000c0)={'gre0\x00', &(0x7f0000000040)={'syztnl2\x00', 0x0, 0x0, 0x7f81, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}})
ioctl$sock_bt_hci(r0, 0x400448e6, &(0x7f00000000c0)="aa910c8034c3f1a684a62396df0e6b84c9ef7bf08838aa39fe0ee271f7a5db2933c9a0a486519474062938d23e21d44bad66471235b4424181ea438cebd80403d9fdafd1e64ba1eaa8e157f399c5df5e319cae4f508d053272707caed49173f10a8101d13ffecc0f3f7ed64cf8ea5fa1dc98384384d97d1902ff692530674c5893d569909fc8d4fd576bb623b941d2fcdfdd5b07d870bc721ec1fb040517abecbfb8e7e639e47a1f90b0c4112f93416d7fdeacef95b5f0465a4601790aa1f18b11df5ef7e5cb10c6895ea3a090fa6a2a807c007f21c335f20c14149ecb67f9516f3ae4dd0c36df3a0bd430ae09c5906bb99e4b15c93b")

kernel console output (not intermixed with test programs):

netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  500.044036][T20233] __nla_validate_parse: 3 callbacks suppressed
[  500.044056][T20233] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5000'.
[  500.092689][T20233] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.5000'.
[  500.219881][T20242] xt_addrtype: ipv6 BLACKHOLE matching not supported
[  500.461013][ T6712] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  500.478552][ T6712] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  500.680225][T20255] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.5006'.
[  500.697171][ T3862] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  500.717493][ T3862] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  500.726303][T20255] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes.
[  500.770301][  T784] tipc: Node number set to 4269801491
[  500.784747][T20255] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.5006'.
[  500.824076][T20255] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  500.824116][T20259] syzkaller1: entered promiscuous mode
[  500.837714][T20255] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  500.844564][T20259] syzkaller1: entered allmulticast mode
[  501.236614][T20270] netlink: set zone limit has 4 unknown bytes
[  501.458042][T20277] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  501.618817][T20287] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5018'.
[  501.650064][T20287] netlink: 'syz.2.5018': attribute type 1 has an invalid length.
[  501.677880][T20287] netlink: 'syz.2.5018': attribute type 2 has an invalid length.
[  501.726717][T20287] netlink: 210620 bytes leftover after parsing attributes in process `syz.2.5018'.
[  501.873529][   T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  502.326707][   T35] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  502.569299][   T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  502.647705][   T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  502.738740][   T35] bridge_slave_1: left allmulticast mode
[  502.744443][   T35] bridge_slave_1: left promiscuous mode
[  502.750517][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  502.760683][   T35] bridge_slave_0: left allmulticast mode
[  502.766352][   T35] bridge_slave_0: left promiscuous mode
[  502.772597][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  503.415155][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  503.455851][T20317] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5025'.
[  503.466199][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  503.491390][   T35] bond0 (unregistering): Released all slaves
[  503.502508][ T5107] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  503.513504][ T5107] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  503.523793][ T5107] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  503.536225][ T5107] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  503.544557][ T5107] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  503.553189][ T5107] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  503.585240][T20303] syzkaller1: entered promiscuous mode
[  503.611965][T20303] syzkaller1: entered allmulticast mode
[  504.119362][   T35] hsr_slave_0: left promiscuous mode
[  504.140398][   T35] hsr_slave_1: left promiscuous mode
[  504.146852][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  504.154927][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  504.165130][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  504.174487][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  504.201554][   T35] veth1_macvtap: left promiscuous mode
[  504.207143][   T35] veth0_macvtap: left promiscuous mode
[  504.213519][   T35] veth1_vlan: left promiscuous mode
[  504.219007][   T35] veth0_vlan: left promiscuous mode
[  504.741945][   T35] team0 (unregistering): Port device team_slave_1 removed
[  504.785806][   T35] team0 (unregistering): Port device team_slave_0 removed
[  505.216637][T20333] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  505.226399][T20345] netlink: 248 bytes leftover after parsing attributes in process `syz.1.5035'.
[  505.250662][T20342] netlink: 'syz.0.5033': attribute type 11 has an invalid length.
[  505.484542][T20355] geneve2: entered promiscuous mode
[  505.524717][T20355] geneve2: entered allmulticast mode
[  505.611349][T20319] chnl_net:caif_netlink_parms(): no params data found
[  505.651792][ T5107] Bluetooth: hci4: command tx timeout
[  505.735433][T20368] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5044'.
[  505.759175][T20368] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5044'.
[  505.817113][T20373] netlink: 'syz.1.5046': attribute type 14 has an invalid length.
[  505.981590][T20382] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  506.010058][T20319] bridge0: port 1(bridge_slave_0) entered blocking state
[  506.041663][T20391] netlink: 'syz.1.5049': attribute type 1 has an invalid length.
[  506.049772][T20391] netlink: 9320 bytes leftover after parsing attributes in process `syz.1.5049'.
[  506.058645][T20319] bridge0: port 1(bridge_slave_0) entered disabled state
[  506.060817][T20391] netlink: 'syz.1.5049': attribute type 1 has an invalid length.
[  506.074209][T20391] netlink: 'syz.1.5049': attribute type 2 has an invalid length.
[  506.082450][T20319] bridge_slave_0: entered allmulticast mode
[  506.101139][T20319] bridge_slave_0: entered promiscuous mode
[  506.110414][T20319] bridge0: port 2(bridge_slave_1) entered blocking state
[  506.117701][T20319] bridge0: port 2(bridge_slave_1) entered disabled state
[  506.126052][T20319] bridge_slave_1: entered allmulticast mode
[  506.133709][T20319] bridge_slave_1: entered promiscuous mode
[  506.148285][T20392] bridge5: the hash_elasticity option has been deprecated and is always 16
[  506.244164][T20319] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  506.284866][T20319] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  506.426587][T20319] team0: Port device team_slave_0 added
[  506.445406][T20319] team0: Port device team_slave_1 added
[  506.861875][T20404] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5053'.
[  506.882181][T20319] batman_adv: batadv0: Adding interface: batadv_slave_0
[  506.894993][T20319] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  506.959430][T20319] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  506.997311][T20319] batman_adv: batadv0: Adding interface: batadv_slave_1
[  507.005166][T20319] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  507.071496][T20319] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  507.140962][T20436] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  507.344379][T20319] hsr_slave_0: entered promiscuous mode
[  507.359745][T20319] hsr_slave_1: entered promiscuous mode
[  507.370688][T20319] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  507.384008][T20319] Cannot create hsr debugfs directory
[  507.460020][T20457] netlink: 'syz.1.5068': attribute type 3 has an invalid length.
[  507.728454][ T5107] Bluetooth: hci4: command tx timeout
[  507.861632][T20482] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  508.412804][T20492] tun0: tun_chr_ioctl cmd 35108
[  508.593825][T20319] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  508.633532][T20319] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  508.671175][T20319] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  508.672723][T20492] netlink: 164 bytes leftover after parsing attributes in process `syz.2.5080'.
[  508.700654][T20319] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  508.794119][T20506] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5084'.
[  508.833603][T20506] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.5084'.
[  508.846461][T20508] netlink: 128 bytes leftover after parsing attributes in process `syz.1.5085'.
[  508.976450][T20319] 8021q: adding VLAN 0 to HW filter on device bond0
[  509.016915][T20319] 8021q: adding VLAN 0 to HW filter on device team0
[  509.085007][  T784] bridge0: port 1(bridge_slave_0) entered blocking state
[  509.092282][  T784] bridge0: port 1(bridge_slave_0) entered forwarding state
[  509.111050][  T784] bridge0: port 2(bridge_slave_1) entered blocking state
[  509.118284][  T784] bridge0: port 2(bridge_slave_1) entered forwarding state
[  509.577168][T20538] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  509.697305][T20319] 8021q: adding VLAN 0 to HW filter on device batadv0
[  509.809164][ T5107] Bluetooth: hci4: command tx timeout
[  509.898287][T20319] veth0_vlan: entered promiscuous mode
[  509.930467][T20319] veth1_vlan: entered promiscuous mode
[  510.013161][T20319] veth0_macvtap: entered promiscuous mode
[  510.032304][T20319] veth1_macvtap: entered promiscuous mode
[  510.096308][T20319] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  510.125772][T20319] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  510.146383][T20319] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  510.157771][T20319] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  510.176562][T20319] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  510.187282][T20319] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  510.215134][T20319] batman_adv: batadv0: Interface activated: batadv_slave_0
[  510.229492][T20562] bond0: Device is already in use.
[  510.258877][T20319] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  510.276942][T20319] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  510.295138][T20319] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  510.313308][T20319] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  510.335611][T20319] batman_adv: batadv0: Interface activated: batadv_slave_1
[  510.370741][T20319] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  510.394129][T20319] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  510.412283][T20319] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  510.446044][T20319] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  510.889334][T20587] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5108'.
[  510.913615][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  510.953053][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  511.043674][T20594] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.5108'.
[  511.068194][ T6712] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  511.088827][ T6712] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  511.165651][T20601] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5111'.
[  511.178886][T20601] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5111'.
[  511.430625][T20615] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5112'.
[  511.469068][T20615] netlink: 104 bytes leftover after parsing attributes in process `syz.0.5112'.
[  511.500554][T20604] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  511.591002][T20617] syzkaller0: entered promiscuous mode
[  511.599696][T20617] syzkaller0: entered allmulticast mode
[  511.659043][T20624] netlink: 'syz.1.5119': attribute type 1 has an invalid length.
[  511.667103][T20624] netlink: 193500 bytes leftover after parsing attributes in process `syz.1.5119'.
[  511.733168][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  513.681258][T20646] hsr0: entered promiscuous mode
[  513.837043][T20654] netlink: 'syz.3.5129': attribute type 1 has an invalid length.
[  513.857396][T20654] netlink: 512 bytes leftover after parsing attributes in process `syz.3.5129'.
[  513.997711][T20662] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5131'.
[  514.137537][ T5096] Bluetooth: hci2: command 0x0406 tx timeout
[  514.426437][ T1007] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  514.522952][ T1007] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  514.637423][ T1007] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  514.725074][T20673] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  514.755780][ T1007] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  514.877815][ T1007] bridge_slave_1: left allmulticast mode
[  514.884658][ T1007] bridge_slave_1: left promiscuous mode
[  514.890822][ T1007] bridge0: port 2(bridge_slave_1) entered disabled state
[  514.901620][ T1007] bridge_slave_0: left allmulticast mode
[  514.907295][ T1007] bridge_slave_0: left promiscuous mode
[  514.913404][ T1007] bridge0: port 1(bridge_slave_0) entered disabled state
[  515.336552][ T1007] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  515.356768][ T1007] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  515.377195][ T1007] bond0 (unregistering): Released all slaves
[  515.663325][T20696] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5141'.
[  515.683150][T20697] netlink: 'syz.3.5142': attribute type 1 has an invalid length.
[  515.897691][ T1007] hsr_slave_0: left promiscuous mode
[  515.923460][ T1007] hsr_slave_1: left promiscuous mode
[  515.944795][ T1007] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  515.967467][ T1007] batman_adv: batadv0: Removing interface: batadv_slave_0
[  515.987909][ T5096] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  515.998028][ T5096] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  516.010378][ T5096] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  516.013680][ T1007] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  516.027471][ T5096] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  516.035703][ T1007] batman_adv: batadv0: Removing interface: batadv_slave_1
[  516.043734][ T5096] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  516.052186][ T5096] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  516.106609][ T1007] veth1_macvtap: left promiscuous mode
[  516.114381][ T1007] veth0_macvtap: left promiscuous mode
[  516.121351][ T1007] veth1_vlan: left promiscuous mode
[  516.127030][ T1007] veth0_vlan: left promiscuous mode
[  516.662970][ T1007] team0 (unregistering): Port device team_slave_1 removed
[  516.705185][ T1007] team0 (unregistering): Port device team_slave_0 removed
[  517.359978][T20723] __nla_validate_parse: 2 callbacks suppressed
[  517.359999][T20723] netlink: 116 bytes leftover after parsing attributes in process `syz.2.5150'.
[  517.389099][T20726] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5148'.
[  517.552183][T20738] netlink: 'syz.1.5154': attribute type 1 has an invalid length.
[  517.568789][T20738] netlink: 512 bytes leftover after parsing attributes in process `syz.1.5154'.
[  517.570955][T20735] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5153'.
[  517.638272][T20709] chnl_net:caif_netlink_parms(): no params data found
[  517.787033][T20746] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5156'.
[  517.800974][T20746] FAULT_INJECTION: forcing a failure.
