last executing test programs:

1m49.435584749s ago: executing program 3 (id=320):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet6(r0, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e1d, 0x280000, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1400000000000000010000000c0000002b0000000000000718"], 0x30}, 0x4000010)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x2, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000009500000000000000"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000500)={r4, 0x2000000, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001100)={0x28, r2, 0x5, 0x0, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0x7, 0x34, @random="2a1cb3"}, @crypto_settings=[@NL80211_ATTR_SAE_PASSWORD={0x4}]]}, 0x28}, 0x1, 0x0, 0x0, 0x8894}, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x5, &(0x7f0000000040)=0x80000000, 0x4)

1m34.945048575s ago: executing program 3 (id=320):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet6(r0, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e1d, 0x280000, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1400000000000000010000000c0000002b0000000000000718"], 0x30}, 0x4000010)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x2, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000009500000000000000"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000500)={r4, 0x2000000, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001100)={0x28, r2, 0x5, 0x0, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0x7, 0x34, @random="2a1cb3"}, @crypto_settings=[@NL80211_ATTR_SAE_PASSWORD={0x4}]]}, 0x28}, 0x1, 0x0, 0x0, 0x8894}, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x5, &(0x7f0000000040)=0x80000000, 0x4)

1m21.360648771s ago: executing program 3 (id=320):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet6(r0, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e1d, 0x280000, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1400000000000000010000000c0000002b0000000000000718"], 0x30}, 0x4000010)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x2, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000009500000000000000"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000500)={r4, 0x2000000, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001100)={0x28, r2, 0x5, 0x0, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0x7, 0x34, @random="2a1cb3"}, @crypto_settings=[@NL80211_ATTR_SAE_PASSWORD={0x4}]]}, 0x28}, 0x1, 0x0, 0x0, 0x8894}, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x5, &(0x7f0000000040)=0x80000000, 0x4)

1m11.599490796s ago: executing program 3 (id=320):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet6(r0, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e1d, 0x280000, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1400000000000000010000000c0000002b0000000000000718"], 0x30}, 0x4000010)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x2, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000009500000000000000"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000500)={r4, 0x2000000, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001100)={0x28, r2, 0x5, 0x0, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0x7, 0x34, @random="2a1cb3"}, @crypto_settings=[@NL80211_ATTR_SAE_PASSWORD={0x4}]]}, 0x28}, 0x1, 0x0, 0x0, 0x8894}, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x5, &(0x7f0000000040)=0x80000000, 0x4)

1m0.010033125s ago: executing program 3 (id=320):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet6(r0, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e1d, 0x280000, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1400000000000000010000000c0000002b0000000000000718"], 0x30}, 0x4000010)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x2, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000009500000000000000"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000500)={r4, 0x2000000, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001100)={0x28, r2, 0x5, 0x0, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0x7, 0x34, @random="2a1cb3"}, @crypto_settings=[@NL80211_ATTR_SAE_PASSWORD={0x4}]]}, 0x28}, 0x1, 0x0, 0x0, 0x8894}, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x5, &(0x7f0000000040)=0x80000000, 0x4)

49.202456945s ago: executing program 3 (id=320):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet6(r0, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e1d, 0x280000, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1400000000000000010000000c0000002b0000000000000718"], 0x30}, 0x4000010)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x2, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000009500000000000000"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000500)={r4, 0x2000000, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001100)={0x28, r2, 0x5, 0x0, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0x7, 0x34, @random="2a1cb3"}, @crypto_settings=[@NL80211_ATTR_SAE_PASSWORD={0x4}]]}, 0x28}, 0x1, 0x0, 0x0, 0x8894}, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x5, &(0x7f0000000040)=0x80000000, 0x4)

2.375057012s ago: executing program 2 (id=2133):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$MRT_TABLE(0xffffffffffffffff, 0x0, 0xcf, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000600)={0x2, 0x4e03, 0x6, @mcast1, 0x200004}, 0x8)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$DEVLINK_CMD_SB_GET(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
r2 = socket(0x28, 0x5, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$bt_hci_HCI_TIME_STAMP(0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000100)=0x1, 0x4)
r3 = socket$kcm(0x21, 0x2, 0x2)
r4 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl$IMSETDEVNAME(r4, 0x80184947, &(0x7f0000000780)={0xe, 'syz0\x00'})
sendmsg$kcm(r3, 0x0, 0x0)
setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000400)={<r5=>0x0, 0x5}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f00000005c0)={r5}, &(0x7f00000004c0)=0x7)
getsockopt$IP_VS_SO_GET_INFO(r3, 0x0, 0x481, &(0x7f0000000540), 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(0xffffffffffffffff, 0x84, 0x19, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r7 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r7, 0x0, 0x64, 0x0, &(0x7f0000000200))
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ae8000000000a01010000000000000000050000000900010073797a3000000000ba000600e9eec003775c64e64f439fc0b5fb34bcd039590bba579a25436e11f718b64e3e01796b9e930a3d8eefa0bccf8429a311f3ce5ec5a0a7bb9e08c60e03cbcdd726725fb9b1bd1000cf2a77ab6ab91f2294632773ea59b8de2361cdd8045c5fdb81611e843cb814e4cfe672542287ebd3b2ed48dca1a08690b05bb9bbbcc05551bd05e4c6e0625fcae04323e0f29dbad3c57456d2ca020462188e1236ebe6da1442c71ab0a8ebfaacef2710111417370a0f8cd19c5f9e1a00000900010073797a300000000014010000030a01030000000000000000050000000900010073797a30000000000800054000000000af000c008451bef8928cf9ec5c3c0fca5cedf6b9ae811484cd4abbaec9eba3118a64f7b105ab0e5c8e377ddaf98490703415da6a50c72a1434c93ef4daa32cd2b643c4ab99e8adc29f67b58cd27b71b30213e6acd60b8fa2190c3fd64f382e41b97f4b12379ce9470cbfdb02cc2a2d8e0e7aec144e2df705b37b99cafc9b141b0f3176897eba9802e14cc423ecff994b4ff320f5786bd4fba343449446d922b94ac3f8621197db4c2dc061e9278f5a000900030073797a32000000000b00070066696c746572000024000480080002406b10a6210800014000000004080002404e73b858080001400000000014000000020a030000000000000000000500000014000000110001"], 0x238}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000280)={'syztnl1\x00', &(0x7f00000003c0)={'erspan0\x00', <r8=>0x0, 0x40, 0x10, 0x81, 0x400, {{0x25, 0x4, 0x0, 0x7, 0x94, 0x67, 0x0, 0x7, 0x2f, 0x0, @private=0xa010101, @rand_addr=0x64010101, {[@rr={0x7, 0x3, 0x1e}, @ssrr={0x89, 0x13, 0x6a, [@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, @broadcast]}, @lsrr={0x83, 0x1f, 0x6e, [@multicast1, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010101, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote]}, @end, @timestamp_addr={0x44, 0x34, 0xd, 0x1, 0x7, [{@broadcast, 0x90000}, {@multicast1, 0x7}, {@loopback}, {@dev={0xac, 0x14, 0x14, 0xa}, 0x7}, {@remote, 0x400}, {@local}]}, @ra={0x94, 0x4}, @lsrr={0x83, 0xf, 0xb, [@broadcast, @dev={0xac, 0x14, 0x14, 0x12}, @empty]}]}}}}})
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="9f020100020000000000000018000000180000000300000003000000010000850043980000002e00"], &(0x7f0000000640)=""/4096, 0x33, 0x1000, 0x0, 0xffff, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="140000000c00000000080000c402000000000400", @ANYRES32=0x1, @ANYBLOB="0900001000b800000000000000000036d500"/31, @ANYRES32=r8, @ANYRES32=r9, @ANYBLOB="05000000030000000400"/28], 0x50)
close(r6)

2.321910894s ago: executing program 0 (id=2137):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="88000000000101040000000000000000020000022400018014000180080001007f00000108000200ac14141c0c00028005000100000000002400028014000180080001007f00000108000200ac1e00010c0002800500010000ff8400080007400000000024000e800c000280050001008400000014000180080001"], 0x88}}, 0x0)

2.194935255s ago: executing program 0 (id=2138):
socket(0x10, 0x2, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bind$alg(r0, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$alg(0x26, 0x5, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket(0x2a, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x5, 0x0)
socket$netlink(0x10, 0x3, 0x4)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$kcm(0x10, 0x2, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100002170"], 0x64}}, 0x0)