[  517.800974][T20746] name failslab, interval 1, probability 0, space 0, times 0
[  517.823880][T20746] CPU: 1 PID: 20746 Comm: syz.3.5156 Not tainted 6.10.0-rc6-syzkaller-00167-g30f747b8d53b #0
[  517.834089][T20746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  517.844172][T20746] Call Trace:
[  517.847475][T20746]  <TASK>
[  517.850425][T20746]  dump_stack_lvl+0x241/0x360
[  517.855148][T20746]  ? __pfx_dump_stack_lvl+0x10/0x10
[  517.860387][T20746]  ? __pfx__printk+0x10/0x10
[  517.865052][T20746]  should_fail_ex+0x3b0/0x4e0
[  517.869784][T20746]  ? fib_trie_unmerge+0x126/0xef0
[  517.874868][T20746]  should_failslab+0x9/0x20
[  517.879433][T20746]  kmalloc_trace_noprof+0x6c/0x2c0
[  517.884595][T20746]  fib_trie_unmerge+0x126/0xef0
[  517.889488][T20746]  ? nla_strscpy+0x100/0x180
[  517.894109][T20746]  ? __pfx_fib_trie_unmerge+0x10/0x10
[  517.899523][T20746]  ? __dev_get_by_name+0xc5/0xf0
[  517.904486][T20746]  ? fib_nl2rule+0x126e/0x1b50
[  517.909262][T20746]  fib_unmerge+0xc5/0x370
[  517.913628][T20746]  fib4_rule_configure+0x1a3/0xba0
[  517.918767][T20746]  ? __pfx_fib4_rule_configure+0x10/0x10
[  517.924423][T20746]  fib_nl_newrule+0x116b/0x1c50
[  517.929287][T20746]  ? __pfx_lock_acquire+0x10/0x10
[  517.934329][T20746]  ? __pfx_lock_release+0x10/0x10
[  517.939374][T20746]  ? do_raw_spin_lock+0x14f/0x370
[  517.944427][T20746]  ? __pfx_fib_nl_newrule+0x10/0x10
[  517.949631][T20746]  ? do_raw_spin_unlock+0x13c/0x8b0
[  517.954863][T20746]  ? __pfx_fib_nl_newrule+0x10/0x10
[  517.960092][T20746]  rtnetlink_rcv_msg+0x89b/0x1180
[  517.965173][T20746]  ? rtnetlink_rcv_msg+0x208/0x1180
[  517.970402][T20746]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  517.975897][T20746]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  517.981887][T20746]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  517.988223][T20746]  ? __local_bh_enable_ip+0x168/0x200
[  517.993593][T20746]  ? lockdep_hardirqs_on+0x99/0x150
[  517.998806][T20746]  ? __local_bh_enable_ip+0x168/0x200
[  518.004200][T20746]  ? dev_hard_start_xmit+0x773/0x7e0
[  518.009518][T20746]  ? __dev_queue_xmit+0x2d2/0x3d30
[  518.014629][T20746]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  518.020363][T20746]  ? __dev_queue_xmit+0x2d2/0x3d30
[  518.025498][T20746]  ? __dev_queue_xmit+0x16c9/0x3d30
[  518.030713][T20746]  ? __dev_queue_xmit+0x2d2/0x3d30
[  518.035855][T20746]  ? ref_tracker_free+0x643/0x7e0
[  518.040893][T20746]  netlink_rcv_skb+0x1e3/0x430
[  518.045664][T20746]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  518.051133][T20746]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  518.056446][T20746]  ? netlink_deliver_tap+0x2e/0x1b0
[  518.061650][T20746]  netlink_unicast+0x7ea/0x980
[  518.066425][T20746]  ? __pfx_netlink_unicast+0x10/0x10
[  518.071710][T20746]  ? __virt_addr_valid+0x183/0x520
[  518.076826][T20746]  ? __check_object_size+0x49c/0x900
[  518.082127][T20746]  ? bpf_lsm_netlink_send+0x9/0x10
[  518.087262][T20746]  netlink_sendmsg+0x8db/0xcb0
[  518.092036][T20746]  ? __pfx_netlink_sendmsg+0x10/0x10
[  518.097327][T20746]  ? __import_iovec+0x536/0x820
[  518.102176][T20746]  ? aa_sock_msg_perm+0x91/0x160
[  518.107117][T20746]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  518.112400][T20746]  ? security_socket_sendmsg+0x87/0xb0
[  518.117862][T20746]  ? __pfx_netlink_sendmsg+0x10/0x10
[  518.123160][T20746]  __sock_sendmsg+0x221/0x270
[  518.127876][T20746]  ____sys_sendmsg+0x525/0x7d0
[  518.128714][ T5107] Bluetooth: hci4: command tx timeout
[  518.132659][T20746]  ? __pfx_____sys_sendmsg+0x10/0x10
[  518.132712][T20746]  __sys_sendmsg+0x2b0/0x3a0
[  518.132746][T20746]  ? __pfx___sys_sendmsg+0x10/0x10
[  518.153407][T20746]  ? vfs_write+0x7c4/0xc90
[  518.157855][T20746]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  518.164183][T20746]  ? do_syscall_64+0x100/0x230
[  518.168957][T20746]  ? do_syscall_64+0xb6/0x230
[  518.173666][T20746]  do_syscall_64+0xf3/0x230
[  518.178178][T20746]  ? clear_bhb_loop+0x35/0x90
[  518.182865][T20746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.188779][T20746] RIP: 0033:0x7fc3a1d75bd9
[  518.193218][T20746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  518.212838][T20746] RSP: 002b:00007fc3a2b6c048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  518.221267][T20746] RAX: ffffffffffffffda RBX: 00007fc3a1f03f60 RCX: 00007fc3a1d75bd9
[  518.229266][T20746] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[  518.237234][T20746] RBP: 00007fc3a2b6c0a0 R08: 0000000000000000 R09: 0000000000000000
[  518.245210][T20746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  518.253190][T20746] R13: 000000000000000b R14: 00007fc3a1f03f60 R15: 00007ffed19092a8
[  518.261189][T20746]  </TASK>
[  518.356245][T20755] FAULT_INJECTION: forcing a failure.
[  518.356245][T20755] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  518.393346][T20755] CPU: 1 PID: 20755 Comm: syz.3.5160 Not tainted 6.10.0-rc6-syzkaller-00167-g30f747b8d53b #0
[  518.403559][T20755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  518.413640][T20755] Call Trace:
[  518.416938][T20755]  <TASK>
[  518.419885][T20755]  dump_stack_lvl+0x241/0x360
[  518.424293][T20758] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5161'.
[  518.424581][T20755]  ? __pfx_dump_stack_lvl+0x10/0x10
[  518.438636][T20755]  ? __pfx__printk+0x10/0x10
[  518.443255][T20755]  ? __pfx_lock_release+0x10/0x10
[  518.448291][T20755]  should_fail_ex+0x3b0/0x4e0
[  518.452986][T20755]  _copy_from_user+0x2f/0xe0
[  518.457579][T20755]  copy_msghdr_from_user+0xae/0x680
[  518.462787][T20755]  ? __pfx___might_resched+0x10/0x10
[  518.468092][T20755]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  518.473930][T20755]  ? __might_fault+0xaa/0x120
[  518.478626][T20755]  do_recvmmsg+0x40f/0xae0
[  518.483059][T20755]  ? __pfx_lock_release+0x10/0x10
[  518.488093][T20755]  ? __pfx_do_recvmmsg+0x10/0x10
[  518.493060][T20755]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  518.498967][T20755]  ? ksys_write+0x23e/0x2c0
[  518.503474][T20755]  ? __pfx_lock_release+0x10/0x10
[  518.508506][T20755]  ? vfs_write+0x7c4/0xc90
[  518.512934][T20755]  ? __mutex_unlock_slowpath+0x21d/0x750
[  518.518582][T20755]  ? __fget_files+0x3f6/0x470
[  518.523281][T20755]  __x64_sys_recvmmsg+0x199/0x250
[  518.528327][T20755]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  518.533894][T20755]  ? do_syscall_64+0x100/0x230
[  518.538676][T20755]  ? do_syscall_64+0xb6/0x230
[  518.543363][T20755]  do_syscall_64+0xf3/0x230
[  518.547891][T20755]  ? clear_bhb_loop+0x35/0x90
[  518.552587][T20755]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.558503][T20755] RIP: 0033:0x7fc3a1d75bd9
[  518.562923][T20755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  518.582532][T20755] RSP: 002b:00007fc3a2b6c048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  518.590954][T20755] RAX: ffffffffffffffda RBX: 00007fc3a1f03f60 RCX: 00007fc3a1d75bd9
[  518.598938][T20755] RDX: 00000000000005df RSI: 0000000020000b40 RDI: 0000000000000005
[  518.606908][T20755] RBP: 00007fc3a2b6c0a0 R08: 0000000000000000 R09: 0000000000000000
[  518.614878][T20755] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002
[  518.622853][T20755] R13: 000000000000000b R14: 00007fc3a1f03f60 R15: 00007ffed19092a8
[  518.630840][T20755]  </TASK>
[  518.654021][T20709] bridge0: port 1(bridge_slave_0) entered blocking state
[  518.663980][T20758] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.5161'.
[  518.674289][T20709] bridge0: port 1(bridge_slave_0) entered disabled state
[  518.692235][T20709] bridge_slave_0: entered allmulticast mode
[  518.699972][T20709] bridge_slave_0: entered promiscuous mode
[  518.787915][T20709] bridge0: port 2(bridge_slave_1) entered blocking state
[  518.798651][T20709] bridge0: port 2(bridge_slave_1) entered disabled state
[  518.805985][T20709] bridge_slave_1: entered allmulticast mode
[  518.821642][T20709] bridge_slave_1: entered promiscuous mode
[  519.037998][T20771] netlink: 'syz.1.5165': attribute type 1 has an invalid length.
[  519.053904][T20771] netlink: 512 bytes leftover after parsing attributes in process `syz.1.5165'.
[  519.193487][T20709] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  519.230661][T20709] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  519.251289][T20777] netlink: 68 bytes leftover after parsing attributes in process `syz.3.5168'.
[  519.324682][T20776] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5167'.
[  519.462714][T20709] team0: Port device team_slave_0 added
[  519.566668][T20709] team0: Port device team_slave_1 added
[  519.661299][T20709] batman_adv: batadv0: Adding interface: batadv_slave_0
[  519.686279][T20709] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  519.721055][T20709] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  519.806379][T20782] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  519.821651][T20709] batman_adv: batadv0: Adding interface: batadv_slave_1
[  519.830827][T20709] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  519.862883][T20709] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  519.975645][T20709] hsr_slave_0: entered promiscuous mode
[  519.983951][T20709] hsr_slave_1: entered promiscuous mode
[  520.092870][T20802] netlink: 'syz.3.5177': attribute type 1 has an invalid length.
[  520.208697][ T5107] Bluetooth: hci4: command tx timeout
[  520.478290][T20821] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[  520.657087][T20831] netlink: 'syz.0.5188': attribute type 1 has an invalid length.
[  520.863238][T20842] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  520.876763][T20838] IPv6: sit1: Disabled Multicast RS
[  520.908040][T20709] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  520.939397][T20842] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  520.946670][T20842] IPv6: NLM_F_CREATE should be set when creating new route
[  520.953988][T20842] IPv6: NLM_F_CREATE should be set when creating new route
[  520.972059][T20709] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  521.019683][T20709] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  521.062990][T20709] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  521.215957][T20862] x_tables: unsorted underflow at hook 4
[  521.306955][T20709] 8021q: adding VLAN 0 to HW filter on device bond0
[  521.360334][T20709] 8021q: adding VLAN 0 to HW filter on device team0
[  521.388157][  T784] bridge0: port 1(bridge_slave_0) entered blocking state
[  521.395381][  T784] bridge0: port 1(bridge_slave_0) entered forwarding state
[  521.426722][T20873] netlink: 'syz.3.5202': attribute type 1 has an invalid length.
[  521.452205][  T784] bridge0: port 2(bridge_slave_1) entered blocking state
[  521.457108][T20878] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  521.459392][  T784] bridge0: port 2(bridge_slave_1) entered forwarding state
[  521.507421][T20709] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  521.548572][T20709] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  521.834412][T20709] 8021q: adding VLAN 0 to HW filter on device batadv0
[  521.888594][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  522.256137][T20921] netlink: 'syz.3.5216': attribute type 1 has an invalid length.
[  522.289549][ T5107] Bluetooth: hci4: command tx timeout
[  522.402942][T20709] veth0_vlan: entered promiscuous mode
[  522.437567][T20709] veth1_vlan: entered promiscuous mode
[  522.504890][T20709] veth0_macvtap: entered promiscuous mode
[  522.540035][T20709] veth1_macvtap: entered promiscuous mode
[  522.562513][T20935] team0: Device bridge0 is up. Set it down before adding it as a team port
[  522.586836][T20709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  522.618486][T20709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.631809][T20709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  522.644053][T20709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.654409][T20709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  522.665341][T20709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.690505][T20709] batman_adv: batadv0: Interface activated: batadv_slave_0
[  522.750157][T20709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  522.778642][T20709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.803573][T20709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  522.818593][T20709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.838947][T20709] batman_adv: batadv0: Interface activated: batadv_slave_1
[  522.861131][T20709] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  522.880622][T20709] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  522.896324][T20709] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  522.917362][T20709] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  522.920182][T20952] netlink: 'syz.2.5231': attribute type 1 has an invalid length.
[  522.938733][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  522.975187][T20952] __nla_validate_parse: 83 callbacks suppressed
[  522.975208][T20952] netlink: 512 bytes leftover after parsing attributes in process `syz.2.5231'.
[  523.070205][T20956] netlink: 224 bytes leftover after parsing attributes in process `syz.3.5233'.
[  523.200088][T20958] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  523.218827][T20958] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  523.227569][T20958] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  523.244806][T20958] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  523.270874][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  523.296700][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  523.368197][T20958] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5234'.
[  523.401707][T20958] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  523.427860][T20958] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  523.448047][T20958] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  523.458815][T20958] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  523.549436][T20964] netlink: 'syz.2.5235': attribute type 1 has an invalid length.
[  523.610820][ T6712] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  523.625933][ T6712] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  523.965813][T20979] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5244'.
[  524.310153][T21005] FAULT_INJECTION: forcing a failure.
[  524.310153][T21005] name failslab, interval 1, probability 0, space 0, times 0
[  524.329537][T21005] CPU: 0 PID: 21005 Comm: syz.0.5251 Not tainted 6.10.0-rc6-syzkaller-00167-g30f747b8d53b #0
[  524.339742][T21005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  524.349822][T21005] Call Trace:
[  524.353116][T21005]  <TASK>
[  524.356062][T21005]  dump_stack_lvl+0x241/0x360
[  524.360788][T21005]  ? __pfx_dump_stack_lvl+0x10/0x10
[  524.366029][T21005]  ? __pfx__printk+0x10/0x10
[  524.370691][T21005]  should_fail_ex+0x3b0/0x4e0
[  524.375407][T21005]  ? sctp_add_bind_addr+0x89/0x3a0
[  524.380566][T21005]  should_failslab+0x9/0x20
[  524.385114][T21005]  kmalloc_trace_noprof+0x6c/0x2c0
[  524.390280][T21005]  sctp_add_bind_addr+0x89/0x3a0
[  524.395259][T21005]  sctp_copy_local_addr_list+0x311/0x500
[  524.400916][T21005]  ? sctp_copy_local_addr_list+0xab/0x500
[  524.406647][T21005]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  524.412814][T21005]  ? sctp_v6_is_any+0x60/0x70
[  524.417507][T21005]  sctp_bind_addr_copy+0xad/0x3b0
[  524.422541][T21005]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  524.428881][T21005]  sctp_connect_new_asoc+0x2f3/0x6c0
[  524.434177][T21005]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  524.439987][T21005]  ? sctp_sendmsg+0xbb9/0x3520
[  524.444760][T21005]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  524.450326][T21005]  ? security_sctp_bind_connect+0x90/0xb0
[  524.456059][T21005]  sctp_sendmsg+0x219a/0x3520
[  524.460765][T21005]  ? __pfx_sctp_sendmsg+0x10/0x10
[  524.465800][T21005]  ? __pfx_aa_sk_perm+0x10/0x10
[  524.470668][T21005]  ? inet_sendmsg+0x330/0x390
[  524.475351][T21005]  __sock_sendmsg+0x1a6/0x270
[  524.480049][T21005]  ____sys_sendmsg+0x525/0x7d0
[  524.484826][T21005]  ? __pfx_____sys_sendmsg+0x10/0x10
[  524.490131][T21005]  __sys_sendmmsg+0x3b2/0x740
[  524.494821][T21005]  ? __pfx___sys_sendmmsg+0x10/0x10
[  524.500050][T21005]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  524.505951][T21005]  ? ksys_write+0x23e/0x2c0
[  524.510475][T21005]  ? __pfx_lock_release+0x10/0x10
[  524.515514][T21005]  ? vfs_write+0x7c4/0xc90
[  524.519944][T21005]  ? __mutex_unlock_slowpath+0x21d/0x750
[  524.525597][T21005]  ? __pfx_vfs_write+0x10/0x10
[  524.530403][T21005]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  524.536395][T21005]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  524.542737][T21005]  ? do_syscall_64+0x100/0x230
[  524.547528][T21005]  __x64_sys_sendmmsg+0xa0/0xb0
[  524.552393][T21005]  do_syscall_64+0xf3/0x230
[  524.556908][T21005]  ? clear_bhb_loop+0x35/0x90
[  524.561600][T21005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  524.567513][T21005] RIP: 0033:0x7f4a55175bd9
[  524.571933][T21005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  524.591543][T21005] RSP: 002b:00007f4a55fa3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  524.599963][T21005] RAX: ffffffffffffffda RBX: 00007f4a55303f60 RCX: 00007f4a55175bd9
[  524.607940][T21005] RDX: 0000000000000002 RSI: 0000000020004e40 RDI: 0000000000000004
[  524.615918][T21005] RBP: 00007f4a55fa30a0 R08: 0000000000000000 R09: 0000000000000000
[  524.623895][T21005] R10: 00000000000400d0 R11: 0000000000000246 R12: 0000000000000002
[  524.631869][T21005] R13: 000000000000000b R14: 00007f4a55303f60 R15: 00007ffed4203878
[  524.639862][T21005]  </TASK>
[  524.918240][T21031] netlink: 176 bytes leftover after parsing attributes in process `syz.2.5261'.
[  524.938663][T21020] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  525.205530][T21043] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  525.215836][T21043] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  525.225809][T21043] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  525.235145][T21043] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  525.244871][T21043] geneve2: entered promiscuous mode
[  525.251090][T21043] geneve2: entered allmulticast mode
[  525.667853][T21066] netlink: 'syz.3.5276': attribute type 1 has an invalid length.
[  525.696004][T21066] netlink: 512 bytes leftover after parsing attributes in process `syz.3.5276'.
[  525.753415][T21070] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.5277'.
[  525.771509][T21070] openvswitch: netlink: IP tunnel attribute has 3052 unknown bytes.
[  526.306947][T21103] netlink: 'syz.3.5291': attribute type 1 has an invalid length.
[  526.324995][T21103] netlink: 512 bytes leftover after parsing attributes in process `syz.3.5291'.
[  528.061084][ T5096] Bluetooth: hci2: command 0x0406 tx timeout
[  528.222649][T21120] x_tables: duplicate underflow at hook 1
[  528.274750][ T3862] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  528.308142][T21121] netlink: 52 bytes leftover after parsing attributes in process `syz.2.5297'.
[  528.469963][ T5096] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  528.486499][ T5096] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  528.499414][ T5096] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  528.515019][ T5096] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  528.518123][ T3862] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  528.535055][ T5096] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  528.548981][ T5096] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  528.579605][T21138] xt_CT: You must specify a L4 protocol and not use inversions on it
[  528.711997][ T3862] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  528.820739][ T3862] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  529.061823][ T3862] bridge_slave_1: left allmulticast mode
[  529.075308][ T3862] bridge_slave_1: left promiscuous mode
[  529.081894][ T3862] bridge0: port 2(bridge_slave_1) entered disabled state
[  529.104494][ T3862] bridge_slave_0: left allmulticast mode
[  529.118532][ T3862] bridge_slave_0: left promiscuous mode
[  529.124391][ T3862] bridge0: port 1(bridge_slave_0) entered disabled state
[  529.290275][T21181] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5314'.
[  529.580040][ T3862] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  529.594125][ T3862] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  529.606026][ T3862] bond0 (unregistering): Released all slaves
[  529.802463][T21180] veth0_vlan: left allmulticast mode
[  529.829353][T21192] netlink: 76 bytes leftover after parsing attributes in process `syz.2.5317'.
[  529.863346][T21180] team0: Port device vlan1 removed
[  529.864438][T21193] syz.1.5318: vmalloc error: size 10485760, failed to allocated page array size 20480, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  529.906357][T21193] CPU: 0 PID: 21193 Comm: syz.1.5318 Not tainted 6.10.0-rc6-syzkaller-00167-g30f747b8d53b #0
[  529.916568][T21193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  529.926655][T21193] Call Trace:
[  529.929982][T21193]  <TASK>
[  529.932915][T21193]  dump_stack_lvl+0x241/0x360
[  529.937619][T21193]  ? __pfx_dump_stack_lvl+0x10/0x10
[  529.942889][T21193]  ? __pfx__printk+0x10/0x10
[  529.947487][T21193]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  529.954201][T21193]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  529.960721][T21193]  warn_alloc+0x278/0x410
[  529.965075][T21193]  ? __pfx_warn_alloc+0x10/0x10
[  529.969947][T21193]  ? translate_table+0x196/0x21f0
[  529.975017][T21193]  ? __get_vm_area_node+0x23d/0x270
[  529.980236][T21193]  __vmalloc_node_range_noprof+0x69f/0x1460
[  529.986174][T21193]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  529.992507][T21193]  ? rcu_is_watching+0x15/0xb0
[  529.997279][T21193]  ? trace_kmalloc+0x1f/0xd0
[  530.001874][T21193]  ? __kmalloc_node_noprof+0x247/0x440
[  530.007344][T21193]  ? kvmalloc_node_noprof+0x72/0x190
[  530.012647][T21193]  kvmalloc_node_noprof+0x142/0x190
[  530.017865][T21193]  ? translate_table+0x196/0x21f0
[  530.022905][T21193]  translate_table+0x196/0x21f0
[  530.027790][T21193]  ? __pfx___might_resched+0x10/0x10
[  530.033086][T21193]  ? __might_fault+0xaa/0x120
[  530.037787][T21193]  ? __pfx_translate_table+0x10/0x10
[  530.043087][T21193]  ? __might_fault+0xaa/0x120
[  530.047786][T21193]  ? __might_fault+0xc6/0x120
[  530.052475][T21193]  ? _copy_from_user+0xa6/0xe0
[  530.057239][T21193]  ? copy_from_sockptr_offset+0x6b/0xb0
[  530.062797][T21193]  do_arpt_set_ctl+0x101c/0x1650
[  530.067753][T21193]  ? __pfx_do_arpt_set_ctl+0x10/0x10
[  530.073053][T21193]  ? __pfx___might_resched+0x10/0x10
[  530.078344][T21193]  ? nf_setsockopt+0x240/0x2c0
[  530.083122][T21193]  ? __pfx_lock_release+0x10/0x10
[  530.088158][T21193]  ? __mutex_lock+0x2ef/0xd70
[  530.092862][T21193]  ? __mutex_unlock_slowpath+0x21d/0x750
[  530.098513][T21193]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  530.103894][T21193]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  530.109889][T21193]  ? __pfx_aa_sk_perm+0x10/0x10
[  530.114770][T21193]  ? module_put+0x13a/0x2d0
[  530.119289][T21193]  nf_setsockopt+0x295/0x2c0
[  530.123890][T21193]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  530.129809][T21193]  do_sock_setsockopt+0x3af/0x720
[  530.134842][T21193]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  530.140395][T21193]  ? __fget_files+0x29/0x470
[  530.145007][T21193]  ? __fget_files+0x3f6/0x470
[  530.149735][T21193]  __sys_setsockopt+0x1ae/0x250
[  530.154598][T21193]  __x64_sys_setsockopt+0xb5/0xd0
[  530.159628][T21193]  do_syscall_64+0xf3/0x230
[  530.164145][T21193]  ? clear_bhb_loop+0x35/0x90
[  530.168839][T21193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  530.174741][T21193] RIP: 0033:0x7f5a60775bd9
[  530.179158][T21193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  530.198766][T21193] RSP: 002b:00007f5a615b2048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  530.207181][T21193] RAX: ffffffffffffffda RBX: 00007f5a60903f60 RCX: 00007f5a60775bd9
[  530.215173][T21193] RDX: 0000000000000060 RSI: 0000000000000000 RDI: 0000000000000005
[  530.223148][T21193] RBP: 00007f5a607e4e60 R08: 0000000000000458 R09: 0000000000000000
[  530.231138][T21193] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000000
[  530.239105][T21193] R13: 000000000000000b R14: 00007f5a60903f60 R15: 00007ffc6fcbed28
[  530.247087][T21193]  </TASK>
[  530.265147][T21193] Mem-Info:
[  530.268308][T21193] active_anon:4421 inactive_anon:0 isolated_anon:0
[  530.268308][T21193]  active_file:1710 inactive_file:38360 isolated_file:0
[  530.268308][T21193]  unevictable:768 dirty:130 writeback:0
[  530.268308][T21193]  slab_reclaimable:12637 slab_unreclaimable:131302
[  530.268308][T21193]  mapped:15351 shmem:1254 pagetables:652
[  530.268308][T21193]  sec_pagetables:0 bounce:0
[  530.268308][T21193]  kernel_misc_reclaimable:0
[  530.268308][T21193]  free:1365295 free_pcp:703 free_cma:0
[  530.322577][T21193] Node 0 active_anon:17624kB inactive_anon:0kB active_file:6840kB inactive_file:153368kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:61420kB dirty:520kB writeback:0kB shmem:3480kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12816kB pagetables:2616kB sec_pagetables:0kB all_unreclaimable? no
[  530.359779][T21177] delete_channel: no stack
[  530.366388][T21193] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  530.404471][T21134] chnl_net:caif_netlink_parms(): no params data found
[  530.420137][T21192] Κό: entered promiscuous mode
[  530.425946][T21193] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  530.454470][T21183] veth0_vlan: left promiscuous mode
[  530.488536][T21193] lowmem_reserve[]: 0 2571 2571 0 0
[  530.493933][T21193] Node 0 DMA32 free:1496584kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:17584kB inactive_anon:0kB active_file:6840kB inactive_file:153048kB unevictable:1536kB writepending:516kB present:3129332kB managed:2659880kB mlocked:0kB bounce:0kB free_pcp:1208kB local_pcp:416kB free_cma:0kB
[  530.554219][T21193] lowmem_reserve[]: 0 0 0 0 0
[  530.562679][T21193] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:320kB unevictable:0kB writepending:4kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  530.598583][T21193] lowmem_reserve[]: 0 0 0 0 0
[  530.603375][T21193] Node 1 Normal free:3951700kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:4kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  530.608804][ T5096] Bluetooth: hci4: command tx timeout
[  530.648633][T21193] lowmem_reserve[]: 0 0 0 0 0
[  530.653552][T21193] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  530.666488][T21193] Node 0 DMA32: 202*4kB (UME) 74*8kB (UME) 131*16kB (UME) 369*32kB (UME) 123*64kB (UME) 45*128kB (UME) 10*256kB (UME) 11*512kB (UME) 4*1024kB (UME) 3*2048kB (UM) 354*4096kB (UM) = 1497352kB
[  530.686488][T21193] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  530.748753][T21193] Node 1 Normal: 3*4kB (UM) 3*8kB (UM) 15*16kB (UM) 20*32kB (UM) 11*64kB (U) 6*128kB (U) 7*256kB (UM) 4*512kB (UM) 3*1024kB (U) 3*2048kB (U) 961*4096kB (M) = 3951700kB
[  530.766709][T21193] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  530.777055][T21193] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  530.812568][T21193] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  530.822508][T21193] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  530.832074][T21193] 41324 total pagecache pages
[  530.836895][T21193] 0 pages in swap cache
[  530.841180][T21193] Free swap  = 124996kB
[  530.845422][T21193] Total swap = 124996kB
[  530.850479][T21193] 2097051 pages RAM
[  530.855178][T21193] 0 pages HighMem/MovableOnly
[  530.860025][T21193] 400871 pages reserved
[  530.864337][T21193] 0 pages cma reserved
[  530.925818][T21211] FAULT_INJECTION: forcing a failure.
[  530.925818][T21211] name failslab, interval 1, probability 0, space 0, times 0
[  530.939326][T21211] CPU: 1 PID: 21211 Comm: syz.2.5323 Not tainted 6.10.0-rc6-syzkaller-00167-g30f747b8d53b #0
[  530.949516][T21211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  530.959595][T21211] Call Trace:
[  530.962876][T21211]  <TASK>
[  530.965811][T21211]  dump_stack_lvl+0x241/0x360
[  530.970510][T21211]  ? __pfx_dump_stack_lvl+0x10/0x10
[  530.975743][T21211]  ? __pfx__printk+0x10/0x10
[  530.980385][T21211]  ? netlink_insert+0x10b7/0x14b0
[  530.985426][T21211]  should_fail_ex+0x3b0/0x4e0
[  530.990116][T21211]  ? __alloc_skb+0x1c3/0x440
[  530.994708][T21211]  should_failslab+0x9/0x20
[  530.999219][T21211]  kmem_cache_alloc_node_noprof+0x71/0x320
[  531.005052][T21211]  __alloc_skb+0x1c3/0x440
[  531.009492][T21211]  ? __pfx___alloc_skb+0x10/0x10
[  531.014454][T21211]  ? netlink_autobind+0xd6/0x2f0
[  531.019404][T21211]  ? netlink_autobind+0x2b0/0x2f0
[  531.024447][T21211]  netlink_sendmsg+0x631/0xcb0
[  531.029231][T21211]  ? __pfx_netlink_sendmsg+0x10/0x10
[  531.034550][T21211]  ? __import_iovec+0x536/0x820
[  531.039403][T21211]  ? aa_sock_msg_perm+0x91/0x160
[  531.044352][T21211]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  531.049640][T21211]  ? security_socket_sendmsg+0x87/0xb0
[  531.055111][T21211]  ? __pfx_netlink_sendmsg+0x10/0x10
[  531.060408][T21211]  __sock_sendmsg+0x221/0x270
[  531.065106][T21211]  ____sys_sendmsg+0x525/0x7d0
[  531.069900][T21211]  ? __pfx_____sys_sendmsg+0x10/0x10
[  531.075208][T21211]  __sys_sendmsg+0x2b0/0x3a0
[  531.079813][T21211]  ? __pfx___sys_sendmsg+0x10/0x10
[  531.084936][T21211]  ? vfs_write+0x7c4/0xc90
[  531.089402][T21211]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  531.095744][T21211]  ? do_syscall_64+0x100/0x230
[  531.100534][T21211]  ? do_syscall_64+0xb6/0x230
[  531.105228][T21211]  do_syscall_64+0xf3/0x230
[  531.109745][T21211]  ? clear_bhb_loop+0x35/0x90
[  531.114440][T21211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.120352][T21211] RIP: 0033:0x7f1371f75bd9
[  531.124777][T21211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  531.144390][T21211] RSP: 002b:00007f1372c71048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  531.152817][T21211] RAX: ffffffffffffffda RBX: 00007f1372103f60 RCX: 00007f1371f75bd9
[  531.160794][T21211] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  531.168774][T21211] RBP: 00007f1372c710a0 R08: 0000000000000000 R09: 0000000000000000
[  531.176753][T21211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  531.184742][T21211] R13: 000000000000000b R14: 00007f1372103f60 R15: 00007fffca4d9178
[  531.192737][T21211]  </TASK>
[  531.335057][ T3862] hsr_slave_0: left promiscuous mode
[  531.347431][ T3862] hsr_slave_1: left promiscuous mode
[  531.367949][ T3862] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  531.376971][ T3862] batman_adv: batadv0: Removing interface: batadv_slave_0
[  531.389287][ T3862] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  531.397355][ T3862] batman_adv: batadv0: Removing interface: batadv_slave_1
[  531.426959][T21220] nbd: must specify a device to reconfigure
[  531.441362][ T3862] veth1_macvtap: left promiscuous mode
[  531.447004][ T3862] veth0_macvtap: left promiscuous mode
[  531.453013][ T3862] veth1_vlan: left promiscuous mode
[  531.458440][ T3862] veth0_vlan: left promiscuous mode
[  531.970908][ T3862] team0 (unregistering): Port device team_slave_1 removed
[  532.014437][ T3862] team0 (unregistering): Port device team_slave_0 removed
[  532.414030][T21134] bridge0: port 1(bridge_slave_0) entered blocking state
[  532.421866][T21134] bridge0: port 1(bridge_slave_0) entered disabled state
[  532.447251][T21134] bridge_slave_0: entered allmulticast mode
[  532.455228][T21134] bridge_slave_0: entered promiscuous mode
[  532.462778][T21218] bridge0: port 3(veth0) entered blocking state
[  532.470341][T21218] bridge0: port 3(veth0) entered disabled state
[  532.476715][T21218] veth0: entered allmulticast mode
[  532.483510][T21218] veth0: entered promiscuous mode
[  532.499950][T21220] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5326'.