1.897205783s ago: executing program 1 (id=2139):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x4098884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000001a40)={0x1f, 0xffff, 0x3}, 0x6)
write(r2, &(0x7f0000000000)="2e000300010000", 0x7)
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000440)={'syz_tun\x00', 0x101})
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x3b6, &(0x7f00000003c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaabb86dd6000084003803afffe8000000000000000000000000000bbff02000000000000000000000000000186009078000000000000000000000000000aa78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af0302000100001c0500000000260004000318fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a775772c08000000000000b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978001d06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8675b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000220b17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f0032107b8a3e100908f61640000000200fff500000000000000000000008879e66485201a0015ca83347357a0274500040000000000000000000000145e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052ccc8dab34e820a651c7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c0005d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02"], 0x0)
r3 = socket$rxrpc(0x21, 0x2, 0x2)
bind$rxrpc(r3, &(0x7f0000001380)=@in6={0x21, 0x4, 0x2, 0x1c, {0xa, 0x4e23, 0x7, @empty, 0x4}}, 0x24)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockname$packet(r6, &(0x7f0000001200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendto$inet6(r5, &(0x7f0000000280), 0x0, 0x800, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001240)=ANY=[@ANYBLOB="140005000000010000000000000000000000000a20000000000a01080000000000000000070000000900010073797a30000000006c000000090a010400000000000000000700000208000a40577f00000900020073797a31000000000900010073797a300000000008000540000000213000118008000100636d7000240002801000038009000100357c8b80ae0000000800024000000001080001400000000fff0100001000010000000000000000000084000a7339645561b93e0604f45edd43147b1ba27e6e15b20e38ad28e7f960cb5afcec45eddc31dbce8c816aafbdc4ac446d2f650cee22a7cf60c196447fc5432f824071099538484e7ba21cae4644b1dcfdaf223b8803f1981602b06994c1c9615882fbd9ea07d2f4f86d5f525fae438c4912dba294ca64960cacb6386de2b9165f4780e21f45"], 0xb4}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000006000000045000000700010001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000d00008500000001000000850000002a00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r10}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c0000002000010300100000fbdbdf2502200000000000000000000008000b000300000008000b00000000020a26e50fe7e87928ef49fc695f74d7e0262a8e46f37eec7b6a8cca866836f2683c44a8e6c21103ba3ead26ac51761984ddefd46da0655af84592"], 0x2c}}, 0x0)
ioctl$BTRFS_IOC_SNAP_CREATE(r8, 0x50009401, &(0x7f0000000200)={{r8}, "88f06b79cb10d42f20c0c49576a7ff7bdd59112f324f2941090b7ecc8afa05c0911e42c543b8734d4c52a2e94fdf1eaccb6f35f8b0e4757f67f62a572ea66f1ca8e28da0e8fcd37c37d1069d98b8b6a9958a10ec88222296e37fba014d79eec59d4656e162af864b33bf1afb280a1022d9cec3617d585c92619c703d542efb518f42279ce9f02d96a0ecb6cf0528ca85b6e8f412c5db4977eabbb3318a8f7152c15c4c44b3f47635b521bdf0420c322ee2e4d3c0842ae8ab59f188a50ce82cf32e100d9c2c5570295a4a05ac91d3afb9af304820a978ddac674fbbd6f8e4561a38b9456de4fc683cdc685c6019c357fde9b69d615f024a5e3f34231d237817f903b438585f92056eca47049b90783a3ebff0101d11e5bbbea2bb30cee556ebab9a9f0446a9d804bc624b453c31f1203db86777ebc1132d8be63df4fd8a2e7a61e543717c40efdf7afd7e01ec98d6b13be2d90f112c3930a7ab360a0e97d8548a22789642a42d8dc0ff5aced364e5ead5557e539d982aa663d90b54f9cb4cc5b11121cf98a88a64e0c22eda3c29bc91618af631cb8784ac3b2ac71d893d2711c51155132d964f55b3108c2fc91010504bb63ef458d224a525555cf2561be9b53b482d9c4a77fc6cee301bdef6503354eca90c89018c86579dc93479a29e44fb3ddaf0d064bac2613e7e8a04c2cba1338e240773f496271da0e1e9dd695fb604f5f55ee40e287c00eae130e1982e6f82a8db0dda1d68477a6fce3f1fe4c1ba0680313edd8b889daf4226d9ae980b29fed16eaba2be8457ffb10ed964ca1a20c68ede1ec26f3154a2c0df22b61dedd42a686727e71fd3097c926ba713b3d2ff41392b4e53da210069506870cc80b5965331e433a7c991ce6e96cc7d2759ce6aa57cf4984497560c78f2b67cf5a4d8e9f99021471a7f7c1d09ccd7ed8609e398d83943189619c75a01e40c3164b541f4d1a74f21429c4fb8e63933cb8e7d42ffd6ee910c205607596fd8e570581a602b0b8e0a0c8f1aa2d48fcd8aa15833244c84e42ed0a873f2ba1df7897f037eca68c9b125ce03964003394cfa32bc8e513df4f5ea714b26e90c5cd2c29fda207592e5e7dac81f693911275adc69d6ee815a63b0b9e9a90672d870d5bad3ecb0b87173b6b1795f860365491792e2b0a67d6143378bb31987bbed94db196a397e8d711eaf447b7f22727bb3e2f4033fd99504cd2d1c9f8047b1d87846d96f43a32b0c3d012a3b6b64bfddbf0b0c983fb1d7a142eed0e87a51a1968ad1e111ba594beea75ee36b8406aa83975e2faa7980d2534bded492c35a6e5c97074ad8da1edf94d4ba125329c352f802ac1b163ffc8e967ef31fe664e6c9dd79e593029ff2622dd52b6de5aab880adbc49e43a69246726dd1cafd9a437a407b452fc65de82efb6ad0fda5f9b30f79ef548bfa60840a6dc2ddb0739fb99e695b74ad929fbcc9fa288aa34dec91e4a8e32b22fb4f5f5092acd2d1477139765a5ff5875bb602621d5460dbd43eb368dca76390933758af4b3ae4da682de194965a3c8a296a57b48b0ef683efea7b0aed98d75c5f7d498349167130e2989a89e72669413d59b6d4918ada93bf6bde88e2c484686f954055d328d6e4007c7f4016e20e6e5ba314adbd673b09a73a7fea9a04799aa46dbd479117d867ca6dbb55a4d437681e5c86654fcbcb205bbb19764eaee02ae5d8cad1e21ce0008662d4bc3bb486b1de797f593e2c76227c7aff6b438734563bb5b6d5c07a9cac3b17c01c4f8a073c5dade420e60b7fe64ca592155add38b3f826fc11bc8eff1277179638bf8830179235b4a3477837dfd49d54b51cdceea1567a63ecc75901ab75434d177ba67182287cf562014b8d839a391b56bf5728af9cdee8472a6b975dd65b6ddf0abc2ffb80db240f3be65d41ca9191e1d82b29dfa5e24f7b83ca6dada892590bc0bac4f149f17492a197841dc2e93c3b9c6cc43fee9c41cc8acc96692e5fd30c0fe01021a72a90c76d1e83fe89f8ecb5a4b86b2c99561aeac1f0dfe63b3fa62eb3d7c6103e4c4684597c1c201fbc84d310d303879c0bf5e6b222ad9528502636fdc31c872f201b8b95b23f93c74caed2983c755045c996e96d5d0974ba118508c3f0955571d14a75c04658d3548b727845c57cf1d3f5ab195593e8b902725c77decb41e6419a14e55ef8202445134cc5b8ea59e18b820eae0b36ba36361309f28cbb262edb45a086ba2a1fd00620db57e34044c538cab367cfe3168b2dddb35bd20476ef0d750de3b20b593d47996ae7ce5f381a5c04e591c219a6c0d174200b4d4cd8bc7f62bc49941e7dab9a3a8701fefbddb0409952074f8468cb9efc5f968b81e42fe5e10e5f10eb986a97e1b8bfb37370a3690fc9ebf241f8fc1c7b8d730fe1328486e10a95f9c874cfd0b63a93c79b34258d77df8faadabd0ec8ba466c097a1430e152e087618cb66cf0f6d908fb823b7c1c6f75fea47ca63000469cc5c4969ac1035a7744409866a0bf2a0c1f1d4d8b49c32f18eb9d98ae13311fd1275c8d3d8b5e5a6afae520c444642bf89b26bef637cf1c6bf7024f08b68729cf888a4f9c386afaeb4cca716926a1357e4d89c11161e4922b710146c65af7c63d2ae1ea7ca2632ceb99733fd96330bff30e391ab87f05f996ba62a11dd054edd21a7ffe76ca5010b83d1a09e97b5e36294cd83bfe3f36e34f73a2a5c9f2eed74202b8707e062d460b5352dd180304aa531eeda431810ede3838cab8397ec605b0c36be36f018e9d0ef5c24f93b38dbe6d65ae39c0e866d65c9e6057761d5239c20b4e8c9c7e26f21a81172ef87ff7f4e5d2c8dda9f2dd231f6b5407f5e4bcd402e8e91bb3d296ad26d30d386b2028fcfc317e2fb324171e454935208ea1e05558cff6d36dc98609b37267b9b8cddfb5f2e1fa5004d99744311d1d92b5eca48a62f66e33461557da9801b941d2c00325fc57b4ffafe20201e45899c3f61338264e424e1f2683332f07ebc75a1a2ad67a4e82e05eec50981e36412d6be8ebe58d37c1c98af10a092aeee5b292d552f391a39af4d9eff25c6ebeb363c4302f8e6828b5f80e5ac974e779f99db285c013ba2f3542fd35a6d0e0bdcb46796835e0b806251364833ef60cb1ea3413f5811820ed7f22940dbb16642ed11f79106527bdb9aaa286e6304b132ff0bcedf30057e93bb1072c3ced1779096a058ffa877c478b6164bcfd9fe3db823056ec729dc67583b65c69bf1cd260892924f624879bb6700c22b0a44a0521a43f01b9e06f582af9105b2b08eb3165996e4d14b871881621fc6c0e90f62c77dba2a9d3ffb6e37d936e7899af5274ddc94c8e5f71e306affbb0fe5fc0a33c795634f10074a53d44455b9fc968e9b25c1a9574757d5b3aa7919b001dea3abb03091b61e1a04d07de286e80cfc2b0167511e134bb596c8cc31a2dea91025aed47ab7934dcead1650ca5a28719603f5ba0687b40541d8d9650d5112fcfafa8d3bc7a20fb1fdc98f5d3b64f4fcbd399288cb7249b51f44a6eea4b5d7da96e6dcbce9138eb08e47e9b50fa81d690b62d139a86c29676d0e1d799ebe43185226a2312dc6c472d830f31cf666915963dfc7e1c144cf8806b48938748ef99bb6b4da9e1565b78b8b9b236091c1e35e3a91b1061c0149677d742992a26379cf7a92fed5be6b09d3594a0666df8fada16017e194be32fbaafc8bc8ae6668c7a2c7c460faba0c684f97faad002e169e0a173e7b171c29b558fa2550a96043c3efd82fef365ce724f3d334d113d999bfb14e7718efc1026ae17de44d77ac48691c6d52a8abe76db23078b5c82791adf2d8a73046cd190454d3af02307a34ef3c1ad9ca36e538c2fd56a8ee3f7d4d3c5600c2047c70a0da78ce3fbb2163d958fca30d5ecc4077269b760a4e7dc127540276d9bbacc8a8204fd1b2862d6c406f280315a3b048d9424852c46f49c06df2ee1773bf34ad0ee12e5af5363c747f479dda8c534092ff64860ee11736980f66b83977671a1d8c275c4892dd16fefa3cea52c23f42e30627cf299783f2bc4eb2d63d9d4c098f6c5fc3087cd00f7e1df5da7c7b5e5599b8c3a1c2d3d9f220e9cb2e639495ea688c4d5cca9711b61400f042a94eb890965b0c45545ef0a7ff3a65f5737e8c4548cc41b8707bebb63333a05aa8c0b13f95aaec9faadceb1c26ad93d20411959f853faf52aa4ea920c8e3a092eee2dbf8db3069145b1d02d675cfeeebd2a974eff78f9009542c5b99b997fe3d35a46db4ac0257f893d2103904e9c264f8cf0fc51e5f8b71510cd31aaf6406fe139c888f267f3b6d1e7fc9d6f8c769e0be070a5db6d08d48892a9dd457117fefe91100fbfb501d932c24859378d873445a141fdc0b054919a5528806db4ee7404e1f542404301ad7ea8f7c9326a618a5f5b49478eb502f8f3c37b5fc917b91ca2863407e365530d19c396fed05e5ae4f3e5c424016dd874ca8765d1166afe367e5176e3300ce43d8e766bb7148d6e34e7c3a00bfac97a574c2c987824a63b43570057c6203b3d61511bb815295c3e041babfa245fdc8a5969c35a599828e753699c8728f5a91a7ffeaa5fca94ede81aba92d5df31405e6c10f816dac37b892dec40298ab4cdeb383dc89fd6f725356b08cacbc5d76af6d3976772087e54c52ded24a78baad8b12bbea07d5faac5c56dea644e255a92bd30e1c21b0430be70483b9883ef09579cde4f0776a1b2193687fb1ed8e709cd6c9ecd2e845e86dd0d41751b8e0605432a1bf24f4d0492e2f515d1a0acc1ccc2480ec8a71bce9d495cf1bbb9865dd512d988153ab81766a836aa83de898ee8c18838ac7d375e36c4c8289dc919cd53f7b64952dbfadf521cd681ddf4d318cbf272b8c6bc57cba6c84c03610bb7ce3c5d466ce0c46bb44d1fd39f1d3bc0e0bce6277df92e2ca006f8a9e5dbc19143bfdc06a686a7527c6834ebdd8ca2eb3da1ca7ee7296fb5b11a93e202bfa62bdf34f214a3a1fff286de69dae055c5147e1788e9724fec83f31a212adff703eec5207624f171561934635781f57f067eafdfa5dddbd0a93279dde4def45c0813cbe86123f2f2c1ff82512f9d3d72d2e78357f258222104c1024b220d19d241fa13b72f3cf5cbee3214ad12f35cde6607efebfdfa4f2ccf70f80ad342e64faa299f39c08929f6b5347b4b03d768d23c6f51caddf7621abf080d988e97353ba3de4943eaaabb0ae4c67edbce091dd9dfb6ea7da89950ae8b6c68944080eb63d337135bcd9fe151be758a260842ab6eaa5336734f463a306c2424cc062c76255133a4561fe34131801cfd0e61edadcb9ff592b19850d12dfc8868e7567b6a2f03962b3a95f80d5d8526da3e88d8d9d65fa216a8bf4960d03a78273d19bd21f0ad9b34b944ea3a9df801ad4f4835467be1383e91badf9eb4cbbfb16d5abaeb82062f6448ea25cc762073c757c60f999721d7551c46cd34fb09acc2fdea5d897d9c5d9c41433a95fab0ebb837708d05e4ae17c17eae02c45d4df6b0697240e08185e1b2b89d29b8ef9a2f2bcdc0412d4a8dcf8431e6f16afc01c96539bb4c1301661b68b967ac46799160ba26cf169254148ae806a08967e98f435d4be90f7e2957d5cc2da7b49bafeb8fff4b9956628c009503d5a3dc58886d7d02d3830a0e54e50828595cc76b74e8738add02b0b054bed01c75ee589fbe78ee53c1d68a7b66e55d499a67e1a3bd28dbea75bdd8495ef22c521dbd4ebeb9b550cda28a9c49e58e1dee63ff1c3a253bfeb53700a8da5db19e5"})
ioctl$sock_SIOCGIFCONF(r8, 0x8912, &(0x7f00000000c0)=@buf={0x0, &(0x7f0000000040)})

1.805268486s ago: executing program 1 (id=2142):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000500)=ANY=[@ANYBLOB="61154c00000000006113bc0000000000bfa000000000000036000a00080013002d0301000000000095000000000100006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf310000000000001f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44b6b498b98ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089da6d6a710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f50e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8d829906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453b65586f65c7943d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a443c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87100900000000000000de8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e52a2a10f922cc2de27ac24483639c369b06ecc7ea4195898691cc9c414c599c33eac655d01d1c4f89c999fd7aaa5d0984c82128ad6a1fad9dd079e095aa8331fe3d2e2baed37d6c93d402dc67b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

1.703224302s ago: executing program 0 (id=2143):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="2b0000000000000098e46e70000000", @ANYRES32], 0x20)

1.675611243s ago: executing program 1 (id=2144):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000005c0)=ANY=[@ANYBLOB="9feb0100180000000000000034000000340000000200000000000000000000030000000003000000030000000000000000000000000000010500000010000000000000000000000a02"], 0x0, 0x4e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x803}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWRULE={0x14, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}}], {0x14}}, 0x3c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x2b, 0x80801, 0x1)
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r3, 0x89f7, &(0x7f00000000c0)={'sit0\x00', 0x0})
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c00000010003df600"/20, @ANYRES32=0x0, @ANYBLOB="000000e8ff07000014000300000000000000000000000000000000001800128008000100707070000c00028008000100", @ANYRES32=r4], 0x4c}}, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'wlan1\x00', &(0x7f0000000080)=@ethtool_stats})

1.591000593s ago: executing program 0 (id=2146):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d1000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000003100"], &(0x7f0000000300)='syzkaller\x00', 0x4, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, @void, @value}, 0x94)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffff00000000000008004500001c00000000040190"], 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021040100000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000d8000380d40000800800034000000002c8000b80480001800a00010071756f74610000003800028008000240000000030c00014000000000000001010c00044000000000000000", @ANYRESHEX=r1], 0x188}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, {0xfffffffffffffffd, 0x0, 0x51}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x8054}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000150001ffffffffffffff8000e00000020000000000"], 0xb8}}, 0x0)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000ec0)=@raw={'raw\x00', 0x3c1, 0x3, 0x450, 0x0, 0x150, 0x150, 0x0, 0xf8010000, 0x380, 0x238, 0x238, 0x380, 0x238, 0x3, 0x0, {[{{@ipv6={@mcast1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, [], [], 'team_slave_0\x00', 'hsr0\x00', {}, {}, 0x84}, 0x0, 0x248, 0x2b0, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'batadv0\x00', {0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x4}}}, @common=@inet=@sctp={{0x148}, {[], [], [], 0x0, [], 0x2000}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz0\x00'}}}, {{@ipv6={@empty, @mcast1, [], [], 'batadv_slave_0\x00', 'gre0\x00'}, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b0)

1.562703154s ago: executing program 4 (id=2147):
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x2)