[  532.520949][T21134] bridge0: port 2(bridge_slave_1) entered blocking state
[  532.528092][T21134] bridge0: port 2(bridge_slave_1) entered disabled state
[  532.540437][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  532.584455][T21134] bridge_slave_1: entered allmulticast mode
[  532.611281][T21134] bridge_slave_1: entered promiscuous mode
[  532.691788][ T5096] Bluetooth: hci4: command tx timeout
[  532.778609][T21227] netlink: 72 bytes leftover after parsing attributes in process `syz.2.5329'.
[  532.800948][T21134] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  532.826934][T21134] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  532.984181][T21134] team0: Port device team_slave_0 added
[  533.020063][T21134] team0: Port device team_slave_1 added
[  533.134372][T21134] batman_adv: batadv0: Adding interface: batadv_slave_0
[  533.146927][T21134] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  533.173583][T21254] netlink: 172 bytes leftover after parsing attributes in process `syz.0.5340'.
[  533.188855][T21134] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  533.206656][T21134] batman_adv: batadv0: Adding interface: batadv_slave_1
[  533.214030][T21134] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  533.240542][T21134] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  533.350765][T21134] hsr_slave_0: entered promiscuous mode
[  533.367929][T21134] hsr_slave_1: entered promiscuous mode
[  533.395488][T21271] lo speed is unknown, defaulting to 1000
[  533.441844][T21271] lo speed is unknown, defaulting to 1000
[  533.495187][T21271] lo speed is unknown, defaulting to 1000
[  533.568723][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  533.600188][T21278] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5348'.
[  533.666575][T21278] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.5348'.
[  533.971550][T21283] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5349'.
[  534.003334][  T784] lo speed is unknown, defaulting to 1000
[  534.009694][T21271] infiniband syz0: set active
[  534.014912][T21271] infiniband syz0: added lo
[  534.019454][T21283] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.5349'.
[  534.134800][T21271] RDS/IB: syz0: added
[  534.140543][T21271] smc: adding ib device syz0 with port count 1
[  534.147141][T21271] smc:    ib device syz0 port 1 has pnetid 
[  534.159987][T10818] lo speed is unknown, defaulting to 1000
[  534.178179][T21271] lo speed is unknown, defaulting to 1000
[  534.309053][T21134] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  534.321287][T21134] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  534.344743][T21134] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  534.370645][T21289] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5351'.
[  534.388197][T21134] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  534.503642][T21291] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5352'.
[  534.608630][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  534.651009][T21271] lo speed is unknown, defaulting to 1000
[  534.667934][T21134] 8021q: adding VLAN 0 to HW filter on device bond0
[  534.716800][T21134] 8021q: adding VLAN 0 to HW filter on device team0
[  534.754458][ T5222] bridge0: port 1(bridge_slave_0) entered blocking state
[  534.761691][ T5222] bridge0: port 1(bridge_slave_0) entered forwarding state
[  534.770049][ T5096] Bluetooth: hci4: command tx timeout
[  534.782192][T21298] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5355'.
[  534.802416][ T5222] bridge0: port 2(bridge_slave_1) entered blocking state
[  534.809758][ T5222] bridge0: port 2(bridge_slave_1) entered forwarding state
[  534.817672][T21298] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5355'.
[  534.840108][T21298] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5355'.
[  535.133059][T21271] lo speed is unknown, defaulting to 1000
[  535.170553][T21312] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5359'.
[  535.317452][T21134] 8021q: adding VLAN 0 to HW filter on device batadv0
[  535.563060][T21271] lo speed is unknown, defaulting to 1000
[  535.821309][T21134] veth0_vlan: entered promiscuous mode
[  535.845101][T21134] veth1_vlan: entered promiscuous mode
[  535.861536][T21271] lo speed is unknown, defaulting to 1000
[  535.922409][T21134] veth0_macvtap: entered promiscuous mode
[  535.962927][T21134] veth1_macvtap: entered promiscuous mode
[  536.017316][T21134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  536.042219][T21134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.071442][T21134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  536.087920][T21134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.109046][T21134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  536.127150][T21134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.140785][T21134] batman_adv: batadv0: Interface activated: batadv_slave_0
[  536.184238][T21134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  536.205047][T21134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.229129][T21134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  536.247360][T21134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.271006][T21134] batman_adv: batadv0: Interface activated: batadv_slave_1
[  536.300966][T21134] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  536.310857][T21134] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  536.320888][T21134] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  536.334846][T21134] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  536.349416][T21338] syzkaller1: entered promiscuous mode
[  536.354918][T21338] syzkaller1: entered allmulticast mode
[  536.645942][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  536.668199][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  536.747319][ T2860] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  536.776334][ T2860] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  536.849494][ T5096] Bluetooth: hci4: command tx timeout
[  537.155901][T21376] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  537.287419][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802cb55800: rx timeout, send abort
[  537.289124][T21384] syzkaller1: entered promiscuous mode
[  537.298768][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88802cb55800: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[  537.312304][T21384] syzkaller1: entered allmulticast mode
[  537.736377][T21412] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  538.453290][T21453] netlink: 'syz.2.5406': attribute type 1 has an invalid length.
[  538.461633][T21453] netlink: 'syz.2.5406': attribute type 1 has an invalid length.
[  538.550000][T21460] SET target dimension over the limit!
[  538.557422][T21460] sch_fq: defrate 0 ignored.
[  538.768964][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  538.845261][T21475] __nla_validate_parse: 7 callbacks suppressed
[  538.845284][T21475] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5416'.
[  539.115325][T21493] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  539.334038][T21500] netlink: 'syz.3.5423': attribute type 3 has an invalid length.
[  539.348611][T21500] netlink: 'syz.3.5423': attribute type 4 has an invalid length.
[  539.358074][T21508] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5427'.
[  539.383553][T21500] netlink: 'syz.3.5423': attribute type 7 has an invalid length.
[  539.429223][T21500] netlink: 'syz.3.5423': attribute type 8 has an invalid length.
[  539.445909][T21500] netlink: 'syz.3.5423': attribute type 7 has an invalid length.
[  539.472661][T21500] netlink: 198200 bytes leftover after parsing attributes in process `syz.3.5423'.
[  539.556550][ T6712] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  539.616826][T21513] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5428'.
[  539.742082][T21514] bridge0: port 4(macvlan2) entered blocking state
[  539.773947][T21514] bridge0: port 4(macvlan2) entered disabled state
[  539.781193][T21514] macvlan2: entered allmulticast mode
[  539.788644][T21514] macvlan2: entered promiscuous mode
[  539.807593][T21516] macvlan2 (unregistering): left allmulticast mode
[  539.808663][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  539.815191][T21516] macvlan2 (unregistering): left promiscuous mode
[  539.829410][T21516] bridge0: port 4(macvlan2) entered disabled state
[  540.178260][ T6712] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  540.235008][ T6712] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  540.294213][ T6712] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  540.389560][ T6712] bridge_slave_1: left allmulticast mode
[  540.395324][ T6712] bridge_slave_1: left promiscuous mode
[  540.401089][ T6712] bridge0: port 2(bridge_slave_1) entered disabled state
[  540.410934][ T6712] bridge_slave_0: left allmulticast mode
[  540.416603][ T6712] bridge_slave_0: left promiscuous mode
[  540.422537][ T6712] bridge0: port 1(bridge_slave_0) entered disabled state
[  540.776738][ T6712] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  540.789730][ T6712] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  540.805586][ T6712] bond0 (unregistering): Released all slaves
[  541.133463][ T6712] hsr_slave_0: left promiscuous mode
[  541.145025][ T6712] hsr_slave_1: left promiscuous mode
[  541.151068][ T6712] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  541.158670][ T6712] batman_adv: batadv0: Removing interface: batadv_slave_0
[  541.180508][ T6712] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  541.188015][ T6712] batman_adv: batadv0: Removing interface: batadv_slave_1
[  541.318672][ T6712] veth1_macvtap: left promiscuous mode
[  541.333413][ T6712] veth0_macvtap: left promiscuous mode
[  541.347589][ T6712] veth1_vlan: left promiscuous mode
[  541.355489][ T6712] veth0_vlan: left promiscuous mode
[  541.629073][ T5107] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  541.642660][ T5107] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  541.653116][ T5107] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  541.661827][ T5107] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  541.670153][ T5107] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  541.681684][ T5107] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  542.018672][ T6712] team0 (unregistering): Port device team_slave_1 removed
[  542.061421][ T6712] team0 (unregistering): Port device team_slave_0 removed
[  542.486882][T21531] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5431'.
[  542.574605][T21544] lo speed is unknown, defaulting to 1000
[  542.758074][T21563] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5438'.
[  542.877299][T21568] xt_NFQUEUE: number of total queues is 0
[  543.285265][T21586] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5447'.
[  543.386584][T21586] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.5447'.
[  543.504711][T21599] syzkaller1: entered promiscuous mode
[  543.510518][T21599] syzkaller1: entered allmulticast mode
[  543.627928][T21544] chnl_net:caif_netlink_parms(): no params data found
[  543.664689][T21606] netlink: 'syz.3.5453': attribute type 30 has an invalid length.
[  543.698123][T21605] netlink: 'syz.1.5452': attribute type 7 has an invalid length.
[  543.728585][ T5096] Bluetooth: hci4: command tx timeout
[  543.735928][T21605] netlink: 'syz.1.5452': attribute type 39 has an invalid length.
[  543.747499][T21610] FAULT_INJECTION: forcing a failure.
[  543.747499][T21610] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  543.762232][T21610] CPU: 0 PID: 21610 Comm: syz.0.5455 Not tainted 6.10.0-rc6-syzkaller-00167-g30f747b8d53b #0
[  543.772439][T21610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  543.782524][T21610] Call Trace:
[  543.785829][T21610]  <TASK>
[  543.788779][T21610]  dump_stack_lvl+0x241/0x360
[  543.793480][T21610]  ? __pfx_dump_stack_lvl+0x10/0x10
[  543.798700][T21610]  ? __pfx__printk+0x10/0x10
[  543.803304][T21610]  ? __pfx_lock_release+0x10/0x10
[  543.808333][T21610]  should_fail_ex+0x3b0/0x4e0
[  543.813035][T21610]  _copy_from_user+0x2f/0xe0
[  543.817632][T21610]  get_timespec64+0x97/0x280
[  543.822235][T21610]  ? __pfx_get_timespec64+0x10/0x10
[  543.827440][T21610]  ? __fget_files+0x3f6/0x470
[  543.832133][T21610]  __se_sys_pselect6+0x124/0x3f0
[  543.837087][T21610]  ? __pfx___se_sys_pselect6+0x10/0x10
[  543.842554][T21610]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  543.848889][T21610]  ? do_syscall_64+0x100/0x230
[  543.853667][T21610]  ? __x64_sys_pselect6+0x21/0xf0
[  543.858709][T21610]  do_syscall_64+0xf3/0x230
[  543.863227][T21610]  ? clear_bhb_loop+0x35/0x90
[  543.867930][T21610]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.873834][T21610] RIP: 0033:0x7f4a55175bd9
[  543.878250][T21610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  543.897857][T21610] RSP: 002b:00007f4a55fa3048 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  543.906277][T21610] RAX: ffffffffffffffda RBX: 00007f4a55303f60 RCX: 00007f4a55175bd9
[  543.914249][T21610] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000040
[  543.922225][T21610] RBP: 00007f4a55fa30a0 R08: 0000000020000040 R09: 0000000000000000
[  543.930201][T21610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  543.938177][T21610] R13: 000000000000000b R14: 00007f4a55303f60 R15: 00007ffed4203878
[  543.946169][T21610]  </TASK>
[  544.219429][T21544] bridge0: port 1(bridge_slave_0) entered blocking state
[  544.239291][T21544] bridge0: port 1(bridge_slave_0) entered disabled state
[  544.246571][T21544] bridge_slave_0: entered allmulticast mode
[  544.264068][T21544] bridge_slave_0: entered promiscuous mode
[  544.322107][T21544] bridge0: port 2(bridge_slave_1) entered blocking state
[  544.354392][T21544] bridge0: port 2(bridge_slave_1) entered disabled state
[  544.378059][T21544] bridge_slave_1: entered allmulticast mode
[  544.391531][T21544] bridge_slave_1: entered promiscuous mode
[  544.494196][T21544] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  544.537507][T21544] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  544.552202][T21643] syzkaller1: entered promiscuous mode
[  544.557818][T21643] syzkaller1: entered allmulticast mode
[  544.645283][T21544] team0: Port device team_slave_0 added
[  544.681368][T21544] team0: Port device team_slave_1 added
[  544.730862][T21655] FAULT_INJECTION: forcing a failure.