1.511750708s ago: executing program 0 (id=2148):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000010000b7080000003000007b8af8ff00000000b7080000000000107b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r1, @ANYBLOB="0000000002000000b705000008000000850000005d00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x15}, @NFTA_CT_DIRECTION={0x5}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
writev(r2, &(0x7f0000001980)=[{&(0x7f0000000540)="c522ec5e36551e77dde32e2d672247b5ed7598d2f04cda2ef122146a6d3adf120e9fbef9c4820e4370d0706c4a774b7625e6d23882da6fccba541dc8b378594278ef295ee3a464883b830218a40011ecf09eccffd91b347e7df00cd701b70ad3672bbc5d82ac13423a5446beff4c266255e6c6350c68d081afd9944ac40e50339fb7309e1b4d45b1bc1b26e9587f5ad63c1636c2c99305994d77b7b3e03eb70979a72536d474cfef104b4451f8bdc98a343df11ec9cc70f52bb6c7bf365fe5", 0xbf}, {&(0x7f00000006c0)="6742faf4b8890725c3be7ff492f0aa263403fa2b0202c8b5ca98aff1c51565b879807b7fe74c58321955d552e560500d551708db83e72f08a2aaa8a9e5a4f484355059a87dcb7418c1f456427d7cb683b4a933b7aee55e35e94cf08b81e7b851ed441a4a4f78b5baefd3f2d87ab32ea3f44de5a8b29abb878762a958c2c9e0db02c510ebc8fcc71e934b3d96df48b0c80879afb233c08dc7b7b3f444c01c71454027ec2a160b5122c294c7f646cee36dd20727783564ea6783", 0xb9}, {&(0x7f0000000780)="9cf0e15a82ad69fcf4d7a43589eb27f901bb5c2576c0661ee2742970fce36ec5534fa0a34b2c6402b3b127f3bc7d60feec253f3c0e39eae8acb43d985e5588e2083158cf004c82834fd1ebb350084f9bd2b7f577324c6e79a640345c26dbfe2ff4d74542a885265a88f2fcc49d2b19e9a7029073aa873a0a22561af46faac9de07ab7b", 0x83}, {&(0x7f0000000240)="22a6c974b71df0cb6f813c1a54f91620d9045c309fba75d644d068031cc11eb9059eaecb500b5a9c956928ee42e9aa8ce0e859dc43ab47cfc61c2740d51963e63bd7a81e1afd81de224d8c2e462ca3046187cced7906a2945dd755a46a9c263fcece2911a3", 0x65}, {&(0x7f0000000300)="d53bfaad920a173073c658072e668c30cfa709556da266978a35bca6355b", 0x1e}, {&(0x7f0000000840)="bbf9c2d7b4930488d9c8ae2cc1fe3c63803c7aaa85845a65cba71df82b88a0e380b144ee6ca22447998030a134cabd346ad15451fc9a91e6fe2be60883565ea1ae455d181f040cb45204ffaa80fe1416a0ce726f26154e9ab32b625c5a467e5b590630ee7c0572192bf4d66ab4777d69d1f221a9b5aa7ffb0afa33a25f45676893683be96c2e9832929bf42a7edc262b54fa27d4bb3c1115918d64556379f4cbd6c1132a50c519e408a177811ba30a8d5b7f8da7bb6a260bc735b20e5c011c22ab7d784e2b316bc1bebed827bda7298808f281b37b7cfcacde5340063afaf9d6da530b271e465af67db388478d08e5aa5622b2ff804e327bc23f0ec21e397e084a5b38f862ef4b3f3ccf772ebcbd7d253584da9dd97aa3f051d590ccc00d3cd342c8ec43b3fe340c998b34e5afdf7ce4a39d22892e938f4f5da5d15264c892b47b38b4c12304c10a1c63154e8b7ec6e23e9f27b89acd6e08a82aa934336b250e185b2a97e6e67c6c7c2854d3593db544aea9a6d43aa86974cddc1cc92631d87b56f7315db8ef9467a8be37cb01b4cd4a70c5c10ae9b9b01c816487a87b872cc1fe0cef9f0607aa8bbbd2c1c17c3e7723bfae0655d2d6eb746dfb9e3b1e46bcf3355d0f015143a4302e1e50a67e07cbfb2956f8871d9053118a3375f5178816abc423467aca9c5500080ef2fa7b113eca3fde70cd46d74cf8a5480493a1299e4ed244649ca90c2f1ad49f83ba09edff9a308b30515b482b22e85bea75af9be0cab264ca0640dddb2bbc3e4f966f546a1329e7338969f3cd0235ab2ff1d9ceb4b8df502f2ca05e0656a765d437df949839bed0a65727ba8ef6c6c298702259f181dc0176dc4c9f5648d157566a3370cfa64b9206b01c404c47149a20805bf92136f5f29713775eef02f5fe7e5093e466424daa482ef74ad593928fc6bb225f567c90cedde10ff66e0320800e07a7909dcc90707c15b455a15eb61e2f1c08fb99d12af09d825b45f01768436552b39bb08ee65607c4abd03fae2b61c0afece56f5f64643f65b6b6c3e6ad7f5ef4d23db46ba5ebf701b6dbb1e78e6c6456736fdd148c5308c19260bc549a1cc92036acb7facd60ec2006d017f75087addfbb260faa18a8d95c82c60aeae1c082a71cd923e8bc341746823d89b97efc458990692b4567340e52d0c4ea4ab6bdf2bcf9bf780ada9150af7bd3dac996b627f2715d9ce294f6c8084672facbc63ef0552e9f7f2705b69e5056f08fa71d612316786f44126f37d5baae504ce6d2487fd05fd8dec5d3187cc6a607ad4da8c650e2182698e17b026b6b32b954f1f6a8dd5239e842951cb88778ae7efe162dcab54272cd9fb528bb0862fc31c11e860af1885abd3f487ad0c4d72ac4b9bef3840c8b848b17078518b4c0b34038e76d632cc164b930e024256f281e66d2444a3428da7bfefeb277958afe0961666db94f2de094eb939dc392a8da987ed42a4f3858e766f2a0ec57dd623d64aa014515a02e2be7872138011030f6edd5d8951d57b699303285e80b03aee1e3d73e92c871f6c09bcf346a23d80255291cbd8f92bb5194e6980e4b4f3f2df9bbabedae68197031e070f8cd6dc54724517295e226b0b3a0f10e6a328bd0bddf2d321b4be66cf8936be3836df9a3c13fae7c538291013a599e1390bd1603451c25ad5d55b27cfe3077b16056b221599325c0af1bb38f19ffab2b691e969294d31704c6d06e8434e9b34274eb482e6b25a24978d5b8a78b4d827bf4343a12e33c361ac7aebc72d4a06feace65b2cd46ac0b89d3cb76331e4f21bb36c0af02067e1f8c6af3c5593bd06a19ca8e22f4aa3f53abbf1d8be96b35db2ebcbd8d6015041f89953d6db48b0b83178186435fa10d0ea3592ca7d54f1a1157e6859d4076e6adb0bc85157c4b88d6e49e2ad3030465bc95bfccff2dc86a3079e4c0bd2b9994b5e67157ac5bdb87409d92dcac3b6034cad3a23e3616f92c57ef1b10754622c9eb5b5c76a3a858cf7915f62766a2163f1cb7ec9a472bf688fd9628eaa208f5910498c60a4083be3418161e6b4f66b2c1efff77f40bda6e6f8e1393f44d7b2aa005208c7659a4e4479f2b526fd535e3ebc3a6abe432919bad58f754e3231ee91a75ef2f4a1e3877ea256040c84db6d98a43e46770750d55edc708cc49671d3978655f7aca745386583763505278367ab5fd1ea397bd7b9bae9d0acff2492b56a77015c946277c72c5f31b76378e523740c8d94789c27a4010969b1e079ef71f554e478ac68fd497b4d441370bab0c69954c80f506b93d56c786d59616bf5e020ec72302791c2d0d5c55c316a753660632128a10c0900443427ae18aeab90e79c4dfcb19b7de6542e0b378281c21a53d0f9fc3f07acd59428802fffd022a1584fa175b4ab40c3eeb925831014bc3a45e1eaec12859c69117a4cc26626daa7d606e6cddaedf0d7c0b4ee087e101ba949f7b129b02b2260c44d6560a5ddd3f9215111edff292512a250691dc654d86e45e9796c971c04c599115feb61e57cb92d3fe37a1391aec743dcc9f275f7f6bc1b05f39157a2e598d533183a082e7e50d0992bac4ee111cf2644ef012f51721b550f8f0e8eb82edb2c9f541e850b149718f6d5b908804fb971bb0fa6500d0d4e5a32ade211301faad23b86f0b02e60db28b8821b773bb5ff40ec1e05164b90a6a9e56b987408d628762e98b1181a407696a26bca8c87e751c10c759fb67cd495a1c886739f8c08d2e7f53379afec65d988cebbf5c4805f619e2196ca029d1052f7b418fd62749e2d4a81c0b3cf1bf765d3913051f18d5b5a21858415f020ea90ab12a420e1be4f506a8633efc985648dc5e8bd76f11a55b7edcbeeb4c31c48056d231c90a793abd47b3229cb9c707567c7662305dd4b2440a8daa2c1c216ebd7e54c3feae9545f55ae4cbe0321bacfa9661b67fc68bd4d23ed5f35dd60f571dc8f8cd3966a821a3b7a0bd4645f518360acfc6e720330aba649def5682b09d6822fcd251c200fe115085e2b8c7ae68ee0e5e098a58eb875580065a1cc05d7a1d886788a6c54e3136fba3abccaf43aee560120e6b83cd680ad54d560501480ff73fa933ff04318af9b62ca762780206c568b06acff2ff879525e254956fa5a9d2c72dd96bb56301434de068ee03b6e92f083d4264914f4376ef31fee021e345257c8f4b9e16e0a9d9f8e5923acc49bb1c23cf90f65bc5fa4a38e75cdb6718b9fc85ecfe4ec8eadfff9d07debde94f5cd90450e98d13bf8678a9da0b539d058aacb49b252358b79b435cae59d08e8acceb1dedc0a1ac8ea3c100a9c552c133d6419a1274518178b2e017142bfdbab44fea32da16ac2bf8f94cc9be3199ab927cfd94a2669059e080634c7a9ba574d97b303b2133748bddec724f1d240917461a299f6d971e05874514a9b289fb9ea84387261a224d95d76b239a4a93bec1c76563355902f75705ba1bd4ca8f3e55b2928186ad04c488082d221466270c6348d7eb69938e8ce2f3fa35b8dd515f9756b35c5e4f4f90de70c3f6520ec1ba52bdc054cd5ef6c9a51eb2cbd9d9bc1061c6ebae90a24cf4669456c5eac03f8ea299921639ab37c9ee1c5328c98c1ff6da2d76528870ab5b97cee1f8e1b7737ee7ba558b5445dfc0b45ca15a21c5e547455c7be7e5c8a0443c2d6c3d5cb5f0b9d39d33d79d482fcebd9184aa6963e8c1ea187bb39f25e9e46327d431bcd6ff782f7f34a5bc64a3212665b541ffeb5aea60b2e9f973f7d2c4640b258af0f6a7b7c7e297fa84ff1fe209d1d247561afd5625c341b08b55ec5ea9d95a83ea9c0f600bf5c50c80f45488f5b67a22c45790d9b3dafd6f33fc40232b61c01fb8c32011eff31ab57d58fec7c4861a7ea7f71eeebacc36e549721de77869497b3b13fa12bd12733bc4e7f614df0fa6be9afdda71fd01a22166dcca7a970e29881930dfbe5971bd2a58c4a25025f18d0df19122b791a85ffbc6a37a2ac976b1780b1e218e9c83ff3d7f61db61be99112ed94aa57735d1ea5dc997aa7010f8d2918c20a5072b8b82f8773166b625e5076523efefbc028fb956a62e3f8a94b7dbbc91c63f4fdaa414019f9e73b1ce432672389b93e9c78c5839f5a5f1b6e1adde5f1b0b3ff8f0ea5e9d94991a2a7b004e81394ac7354193ceb5e745a0cc71ad93d3f11b6dbe8afc04dbc200a76ed65cba7197159aca145adff8e697a17f80ef0344e0f5f03b6b30d79212998c9a03abc50c9a536995eb6b2356d6b1cc8aa4b1f8699bcb013635d5f6d553e191236ebd7ef22dc50f98ba009a9a55e6348cec4a3340082ebb9c386264d87a69d4217f5229fd52a86e3471ebf243d75d882a585313a273189d86ff6994c88e552f5d1dc4ac69565d7eb9e550df5d8dcef1bad1818f643d9a04f834f625b8bcc061508fc3c3ac6b493007cd1639139bc325cd4b7caaf125627d915695a5f302ddf82da6e8e0a548b1bd197c50f79d724bf90a7faf3b0729ab1a7ba31d18ad7fd566a61383070024015385556bd1446534dd5758e73eab362a039bd3756a6cfd16145d5ef557fd37d9dc58d606b0a400abe40b95aa8d7647978eca4949009c5c89b9c7e53631022f3be050ee542a4b89e45df1a52836b603410b30788265a855f694d65b76f94f83982227f97685812b3f3f3bfcc940698e3d261a8e800c1b8ea96e2943676df79899076f7636d297d4bb8cff833f71e1c073ba5e278ca1709bd6244cb172d1bb9a92075852364ede3bac3ca7c7673fe87d506f3bcc588ba34584e3d1ca783f2a61170b01f9d7178b94863af85eb84bdddc4a0789788a4191d73e134bbfd8899c8248190f3ab5906c967d07c2a45860ebc46a3f5a9d7c8e76fe4eacb8a491de1551ce234f4c8d7ae1452a45779ee5149420ca097e10d8644875cceb033c5f4d619a25e6062a8dcc109b3ca1a9153ab1e9c37629b7fdeb084f43745db34ebc1dc512db805656a283f6424e3f9a75c4954d0e6f34d03b4df2bee4a40fd9f1f4aa6f00ca774cc346374dedf6c30583ee4aea6af157ad23fe524882d3ad1697b63ad77f29083b756e78f3b33029ee1946ab4ded88d572a04ec9e531615590aa484c0c352a08a5c94be377226861c9fea9dc6d869bc83c2d480ba1c0cccfab6446596dae8ce92a3c66f2e08a7910cf1bfeb848581db344645eb092f568a8b94a87b59e864b7f78756bcd19ef60696c9ed37bfdb520ce1878cf7e1fc1c6da258651c1b749422324aa7dda1b45f0087e3934f51baf55c75846724537a1a67ad53a629280dd50d1d79549ec000c9a9a367fe75172c318b73d9cd080ceee936a4891f6e0fa9a8090a607f4887a9b3c7fdd628ac346712c5624736e5002cba8f4521d7cc4ba4e62f48a3c0d9157f3c2fb68c02f9fe09904664bc22db33564025422fadbeb81c4474a2db3d3a252f366df43c1242d826f0df35285750ad57c6cf70f244a49da89cdd9c3c7ca9a52c98f52fab9e0ff4f4e405a80282ff3386eb63fbc40f7f96005a9c2c2b3b3ca37e1ff08cc74a4afe7abd4a777aa4982818af8a3543788f550e15f8d2a7a37f5854d82672cf9bc69761140a9a60516db69ef13ac1adf708e158fbc78204fc6adbaccfe6da28cc6393f07b97eef7d35211f9f28c1d3f6795e5732bb57c12f5efedabddb9fd88d853f6ecbe5da4a62d7dbc33e1fe5590f0984d3badd27f1f32c3d164bf6560fa0f2e2a464dada2e23966a86c948f4236f419f1515947ba3b1ee50952c101f92383211e48458e10463a0560623dec637c80d913a05800b90d88f3e", 0x1000}, {&(0x7f0000001840)="ab6a5cacc4", 0x5}, {&(0x7f0000001880)="fe4718bc23e5c751192effdeea405def6349f4086c4c23bc066cd3b9975849be9d1511ba897ff7d96844ef6350ff1ac68d1dc7607ce12f32bbc2ab8ae263515d56e6c005fb4c0b8f169f83af7c2e10b3101ce6233d35b1b4e6bc9ae2d6e2d9b6d22e79431c27e6a212127546c99ea019e672f1e88efed251ddabc4bbdd15b158f9a6695b686d869caad2e8e633e8cbf0e3bb567016ab99b0f8ddd1afc1b675e6ffbc1fe0f0f3426695e95f4323c6b94a5e4fb530f0ca23a78b842d8a0639f489f69fc1714cffdc261cdd6062a92be787ff84abfeb1b077d2c62e57645c4f6bdcecc215f725f13ba7e65af5cbb2", 0xed}], 0x8)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000001af90000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f030000000000002e100200000000002604fdffff02000014010000030000001d140000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000"], 0x54}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000000)={0x6, 0x8, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000000000000000000000000000c6000100250000008510000001000000950000000000000018400008ffffffff000000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x3, 0xf6, &(0x7f0000000180)=""/246, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000, @void, @value}, 0x94)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000900)=ANY=[@ANYBLOB="1c0100002b00010000000000fcdbdf250a01f2800c00090008ac0f0000000000140001"], 0x11c}], 0x1, 0x0, 0x0, 0x1}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x1400, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001a40), 0xffffffffffffffff)
sendmsg$IEEE802154_START_REQ(r5, &(0x7f0000001c40)={&(0x7f0000001a00)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001c00)={&(0x7f0000001a80)={0x24, r6, 0x8, 0x70bd29, 0x25dfdbfb, {}, [@IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x1f}, @IEEE802154_ATTR_PAN_COORD={0x5, 0x19, 0x2}]}, 0x24}}, 0x10)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001ac0)={0x110, r4, 0x205, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0xd3, 0xe, {{{}, {}, @device_b, @broadcast}, 0x0, @default, 0x5d7f, @val, @val, @val={0x3, 0x1, 0xb8}, @void, @void, @val={0x5, 0x83, {0x6, 0xe3, 0xf7, "440b37f5170f24e99774e6ba3e48da22a3117c41f24229748e44e90480114f4b7a95e0e38354b69e970ba6ab9b8a0ab96258efb2ead2d7c4b131eb3c04059592f0f8b9a1a9c30b06e4bd60b0b37a99f91396e6b6399dccf2749617defb9a0fa2e521fcb4110d1da3bd1be3bf741aad5933924a6d8f681f7798cddfbd73688e05"}}, @void, @val={0x2a, 0x1, {0x0, 0x1}}, @void, @val={0x2d, 0x1a, {0x10, 0x1, 0x6, 0x0, {0x9, 0xc9, 0x0, 0x7, 0x0, 0x1, 0x0, 0x2, 0x1}, 0x8, 0xb, 0x4}}, @void, @void, @void}}, @NL80211_ATTR_IE_ASSOC_RESP={0xa, 0x80, [@sec_chan_ofs={0x3e, 0x1, 0x2}, @challenge={0x10, 0x1, 0x21}]}], @NL80211_ATTR_HE_BSS_COLOR={0x4}, @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x110}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x300, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.447171073s ago: executing program 2 (id=2149):
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97000288c19e9ace00000000000000002100000002ff020000000000000000000000000501"], 0x0)

1.446286707s ago: executing program 4 (id=2150):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000100)={'team0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001540)=ANY=[@ANYBLOB="4400000010003b15000800"/20, @ANYRES32=0x0, @ANYBLOB="0000000000b401001c00128009000100626f6e64000000000c000280050001000600000008000a00", @ANYRES32=r3], 0x44}}, 0x0)
ioctl$EXT4_IOC_GETSTATE(r2, 0x40046629, &(0x7f0000000240))
sendmsg$netlink(r1, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000002ec0)=[{&(0x7f0000001100)={0x10, 0x15, 0x0, 0x4, 0x25dfdbfe}, 0x10}, {&(0x7f0000002f80)={0x10, 0x3ec, 0x0, 0x3, 0x200}, 0x10}], 0x2}, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='ext4_writepages_result\x00', r6}, 0x10)
r8 = bpf$ITER_CREATE(0xb, &(0x7f0000000180)={r7}, 0x5)
close(r8)
ioctl$PPPIOCATTCHAN(r8, 0x40047438, &(0x7f00000000c0)=0x1)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="340000001400010000000000000000000a3f2100", @ANYRES32=r5, @ANYBLOB="14000200ff21000000000000000000000000000108000800320400"], 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r9, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000000c0)={0x40, r10, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x14, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_MASK={0x4}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}]}, 0x40}}, 0x0)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000100)={0xe}, 0x8)

1.359026177s ago: executing program 2 (id=2151):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000496000/0x2000)=nil, 0x2000, 0x0, 0x12, r2, 0x0) (async)
mmap(&(0x7f00004f1000/0x3000)=nil, 0x3000, 0x2000006, 0x12, r2, 0x913e0000)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f00005d3000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002640)=@delchain={0x144, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0x108, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0xe0, 0x1, [@m_simple={0xdc, 0x1e, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x8, 0x3, 'bpf\x00'}]}, {0xa5, 0x6, "9787c29d6ac649e7ec160dfef7c4cea330102e688fe12213d2bf7dae04880a34e7bf775010128401ec7b2a9ceab9c40c5f9bd00ceff17d69ca7a27324ef7a1ad28d4b3c6a826826e9c291c16ab3d13e1f337751959e47bf0fe515b70ea5a3584d9cdba83a705d3257305f931866cf9f1faa34fce0e8a7ee76e20f05d4e1adbee4ba00ddd7b896197ea2a0391ef62c651d59ed7e0e8964192a2c1c29308d0365034"}, {0xc, 0x7, {0x0, 0x79d0f023c2b305dd}}, {0xc, 0x8, {0x3, 0x2}}}}]}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x3}, @TCA_BPF_FD={0x8}]}}]}, 0x144}, 0x1, 0x0, 0x0, 0x81}, 0x20000080) (async)
r5 = socket(0x10, 0x803, 0x0) (async)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f00000003c0)=@filter={'filter\x00', 0x42, 0x4, 0x348, 0xffffffff, 0x0, 0xb8, 0xb8, 0xffffffff, 0xffffffff, 0x2b0, 0x2b0, 0x2b0, 0xffffffff, 0x5, 0x0, {[{{@ip={@multicast2, @private, 0x0, 0x0, 'wg1\x00', 'nr0\x00'}, 0x74000002, 0x70, 0xb8, 0x1ba, {0x46010000, 0x2c000000000000}}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x287, 0xe0, 0x108, 0x0, {}, [@common=@unspec=@cpu={{0x28}}, @common=@unspec=@limit={{0x48}, {0x40000, 0x80000}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0xb0, 0xf0, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "81d0042c436dbdac8bebde18b54dd11bf035c1d8b6b0e88ef5aee0eccad7"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3a8) (async)
sendto(r5, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) (async)
recvmmsg(r5, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})
mmap(&(0x7f00005d5000/0x3000)=nil, 0x3000, 0x0, 0x13, r4, 0x3000) (async, rerun: 64)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) (async, rerun: 64)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f00004a3000/0x1000)=nil, 0x1000, 0x0, 0x13, r7, 0x0) (async)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000004, 0x28011, r8, 0x0) (async)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r9, 0x40305829, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r10, {}, {}, {0x8, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x0) (async)
r11 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r12}, 0x10) (async, rerun: 32)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0) (rerun: 32)
setsockopt$inet6_IPV6_XFRM_POLICY(r11, 0x29, 0x23, 0x0, 0x0)
connect$inet6(r11, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x2}, 0x1c) (async)
socket$alg(0x26, 0x5, 0x0)

1.279501877s ago: executing program 1 (id=2152):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x4098884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000001a40)={0x1f, 0xffff, 0x3}, 0x6)
write(r2, &(0x7f0000000000)="2e000300010000", 0x7)
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000440)={'syz_tun\x00', 0x101})
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x3b6, &(0x7f00000003c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaabb86dd6000084003803afffe8000000000000000000000000000bbff02000000000000000000000000000186009078000000000000000000000000000aa78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af0302000100001c0500000000260004000318fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a775772c08000000000000b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978001d06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8675b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000220b17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f0032107b8a3e100908f61640000000200fff500000000000000000000008879e66485201a0015ca83347357a0274500040000000000000000000000145e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052ccc8dab34e820a651c7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c0005d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02"], 0x0)
r3 = socket$rxrpc(0x21, 0x2, 0x2)
bind$rxrpc(r3, &(0x7f0000001380)=@in6={0x21, 0x4, 0x2, 0x1c, {0xa, 0x4e23, 0x7, @empty, 0x4}}, 0x24)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockname$packet(r6, &(0x7f0000001200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendto$inet6(r5, &(0x7f0000000280), 0x0, 0x800, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001240)=ANY=[@ANYBLOB="140005000000010000000000000000000000000a20000000000a01080000000000000000070000000900010073797a30000000006c000000090a010400000000000000000700000208000a40577f00000900020073797a31000000000900010073797a300000000008000540000000213000118008000100636d7000240002801000038009000100357c8b80ae0000000800024000000001080001400000000fff0100001000010000000000000000000084000a7339645561b93e0604f45edd43147b1ba27e6e15b20e38ad28e7f960cb5afcec45eddc31dbce8c816aafbdc4ac446d2f650cee22a7cf60c196447fc5432f824071099538484e7ba21cae4644b1dcfdaf223b8803f1981602b06994c1c9615882fbd9ea07d2f4f86d5f525fae438c4912dba294ca64960cacb6386de2b9165f4780e21f45"], 0xb4}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000006000000045000000700010001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000d00008500000001000000850000002a00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r10}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c0000002000010300100000fbdbdf2502200000000000000000000008000b000300000008000b00000000020a26e50fe7e87928ef49fc695f74d7e0262a8e46f37eec7b6a8cca866836f2683c44a8e6c21103ba3ead26ac51761984ddefd46da0655af84592"], 0x2c}}, 0x0)
ioctl$BTRFS_IOC_SNAP_CREATE(r8, 0x50009401, &(0x7f0000000200)={{r8}, "88f06b79cb10d42f20c0c49576a7ff7bdd59112f324f2941090b7ecc8afa05c0911e42c543b8734d4c52a2e94fdf1eaccb6f35f8b0e4757f67f62a572ea66f1ca8e28da0e8fcd37c37d1069d98b8b6a9958a10ec88222296e37fba014d79eec59d4656e162af864b33bf1afb280a1022d9cec3617d585c92619c703d542efb518f42279ce9f02d96a0ecb6cf0528ca85b6e8f412c5db4977eabbb3318a8f7152c15c4c44b3f47635b521bdf0420c322ee2e4d3c0842ae8ab59f188a50ce82cf32e100d9c2c5570295a4a05ac91d3afb9af304820a978ddac674fbbd6f8e4561a38b9456de4fc683cdc685c6019c357fde9b69d615f024a5e3f34231d237817f903b438585f92056eca47049b90783a3ebff0101d11e5bbbea2bb30cee556ebab9a9f0446a9d804bc624b453c31f1203db86777ebc1132d8be63df4fd8a2e7a61e543717c40efdf7afd7e01ec98d6b13be2d90f112c3930a7ab360a0e97d8548a22789642a42d8dc0ff5aced364e5ead5557e539d982aa663d90b54f9cb4cc5b11121cf98a88a64e0c22eda3c29bc91618af631cb8784ac3b2ac71d893d2711c51155132d964f55b3108c2fc91010504bb63ef458d224a525555cf2561be9b53b482d9c4a77fc6cee301bdef6503354eca90c89018c86579dc93479a29e44fb3ddaf0d064bac2613e7e8a04c2cba1338e240773f496271da0e1e9dd695fb604f5f55ee40e287c00eae130e1982e6f82a8db0dda1d68477a6fce3f1fe4c1ba0680313edd8b889daf4226d9ae980b29fed16eaba2be8457ffb10ed964ca1a20c68ede1ec26f3154a2c0df22b61dedd42a686727e71fd3097c926ba713b3d2ff41392b4e53da210069506870cc80b5965331e433a7c991ce6e96cc7d2759ce6aa57cf4984497560c78f2b67cf5a4d8e9f99021471a7f7c1d09ccd7ed8609e398d83943189619c75a01e40c3164b541f4d1a74f21429c4fb8e63933cb8e7d42ffd6ee910c205607596fd8e570581a602b0b8e0a0c8f1aa2d48fcd8aa15833244c84e42ed0a873f2ba1df7897f037eca68c9b125ce03964003394cfa32bc8e513df4f5ea714b26e90c5cd2c29fda207592e5e7dac81f693911275adc69d6ee815a63b0b9e9a90672d870d5bad3ecb0b87173b6b1795f860365491792e2b0a67d6143378bb31987bbed94db196a397e8d711eaf447b7f22727bb3e2f4033fd99504cd2d1c9f8047b1d87846d96f43a32b0c3d012a3b6b64bfddbf0b0c983fb1d7a142eed0e87a51a1968ad1e111ba594beea75ee36b8406aa83975e2faa7980d2534bded492c35a6e5c97074ad8da1edf94d4ba125329c352f802ac1b163ffc8e967ef31fe664e6c9dd79e593029ff2622dd52b6de5aab880adbc49e43a69246726dd1cafd9a437a407b452fc65de82efb6ad0fda5f9b30f79ef548bfa60840a6dc2ddb0739fb99e695b74ad929fbcc9fa288aa34dec91e4a8e32b22fb4f5f5092acd2d1477139765a5ff5875bb602621d5460dbd43eb368dca76390933758af4b3ae4da682de194965a3c8a296a57b48b0ef683efea7b0aed98d75c5f7d498349167130e2989a89e72669413d59b6d4918ada93bf6bde88e2c484686f954055d328d6e4007c7f4016e20e6e5ba314adbd673b09a73a7fea9a04799aa46dbd479117d867ca6dbb55a4d437681e5c86654fcbcb205bbb19764eaee02ae5d8cad1e21ce0008662d4bc3bb486b1de797f593e2c76227c7aff6b438734563bb5b6d5c07a9cac3b17c01c4f8a073c5dade420e60b7fe64ca592155add38b3f826fc11bc8eff1277179638bf8830179235b4a3477837dfd49d54b51cdceea1567a63ecc75901ab75434d177ba67182287cf562014b8d839a391b56bf5728af9cdee8472a6b975dd65b6ddf0abc2ffb80db240f3be65d41ca9191e1d82b29dfa5e24f7b83ca6dada892590bc0bac4f149f17492a197841dc2e93c3b9c6cc43fee9c41cc8acc96692e5fd30c0fe01021a72a90c76d1e83fe89f8ecb5a4b86b2c99561aeac1f0dfe63b3fa62eb3d7c6103e4c4684597c1c201fbc84d310d303879c0bf5e6b222ad9528502636fdc31c872f201b8b95b23f93c74caed2983c755045c996e96d5d0974ba118508c3f0955571d14a75c04658d3548b727845c57cf1d3f5ab195593e8b902725c77decb41e6419a14e55ef8202445134cc5b8ea59e18b820eae0b36ba36361309f28cbb262edb45a086ba2a1fd00620db57e34044c538cab367cfe3168b2dddb35bd20476ef0d750de3b20b593d47996ae7ce5f381a5c04e591c219a6c0d174200b4d4cd8bc7f62bc49941e7dab9a3a8701fefbddb0409952074f8468cb9efc5f968b81e42fe5e10e5f10eb986a97e1b8bfb37370a3690fc9ebf241f8fc1c7b8d730fe1328486e10a95f9c874cfd0b63a93c79b34258d77df8faadabd0ec8ba466c097a1430e152e087618cb66cf0f6d908fb823b7c1c6f75fea47ca63000469cc5c4969ac1035a7744409866a0bf2a0c1f1d4d8b49c32f18eb9d98ae13311fd1275c8d3d8b5e5a6afae520c444642bf89b26bef637cf1c6bf7024f08b68729cf888a4f9c386afaeb4cca716926a1357e4d89c11161e4922b710146c65af7c63d2ae1ea7ca2632ceb99733fd96330bff30e391ab87f05f996ba62a11dd054edd21a7ffe76ca5010b83d1a09e97b5e36294cd83bfe3f36e34f73a2a5c9f2eed74202b8707e062d460b5352dd180304aa531eeda431810ede3838cab8397ec605b0c36be36f018e9d0ef5c24f93b38dbe6d65ae39c0e866d65c9e6057761d5239c20b4e8c9c7e26f21a81172ef87ff7f4e5d2c8dda9f2dd231f6b5407f5e4bcd402e8e91bb3d296ad26d30d386b2028fcfc317e2fb324171e454935208ea1e05558cff6d36dc98609b37267b9b8cddfb5f2e1fa5004d99744311d1d92b5eca48a62f66e33461557da9801b941d2c00325fc57b4ffafe20201e45899c3f61338264e424e1f2683332f07ebc75a1a2ad67a4e82e05eec50981e36412d6be8ebe58d37c1c98af10a092aeee5b292d552f391a39af4d9eff25c6ebeb363c4302f8e6828b5f80e5ac974e779f99db285c013ba2f3542fd35a6d0e0bdcb46796835e0b806251364833ef60cb1ea3413f5811820ed7f22940dbb16642ed11f79106527bdb9aaa286e6304b132ff0bcedf30057e93bb1072c3ced1779096a058ffa877c478b6164bcfd9fe3db823056ec729dc67583b65c69bf1cd260892924f624879bb6700c22b0a44a0521a43f01b9e06f582af9105b2b08eb3165996e4d14b871881621fc6c0e90f62c77dba2a9d3ffb6e37d936e7899af5274ddc94c8e5f71e306affbb0fe5fc0a33c795634f10074a53d44455b9fc968e9b25c1a9574757d5b3aa7919b001dea3abb03091b61e1a04d07de286e80cfc2b0167511e134bb596c8cc31a2dea91025aed47ab7934dcead1650ca5a28719603f5ba0687b40541d8d9650d5112fcfafa8d3bc7a20fb1fdc98f5d3b64f4fcbd399288cb7249b51f44a6eea4b5d7da96e6dcbce9138eb08e47e9b50fa81d690b62d139a86c29676d0e1d799ebe43185226a2312dc6c472d830f31cf666915963dfc7e1c144cf8806b48938748ef99bb6b4da9e1565b78b8b9b236091c1e35e3a91b1061c0149677d742992a26379cf7a92fed5be6b09d3594a0666df8fada16017e194be32fbaafc8bc8ae6668c7a2c7c460faba0c684f97faad002e169e0a173e7b171c29b558fa2550a96043c3efd82fef365ce724f3d334d113d999bfb14e7718efc1026ae17de44d77ac48691c6d52a8abe76db23078b5c82791adf2d8a73046cd190454d3af02307a34ef3c1ad9ca36e538c2fd56a8ee3f7d4d3c5600c2047c70a0da78ce3fbb2163d958fca30d5ecc4077269b760a4e7dc127540276d9bbacc8a8204fd1b2862d6c406f280315a3b048d9424852c46f49c06df2ee1773bf34ad0ee12e5af5363c747f479dda8c534092ff64860ee11736980f66b83977671a1d8c275c4892dd16fefa3cea52c23f42e30627cf299783f2bc4eb2d63d9d4c098f6c5fc3087cd00f7e1df5da7c7b5e5599b8c3a1c2d3d9f220e9cb2e639495ea688c4d5cca9711b61400f042a94eb890965b0c45545ef0a7ff3a65f5737e8c4548cc41b8707bebb63333a05aa8c0b13f95aaec9faadceb1c26ad93d20411959f853faf52aa4ea920c8e3a092eee2dbf8db3069145b1d02d675cfeeebd2a974eff78f9009542c5b99b997fe3d35a46db4ac0257f893d2103904e9c264f8cf0fc51e5f8b71510cd31aaf6406fe139c888f267f3b6d1e7fc9d6f8c769e0be070a5db6d08d48892a9dd457117fefe91100fbfb501d932c24859378d873445a141fdc0b054919a5528806db4ee7404e1f542404301ad7ea8f7c9326a618a5f5b49478eb502f8f3c37b5fc917b91ca2863407e365530d19c396fed05e5ae4f3e5c424016dd874ca8765d1166afe367e5176e3300ce43d8e766bb7148d6e34e7c3a00bfac97a574c2c987824a63b43570057c6203b3d61511bb815295c3e041babfa245fdc8a5969c35a599828e753699c8728f5a91a7ffeaa5fca94ede81aba92d5df31405e6c10f816dac37b892dec40298ab4cdeb383dc89fd6f725356b08cacbc5d76af6d3976772087e54c52ded24a78baad8b12bbea07d5faac5c56dea644e255a92bd30e1c21b0430be70483b9883ef09579cde4f0776a1b2193687fb1ed8e709cd6c9ecd2e845e86dd0d41751b8e0605432a1bf24f4d0492e2f515d1a0acc1ccc2480ec8a71bce9d495cf1bbb9865dd512d988153ab81766a836aa83de898ee8c18838ac7d375e36c4c8289dc919cd53f7b64952dbfadf521cd681ddf4d318cbf272b8c6bc57cba6c84c03610bb7ce3c5d466ce0c46bb44d1fd39f1d3bc0e0bce6277df92e2ca006f8a9e5dbc19143bfdc06a686a7527c6834ebdd8ca2eb3da1ca7ee7296fb5b11a93e202bfa62bdf34f214a3a1fff286de69dae055c5147e1788e9724fec83f31a212adff703eec5207624f171561934635781f57f067eafdfa5dddbd0a93279dde4def45c0813cbe86123f2f2c1ff82512f9d3d72d2e78357f258222104c1024b220d19d241fa13b72f3cf5cbee3214ad12f35cde6607efebfdfa4f2ccf70f80ad342e64faa299f39c08929f6b5347b4b03d768d23c6f51caddf7621abf080d988e97353ba3de4943eaaabb0ae4c67edbce091dd9dfb6ea7da89950ae8b6c68944080eb63d337135bcd9fe151be758a260842ab6eaa5336734f463a306c2424cc062c76255133a4561fe34131801cfd0e61edadcb9ff592b19850d12dfc8868e7567b6a2f03962b3a95f80d5d8526da3e88d8d9d65fa216a8bf4960d03a78273d19bd21f0ad9b34b944ea3a9df801ad4f4835467be1383e91badf9eb4cbbfb16d5abaeb82062f6448ea25cc762073c757c60f999721d7551c46cd34fb09acc2fdea5d897d9c5d9c41433a95fab0ebb837708d05e4ae17c17eae02c45d4df6b0697240e08185e1b2b89d29b8ef9a2f2bcdc0412d4a8dcf8431e6f16afc01c96539bb4c1301661b68b967ac46799160ba26cf169254148ae806a08967e98f435d4be90f7e2957d5cc2da7b49bafeb8fff4b9956628c009503d5a3dc58886d7d02d3830a0e54e50828595cc76b74e8738add02b0b054bed01c75ee589fbe78ee53c1d68a7b66e55d499a67e1a3bd28dbea75bdd8495ef22c521dbd4ebeb9b550cda28a9c49e58e1dee63ff1c3a253bfeb53700a8da5db19e5"})
ioctl$sock_SIOCGIFCONF(r8, 0x8912, &(0x7f00000000c0)=@buf={0x0, &(0x7f0000000040)})