[  544.730862][T21655] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  544.744463][T21655] CPU: 0 PID: 21655 Comm: syz.0.5468 Not tainted 6.10.0-rc6-syzkaller-00167-g30f747b8d53b #0
[  544.754652][T21655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  544.764731][T21655] Call Trace:
[  544.768037][T21655]  <TASK>
[  544.771012][T21655]  dump_stack_lvl+0x241/0x360
[  544.775725][T21655]  ? __pfx_dump_stack_lvl+0x10/0x10
[  544.780942][T21655]  ? __pfx__printk+0x10/0x10
[  544.785561][T21655]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  544.791546][T21655]  should_fail_ex+0x3b0/0x4e0
[  544.796228][T21655]  prepare_alloc_pages+0x1da/0x5d0
[  544.801352][T21655]  __alloc_pages_noprof+0x166/0x6c0
[  544.806566][T21655]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  544.812313][T21655]  alloc_pages_mpol_noprof+0x3e8/0x680
[  544.817784][T21655]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  544.823769][T21655]  ? xas_load+0x59b/0x5c0
[  544.828128][T21655]  ? mpol_shared_policy_lookup+0x148/0x1f0
[  544.833960][T21655]  shmem_alloc_and_add_folio+0x24d/0xdb0
[  544.839637][T21655]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  544.845809][T21655]  ? __pfx___up_read+0x10/0x10
[  544.850599][T21655]  shmem_get_folio_gfp+0x82d/0x1f50
[  544.855806][T21655]  ? irqentry_exit+0x63/0x90
[  544.860412][T21655]  ? exc_page_fault+0x590/0x8c0
[  544.865287][T21655]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  544.870931][T21655]  ? fault_in_readable+0x165/0x2b0
[  544.876058][T21655]  ? fault_in_readable+0x1a6/0x2b0
[  544.881206][T21655]  shmem_write_begin+0x170/0x4d0
[  544.886159][T21655]  ? __pfx_shmem_write_begin+0x10/0x10
[  544.891676][T21655]  ? fault_in_iov_iter_readable+0x229/0x280
[  544.897584][T21655]  generic_perform_write+0x322/0x640
[  544.902887][T21655]  ? __pfx_generic_perform_write+0x10/0x10
[  544.908700][T21655]  ? __pfx_generic_write_checks+0x10/0x10
[  544.914429][T21655]  ? rcu_read_lock_any_held+0xb7/0x160
[  544.919903][T21655]  ? file_update_time+0x2a3/0x3e0
[  544.924939][T21655]  shmem_file_write_iter+0xfc/0x120
[  544.930624][T21655]  vfs_write+0xa72/0xc90
[  544.934881][T21655]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  544.940719][T21655]  ? __pfx_vfs_write+0x10/0x10
[  544.945515][T21655]  ksys_write+0x1a0/0x2c0
[  544.949863][T21655]  ? __pfx_ksys_write+0x10/0x10
[  544.954722][T21655]  ? do_syscall_64+0x100/0x230
[  544.959497][T21655]  ? do_syscall_64+0xb6/0x230
[  544.964184][T21655]  do_syscall_64+0xf3/0x230
[  544.968715][T21655]  ? clear_bhb_loop+0x35/0x90
[  544.973419][T21655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.979320][T21655] RIP: 0033:0x7f4a55175bd9
[  544.983744][T21655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  545.003356][T21655] RSP: 002b:00007f4a55fa3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  545.011776][T21655] RAX: ffffffffffffffda RBX: 00007f4a55303f60 RCX: 00007f4a55175bd9
[  545.019751][T21655] RDX: 0000000000040010 RSI: 0000000020000180 RDI: 0000000000000007
[  545.027733][T21655] RBP: 00007f4a55fa30a0 R08: 0000000000000000 R09: 0000000000000000
[  545.035708][T21655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  545.043683][T21655] R13: 000000000000000b R14: 00007f4a55303f60 R15: 00007ffed4203878
[  545.051691][T21655]  </TASK>
[  545.139368][T21544] batman_adv: batadv0: Adding interface: batadv_slave_0
[  545.146366][T21544] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  545.193221][T21544] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  545.240668][T21544] batman_adv: batadv0: Adding interface: batadv_slave_1
[  545.263485][T21544] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  545.335465][T21544] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  545.429701][T21544] hsr_slave_0: entered promiscuous mode
[  545.446038][T21544] hsr_slave_1: entered promiscuous mode
[  545.481808][T21679] netlink: 'syz.2.5473': attribute type 1 has an invalid length.
[  545.498209][T21679] netlink: 112860 bytes leftover after parsing attributes in process `syz.2.5473'.
[  545.508877][T21679] netlink: 'syz.2.5473': attribute type 1 has an invalid length.
[  545.616082][T21682] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5479'.
[  545.633757][T21682] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.5479'.
[  545.808674][ T5096] Bluetooth: hci4: command tx timeout
[  546.080972][T21688] syzkaller1: entered promiscuous mode
[  546.086500][T21688] syzkaller1: entered allmulticast mode
[  546.112480][T21688] netlink: 'syz.1.5482': attribute type 1 has an invalid length.
[  546.190547][ T5107] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  546.201307][ T5107] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  546.209402][ T5107] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  546.218783][ T5107] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  546.228066][ T5107] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  546.235840][ T5107] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  546.379071][T21697] netlink: 9412 bytes leftover after parsing attributes in process `syz.0.5484'.
[  546.401262][ T6712] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  546.412244][ T6712] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  546.423818][ T6712] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  546.488167][T21690] lo speed is unknown, defaulting to 1000
[  546.562174][ T6712] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  546.598461][ T6712] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  546.627611][ T6712] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  546.679774][T21701] xt_TCPMSS: Only works on TCP SYN packets
[  546.743433][T21711] xt_CT: You must specify a L4 protocol and not use inversions on it
[  546.783064][ T6712] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  546.814032][ T6712] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  546.848610][ T6712] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  546.890749][T21717] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5488'.
[  546.909229][T21711] IPVS: Error joining to the multicast group
[  546.998982][ T6712] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  547.025081][ T6712] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  547.038048][ T6712] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  547.073465][T21544] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  547.087764][T21544] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  547.113493][T21544] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  547.123418][T21544] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  547.269888][ T6712] bridge_slave_1: left allmulticast mode
[  547.276303][ T6712] bridge_slave_1: left promiscuous mode
[  547.282816][ T6712] bridge0: port 2(bridge_slave_1) entered disabled state
[  547.293838][ T6712] bridge_slave_0: left allmulticast mode
[  547.300016][ T6712] bridge_slave_0: left promiscuous mode
[  547.305924][ T6712] bridge0: port 1(bridge_slave_0) entered disabled state
[  547.566900][ T6712] bond1 (unregistering): (slave gre1): Releasing backup interface
[  547.889913][ T5107] Bluetooth: hci4: command tx timeout
[  548.146682][ T6712] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  548.173861][ T6712] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  548.196135][ T6712] bond0 (unregistering): Released all slaves
[  548.226508][ T6712] bond1 (unregistering): Released all slaves
[  548.260525][ T6712] bond2 (unregistering): Released all slaves
[  548.298628][ T5107] Bluetooth: hci2: command tx timeout
[  548.313169][ T6712] bond3 (unregistering): Released all slaves
[  548.341588][ T6712] bond4 (unregistering): Released all slaves
[  548.358238][ T6712] bond5 (unregistering): Released all slaves
[  548.376292][ T6712] bond6 (unregistering): Released all slaves
[  548.397759][ T6712] bond7 (unregistering): Released all slaves
[  548.423655][ T6712] bond8 (unregistering): Released all slaves
[  548.449278][ T6712] bond9 (unregistering): Released all slaves
[  548.485026][ T6712] bond10 (unregistering): Released all slaves
[  548.500890][ T6712] bond11 (unregistering): Released all slaves
[  548.519160][ T6712] bond12 (unregistering): Released all slaves
[  548.536577][ T6712] bond13 (unregistering): Released all slaves
[  548.608561][T21736] netlink: 'syz.0.5494': attribute type 1 has an invalid length.
[  548.689528][T21733] syzkaller1: entered promiscuous mode
[  548.702644][T21733] syzkaller1: entered allmulticast mode
[  548.829084][ T6712] tipc: Disabling bearer <udp:syz0>
[  548.847068][ T6712] tipc: Left network mode
[  548.858843][T21749] netlink: 'syz.2.5499': attribute type 13 has an invalid length.
[  548.874481][T21749] macvtap0: refused to change device tx_queue_len
[  548.962594][T21752] netlink: 'syz.0.5500': attribute type 1 has an invalid length.
[  548.990579][T21752] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.5500'.
[  549.044312][T21757] netlink: 68 bytes leftover after parsing attributes in process `syz.2.5501'.
[  549.052711][T21544] 8021q: adding VLAN 0 to HW filter on device bond0
[  549.070740][T21690] chnl_net:caif_netlink_parms(): no params data found
[  549.313343][T21767] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5504'.
[  549.341866][T21544] 8021q: adding VLAN 0 to HW filter on device team0
[  549.441236][ T5178] bridge0: port 1(bridge_slave_0) entered blocking state
[  549.448480][ T5178] bridge0: port 1(bridge_slave_0) entered forwarding state
[  549.475980][T21783] syzkaller1: entered promiscuous mode
[  549.492951][T21783] syzkaller1: entered allmulticast mode
[  549.516875][T21789] FAULT_INJECTION: forcing a failure.
[  549.516875][T21789] name failslab, interval 1, probability 0, space 0, times 0
[  549.559731][T21789] CPU: 1 PID: 21789 Comm: syz.2.5510 Not tainted 6.10.0-rc6-syzkaller-00167-g30f747b8d53b #0
[  549.569930][T21789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  549.579994][T21789] Call Trace:
[  549.583282][T21789]  <TASK>
[  549.586220][T21789]  dump_stack_lvl+0x241/0x360
[  549.590926][T21789]  ? __pfx_dump_stack_lvl+0x10/0x10
[  549.596158][T21789]  ? __pfx__printk+0x10/0x10
[  549.600820][T21789]  should_fail_ex+0x3b0/0x4e0
[  549.605542][T21789]  ? sctp_add_bind_addr+0x89/0x3a0
[  549.610690][T21789]  should_failslab+0x9/0x20
[  549.615227][T21789]  kmalloc_trace_noprof+0x6c/0x2c0
[  549.620374][T21789]  sctp_add_bind_addr+0x89/0x3a0
[  549.625337][T21789]  sctp_copy_local_addr_list+0x311/0x500
[  549.630991][T21789]  ? sctp_copy_local_addr_list+0xab/0x500
[  549.636723][T21789]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  549.642890][T21789]  ? sctp_v4_is_any+0x35/0x60
[  549.647587][T21789]  sctp_bind_addr_copy+0xad/0x3b0
[  549.652641][T21789]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  549.658982][T21789]  sctp_connect_new_asoc+0x2f3/0x6c0
[  549.664284][T21789]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  549.670107][T21789]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  549.675940][T21789]  ? sctp_endpoint_lookup_assoc+0x217/0x250
[  549.681866][T21789]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  549.687726][T21789]  __sctp_connect+0x66d/0xe30
[  549.692425][T21789]  ? __pfx___sctp_connect+0x10/0x10
[  549.697642][T21789]  ? __might_fault+0xc6/0x120
[  549.702354][T21789]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  549.707911][T21789]  ? security_sctp_bind_connect+0x90/0xb0
[  549.713654][T21789]  sctp_getsockopt_connectx3+0x46f/0x730
[  549.719300][T21789]  ? __local_bh_enable_ip+0x168/0x200
[  549.724677][T21789]  ? __pfx_sctp_getsockopt_connectx3+0x10/0x10
[  549.730841][T21789]  ? __local_bh_enable_ip+0x168/0x200
[  549.736225][T21789]  ? sctp_getsockopt+0x13a/0xbb0
[  549.741166][T21789]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  549.746902][T21789]  sctp_getsockopt+0x8de/0xbb0
[  549.751674][T21789]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  549.757585][T21789]  do_sock_getsockopt+0x373/0x850
[  549.762630][T21789]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  549.768192][T21789]  ? __fget_files+0x3f6/0x470
[  549.772890][T21789]  __sys_getsockopt+0x271/0x330
[  549.777749][T21789]  ? __pfx___sys_getsockopt+0x10/0x10
[  549.783127][T21789]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  549.789463][T21789]  ? do_syscall_64+0x100/0x230
[  549.794246][T21789]  __x64_sys_getsockopt+0xb5/0xd0
[  549.799285][T21789]  do_syscall_64+0xf3/0x230
[  549.803802][T21789]  ? clear_bhb_loop+0x35/0x90
[  549.808503][T21789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  549.814427][T21789] RIP: 0033:0x7f1371f75bd9
[  549.818850][T21789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  549.838469][T21789] RSP: 002b:00007f13719ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  549.846896][T21789] RAX: ffffffffffffffda RBX: 00007f1372104038 RCX: 00007f1371f75bd9
[  549.854878][T21789] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003
[  549.862857][T21789] RBP: 00007f13719ff0a0 R08: 0000000020000100 R09: 0000000000000000
[  549.870832][T21789] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000002
[  549.878808][T21789] R13: 000000000000006e R14: 00007f1372104038 R15: 00007fffca4d9178
[  549.886806][T21789]  </TASK>
[  549.930428][T21690] bridge0: port 1(bridge_slave_0) entered blocking state
[  549.937688][T21690] bridge0: port 1(bridge_slave_0) entered disabled state
[  549.945169][T21690] bridge_slave_0: entered allmulticast mode
[  549.954142][T21690] bridge_slave_0: entered promiscuous mode
[  549.968762][ T5107] Bluetooth: hci4: command tx timeout
[  549.977463][ T1167] bridge0: port 2(bridge_slave_1) entered blocking state
[  549.984693][ T1167] bridge0: port 2(bridge_slave_1) entered forwarding state
[  550.020833][T21783] netlink: 'syz.0.5509': attribute type 1 has an invalid length.
[  550.066117][T21690] bridge0: port 2(bridge_slave_1) entered blocking state
[  550.078596][T21690] bridge0: port 2(bridge_slave_1) entered disabled state
[  550.098664][T21690] bridge_slave_1: entered allmulticast mode
[  550.111638][T21690] bridge_slave_1: entered promiscuous mode
[  550.293070][T21690] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  550.370590][ T5107] Bluetooth: hci2: command tx timeout
[  550.394714][T21690] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  550.484251][T21813] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5516'.
[  550.504797][T21808] virt_wifi0: mtu less than device minimum
[  550.573964][T21690] team0: Port device team_slave_0 added
[  550.591529][T21690] team0: Port device team_slave_1 added
[  550.645756][T21813] netlink: 84 bytes leftover after parsing attributes in process `syz.2.5516'.
[  550.690282][T21816] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  550.785531][T21690] batman_adv: batadv0: Adding interface: batadv_slave_0
[  550.793422][T21690] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  550.865638][T21690] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  550.895282][T21690] batman_adv: batadv0: Adding interface: batadv_slave_1
[  550.906137][T21690] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  550.947216][T21690] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  551.163620][T21690] hsr_slave_0: entered promiscuous mode
[  551.180142][T21690] hsr_slave_1: entered promiscuous mode
[  551.187889][T21690] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  551.207371][T21690] Cannot create hsr debugfs directory
[  551.498997][T21860] netlink: 'syz.2.5531': attribute type 1 has an invalid length.
[  551.506812][T21860] netlink: 'syz.2.5531': attribute type 2 has an invalid length.
[  551.578173][T21544] 8021q: adding VLAN 0 to HW filter on device batadv0
[  551.728548][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  552.448529][ T5107] Bluetooth: hci2: command tx timeout
[  552.486787][T21544] veth0_vlan: entered promiscuous mode
[  552.586328][T21544] veth1_vlan: entered promiscuous mode
[  552.768709][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  552.867754][T21922] lo speed is unknown, defaulting to 1000
[  552.917585][T21544] veth0_macvtap: entered promiscuous mode
[  552.938247][T21690] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  552.974640][T21690] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  553.076457][T21544] veth1_macvtap: entered promiscuous mode
[  553.120249][T21690] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  553.140646][T21940] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  553.243692][T21690] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  553.470237][T21544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  553.518487][T21544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  553.532569][T21544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  553.544620][T21544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  553.554828][T21544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  553.581478][T21948] xt_ipcomp: unknown flags 12
[  553.588479][T21544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  553.611754][T21544] batman_adv: batadv0: Interface activated: batadv_slave_0
[  553.783662][T21544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  553.817672][T21544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  553.846378][T21544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  553.849419][T21961] netlink: 60 bytes leftover after parsing attributes in process `syz.2.5561'.
[  553.866682][T21544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  553.879920][T21544] batman_adv: batadv0: Interface activated: batadv_slave_1
[  553.938580][T21961] openvswitch: Κό: Dropping previously announced user features
[  553.945929][T21960] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5560'.
[  554.042431][T21544] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  554.077646][T21544] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  554.106377][T21544] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  554.128903][T21544] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  554.194071][ T6712] hsr_slave_0: left promiscuous mode
[  554.202093][ T6712] hsr_slave_1: left promiscuous mode
[  554.208091][ T6712] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  554.215804][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  554.226079][ T6712] batman_adv: batadv0: Removing interface: batadv_slave_0
[  554.235320][ T6712] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  554.246583][ T6712] batman_adv: batadv0: Removing interface: batadv_slave_1
[  554.267975][ T6712] batman_adv: batadv0: Removing interface: ipvlan2
[  554.287359][T21968] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.5562'.
[  554.308593][T21968] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  554.332517][ T6712] veth1_macvtap: left promiscuous mode
[  554.338085][ T6712] veth0_macvtap: left allmulticast mode
[  554.343858][ T6712] veth0_macvtap: left promiscuous mode
[  554.349546][ T6712] veth1_vlan: left promiscuous mode
[  554.531670][ T5107] Bluetooth: hci2: command tx timeout
[  554.897864][ T6712] team0 (unregistering): Port device team_slave_1 removed
[  554.946516][ T6712] team0 (unregistering): Port device team_slave_0 removed
[  555.248639][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  555.610717][T21690] 8021q: adding VLAN 0 to HW filter on device bond0
[  555.805682][T21690] 8021q: adding VLAN 0 to HW filter on device team0
[  555.825232][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  555.846820][  T784] bridge0: port 1(bridge_slave_0) entered blocking state
[  555.854014][  T784] bridge0: port 1(bridge_slave_0) entered forwarding state
[  555.868722][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  556.020097][T10818] bridge0: port 2(bridge_slave_1) entered blocking state
[  556.027288][T10818] bridge0: port 2(bridge_slave_1) entered forwarding state
[  556.109485][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  556.117446][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  556.187352][T21690] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  556.229843][T21690] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  556.289562][T21994] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5571'.
[  556.602608][T22006] netlink: 92 bytes leftover after parsing attributes in process `syz.1.5574'.
[  556.626727][T22008] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5575'.
[  556.672288][T22008] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.5575'.
[  556.681653][T21690] 8021q: adding VLAN 0 to HW filter on device batadv0
[  556.920843][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  557.019880][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  557.057414][T21690] veth0_vlan: entered promiscuous mode
[  557.087175][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  557.111722][T21690] veth1_vlan: entered promiscuous mode
[  557.156590][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  557.175757][T21690] veth0_macvtap: entered promiscuous mode
[  557.186733][T21690] veth1_macvtap: entered promiscuous mode
[  557.208070][T21690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  557.220170][T21690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  557.230178][T21690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  557.241240][T21690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  557.251133][T21690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  557.261629][T21690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  557.273468][T21690] batman_adv: batadv0: Interface activated: batadv_slave_0
[  557.293812][T21690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  557.306391][T21690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  557.319620][T21690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  557.330886][T21690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  557.343218][T21690] batman_adv: batadv0: Interface activated: batadv_slave_1
[  557.381629][T21690] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  557.390799][T21690] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  557.399661][T21690] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  557.409282][T21690] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  557.440416][   T12] bridge_slave_1: left allmulticast mode
[  557.446102][   T12] bridge_slave_1: left promiscuous mode
[  557.451944][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  557.464648][   T12] bridge_slave_0: left allmulticast mode
[  557.471136][   T12] bridge_slave_0: left promiscuous mode
[  557.476819][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  557.805972][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  557.817968][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  557.831944][   T12] bond0 (unregistering): Released all slaves
[  557.965229][ T3862] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  557.979772][ T3862] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  558.063445][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  558.075574][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  558.316621][   T12] hsr_slave_0: left promiscuous mode
[  558.323952][   T12] hsr_slave_1: left promiscuous mode
[  558.350868][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  558.358805][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  558.366681][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  558.375054][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  558.399012][   T12] veth1_macvtap: left promiscuous mode
[  558.405180][   T12] veth0_macvtap: left promiscuous mode
[  558.410869][   T12] veth1_vlan: left promiscuous mode
[  558.416161][   T12] veth0_vlan: left promiscuous mode
[  558.527276][T22026] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  558.950184][ T5096] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  558.960092][ T5096] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  558.968943][ T5096] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  558.982337][ T5096] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  558.994931][ T5096] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  559.002461][ T5096] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  559.300068][   T12] team0 (unregistering): Port device team_slave_1 removed
[  559.343439][   T12] team0 (unregistering): Port device team_slave_0 removed
[  559.809377][T22034] ip6gretap0: entered promiscuous mode
[  559.815655][T22034] macsec1: entered promiscuous mode
[  559.824861][T22034] macsec1: entered allmulticast mode
[  559.833345][T22034] ip6gretap0: entered allmulticast mode
[  559.852423][T22034] ip6gretap0: left allmulticast mode
[  559.858248][T22034] ip6gretap0: left promiscuous mode
[  559.942749][T22050] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5584'.
[  560.050306][T22040] lo speed is unknown, defaulting to 1000
[  560.210165][T22062] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  560.333387][T22066] syz.2.5589[22066] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  560.333581][T22066] syz.2.5589[22066] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  560.546519][T22076] netlink: 136 bytes leftover after parsing attributes in process `syz.3.5592'.
[  560.549298][T22077] FAULT_INJECTION: forcing a failure.
[  560.549298][T22077] name failslab, interval 1, probability 0, space 0, times 0
[  560.606011][T22074] lo speed is unknown, defaulting to 1000
[  560.638575][T22077] CPU: 1 PID: 22077 Comm: syz.2.5590 Not tainted 6.10.0-rc6-syzkaller-00167-g30f747b8d53b #0
[  560.648827][T22077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  560.658917][T22077] Call Trace:
[  560.662225][T22077]  <TASK>
[  560.665184][T22077]  dump_stack_lvl+0x241/0x360
[  560.669917][T22077]  ? __pfx_dump_stack_lvl+0x10/0x10
[  560.675161][T22077]  ? __pfx__printk+0x10/0x10
[  560.679816][T22077]  should_fail_ex+0x3b0/0x4e0
[  560.684544][T22077]  ? sctp_add_bind_addr+0x89/0x3a0
[  560.689701][T22077]  should_failslab+0x9/0x20
[  560.694255][T22077]  kmalloc_trace_noprof+0x6c/0x2c0
[  560.699427][T22077]  sctp_add_bind_addr+0x89/0x3a0
[  560.704420][T22077]  sctp_copy_local_addr_list+0x311/0x500
[  560.710103][T22077]  ? sctp_copy_local_addr_list+0xab/0x500
[  560.715869][T22077]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  560.722067][T22077]  ? sctp_v6_is_any+0x60/0x70
[  560.726793][T22077]  sctp_bind_addr_copy+0xad/0x3b0
[  560.731859][T22077]  ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190
[  560.738227][T22077]  sctp_connect_new_asoc+0x2f3/0x6c0
[  560.743549][T22077]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  560.749380][T22077]  ? sctp_sendmsg+0xbb9/0x3520
[  560.754172][T22077]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  560.759743][T22077]  ? security_sctp_bind_connect+0x90/0xb0
[  560.765506][T22077]  sctp_sendmsg+0x219a/0x3520
[  560.770243][T22077]  ? __pfx_sctp_sendmsg+0x10/0x10
[  560.775302][T22077]  ? __pfx_aa_sk_perm+0x10/0x10
[  560.780202][T22077]  ? inet_sendmsg+0x330/0x390
[  560.784914][T22077]  __sock_sendmsg+0x1a6/0x270
[  560.789654][T22077]  __sys_sendto+0x3a4/0x4f0
[  560.794196][T22077]  ? __pfx___sys_sendto+0x10/0x10
[  560.799289][T22077]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  560.805314][T22077]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  560.811689][T22077]  __x64_sys_sendto+0xde/0x100
[  560.816492][T22077]  do_syscall_64+0xf3/0x230
[  560.821055][T22077]  ? clear_bhb_loop+0x35/0x90
[  560.825778][T22077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  560.831717][T22077] RIP: 0033:0x7f1371f75bd9
[  560.836161][T22077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  560.855815][T22077] RSP: 002b:00007f13719ff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  560.864269][T22077] RAX: ffffffffffffffda RBX: 00007f1372104038 RCX: 00007f1371f75bd9
[  560.872280][T22077] RDX: 0000000000034000 RSI: 0000000020847fff RDI: 0000000000000005
[  560.880300][T22077] RBP: 00007f13719ff0a0 R08: 000000002005ffe4 R09: 000000000000001c
[  560.888298][T22077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[  560.896296][T22077] R13: 000000000000006e R14: 00007f1372104038 R15: 00007fffca4d9178
[  560.904322][T22077]  </TASK>
[  560.993324][T22082] netlink: zone id is out of range
[  561.039157][T22082] netlink: zone id is out of range
[  561.078556][T22082] netlink: zone id is out of range
[  561.089527][ T5107] Bluetooth: hci4: command tx timeout
[  561.120187][T22082] netlink: zone id is out of range
[  561.144458][T22040] chnl_net:caif_netlink_parms(): no params data found
[  561.148262][T22082] netlink: zone id is out of range
[  561.177663][T22082] netlink: zone id is out of range
[  561.195524][T22082] netlink: zone id is out of range
[  561.200969][T22082] netlink: zone id is out of range
[  561.206942][T22082] netlink: zone id is out of range
[  561.449097][T22040] bridge0: port 1(bridge_slave_0) entered blocking state
[  561.458893][T22040] bridge0: port 1(bridge_slave_0) entered disabled state
[  561.466174][T22040] bridge_slave_0: entered allmulticast mode
[  561.516472][T22040] bridge_slave_0: entered promiscuous mode
[  561.526681][T22040] bridge0: port 2(bridge_slave_1) entered blocking state
[  561.534559][T22040] bridge0: port 2(bridge_slave_1) entered disabled state
[  561.541990][T22040] bridge_slave_1: entered allmulticast mode
[  561.555835][T22040] bridge_slave_1: entered promiscuous mode
[  561.679282][T22040] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  561.712646][T22103] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5597'.
[  561.734235][T22103] netlink: 'syz.3.5597': attribute type 30 has an invalid length.
[  561.778095][T22095] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5594'.
[  561.825735][T22040] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  561.857859][T22096] syzkaller1: entered promiscuous mode
[  561.863796][T22096] syzkaller1: entered allmulticast mode
[  561.963497][T22040] team0: Port device team_slave_0 added
[  561.977474][T22111] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0
[  561.983695][T22110] IPVS: stopping master sync thread 22111 ...
[  562.006113][T22040] team0: Port device team_slave_1 added
[  562.030462][T22110] macsec3: entered promiscuous mode
[  562.037719][T22110] macsec3: entered allmulticast mode
[  562.052769][T22110] ip6gretap0: entered allmulticast mode
[  562.065683][T22110] ip6gretap0: left allmulticast mode
[  562.217078][T22040] batman_adv: batadv0: Adding interface: batadv_slave_0
[  562.227835][T22040] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  562.257458][T22040] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  562.295860][T22122] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  562.343173][T22040] batman_adv: batadv0: Adding interface: batadv_slave_1
[  562.375280][T22040] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  562.428583][T22040] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  562.464323][T22127] netlink: 'syz.0.5604': attribute type 1 has an invalid length.
[  562.472811][T22127] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5604'.
[  562.752534][T22040] hsr_slave_0: entered promiscuous mode
[  562.764054][T22040] hsr_slave_1: entered promiscuous mode
[  562.960155][T22147] syzkaller1: entered promiscuous mode
[  562.997259][T22147] syzkaller1: entered allmulticast mode
[  563.063042][T22147] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5609'.
[  563.170804][ T5107] Bluetooth: hci4: command tx timeout
[  563.372302][T22161] netlink: 136 bytes leftover after parsing attributes in process `syz.2.5614'.
[  563.387551][T22163] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  563.410182][T22166] netlink: 'syz.0.5616': attribute type 1 has an invalid length.
[  563.439348][T22166] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5616'.
[  563.871776][T22188] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5622'.
[  563.932255][T22188] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.5622'.
[  564.020386][T22040] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  564.052950][T22040] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  564.076165][T22040] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  564.101171][T22040] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  564.183522][T22199] syzkaller1: entered promiscuous mode
[  564.191086][T22199] syzkaller1: entered allmulticast mode
[  564.213272][T22199] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5626'.
[  564.243852][T22203] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  564.388234][T22040] 8021q: adding VLAN 0 to HW filter on device bond0
[  564.436731][T22040] 8021q: adding VLAN 0 to HW filter on device team0
[  564.488767][ T5178] bridge0: port 1(bridge_slave_0) entered blocking state
[  564.495542][T22208] netlink: 'syz.0.5629': attribute type 1 has an invalid length.
[  564.495966][ T5178] bridge0: port 1(bridge_slave_0) entered forwarding state
[  564.517262][T22208] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5629'.
[  564.566214][ T5178] bridge0: port 2(bridge_slave_1) entered blocking state
[  564.573480][ T5178] bridge0: port 2(bridge_slave_1) entered forwarding state
[  564.652532][T22040] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  564.694234][T22040] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  565.248700][ T5107] Bluetooth: hci4: command tx timeout
[  565.306408][T22040] 8021q: adding VLAN 0 to HW filter on device batadv0
[  565.476496][T22243] syzkaller1: entered promiscuous mode
[  565.498529][T22243] syzkaller1: entered allmulticast mode
[  565.733457][T22255] netlink: 'syz.3.5642': attribute type 1 has an invalid length.
[  565.879829][T22040] veth0_vlan: entered promiscuous mode
[  565.910306][T22040] veth1_vlan: entered promiscuous mode
[  565.962069][T22040] veth0_macvtap: entered promiscuous mode
[  565.989316][T22040] veth1_macvtap: entered promiscuous mode
[  566.013094][T22040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  566.024302][T22040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  566.036915][T22040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  566.056003][T22040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  566.066865][T22040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  566.077685][T22040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  566.116257][T22040] batman_adv: batadv0: Interface activated: batadv_slave_0
[  566.136962][T22040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  566.161107][T22040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  566.176531][T22040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  566.196138][T22040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  566.207951][T22040] batman_adv: batadv0: Interface activated: batadv_slave_1
[  566.256117][T22040] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  566.276206][T22040] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  566.292843][T22040] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  566.310694][T22040] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  566.598819][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  566.613721][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  566.792700][T22282] net_ratelimit: 207 callbacks suppressed
[  566.792724][T22282] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  566.867414][T22282] netlink: 'syz.2.5651': attribute type 7 has an invalid length.
[  566.882359][T22282] netlink: 'syz.2.5651': attribute type 39 has an invalid length.
[  566.930067][T22283] netlink: 'syz.2.5651': attribute type 7 has an invalid length.
[  566.965163][T22283] netlink: 'syz.2.5651': attribute type 39 has an invalid length.
[  567.044515][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  567.070674][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  567.307749][T22296] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  567.327020][T22297] __nla_validate_parse: 8 callbacks suppressed
[  567.327042][T22297] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5655'.
[  567.349567][T22293] smc: net device ip6_vti0 applied user defined pnetid SYZ0
[  567.549452][T22319] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5663'.
[  567.579972][T22319] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.5663'.
[  567.664800][T22324] netlink: 168 bytes leftover after parsing attributes in process `syz.3.5665'.
[  567.818568][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  568.073721][T22341] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  568.804493][T22365] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5675'.
[  568.841006][T22368] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5676'.
[  568.864715][T22368] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.5676'.
[  568.889216][T22370] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5677'.