1.061072609s ago: executing program 2 (id=2153):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000001040)={'TPROXY\x00'}, &(0x7f0000001140)=0x1e)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x7, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_opts(r2, 0x0, 0x8, &(0x7f00000000c0)='\x00', 0x1)
getsockopt$inet_opts(r2, 0x0, 0x9, &(0x7f0000000100)=""/19, &(0x7f0000000080)=0x13)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f1be3f74001000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e328002c8c7a6ec00122800014008080c000ab6a79f01979fa95491bd0000009bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af923", 0x89}], 0x1}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xc, 0x1b, &(0x7f00000006c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}, {}, {0x85, 0x0, 0x0, 0x17}}, @printk={@u}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r6 = socket$kcm(0xa, 0x3, 0x73)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f00000015c0)=[@in6={0xa, 0x4e21, 0x6, @empty, 0x3}, @in6={0xa, 0x4e21, 0x1, @empty, 0x4}], 0x38)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010002000000000000000500000a20000000000a05000000000000000000010000000900010073797a300000000054000000090a010400000000000000000100000008000a40000000010900020073797a32000000000900010073797a300000000008000540000000020c00098008000140000020800800084000000001"], 0x9c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$inet(r6, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0x1b, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f00000011c0)="9d7fcf3efc6316a6a555ba8b4726d7ccaf8a060000009cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71ad21b965f615b31105d60a4b16fa2fa1371850a1be85ffcad45b49422b2121d709014f49cf6bd1d18acc4c19e4356669a2ac3e05d5cdc6f0f485c1eb52ea8faf7e83a1468b6a491e71ae3d03cd9677e72413954feae71b5775a6e3e9fa9db9e1ed56e56bff66a7a86214d8145d878e26fa35bd55db98ecdef374d26a5d9cd0e89f3ae45be2d8e1d98ee0865fb64d6dd1e8c89608733370f12be1495d81b36dd72cc28e9c9b2c45f925b38b21818d93ce604772c21824e45793c4073eb44773f8e42c9ebb297dd5e76e856a22253c0e8a80f33b4d015c3f9c0c26bcdd6b440322a23b10d507eecead59faa166bdac1bd840211336dc0c", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_tos_int={{0x14, 0x29, 0x3e}}, @ip_tos_u8={{0x38, 0x29, 0x2}}, @ip_tos_u8={{0x100000000000000}}], 0x50}, 0x0)

1.060784898s ago: executing program 4 (id=2154):
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r0 = socket(0x1, 0x803, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000600)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha512\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newlink={0x50, 0x10, 0x421, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad, 0x60e1}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0xe, 0xa}}, @IFLA_VLAN_ID={0x6, 0x1, 0x400}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x50}, 0x1, 0xffffffffffffffc3}, 0x2)

940.966471ms ago: executing program 2 (id=2155):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'bond0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
connect$rxrpc(0xffffffffffffffff, &(0x7f0000000280)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x4e21, @remote}}, 0x24)
r4 = epoll_create(0x10001)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000240)={'bond_slave_0\x00', 0x2000})
epoll_pwait(r4, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x3, &(0x7f0000000000)={[0x100]}, 0x8)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x21}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}}, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0xa, 0x9, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x54}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000740)=@newtfilter={0x7c, 0x28, 0x575ac7824d421509, 0x70bd2d, 0x4, {0x0, 0x0, 0x0, 0x0, {0xa}, {0x6}, {0xfff1, 0x3d}}, [@filter_kind_options=@f_bpf={{0x8}, {0x50, 0x2, [@TCA_BPF_ACT={0x4c, 0x1, [@m_tunnel_key={0x48, 0x4, 0x0, 0x0, {{0xf}, {0x18, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @empty}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}]}]}}]}, 0x7c}}, 0x40)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r6, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f0000000040)=0x1b3a, 0x4)
sendto$inet(r6, &(0x7f0000000080)='m', 0x1, 0x0, 0x0, 0x0)
recvmsg(r6, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x12021)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000780)=ANY=[@ANYBLOB="14010000330001000000000000000000070100800c0001"], 0x114}], 0x1}, 0x0)

501.850368ms ago: executing program 1 (id=2156):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="2b0000000000000098e46e7000000000", @ANYRES32], 0x20)

439.147007ms ago: executing program 0 (id=2157):
socket$kcm(0x2, 0x1000000000000005, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
unshare(0x6a040000)
mmap(&(0x7f00002ad000/0xc00000)=nil, 0xc00000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = gettid()
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r0, @ANYBLOB="6d3082610000000008001315", @ANYRES32=r2], 0x28}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)

383.095822ms ago: executing program 1 (id=2158):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, 0x0, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r3, 0x29, 0x1, &(0x7f0000000040), 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x62040200)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000c40)={r1, 0x0, 0x0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010007000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000048000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0c00098008000140000100075c0000000e0a01020000000000000000010000000900020073797a32000000000900010073797a30"], 0xec}, 0x1, 0x0, 0x0, 0x4004}, 0x0)

356.142742ms ago: executing program 4 (id=2159):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
r1 = socket(0x2a, 0x2, 0xfffffffe)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x40800)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=@newtfilter={0x8c, 0x2c, 0xd29, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xa, 0xc}, {}, {0xc}}, [@TCA_RATE={0x6, 0x5, {0x3, 0x27}}, @filter_kind_options=@f_basic={{0xa}, {0x54, 0x2, [@TCA_BASIC_ACT={0x50, 0x3, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x70000000, 0x7, 0x6, 0x3, 0xfffffc01}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x8c}}, 0x0) (async)
setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f00000006c0)=ANY=[@ANYBLOB="000000000000000002004e21ac14140b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000700000002004e22ac14142900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000367e5944821d9dde00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e220000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e20e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000102004e24640101020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001f000000000000000000000000000000000000000002004e23ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e23ac1414aa00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e22ac1e000100"/1040], 0x410) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async, rerun: 64)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000026c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a09040000000000000000020000060900020073797a32000000000900010073797a30000000002c0004802800018007000100637400001c00028008000013080002400000001005000300b6000000140000001100010000000000000000000000000a5b4ecb56"], 0x80}, 0x1, 0x0, 0x0, 0x4000}, 0x884) (async, rerun: 64)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r4, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000440)={0x1c, r5, 0x1, 0x70bd2b, 0x0, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000014}, 0x0)

123.00365ms ago: executing program 4 (id=2160):
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x2)

19.372634ms ago: executing program 2 (id=2161):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz0\x00', 0x200002, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'team_slave_0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0xfffffffffffffffb, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0xfff2, 0x1}, {0xffff, 0xd}, {0x0, 0x9}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=@newtfilter={0x24, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0xf}, {}, {0x7, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x40080)
close(r2)
socket$inet6_sctp(0xa, 0x1, 0x84)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x800, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random})
ppoll(&(0x7f0000000700)=[{r7, 0xa00}], 0x1, 0x0, 0x0, 0x0)
r8 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r8, 0x89e1, &(0x7f0000000040)={r8})
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x3, 0x1, @mcast2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002c80)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000001b80)="3373c4afd5922a65f55bc7d3e64bcbd10b716f30e87138f5cc07b5adfb8fdadb5f72d664018c7506e149853614f562ef1678cf2f148a8bd3d3410e2c0aae03cc4b0cf84ea3107b7d62dd4b8bd08999e98275ca5355462ee569ebd80574ee2aab94bb7b05042f8d85ef5f6ab1942bad62e67a3801864b3c7621576087723e9bd6bea3b9176e325a22ce38466929329603f385873b06376a45e0f1944cd88041b3697e711b7951e5d3a2b2c77e81b5870168b2e7a7fb49e07026d959a0ce64a7bd416488a46b3d7f04a414d5316b7f1a723451ddd278ea091bf803b578af06aabbbe944cb4e5f86ce310e70d7c699bac465623975801388e5ca6c4381a01b9cdbf6865fbe80f2b309f6d793503e545adfa050317520d731ebcbea89fb7f4e04aa5e53e815a5b2cafaa789fd2f183580c27486c224c2d4f0929cdc5668b3d617eb082a9949b0166944d26c32f72af860b91355d6bf60eb03737a5e332b0967ca68ae604c23e3fc5c5dfc2829f7decd9ae5c64bbd46fa0f3af707a8879b123e16c480bd2b1813f1e6f421e9b9777fd2f91dc8b8729c6301e9c5e14e5934b068106a62aec82b76443b5c99b1745b00e5cafa016eb711575e0cde4f6866efa230fef21bd238ecd5581b98c0f8c5681c2683ee48dcaf32f8b6e198882515136570d4b5861556e5aeb5d20e68e34cc6d16ad4970b6bd50907d829fe4a03dca114e509dc7d8fc1e81f908c3d4c7afc2b0bda446b2452539b7797c987bdf9fc6548b773f2eb4f955fac1857a3af6b1848a63aeba9c1ab0ff59f691509212b6bce905b39b73ddcb1419299602d0b4640fa8e77dbaee99bfc213bdcd6b360f2ef7b9685af43f04fa0d408938152c926db718fb614eb2fc5634abaf77ba92e7772f9b0dc7b50ece3b1fd5fb15fa91b9ffbe8da686d082c0db01c50bcaf242842cc8a12600fcdde884d5cdd7ab9bff3b607163d4a06b881cf43fd7fd93281eb4741dba9e3908435c92f076450365bc4461370225d171d69cf525151892f8dae47013c8bf5e3ffd8846e26161e690e7c1c9bb7b68ee103fdee891759255a200d72281a4ee5861b3ef28d8cae16356419667bb4cc6d6510679c0a41acad979eaae214f901564628717cecaa5f4f8803c90b4d132d3a5ea748092cccde4caa0723dab2a33900e6979306765e4526375607a1f332684b2faf29774241552b7f3a894ed7e1162b53c225494a7d13eed6dd9b04532ddfe1554f9421c4c1bb4a8f4d4d53224acf9460633f07db090d75f223332b969b2f319effe7bf1874d25053fc856208afbef2437532b5576022ba0181905b39e77283291323a537ae37d0ee241e26d1007e07b2b518cde327e9dc273eaa053f209944d956dfe3001906af573df44be125be491197ca84d77643387d416767be811f8503a", 0x3ef}], 0x1}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000580)="5197d3e195e4", 0x6}], 0x1}}, {{&(0x7f0000000600)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @loopback}, 0x5}, 0x1c, &(0x7f0000000940)=[{0x0}, {&(0x7f0000002b80)}], 0x2}}], 0x3, 0x4048040)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x9, 0x3, 0x10004, 0x5, 0x2000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0200000004000000020000000c00000000140000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000002f708ad65e1ab5d7535820f3e763608a109e2628ba2dcff1a772ba33c3f573735be439c9c9140840a5173310feafd4c02b66b3a64fdfe1c278e56f095fc1a1b4f9ac8468432fd362fd0204e9da0087bf362985d053d4800721e15ea379a35e044daddc44e9b1fc1db24be9d07b0cdaab916229ba89836a0367f2f273aad24a717f4a4dcc2f677c869d3da225220de40f0b6bc24decd7189b3bf494bd9fa2063d37056283b767503644753520c9df10aa2fe4d8bd85dc88c0b4f6b6d1f6027b146e771c4ebdaf38f7a66247a0ddd1d90bee21e88b674ebf01165e0d0f"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00'}, 0x10)
socket$key(0xf, 0x3, 0x2)

0s ago: executing program 4 (id=2162):
r0 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r0, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f0000000140)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x11}, @multicast1}}}, @ip_retopts={{0x20, 0x0, 0x7, {[@generic={0x44, 0xd, "09000008ea6e1900000000"}]}}}], 0x40}, 0x20002880)

kernel console output (not intermixed with test programs):