[  568.969301][T22370] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.5677'.
[  569.360921][T22389] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5685'.
[  569.407033][T22395] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  569.525697][ T3862] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.575897][T22397] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  570.266208][ T3862] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  570.327717][ T3862] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  570.392561][ T3862] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  570.497879][ T3862] bridge_slave_1: left allmulticast mode
[  570.503666][ T3862] bridge_slave_1: left promiscuous mode
[  570.509401][ T3862] bridge0: port 2(bridge_slave_1) entered disabled state
[  570.518899][ T3862] bridge_slave_0: left allmulticast mode
[  570.524575][ T3862] bridge_slave_0: left promiscuous mode
[  570.530419][ T3862] bridge0: port 1(bridge_slave_0) entered disabled state
[  570.888123][ T3862] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  570.904764][ T3862] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  570.916590][ T3862] bond0 (unregistering): Released all slaves
[  571.255062][ T3862] hsr_slave_0: left promiscuous mode
[  571.262307][ T3862] hsr_slave_1: left promiscuous mode
[  571.271795][ T3862] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  571.279287][ T3862] batman_adv: batadv0: Removing interface: batadv_slave_0
[  571.288704][ T3862] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  571.296124][ T3862] batman_adv: batadv0: Removing interface: batadv_slave_1
[  571.384431][ T3862] veth1_macvtap: left promiscuous mode
[  571.392666][ T3862] veth0_macvtap: left promiscuous mode
[  571.404552][ T3862] veth1_vlan: left promiscuous mode
[  571.448324][ T3862] veth0_vlan: left promiscuous mode
[  571.874628][ T5096] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  571.884668][ T5096] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  571.895966][ T5096] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  571.909340][ T5096] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  571.918296][ T5096] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  571.927222][ T5096] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  572.484985][ T3862] team0 (unregistering): Port device team_slave_1 removed
[  572.534787][ T3862] team0 (unregistering): Port device team_slave_0 removed
[  573.141198][T22430] lo speed is unknown, defaulting to 1000
[  573.470327][T22464] TCP: MD5 Hash failed for 172.20.20.187.0->172.20.20.170.20002 []  L3 index 0
[  573.653116][T22471] FAULT_INJECTION: forcing a failure.
[  573.653116][T22471] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  573.699374][T22471] CPU: 1 PID: 22471 Comm: syz.1.5711 Not tainted 6.10.0-rc6-syzkaller-00167-g30f747b8d53b #0
[  573.709581][T22471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  573.719653][T22471] Call Trace:
[  573.722947][T22471]  <TASK>
[  573.725897][T22471]  dump_stack_lvl+0x241/0x360
[  573.730621][T22471]  ? __pfx_dump_stack_lvl+0x10/0x10
[  573.735853][T22471]  ? __pfx__printk+0x10/0x10
[  573.740476][T22471]  ? __pfx_lock_release+0x10/0x10
[  573.745537][T22471]  should_fail_ex+0x3b0/0x4e0
[  573.750256][T22471]  _copy_from_user+0x2f/0xe0
[  573.754868][T22471]  copy_msghdr_from_user+0xae/0x680
[  573.760108][T22471]  ? __pfx___might_resched+0x10/0x10
[  573.765434][T22471]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  573.771295][T22471]  ? __might_fault+0xaa/0x120
[  573.776027][T22471]  do_recvmmsg+0x40f/0xae0
[  573.780491][T22471]  ? __pfx_lock_release+0x10/0x10
[  573.785553][T22471]  ? __pfx_do_recvmmsg+0x10/0x10
[  573.790547][T22471]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  573.796469][T22471]  ? ksys_write+0x23e/0x2c0
[  573.800990][T22471]  ? __pfx_lock_release+0x10/0x10
[  573.806046][T22471]  ? vfs_write+0x7c4/0xc90
[  573.810508][T22471]  ? __mutex_unlock_slowpath+0x21d/0x750
[  573.816190][T22471]  ? __fget_files+0x3f6/0x470
[  573.820926][T22471]  __x64_sys_recvmmsg+0x199/0x250
[  573.825990][T22471]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  573.831574][T22471]  ? do_syscall_64+0x100/0x230
[  573.836366][T22471]  ? do_syscall_64+0xb6/0x230
[  573.841072][T22471]  do_syscall_64+0xf3/0x230
[  573.845620][T22471]  ? clear_bhb_loop+0x35/0x90
[  573.850338][T22471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  573.856267][T22471] RIP: 0033:0x7f5a60775bd9
[  573.860703][T22471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  573.880354][T22471] RSP: 002b:00007f5a61591048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  573.888828][T22471] RAX: ffffffffffffffda RBX: 00007f5a60904038 RCX: 00007f5a60775bd9
[  573.896825][T22471] RDX: 0000000000000a0d RSI: 00000000200066c0 RDI: 0000000000000006
[  573.904831][T22471] RBP: 00007f5a615910a0 R08: 0000000000000000 R09: 0000000000000000
[  573.912829][T22471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  573.920833][T22471] R13: 000000000000006e R14: 00007f5a60904038 R15: 00007ffc6fcbed28
[  573.928849][T22471]  </TASK>
[  573.969351][ T5107] Bluetooth: hci4: command tx timeout
[  574.148723][T22479] syzkaller1: entered promiscuous mode
[  574.154247][T22479] syzkaller1: entered allmulticast mode
[  574.179842][T22430] chnl_net:caif_netlink_parms(): no params data found
[  574.517845][T22492] netlink: 'syz.0.5717': attribute type 10 has an invalid length.
[  574.550317][T22492] bridge0: port 3(team0) entered blocking state
[  574.556907][T22492] bridge0: port 3(team0) entered disabled state
[  574.567097][T22492] team0: entered allmulticast mode
[  574.577070][T22492] team_slave_0: entered allmulticast mode
[  574.583285][T22492] team_slave_1: entered allmulticast mode
[  574.592930][T22492] batadv0: entered allmulticast mode
[  574.598258][T22492] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  574.608143][T22492] team0: entered promiscuous mode
[  574.614381][T22492] team_slave_0: entered promiscuous mode
[  574.621613][T22492] team_slave_1: entered promiscuous mode
[  574.627545][T22492] batadv0: entered promiscuous mode
[  574.633867][T22492] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  574.642582][T22492] bridge0: port 3(team0) entered blocking state
[  574.649056][T22492] bridge0: port 3(team0) entered forwarding state
[  574.691417][T22499] syz_tun: entered promiscuous mode
[  574.715676][T22499] syz_tun: left promiscuous mode
[  574.961341][T22515] xt_TCPMSS: Only works on TCP SYN packets
[  574.984843][   T51] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  574.995215][   T51] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  575.010447][T22430] bridge0: port 1(bridge_slave_0) entered blocking state
[  575.017613][T22430] bridge0: port 1(bridge_slave_0) entered disabled state
[  575.067714][T22430] bridge_slave_0: entered allmulticast mode
[  575.085793][T22430] bridge_slave_0: entered promiscuous mode
[  575.109466][T22430] bridge0: port 2(bridge_slave_1) entered blocking state
[  575.116815][T22430] bridge0: port 2(bridge_slave_1) entered disabled state
[  575.124831][T22430] bridge_slave_1: entered allmulticast mode
[  575.133190][T22430] bridge_slave_1: entered promiscuous mode
[  575.220297][T22430] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  575.236271][T22529] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  575.249984][T22430] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  575.339856][T22430] team0: Port device team_slave_0 added
[  575.355095][T22533] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5731'.
[  575.382048][T22430] team0: Port device team_slave_1 added
[  575.449393][T22430] batman_adv: batadv0: Adding interface: batadv_slave_0
[  575.456598][T22430] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  575.493074][T22540] netlink: 48 bytes leftover after parsing attributes in process `syz.3.5734'.
[  575.505194][T22430] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  575.537752][T22430] batman_adv: batadv0: Adding interface: batadv_slave_1
[  575.552584][T22430] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  575.598271][T22430] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  575.683163][T22430] hsr_slave_0: entered promiscuous mode
[  575.693718][T22430] hsr_slave_1: entered promiscuous mode
[  575.774088][T22554] FAULT_INJECTION: forcing a failure.
[  575.774088][T22554] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  575.818068][T22554] CPU: 1 PID: 22554 Comm: syz.0.5738 Not tainted 6.10.0-rc6-syzkaller-00167-g30f747b8d53b #0
[  575.828293][T22554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  575.838377][T22554] Call Trace:
[  575.841682][T22554]  <TASK>
[  575.844635][T22554]  dump_stack_lvl+0x241/0x360
[  575.849363][T22554]  ? __pfx_dump_stack_lvl+0x10/0x10
[  575.854600][T22554]  ? __pfx__printk+0x10/0x10
[  575.859222][T22554]  ? __pfx_lock_release+0x10/0x10
[  575.864300][T22554]  should_fail_ex+0x3b0/0x4e0
[  575.869017][T22554]  _copy_from_user+0x2f/0xe0
[  575.873649][T22554]  copy_msghdr_from_user+0xae/0x680
[  575.878892][T22554]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  575.884752][T22554]  __sys_sendmsg+0x23d/0x3a0
[  575.889374][T22554]  ? __pfx___sys_sendmsg+0x10/0x10
[  575.894520][T22554]  ? vfs_write+0x7c4/0xc90
[  575.899006][T22554]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  575.905364][T22554]  ? do_syscall_64+0x100/0x230
[  575.910178][T22554]  ? do_syscall_64+0xb6/0x230
[  575.914879][T22554]  do_syscall_64+0xf3/0x230
[  575.919402][T22554]  ? clear_bhb_loop+0x35/0x90
[  575.924133][T22554]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  575.930050][T22554] RIP: 0033:0x7f4a55175bd9
[  575.934488][T22554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  575.954096][T22554] RSP: 002b:00007f4a55f82048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  575.962530][T22554] RAX: ffffffffffffffda RBX: 00007f4a55304038 RCX: 00007f4a55175bd9
[  575.970510][T22554] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[  575.978521][T22554] RBP: 00007f4a55f820a0 R08: 0000000000000000 R09: 0000000000000000
[  575.986488][T22554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  575.994457][T22554] R13: 000000000000006e R14: 00007f4a55304038 R15: 00007ffed4203878
[  576.002442][T22554]  </TASK>
[  576.048763][ T5107] Bluetooth: hci4: command tx timeout
[  576.410376][T22580] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  576.462287][T22430] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  576.474302][T22430] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  576.487365][T22430] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  576.504943][T22430] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  576.613028][T22430] 8021q: adding VLAN 0 to HW filter on device bond0
[  576.639071][T22430] 8021q: adding VLAN 0 to HW filter on device team0
[  576.652606][ T5150] bridge0: port 1(bridge_slave_0) entered blocking state
[  576.659859][ T5150] bridge0: port 1(bridge_slave_0) entered forwarding state
[  576.690996][ T5150] bridge0: port 2(bridge_slave_1) entered blocking state
[  576.698186][ T5150] bridge0: port 2(bridge_slave_1) entered forwarding state
[  576.973599][T22430] 8021q: adding VLAN 0 to HW filter on device batadv0
[  577.269409][T22611] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5756'.