type 2 has an invalid length.
[  252.652429][T10545] bridge_slave_1: entered allmulticast mode
[  252.702898][T10545] bridge_slave_1: entered promiscuous mode
[  252.774633][T10640] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1192'.
[  252.801508][T10632] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1190'.
[  252.881607][T10545] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  253.000073][T10545] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  253.058170][T10650] xt_hashlimit: size too large, truncated to 1048576
[  253.078923][T10650] xt_hashlimit: max too large, truncated to 1048576
[  253.104225][T10655] netlink: 'syz.0.1194': attribute type 10 has an invalid length.
[  253.170043][T10545] team0: Port device team_slave_0 added
[  253.204719][T10545] team0: Port device team_slave_1 added
[  253.376092][T10664] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1198'.
[  253.385317][ T5832] Bluetooth: hci4: command tx timeout
[  253.453844][T10545] batman_adv: batadv0: Adding interface: batadv_slave_0
[  253.505027][T10545] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  253.573063][T10545] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  253.607297][T10545] batman_adv: batadv0: Adding interface: batadv_slave_1
[  253.614293][T10545] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  253.656466][T10545] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  253.709137][T10682] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1202'.
[  253.872613][T10545] hsr_slave_0: entered promiscuous mode
[  253.898424][T10545] hsr_slave_1: entered promiscuous mode
[  254.070464][T10691] netlink: 'syz.4.1204': attribute type 1 has an invalid length.
[  254.086234][T10692] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1206'.
[  254.105946][T10691] netlink: 'syz.4.1204': attribute type 2 has an invalid length.
[  254.129555][T10694] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1207'.
[  254.184221][T10691] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1204'.
[  254.691619][T10719] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1213'.
[  254.733537][T10719] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1213'.
[  254.755291][T10719] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1213'.
[  254.923095][T10730] netlink: 'syz.0.1215': attribute type 10 has an invalid length.
[  255.250922][T10736] veth1_to_team: left promiscuous mode
[  255.289194][T10736] gretap0: left allmulticast mode
[  255.302511][T10736] macvtap2: left promiscuous mode
[  255.329041][T10736] macvtap2: left allmulticast mode
[  255.443266][T10748] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1220'.
[  255.457295][ T5832] Bluetooth: hci4: command tx timeout
[  255.528932][T10747] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1219'.
[  255.719188][T10753] 8021q: adding VLAN 0 to HW filter on device bond12
[  255.739914][T10753] bond11: (slave bond12): Enslaving as an active interface with an up link
[  255.763243][T10757] 8021q: adding VLAN 0 to HW filter on device bond11
[  255.781948][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  255.788389][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  256.142935][T10545] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  256.197626][T10545] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  256.231329][T10545] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  256.309065][T10545] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  256.517775][T10784] gretap0: left allmulticast mode
[  256.522953][T10784] gretap0: left promiscuous mode
[  256.553429][T10784] macvtap1: left promiscuous mode
[  256.567229][T10784] macvtap1: left allmulticast mode
[  256.690846][T10794] bond0: (slave dummy0): Releasing backup interface
[  256.744325][T10806] netlink: 'syz.0.1234': attribute type 10 has an invalid length.
[  256.769248][T10794] bond4: (slave bond5): Releasing backup interface
[  256.801111][T10809] bond0: Master is either lo or non-ether device
[  257.053553][T10545] 8021q: adding VLAN 0 to HW filter on device bond0
[  257.146867][T10545] 8021q: adding VLAN 0 to HW filter on device team0
[  257.241492][ T6308] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.248759][ T6308] bridge0: port 1(bridge_slave_0) entered forwarding state
[  257.315171][ T6304] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.322412][ T6304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  257.547254][ T5832] Bluetooth: hci4: command tx timeout
[  257.641430][T10545] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  258.364966][T10545] 8021q: adding VLAN 0 to HW filter on device batadv0
[  258.624450][T10545] veth0_vlan: entered promiscuous mode
[  258.671191][T10545] veth1_vlan: entered promiscuous mode
[  258.773723][T10545] veth0_macvtap: entered promiscuous mode
[  258.794935][T10874] netlink: 'syz.2.1254': attribute type 10 has an invalid length.
[  258.805961][T10875] netlink: 'syz.1.1255': attribute type 4 has an invalid length.
[  258.824891][T10545] veth1_macvtap: entered promiscuous mode
[  258.889273][T10545] batman_adv: batadv0: Interface activated: batadv_slave_0
[  258.914096][T10545] batman_adv: batadv0: Interface activated: batadv_slave_1
[  258.948300][T10545] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  258.957525][T10545] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  258.966274][T10545] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  259.011559][T10545] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  259.391721][ T6304] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  259.417330][ T6304] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  259.481262][T10893] __nla_validate_parse: 90 callbacks suppressed
[  259.481286][T10893] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1264'.
[  259.507362][T10893] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1264'.
[  259.516793][T10893] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1264'.
[  259.543174][T10893] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1264'.
[  259.559217][T10893] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1264'.
[  259.588006][T10893] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1264'.
[  259.617603][T10893] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1264'.
[  259.626113][T10902] netlink: 'syz.4.1267': attribute type 10 has an invalid length.
[  259.626601][T10893] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1264'.
[  259.651343][T10893] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1264'.
[  259.663066][T10893] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1264'.
[  259.735185][T10902] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  259.766615][T10905] vlan2: entered promiscuous mode
[  259.825228][ T6304] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  259.865575][ T6304] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  260.004090][T10917] macvtap1: entered promiscuous mode
[  260.011752][T10917] gretap0: entered promiscuous mode
[  260.031371][T10917] macvtap1: entered allmulticast mode
[  260.044356][T10917] gretap0: entered allmulticast mode
[  260.365333][T10924] gretap0: left allmulticast mode
[  260.386325][T10924] gretap0: left promiscuous mode
[  260.395372][T10924] macvtap1: left promiscuous mode
[  260.410157][T10924] macvtap1: left allmulticast mode
[  260.525109][   T37] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.706210][   T37] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.791533][   T37] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.861634][   T37] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.996456][   T37] bridge_slave_1: left allmulticast mode
[  261.002360][   T37] bridge_slave_1: left promiscuous mode
[  261.008776][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.018834][   T37] bridge_slave_0: left allmulticast mode
[  261.024505][   T37] bridge_slave_0: left promiscuous mode
[  261.030352][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.337390][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  261.348991][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  261.359215][   T37] bond0 (unregistering): Released all slaves
[  261.706527][T10942] netlink: 'syz.4.1283': attribute type 10 has an invalid length.
[  261.766853][   T37] hsr_slave_0: left promiscuous mode
[  261.787217][   T37] hsr_slave_1: left promiscuous mode
[  261.799189][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  261.815614][   T37] batman_adv: batadv0: Removing interface: batadv_slave_0
[  261.848322][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  261.988664][   T37] batman_adv: batadv0: Removing interface: batadv_slave_1
[  262.125166][T10954] IPVS: persistence engine module ip_vs_pe_ not found
[  262.192572][   T37] veth1_macvtap: left promiscuous mode
[  262.214234][   T37] veth0_macvtap: left promiscuous mode
[  262.246237][   T37] veth1_vlan: left promiscuous mode
[  262.267652][   T37] veth0_vlan: left promiscuous mode
[  262.293039][ T5841] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  262.302605][ T5841] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  262.310656][ T5841] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  262.319776][ T5841] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  262.328754][ T5841] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  262.838291][   T37] team0 (unregistering): Port device team_slave_1 removed
[  262.885614][   T37] team0 (unregistering): Port device team_slave_0 removed
[  263.725637][T10983] FAULT_INJECTION: forcing a failure.
[  263.725637][T10983] name failslab, interval 1, probability 0, space 0, times 0
[  263.739307][T10983] CPU: 0 UID: 0 PID: 10983 Comm: syz.1.1293 Not tainted 6.16.0-rc1-syzkaller-00227-g8909f5f4ecd5 #0 PREEMPT(full) 
[  263.739337][T10983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  263.739350][T10983] Call Trace:
[  263.739358][T10983]  <TASK>
[  263.739366][T10983]  dump_stack_lvl+0x189/0x250
[  263.739402][T10983]  ? __pfx____ratelimit+0x10/0x10
[  263.739432][T10983]  ? __pfx_dump_stack_lvl+0x10/0x10
[  263.739461][T10983]  ? __pfx__printk+0x10/0x10
[  263.739488][T10983]  ? __pfx___might_resched+0x10/0x10
[  263.739522][T10983]  should_fail_ex+0x414/0x560
[  263.739551][T10983]  should_failslab+0xa8/0x100
[  263.739573][T10983]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  263.739593][T10983]  ? __alloc_skb+0x112/0x2d0
[  263.739621][T10983]  __alloc_skb+0x112/0x2d0
[  263.739650][T10983]  netlink_sendmsg+0x5c6/0xb30
[  263.739687][T10983]  ? __pfx_netlink_sendmsg+0x10/0x10
[  263.739716][T10983]  ? aa_sock_msg_perm+0x94/0x160
[  263.739746][T10983]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  263.739773][T10983]  ? __pfx_netlink_sendmsg+0x10/0x10
[  263.739799][T10983]  __sock_sendmsg+0x219/0x270
[  263.739836][T10983]  ____sys_sendmsg+0x505/0x830
[  263.739873][T10983]  ? __pfx_____sys_sendmsg+0x10/0x10
[  263.739907][T10983]  ? import_iovec+0x74/0xa0
[  263.739930][T10983]  ___sys_sendmsg+0x21f/0x2a0
[  263.739956][T10983]  ? __pfx____sys_sendmsg+0x10/0x10
[  263.740016][T10983]  ? __fget_files+0x2a/0x420
[  263.740037][T10983]  ? __fget_files+0x3a0/0x420
[  263.740067][T10983]  __x64_sys_sendmsg+0x19b/0x260
[  263.740095][T10983]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  263.740136][T10983]  ? __pfx_ksys_write+0x10/0x10
[  263.740152][T10983]  ? rcu_is_watching+0x15/0xb0
[  263.740191][T10983]  ? do_syscall_64+0xbe/0x3b0
[  263.740215][T10983]  do_syscall_64+0xfa/0x3b0
[  263.740233][T10983]  ? lockdep_hardirqs_on+0x9c/0x150
[  263.740264][T10983]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.740285][T10983]  ? clear_bhb_loop+0x60/0xb0
[  263.740311][T10983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.740331][T10983] RIP: 0033:0x7f5ff118e929
[  263.740350][T10983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.740369][T10983] RSP: 002b:00007f5ff205a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  263.740392][T10983] RAX: ffffffffffffffda RBX: 00007f5ff13b5fa0 RCX: 00007f5ff118e929
[  263.740407][T10983] RDX: 0000000000004000 RSI: 0000200000000500 RDI: 0000000000000003
[  263.740420][T10983] RBP: 00007f5ff205a090 R08: 0000000000000000 R09: 0000000000000000
[  263.740433][T10983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  263.740445][T10983] R13: 0000000000000000 R14: 00007f5ff13b5fa0 R15: 00007fff57e02cb8
[  263.740478][T10983]  </TASK>
[  264.143656][T10961] chnl_net:caif_netlink_parms(): no params data found
[  264.392553][T10961] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.403882][T10961] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.417626][ T5841] Bluetooth: hci4: command tx timeout
[  264.420200][T10961] bridge_slave_0: entered allmulticast mode
[  264.439039][T10961] bridge_slave_0: entered promiscuous mode
[  264.461304][T10961] bridge0: port 2(bridge_slave_1) entered blocking state
[  264.483919][T10961] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.498172][T11001] netlink: 'syz.4.1300': attribute type 10 has an invalid length.
[  264.505281][T10961] bridge_slave_1: entered allmulticast mode
[  264.554198][T10961] bridge_slave_1: entered promiscuous mode
[  264.703878][T10961] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  264.729749][T10961] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  264.807540][T10961] team0: Port device team_slave_0 added
[  264.816753][T10961] team0: Port device team_slave_1 added
[  264.880842][T10961] batman_adv: batadv0: Adding interface: batadv_slave_0
[  264.897611][T10961] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  264.947197][T10961] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  264.960000][T10961] batman_adv: batadv0: Adding interface: batadv_slave_1
[  264.966992][T10961] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  264.981331][T11009] __nla_validate_parse: 267 callbacks suppressed
[  264.981354][T11009] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1302'.
[  265.037202][T10961] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  265.346640][T10961] hsr_slave_0: entered promiscuous mode
[  265.358864][T10961] hsr_slave_1: entered promiscuous mode
[  265.613846][T11020] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1306'.
[  265.778324][T11025] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1308'.
[  265.802795][T11025] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1308'.
[  265.813684][T11025] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1308'.
[  265.822852][T11025] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1308'.
[  265.833120][T11025] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1308'.
[  265.844410][T11025] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1308'.
[  265.861939][T11025] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1308'.
[  265.873982][T11025] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1308'.
[  266.173921][T11038] xt_CT: You must specify a L4 protocol and not use inversions on it
[  266.500059][ T5841] Bluetooth: hci4: command tx timeout
[  266.738900][T11063] netlink: 'syz.1.1321': attribute type 1 has an invalid length.
[  266.757862][T11063] netlink: 'syz.1.1321': attribute type 2 has an invalid length.
[  266.773166][T11064] netlink: 'syz.4.1322': attribute type 29 has an invalid length.
[  266.782577][T11064] netlink: 'syz.4.1322': attribute type 29 has an invalid length.
[  266.795706][T11064] netlink: 'syz.4.1322': attribute type 29 has an invalid length.
[  266.822321][T11064] netlink: 'syz.4.1322': attribute type 29 has an invalid length.
[  266.837724][T10961] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  266.853348][T11064] netlink: 'syz.4.1322': attribute type 29 has an invalid length.
[  266.865175][T10961] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  266.905526][T11064] netlink: 'syz.4.1322': attribute type 29 has an invalid length.
[  266.915428][T11064] netlink: 'syz.4.1322': attribute type 29 has an invalid length.
[  266.936627][T10961] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  266.954747][T10961] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  266.978462][T11071] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  267.150833][T10961] 8021q: adding VLAN 0 to HW filter on device bond0
[  267.195902][T10961] 8021q: adding VLAN 0 to HW filter on device team0
[  267.260603][ T6308] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.267866][ T6308] bridge0: port 1(bridge_slave_0) entered forwarding state
[  267.352618][ T6308] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.359905][ T6308] bridge0: port 2(bridge_slave_1) entered forwarding state
[  267.531602][T11087] 8021q: adding VLAN 0 to HW filter on device bond6
[  267.599726][T11091] 8021q: adding VLAN 0 to HW filter on device bond6
[  267.606863][T11091] bond6: (slave ip6tnl2): The slave device specified does not support setting the MAC address
[  267.625021][T11091] bond6: (slave ip6tnl2): Error -95 calling set_mac_address
[  268.150098][T10961] 8021q: adding VLAN 0 to HW filter on device batadv0
[  268.279644][T10961] veth0_vlan: entered promiscuous mode
[  268.333539][T10961] veth1_vlan: entered promiscuous mode
[  268.430516][T10961] veth0_macvtap: entered promiscuous mode
[  268.442734][T10961] veth1_macvtap: entered promiscuous mode
[  268.507946][T10961] batman_adv: batadv0: Interface activated: batadv_slave_0
[  268.523159][T10961] batman_adv: batadv0: Interface activated: batadv_slave_1
[  268.551953][T10961] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  268.561478][T10961] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  268.570572][T10961] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  268.580431][ T5841] Bluetooth: hci4: command tx timeout
[  268.588644][T10961] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  268.777435][ T6308] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  268.798961][ T6308] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  268.881204][ T6326] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  268.890155][ T6326] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  269.143353][T11152] 8021q: adding VLAN 0 to HW filter on device bond6
[  269.592665][T11179] FAULT_INJECTION: forcing a failure.
[  269.592665][T11179] name failslab, interval 1, probability 0, space 0, times 0
[  269.619300][T11179] CPU: 0 UID: 0 PID: 11179 Comm: syz.2.1367 Not tainted 6.16.0-rc1-syzkaller-00227-g8909f5f4ecd5 #0 PREEMPT(full) 
[  269.619331][T11179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  269.619345][T11179] Call Trace:
[  269.619353][T11179]  <TASK>
[  269.619362][T11179]  dump_stack_lvl+0x189/0x250
[  269.619401][T11179]  ? __pfx____ratelimit+0x10/0x10
[  269.619445][T11179]  ? __pfx_dump_stack_lvl+0x10/0x10
[  269.619480][T11179]  ? __pfx__printk+0x10/0x10
[  269.619510][T11179]  ? __pfx___might_resched+0x10/0x10
[  269.619548][T11179]  should_fail_ex+0x414/0x560
[  269.619582][T11179]  should_failslab+0xa8/0x100
[  269.619607][T11179]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  269.619629][T11179]  ? __alloc_skb+0x112/0x2d0
[  269.619657][T11179]  __alloc_skb+0x112/0x2d0
[  269.619685][T11179]  netlink_sendmsg+0x5c6/0xb30
[  269.619723][T11179]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.619760][T11179]  ? aa_sock_msg_perm+0x94/0x160
[  269.619788][T11179]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  269.619816][T11179]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.619843][T11179]  __sock_sendmsg+0x219/0x270
[  269.619881][T11179]  ____sys_sendmsg+0x505/0x830
[  269.619914][T11179]  ? __pfx_____sys_sendmsg+0x10/0x10
[  269.619952][T11179]  ? import_iovec+0x74/0xa0
[  269.619978][T11179]  ___sys_sendmsg+0x21f/0x2a0
[  269.620009][T11179]  ? __pfx____sys_sendmsg+0x10/0x10
[  269.620076][T11179]  ? __fget_files+0x2a/0x420
[  269.620099][T11179]  ? __fget_files+0x3a0/0x420
[  269.620138][T11179]  __x64_sys_sendmsg+0x19b/0x260
[  269.620170][T11179]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  269.620209][T11179]  ? __pfx_ksys_write+0x10/0x10
[  269.620226][T11179]  ? rcu_is_watching+0x15/0xb0
[  269.620265][T11179]  ? do_syscall_64+0xbe/0x3b0
[  269.620290][T11179]  do_syscall_64+0xfa/0x3b0
[  269.620307][T11179]  ? lockdep_hardirqs_on+0x9c/0x150
[  269.620338][T11179]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.620359][T11179]  ? clear_bhb_loop+0x60/0xb0
[  269.620385][T11179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.620405][T11179] RIP: 0033:0x7f0eb5b8e929
[  269.620431][T11179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.620450][T11179] RSP: 002b:00007f0eb6947038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  269.620473][T11179] RAX: ffffffffffffffda RBX: 00007f0eb5db6080 RCX: 00007f0eb5b8e929
[  269.620489][T11179] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000006
[  269.620503][T11179] RBP: 00007f0eb6947090 R08: 0000000000000000 R09: 0000000000000000
[  269.620516][T11179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.620528][T11179] R13: 0000000000000000 R14: 00007f0eb5db6080 R15: 00007ffdc388edb8
[  269.620560][T11179]  </TASK>
[  269.621903][T11179] validate_nla: 34 callbacks suppressed
[  269.621918][T11179] netlink: 'syz.2.1367': attribute type 10 has an invalid length.
[  269.933599][T11186] netlink: 'syz.0.1371': attribute type 1 has an invalid length.
[  269.962204][T11186] netlink: 'syz.0.1371': attribute type 2 has an invalid length.
[  269.972380][T11186] __nla_validate_parse: 438 callbacks suppressed
[  269.972401][T11186] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1371'.
[  270.103558][ T6304] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.131731][T11190] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1373'.
[  270.146660][T11190] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1373'.
[  270.161785][T11190] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1373'.
[  270.206416][T11190] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1373'.
[  270.218032][T11190] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1373'.
[  270.228940][T11190] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1373'.
[  270.239219][T11190] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1373'.
[  270.250209][T11190] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1373'.
[  270.276880][T11190] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1373'.
[  270.519647][ T6304] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.784879][ T6304] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.863286][ T6304] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.938692][ T6304] bridge_slave_1: left allmulticast mode
[  270.944375][ T6304] bridge_slave_1: left promiscuous mode
[  270.951343][ T6304] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.960983][ T6304] bridge_slave_0: left allmulticast mode
[  270.966646][ T6304] bridge_slave_0: left promiscuous mode
[  270.972648][ T6304] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.350482][ T6304] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  271.369030][ T6304] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  271.382796][ T6304] bond0 (unregistering): Released all slaves
[  271.617246][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  271.653947][T11204] netlink: 'syz.0.1374': attribute type 10 has an invalid length.
[  271.803370][T11211] netlink: 'syz.4.1378': attribute type 10 has an invalid length.
[  271.959087][ T6304] hsr_slave_0: left promiscuous mode
[  271.972214][ T6304] hsr_slave_1: left promiscuous mode
[  271.988908][ T6304] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  271.996468][ T6304] batman_adv: batadv0: Removing interface: batadv_slave_0