[  577.470938][T22623] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  577.573638][T22430] veth0_vlan: entered promiscuous mode
[  577.629332][T22430] veth1_vlan: entered promiscuous mode
[  577.713555][T22430] veth0_macvtap: entered promiscuous mode
[  577.733895][T22430] veth1_macvtap: entered promiscuous mode
[  577.775406][T22430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  577.799595][T22430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  577.820113][T22430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  577.843430][T22430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  577.854361][T22430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  577.866778][T22430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  577.894286][T22430] batman_adv: batadv0: Interface activated: batadv_slave_0
[  577.932150][T22430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  577.953799][T22430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  577.985908][T22430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  577.999015][T22430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  578.020767][T22430] batman_adv: batadv0: Interface activated: batadv_slave_1
[  578.042046][T22430] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  578.058415][T22430] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  578.067337][T22430] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  578.084019][T22430] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  578.128913][ T5107] Bluetooth: hci4: command tx timeout
[  578.907204][T22658] skb len=8071 headroom=168 headlen=136 tailroom=0
[  578.907204][T22658] mac=(168,0) mac_len=0 net=(168,20) trans=188
[  578.907204][T22658] shinfo(txflags=0 nr_frags=1 gso(size=0 type=0 segs=0))
[  578.907204][T22658] csum(0x12eb start=4843 offset=0 ip_summed=3 complete_sw=0 valid=0 level=0)
[  578.907204][T22658] hash(0x0 sw=0 l4=0) proto=0x0800 pkttype=0 iif=0
[  578.907204][T22658] priority=0x0 mark=0x0 alloc_cpu=1 vlan_all=0x0
[  578.907204][T22658] encapsulation=1 inner(proto=0x0008, mac=192, net=192, trans=244)
[  578.934027][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  578.956147][T22658] dev name=veth0_to_team feat=0x000061164fdd19e9
[  578.956206][T22658] skb linear:   00000000: 45 02 1f 87 3f 20 00 00 0f 2f c7 ef ac 14 14 1f
[  578.956225][T22658] skb linear:   00000010: e0 00 e5 02 00 00 08 00 bd 0f 1f 6f 01 02 0c 52
[  578.956253][T22658] skb linear:   00000020: 0f 06 4c f9 1f e4 fd fe 4b 44 94 30 eb b5 29 97
[  578.956273][T22658] skb linear:   00000030: e3 6e 03 9b 1c 59 88 25 f8 01 00 a3 c0 63 76 c3
[  578.956290][T22658] skb linear:   00000040: 30 41 76 a1 67 d5 02 61 a6 7a 34 a0 9e 5f e2 bb
[  578.956306][T22658] skb linear:   00000050: 07 b7 10 57 f9 18 a5 4b f8 42 9c 48 f6 dc f4 ad
[  578.956323][T22658] skb linear:   00000060: f6 34 be 76 32 88 d0 1a a2 7a e8 b0 9e 13 e7 9a
[  578.956339][T22658] skb linear:   00000070: b2 0b 0b 8e d8 fb 7a 68 af 2a d0 00 00 00 00 00
[  578.956355][T22658] skb linear:   00000080: 00 00 6f 80 3c 64 68 08
[  578.956389][T22658] skb frag:     00000000: a9 1a cd e7 fa 96 4e 68 9b 1f 0e a9 60 47 a9 82
[  578.956407][T22658] skb frag:     00000010: 60 27 0c 3a 3c cb 21 42 b0 74 db 79 aa 88 61 46
[  578.956424][T22658] skb frag:     00000020: 63 ff 33 f9 96 65 02 a2 36 1e 49 aa be 58 eb 08
[  578.956441][T22658] skb frag:     00000030: 6c 58 27 dd 9d 92 fa 4f f0 c0 e8 b9 49 d5 85 f2
[  578.956458][T22658] skb frag:     00000040: cb c1 11 de 47 89 05 cb 37 f3 cb fb 01 9c 6d aa
[  578.956475][T22658] skb frag:     00000050: ce 50 8b 92 67 18 50 ff 57 72 34 46 8f 92 79 a5
[  578.956491][T22658] skb frag:     00000060: 23 60 d1 a8 0b 88 b4 eb 1c da 94 9c a7 7b 6e c4
[  578.956508][T22658] skb frag:     00000070: 3b df 5f 5a 40 09 89 70 57 46 b8 6b 40 09 47 89
[  578.956525][T22658] skb frag:     00000080: 1b 33 d5 91 ec 5e a9 ae 45 98 32 73 f6 20 27 99
[  578.956542][T22658] skb frag:     00000090: 8d 72 f8 36 25 02 1a 72 e2 7e 04 49 fa 15 4a de
[  578.956558][T22658] skb frag:     000000a0: 55 07 15 46 d4 00 00 00
[  578.956579][T22658] ------------[ cut here ]------------
[  578.956589][T22658] offset (4675) >= skb_headlen() (136)
[  578.957454][T22658] WARNING: CPU: 1 PID: 22658 at net/core/dev.c:3325 skb_checksum_help+0x5f9/0x730
[  578.988603][T22658] Modules linked in:
[  578.988623][T22658] CPU: 1 PID: 22658 Comm: syz.3.5772 Not tainted 6.10.0-rc6-syzkaller-00167-g30f747b8d53b #0
[  578.988649][T22658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  578.988664][T22658] RIP: 0010:skb_checksum_help+0x5f9/0x730
[  578.988707][T22658] Code: 48 8b 4c 24 10 0f b6 04 01 84 c0 0f 85 dd 00 00 00 48 8b 44 24 08 2b 18 48 c7 c7 60 63 c5 8c 44 89 f6 89 da e8 b8 3f 01 f8 90 <0f> 0b 90 90 bb ea ff ff ff e9 65 fd ff ff e8 c4 11 3f f8 c6 05 9c
[  578.988726][T22658] RSP: 0018:ffffc9000af06da8 EFLAGS: 00010246
[  578.988746][T22658] RAX: 3799962e5b69cc00 RBX: 0000000000000088 RCX: 0000000000040000
[  578.988762][T22658] RDX: ffffc9000fd56000 RSI: 000000000001983a RDI: 000000000001983b
[  578.988782][T22658] RBP: 0000000000001f87 R08: ffffffff81585822 R09: 1ffffffff1f5a93d
[  578.988798][T22658] R10: dffffc0000000000 R11: fffffbfff1f5a93e R12: 1ffff1100fb14326
[  578.988815][T22658] R13: dffffc0000000000 R14: 0000000000001243 R15: ffff88807d8a18c0
[  578.988832][T22658] FS:  00007f51e2fd86c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  578.988851][T22658] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  578.988866][T22658] CR2: 000000002000f000 CR3: 0000000056b32000 CR4: 00000000003506f0
[  578.988885][T22658] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  578.988899][T22658] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  578.988913][T22658] Call Trace:
[  578.988922][T22658]  <TASK>
[  578.988932][T22658]  ? __warn+0x163/0x4e0
[  578.988962][T22658]  ? skb_checksum_help+0x5f9/0x730
[  578.988996][T22658]  ? report_bug+0x2b3/0x500
[  578.989022][T22658]  ? skb_checksum_help+0x5f9/0x730
[  578.989052][T22658]  ? handle_bug+0x3e/0x70
[  578.989082][T22658]  ? exc_invalid_op+0x1a/0x50
[  578.989111][T22658]  ? asm_exc_invalid_op+0x1a/0x20
[  578.989147][T22658]  ? __warn_printk+0x292/0x360
[  578.989176][T22658]  ? skb_checksum_help+0x5f9/0x730
[  578.989221][T22658]  ? skb_checksum_help+0x5f8/0x730
[  578.989256][T22658]  ip_do_fragment+0x21b/0x1b60
[  578.989291][T22658]  ? __pfx_ip_finish_output2+0x10/0x10
[  578.989321][T22658]  ? __pfx_ip_do_fragment+0x10/0x10
[  578.989358][T22658]  ? kasan_quarantine_put+0xdc/0x230
[  579.038959][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  579.040730][T22658]  ? lockdep_hardirqs_on+0x99/0x150
[  579.191525][ T3862] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  579.208835][T22658]  ? __ip_finish_output+0x247/0x400
[  579.208873][T22658]  ? kmem_cache_free+0x145/0x350
[  579.208906][T22658]  ? ip_fragment+0x9a/0x220
[  579.208935][T22658]  __ip_finish_output+0x290/0x400
[  579.208967][T22658]  iptunnel_xmit+0x540/0x9b0
[  579.209010][T22658]  ip_tunnel_xmit+0x2113/0x2940
[  579.209078][T22658]  ? __pfx_ip_tunnel_xmit+0x10/0x10
[  579.209111][T22658]  ? gre_build_header+0x341/0xb30
[  579.209151][T22658]  ? __pfx_gre_build_header+0x10/0x10
[  579.209181][T22658]  ? iptunnel_handle_offloads+0x25f/0x650
[  579.209217][T22658]  ipgre_xmit+0x956/0xd40
[  579.209262][T22658]  ? __pfx_ipgre_xmit+0x10/0x10
[  579.209290][T22658]  ? dev_queue_xmit_nit+0x2b/0xc10
[  579.209328][T22658]  dev_hard_start_xmit+0x27a/0x7e0
[  579.209371][T22658]  __dev_queue_xmit+0x1b0e/0x3d30
[  579.209398][T22658]  ? skb_copy_bits+0x6e1/0x7a0
[  579.209437][T22658]  ? __dev_queue_xmit+0x2d2/0x3d30
[  579.209466][T22658]  ? skb_partial_csum_set+0x105/0x350
[  579.209496][T22658]  ? __pfx___dev_queue_xmit+0x10/0x10
[  579.209527][T22658]  ? virtio_net_hdr_to_skb+0xa6a/0x1330
[  579.209550][T22658]  ? packet_parse_headers+0x7bd/0xad0
[  579.209594][T22658]  ? packet_xmit+0x68/0x330
[  579.209621][T22658]  packet_sendmsg+0x46c2/0x6150
[  579.267859][ T3862] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  579.271476][T22658]  ? __pfx___might_resched+0x10/0x10
[  579.271533][T22658]  ? aa_sk_perm+0x967/0xab0
[  579.271571][T22658]  ? __pfx_packet_sendmsg+0x10/0x10
[  579.271612][T22658]  ? __pfx_lock_release+0x10/0x10
[  579.271636][T22658]  ? __import_iovec+0x536/0x820
[  579.271659][T22658]  ? aa_sock_msg_perm+0x91/0x160
[  579.271694][T22658]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  579.271721][T22658]  ? security_socket_sendmsg+0x87/0xb0
[  579.271750][T22658]  ? __pfx_packet_sendmsg+0x10/0x10
[  579.271781][T22658]  __sock_sendmsg+0x221/0x270
[  579.271821][T22658]  ____sys_sendmsg+0x525/0x7d0
[  579.271860][T22658]  ? __pfx_____sys_sendmsg+0x10/0x10
[  579.271907][T22658]  __sys_sendmsg+0x2b0/0x3a0
[  579.271938][T22658]  ? __pfx___sys_sendmsg+0x10/0x10
[  579.272015][T22658]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  579.272041][T22658]  ? do_syscall_64+0x100/0x230
[  579.272075][T22658]  ? do_syscall_64+0xb6/0x230
[  579.272110][T22658]  do_syscall_64+0xf3/0x230
[  579.272143][T22658]  ? clear_bhb_loop+0x35/0x90
[  579.272181][T22658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  579.272213][T22658] RIP: 0033:0x7f51e2175bd9
[  579.272234][T22658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  579.272253][T22658] RSP: 002b:00007f51e2fd8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  579.272278][T22658] RAX: ffffffffffffffda RBX: 00007f51e2303f60 RCX: 00007f51e2175bd9
[  579.272295][T22658] RDX: 0000000000000000 RSI: 0000000020002ac0 RDI: 0000000000000005
[  579.272309][T22658] RBP: 00007f51e21e4e60 R08: 0000000000000000 R09: 0000000000000000
[  579.272324][T22658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  579.272338][T22658] R13: 000000000000000b R14: 00007f51e2303f60 R15: 00007ffd4c705ef8
[  579.272372][T22658]  </TASK>
[  579.272384][T22658] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  579.272397][T22658] CPU: 1 PID: 22658 Comm: syz.3.5772 Not tainted 6.10.0-rc6-syzkaller-00167-g30f747b8d53b #0
[  579.272419][T22658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  579.272432][T22658] Call Trace:
[  579.272441][T22658]  <TASK>
[  579.272449][T22658]  dump_stack_lvl+0x241/0x360
[  579.272483][T22658]  ? __pfx_dump_stack_lvl+0x10/0x10
[  579.272514][T22658]  ? __pfx__printk+0x10/0x10
[  579.272552][T22658]  ? vscnprintf+0x5d/0x90
[  579.272580][T22658]  panic+0x349/0x860
[  579.272613][T22658]  ? __warn+0x172/0x4e0
[  579.272646][T22658]  ? __pfx_panic+0x10/0x10
[  579.272697][T22658]  __warn+0x346/0x4e0
[  579.272735][T22658]  ? skb_checksum_help+0x5f9/0x730
[  579.272767][T22658]  report_bug+0x2b3/0x500
[  579.272796][T22658]  ? skb_checksum_help+0x5f9/0x730
[  579.272828][T22658]  handle_bug+0x3e/0x70
[  579.272862][T22658]  exc_invalid_op+0x1a/0x50
[  579.272896][T22658]  asm_exc_invalid_op+0x1a/0x20
[  579.272928][T22658] RIP: 0010:skb_checksum_help+0x5f9/0x730
[  579.272955][T22658] Code: 48 8b 4c 24 10 0f b6 04 01 84 c0 0f 85 dd 00 00 00 48 8b 44 24 08 2b 18 48 c7 c7 60 63 c5 8c 44 89 f6 89 da e8 b8 3f 01 f8 90 <0f> 0b 90 90 bb ea ff ff ff e9 65 fd ff ff e8 c4 11 3f f8 c6 05 9c
[  579.272974][T22658] RSP: 0018:ffffc9000af06da8 EFLAGS: 00010246
[  579.272995][T22658] RAX: 3799962e5b69cc00 RBX: 0000000000000088 RCX: 0000000000040000
[  579.273011][T22658] RDX: ffffc9000fd56000 RSI: 000000000001983a RDI: 000000000001983b
[  579.273028][T22658] RBP: 0000000000001f87 R08: ffffffff81585822 R09: 1ffffffff1f5a93d
[  579.273046][T22658] R10: dffffc0000000000 R11: fffffbfff1f5a93e R12: 1ffff1100fb14326
[  579.273063][T22658] R13: dffffc0000000000 R14: 0000000000001243 R15: ffff88807d8a18c0
[  579.273088][T22658]  ? __warn_printk+0x292/0x360
[  579.273128][T22658]  ? skb_checksum_help+0x5f8/0x730
[  579.273164][T22658]  ip_do_fragment+0x21b/0x1b60
[  579.273204][T22658]  ? __pfx_ip_finish_output2+0x10/0x10
[  579.273235][T22658]  ? __pfx_ip_do_fragment+0x10/0x10
[  579.273261][T22658]  ? kasan_quarantine_put+0xdc/0x230
[  579.273287][T22658]  ? lockdep_hardirqs_on+0x99/0x150
[  579.273324][T22658]  ? __ip_finish_output+0x247/0x400
[  579.273348][T22658]  ? kmem_cache_free+0x145/0x350
[  579.273381][T22658]  ? ip_fragment+0x9a/0x220
[  579.273409][T22658]  __ip_finish_output+0x290/0x400
[  579.273439][T22658]  iptunnel_xmit+0x540/0x9b0
[  579.273482][T22658]  ip_tunnel_xmit+0x2113/0x2940
[  579.273550][T22658]  ? __pfx_ip_tunnel_xmit+0x10/0x10
[  579.273584][T22658]  ? gre_build_header+0x341/0xb30
[  579.273624][T22658]  ? __pfx_gre_build_header+0x10/0x10
[  579.273655][T22658]  ? iptunnel_handle_offloads+0x25f/0x650
[  579.273691][T22658]  ipgre_xmit+0x956/0xd40
[  579.273741][T22658]  ? __pfx_ipgre_xmit+0x10/0x10
[  579.273771][T22658]  ? dev_queue_xmit_nit+0x2b/0xc10
[  579.273807][T22658]  dev_hard_start_xmit+0x27a/0x7e0
[  579.273852][T22658]  __dev_queue_xmit+0x1b0e/0x3d30
[  579.273880][T22658]  ? skb_copy_bits+0x6e1/0x7a0
[  579.273920][T22658]  ? __dev_queue_xmit+0x2d2/0x3d30
[  579.273950][T22658]  ? skb_partial_csum_set+0x105/0x350
[  579.273981][T22658]  ? __pfx___dev_queue_xmit+0x10/0x10
[  579.274013][T22658]  ? virtio_net_hdr_to_skb+0xa6a/0x1330
[  579.274047][T22658]  ? packet_parse_headers+0x7bd/0xad0
[  579.274093][T22658]  ? packet_xmit+0x68/0x330
[  579.274121][T22658]  packet_sendmsg+0x46c2/0x6150
[  579.274185][T22658]  ? __pfx___might_resched+0x10/0x10
[  579.274232][T22658]  ? aa_sk_perm+0x967/0xab0
[  579.274269][T22658]  ? __pfx_packet_sendmsg+0x10/0x10
[  579.274310][T22658]  ? __pfx_lock_release+0x10/0x10
[  579.274333][T22658]  ? __import_iovec+0x536/0x820
[  579.274357][T22658]  ? aa_sock_msg_perm+0x91/0x160
[  579.274392][T22658]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  579.274413][T22658]  ? security_socket_sendmsg+0x87/0xb0
[  579.274443][T22658]  ? __pfx_packet_sendmsg+0x10/0x10
[  579.274473][T22658]  __sock_sendmsg+0x221/0x270
[  579.274512][T22658]  ____sys_sendmsg+0x525/0x7d0
[  579.274551][T22658]  ? __pfx_____sys_sendmsg+0x10/0x10
[  579.274599][T22658]  __sys_sendmsg+0x2b0/0x3a0
[  579.274631][T22658]  ? __pfx___sys_sendmsg+0x10/0x10
[  579.274707][T22658]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  579.274739][T22658]  ? do_syscall_64+0x100/0x230
[  579.274775][T22658]  ? do_syscall_64+0xb6/0x230
[  579.274809][T22658]  do_syscall_64+0xf3/0x230
[  579.274842][T22658]  ? clear_bhb_loop+0x35/0x90
[  579.274883][T22658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  579.274916][T22658] RIP: 0033:0x7f51e2175bd9
[  579.274934][T22658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  579.274953][T22658] RSP: 002b:00007f51e2fd8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  579.274976][T22658] RAX: ffffffffffffffda RBX: 00007f51e2303f60 RCX: 00007f51e2175bd9
[  579.274993][T22658] RDX: 0000000000000000 RSI: 0000000020002ac0 RDI: 0000000000000005
[  579.275027][T22658] RBP: 00007f51e21e4e60 R08: 0000000000000000 R09: 0000000000000000
[  579.275044][T22658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  579.275061][T22658] R13: 000000000000000b R14: 00007f51e2303f60 R15: 00007ffd4c705ef8
[  579.275099][T22658]  </TASK>
[  579.280762][T22658] Kernel Offset: disabled