[  272.023553][ T6304] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  272.039700][ T6304] batman_adv: batadv0: Removing interface: batadv_slave_1
[  272.059599][ T5832] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  272.070939][ T5832] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  272.080697][ T5832] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  272.091666][ T5832] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  272.099718][ T5832] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  272.151876][ T6304] veth1_macvtap: left promiscuous mode
[  272.158623][ T6304] veth0_macvtap: left promiscuous mode
[  272.164571][ T6304] veth1_vlan: left promiscuous mode
[  272.170456][ T6304] veth0_vlan: left promiscuous mode
[  272.344764][T11227] netlink: 'syz.2.1383': attribute type 1 has an invalid length.
[  272.353146][T11227] netlink: 'syz.2.1383': attribute type 2 has an invalid length.
[  272.754486][ T6304] team0 (unregistering): Port device team_slave_1 removed
[  272.805992][ T6304] team0 (unregistering): Port device team_slave_0 removed
[  274.019689][T11217] chnl_net:caif_netlink_parms(): no params data found
[  274.089147][T11260] netlink: 'syz.0.1394': attribute type 10 has an invalid length.
[  274.177507][ T5841] Bluetooth: hci4: command tx timeout
[  274.206173][T11267] netlink: 'syz.1.1396': attribute type 1 has an invalid length.
[  274.214106][T11267] netlink: 'syz.1.1396': attribute type 2 has an invalid length.
[  274.244713][T11217] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.278541][T11217] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.285856][T11217] bridge_slave_0: entered allmulticast mode
[  274.329941][T11217] bridge_slave_0: entered promiscuous mode
[  274.349964][T11217] bridge0: port 2(bridge_slave_1) entered blocking state
[  274.361682][T11217] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.369973][T11217] bridge_slave_1: entered allmulticast mode
[  274.404386][T11217] bridge_slave_1: entered promiscuous mode
[  274.504848][T11217] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  274.519537][T11217] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  274.620652][T11217] team0: Port device team_slave_0 added
[  274.641889][T11217] team0: Port device team_slave_1 added
[  274.734376][T11217] batman_adv: batadv0: Adding interface: batadv_slave_0
[  274.743279][T11217] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  274.775050][T11217] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  274.796552][T11217] batman_adv: batadv0: Adding interface: batadv_slave_1
[  274.805234][T11217] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  274.832863][T11217] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  274.855931][T11285] sysfs: cannot create duplicate filename '/class/ieee80211/žÀ^–>º>ùMv^µ
â侦¸ÑKc'A¥»–_à›xDä±pj8¼•TTí!'
[  274.871810][T11285] CPU: 0 UID: 0 PID: 11285 Comm: syz.1.1404 Not tainted 6.16.0-rc1-syzkaller-00227-g8909f5f4ecd5 #0 PREEMPT(full) 
[  274.871844][T11285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  274.871858][T11285] Call Trace:
[  274.871867][T11285]  <TASK>
[  274.871877][T11285]  dump_stack_lvl+0x189/0x250
[  274.871923][T11285]  ? __pfx_dump_stack_lvl+0x10/0x10
[  274.871959][T11285]  ? __pfx__printk+0x10/0x10
[  274.871985][T11285]  ? kernfs_path_from_node+0x2c/0x260
[  274.872012][T11285]  ? kernfs_path_from_node+0x2c/0x260
[  274.872037][T11285]  ? kernfs_path_from_node+0x2c/0x260
[  274.872065][T11285]  ? kernfs_path_from_node+0x22c/0x260
[  274.872100][T11285]  ? kernfs_path_from_node+0x2c/0x260
[  274.872131][T11285]  sysfs_warn_dup+0x8e/0xa0
[  274.872156][T11285]  sysfs_do_create_link_sd+0xc0/0x110
[  274.872185][T11285]  device_add_class_symlinks+0x1cf/0x240
[  274.872215][T11285]  device_add+0x475/0xb50
[  274.872244][T11285]  wiphy_register+0x199a/0x26b0
[  274.872290][T11285]  ? __pfx_wiphy_register+0x10/0x10
[  274.872313][T11285]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  274.872349][T11285]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  274.872383][T11285]  ieee80211_register_hw+0x33e1/0x4120
[  274.872435][T11285]  ? ieee80211_register_hw+0x1451/0x4120
[  274.872475][T11285]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  274.872511][T11285]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  274.872553][T11285]  ? __hrtimer_setup+0x187/0x210
[  274.872585][T11285]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  274.872615][T11285]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  274.872677][T11285]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  274.872698][T11285]  ? trace_kmalloc+0x1f/0xd0
[  274.872715][T11285]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  274.872738][T11285]  ? kstrndup+0xbf/0x160
[  274.872777][T11285]  hwsim_new_radio_nl+0xea4/0x1b10
[  274.872804][T11285]  ? __pfx___nla_validate_parse+0x10/0x10
[  274.872855][T11285]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  274.872895][T11285]  ? __nla_parse+0x40/0x60
[  274.872952][T11285]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  274.872998][T11285]  genl_family_rcv_msg_doit+0x215/0x300
[  274.873040][T11285]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  274.873098][T11285]  ? bpf_lsm_capable+0x9/0x20
[  274.873119][T11285]  ? security_capable+0x7e/0x2e0
[  274.873156][T11285]  genl_rcv_msg+0x60e/0x790
[  274.873196][T11285]  ? __pfx_genl_rcv_msg+0x10/0x10
[  274.873227][T11285]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  274.873268][T11285]  netlink_rcv_skb+0x205/0x470
[  274.873295][T11285]  ? __pfx_genl_rcv_msg+0x10/0x10
[  274.873330][T11285]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  274.873378][T11285]  ? down_read+0x1ad/0x2e0
[  274.873404][T11285]  genl_rcv+0x28/0x40
[  274.873434][T11285]  netlink_unicast+0x758/0x8d0
[  274.873471][T11285]  netlink_sendmsg+0x805/0xb30
[  274.873509][T11285]  ? __pfx_netlink_sendmsg+0x10/0x10
[  274.873537][T11285]  ? aa_sock_msg_perm+0x94/0x160
[  274.873567][T11285]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  274.873600][T11285]  ? __pfx_netlink_sendmsg+0x10/0x10
[  274.873627][T11285]  __sock_sendmsg+0x219/0x270
[  274.873665][T11285]  ____sys_sendmsg+0x505/0x830
[  274.873699][T11285]  ? __pfx_____sys_sendmsg+0x10/0x10
[  274.873739][T11285]  ? import_iovec+0x74/0xa0
[  274.873766][T11285]  ___sys_sendmsg+0x21f/0x2a0
[  274.873796][T11285]  ? __pfx____sys_sendmsg+0x10/0x10
[  274.873867][T11285]  ? __fget_files+0x2a/0x420
[  274.873891][T11285]  ? __fget_files+0x3a0/0x420
[  274.873929][T11285]  __x64_sys_sendmsg+0x19b/0x260
[  274.873963][T11285]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  274.874015][T11285]  ? do_syscall_64+0xbe/0x3b0
[  274.874041][T11285]  do_syscall_64+0xfa/0x3b0
[  274.874059][T11285]  ? lockdep_hardirqs_on+0x9c/0x150
[  274.874102][T11285]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.874125][T11285]  ? clear_bhb_loop+0x60/0xb0
[  274.874153][T11285]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.874175][T11285] RIP: 0033:0x7f5ff118e929
[  274.874195][T11285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.874214][T11285] RSP: 002b:00007f5ff205a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  274.874237][T11285] RAX: ffffffffffffffda RBX: 00007f5ff13b5fa0 RCX: 00007f5ff118e929
[  274.874253][T11285] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004
[  274.874267][T11285] RBP: 00007f5ff1210b39 R08: 0000000000000000 R09: 0000000000000000
[  274.874281][T11285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  274.874293][T11285] R13: 0000000000000000 R14: 00007f5ff13b5fa0 R15: 00007fff57e02cb8
[  274.874330][T11285]  </TASK>
[  275.417201][T11289] __nla_validate_parse: 266 callbacks suppressed
[  275.417222][T11289] netlink: 788 bytes leftover after parsing attributes in process `syz.2.1405'.
[  275.578939][T11297] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1407'.
[  275.632682][T11217] hsr_slave_0: entered promiscuous mode
[  275.639774][T11217] hsr_slave_1: entered promiscuous mode
[  275.864480][T11305] netlink: 'syz.4.1409': attribute type 4 has an invalid length.
[  276.049164][T11309] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1411'.
[  276.065717][T11309] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1411'.
[  276.076093][T11309] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1411'.
[  276.096952][T11309] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1411'.
[  276.113993][T11309] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1411'.
[  276.124433][T11309] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1411'.
[  276.147526][T11309] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1411'.
[  276.161396][T11309] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1411'.
[  276.208140][T11305] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  276.257494][ T5841] Bluetooth: hci4: command tx timeout
[  276.284636][T11302] syzkaller0: entered promiscuous mode
[  276.296363][T11302] syzkaller0: entered allmulticast mode
[  276.302801][T11302] tipc: Resetting bearer <eth:syzkaller0>
[  276.341182][T11305] bond0: entered promiscuous mode
[  276.346278][T11305] dummy0: entered promiscuous mode
[  276.384559][T11305] batadv0: entered promiscuous mode
[  276.399183][T11305] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  276.409764][T11305] Cannot create hsr debugfs directory
[  276.415444][T11305] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network
[  276.425749][T11305] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network
[  276.438217][T11305] 8021q: adding VLAN 0 to HW filter on device hsr1
[  276.446645][T11305] bond0: left promiscuous mode
[  276.451608][T11305] dummy0: left promiscuous mode
[  276.458916][T11305] batadv0: left promiscuous mode
[  276.465762][T11326] netlink: 'syz.1.1416': attribute type 10 has an invalid length.
[  276.580915][T11300] tipc: Resetting bearer <eth:syzkaller0>
[  278.337580][ T5841] Bluetooth: hci4: command tx timeout
[  278.392491][T11300] tipc: Disabling bearer <eth:syzkaller0>
[  278.624080][T11217] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  278.716170][T11217] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  278.784834][T11347] vlan5: entered promiscuous mode
[  278.790182][T11347] vlan5: entered allmulticast mode
[  278.795323][T11347] hsr_slave_1: entered allmulticast mode
[  278.820956][T11217] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  278.870941][T11217] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  279.058079][T11364] netlink: 'syz.4.1430': attribute type 1 has an invalid length.
[  279.094864][T11364] netlink: 'syz.4.1430': attribute type 2 has an invalid length.
[  279.105384][T11217] 8021q: adding VLAN 0 to HW filter on device bond0
[  279.194894][T11217] 8021q: adding VLAN 0 to HW filter on device team0
[  279.216993][ T6304] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.224232][ T6304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  279.244759][T11372] netlink: 'syz.0.1432': attribute type 10 has an invalid length.
[  279.248355][ T6326] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.259840][ T6326] bridge0: port 2(bridge_slave_1) entered forwarding state
[  279.633354][T11217] 8021q: adding VLAN 0 to HW filter on device batadv0
[  279.875009][T11217] veth0_vlan: entered promiscuous mode
[  279.914175][T11217] veth1_vlan: entered promiscuous mode
[  280.077111][T11217] veth0_macvtap: entered promiscuous mode
[  280.110890][T11217] veth1_macvtap: entered promiscuous mode
[  280.163353][T11217] batman_adv: batadv0: Interface activated: batadv_slave_0
[  280.181002][T11217] batman_adv: batadv0: Interface activated: batadv_slave_1
[  280.203828][T11217] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  280.247298][T11217] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  280.256066][T11217] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  280.271455][T11217] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  280.367638][T11403] netlink: 'syz.4.1443': attribute type 1 has an invalid length.
[  280.390669][T11403] netlink: 'syz.4.1443': attribute type 2 has an invalid length.
[  280.417240][ T5841] Bluetooth: hci4: command tx timeout
[  280.443999][T11403] __nla_validate_parse: 113 callbacks suppressed
[  280.444019][T11403] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1443'.
[  280.491196][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  280.527985][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  280.554083][T11405] pim6reg1: entered promiscuous mode
[  280.574982][T11405] pim6reg1: entered allmulticast mode
[  280.626004][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  280.649677][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  280.670693][T11412] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1444'.
[  280.948069][T11419] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1448'.
[  281.097945][T11425] netlink: 'syz.2.1451': attribute type 10 has an invalid length.
[  281.245676][T11427] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1452'.
[  281.525684][T11434] netlink: 'syz.1.1456': attribute type 1 has an invalid length.
[  281.536857][T11434] netlink: 'syz.1.1456': attribute type 2 has an invalid length.
[  281.553342][T11434] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1456'.
[  281.766165][   T59] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.771214][T11440] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1459'.
[  282.126693][   T59] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.643459][   T59] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.722463][   T59] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.815808][   T59] bridge_slave_1: left allmulticast mode
[  282.822147][   T59] bridge_slave_1: left promiscuous mode
[  282.828727][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.840252][   T59] bridge_slave_0: left allmulticast mode
[  282.845931][   T59] bridge_slave_0: left promiscuous mode
[  282.851782][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.105578][T11443] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1463'.
[  283.363942][T11454] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1464'.
[  283.522217][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  283.572089][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  283.587881][   T59] bond0 (unregistering): Released all slaves
[  283.633278][T11467] netlink: 'syz.1.1468': attribute type 1 has an invalid length.
[  283.641504][T11467] netlink: 'syz.1.1468': attribute type 2 has an invalid length.
[  283.745810][T11467] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1468'.
[  283.842440][ T5832] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  283.854366][ T5832] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  283.863017][ T5832] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  283.874295][ T5832] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  283.884895][ T5832] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  284.025077][T11473] xt_CT: You must specify a L4 protocol and not use inversions on it
[  284.054980][T11476] netlink: 'syz.0.1479': attribute type 1 has an invalid length.
[  284.063159][T11476] netlink: 'syz.0.1479': attribute type 2 has an invalid length.
[  284.074057][T11476] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1479'.
[  284.225755][   T59] hsr_slave_0: left promiscuous mode
[  284.244898][   T59] hsr_slave_1: left promiscuous mode
[  284.255124][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  284.266411][   T59] batman_adv: batadv0: Removing interface: batadv_slave_0
[  284.276023][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  284.290288][   T59] batman_adv: batadv0: Removing interface: batadv_slave_1
[  284.304843][T11490] netlink: 'syz.1.1473': attribute type 10 has an invalid length.
[  284.321323][   T59] veth1_macvtap: left promiscuous mode
[  284.326924][   T59] veth0_macvtap: left promiscuous mode
[  284.333215][   T59] veth1_vlan: left promiscuous mode
[  284.339051][   T59] veth0_vlan: left promiscuous mode
[  284.825882][   T59] team0 (unregistering): Port device team_slave_1 removed
[  284.868981][   T59] team0 (unregistering): Port device team_slave_0 removed
[  285.508918][T11499] __nla_validate_parse: 1 callbacks suppressed
[  285.508939][T11499] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1476'.
[  285.638437][T11469] chnl_net:caif_netlink_parms(): no params data found
[  285.803815][T11512] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1481'.
[  285.823349][T11512] netlink: 'syz.4.1481': attribute type 9 has an invalid length.
[  285.870087][T11512] macvlan2: entered allmulticast mode
[  285.885828][T11512] mac80211_hwsim hwsim10 wlan0: entered allmulticast mode
[  285.919889][T11469] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.929366][T11469] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.938108][T11469] bridge_slave_0: entered allmulticast mode
[  285.945749][T11469] bridge_slave_0: entered promiscuous mode
[  285.946210][ T5832] Bluetooth: hci4: command tx timeout
[  285.958757][T11469] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.968693][T11469] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.976393][T11469] bridge_slave_1: entered allmulticast mode
[  285.984725][T11469] bridge_slave_1: entered promiscuous mode
[  286.022311][T11520] netlink: 'syz.4.1484': attribute type 1 has an invalid length.
[  286.050965][T11521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1483'.
[  286.060042][T11521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1483'.
[  286.069375][T11521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1483'.
[  286.078368][T11521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1483'.
[  286.089024][T11521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1483'.
[  286.098483][T11521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1483'.
[  286.107494][T11521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1483'.
[  286.116678][T11521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1483'.
[  286.173029][T11524] netlink: 'syz.1.1485': attribute type 11 has an invalid length.
[  286.203688][T11469] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  286.234443][T11469] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  286.350347][T11528] validate_nla: 1 callbacks suppressed
[  286.350370][T11528] netlink: 'syz.2.1487': attribute type 10 has an invalid length.
[  286.365748][T11469] team0: Port device team_slave_0 added
[  286.382857][T11469] team0: Port device team_slave_1 added
[  286.506017][T11469] batman_adv: batadv0: Adding interface: batadv_slave_0
[  286.520990][T11469] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  286.580165][T11469] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  286.618174][T11538] netlink: 'syz.2.1491': attribute type 10 has an invalid length.
[  286.629533][T11469] batman_adv: batadv0: Adding interface: batadv_slave_1
[  286.660023][T11469] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  286.706448][T11469] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  286.772333][T11469] hsr_slave_0: entered promiscuous mode
[  286.780364][T11469] hsr_slave_1: entered promiscuous mode
[  286.971144][T11554] vlan5: left promiscuous mode
[  286.981022][T11554] vlan5: left allmulticast mode
[  286.990020][T11554] hsr_slave_1: left allmulticast mode
[  287.003960][T11554] mac80211_hwsim hwsim10 wlan0: left allmulticast mode
[  287.037871][T11554] macvlan2: left allmulticast mode
[  287.406352][T11562] netlink: 'syz.1.1500': attribute type 1 has an invalid length.
[  287.415243][T11562] netlink: 'syz.1.1500': attribute type 2 has an invalid length.
[  287.503744][T11564] netlink: 'syz.1.1501': attribute type 10 has an invalid length.
[  287.663217][T11469] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  287.693880][T11469] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  287.722134][T11469] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  287.759508][T11469] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  287.903937][T11580] bond0: (slave wlan1): Releasing backup interface
[  287.955477][T11580] bond11: (slave bond12): Releasing backup interface
[  287.965512][T11581] netlink: 'syz.1.1504': attribute type 10 has an invalid length.
[  288.020572][ T5832] Bluetooth: hci4: command tx timeout
[  288.041702][T11581] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  288.289330][T11469] 8021q: adding VLAN 0 to HW filter on device bond0
[  288.351220][T11469] 8021q: adding VLAN 0 to HW filter on device team0
[  288.384143][ T6304] bridge0: port 1(bridge_slave_0) entered blocking state
[  288.391378][ T6304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  288.408856][T11597] netlink: 'syz.2.1512': attribute type 10 has an invalid length.
[  288.435661][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  288.442937][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  289.056170][T11628] !
: renamed from dummy0
[  289.076338][T11469] 8021q: adding VLAN 0 to HW filter on device batadv0
[  289.200410][T11469] veth0_vlan: entered promiscuous mode
[  289.247997][T11469] veth1_vlan: entered promiscuous mode
[  289.355625][T11469] veth0_macvtap: entered promiscuous mode
[  289.430857][T11469] veth1_macvtap: entered promiscuous mode
[  289.594850][T11469] batman_adv: batadv0: Interface activated: batadv_slave_0
[  289.763245][T11469] batman_adv: batadv0: Interface activated: batadv_slave_1
[  289.789075][T11642] netlink: 'syz.0.1526': attribute type 10 has an invalid length.
[  289.903802][T11469] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  289.930326][T11469] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  289.954331][T11469] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  289.974121][T11469] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  290.098182][ T5832] Bluetooth: hci4: command tx timeout
[  290.323160][T11654] 8021q: adding VLAN 0 to HW filter on device bond8
[  290.339318][T11654] bond7: (slave bond8): Enslaving as an active interface with an up link
[  290.379235][T11659] 8021q: adding VLAN 0 to HW filter on device bond7
[  290.738913][T11679] __nla_validate_parse: 392 callbacks suppressed
[  290.738934][T11679] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1533'.
[  290.787201][T11679] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1533'.
[  290.796130][T11679] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1533'.
[  290.818853][T11679] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1533'.
[  290.829737][T11679] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1533'.
[  290.855859][T11679] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1533'.
[  290.894750][T11684] netlink: 788 bytes leftover after parsing attributes in process `syz.0.1534'.
[  290.910053][T11679] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1533'.
[  290.986016][T11679] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1533'.
[  291.000977][T11679] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1533'.
[  291.370479][T11698] bond0: Master is either lo or non-ether device
[  291.573187][ T6308] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  291.584911][T11709] netlink: 'syz.2.1539': attribute type 1 has an invalid length.
[  291.609947][ T6308] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  291.623395][T11709] netlink: 'syz.2.1539': attribute type 2 has an invalid length.
[  291.706459][ T6308] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  291.714480][T11714] netlink: 'syz.1.1541': attribute type 10 has an invalid length.
[  291.729296][ T6308] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  291.840770][T11716] 8021q: VLANs not supported on bond0
[  291.892021][T11719] xt_connbytes: Forcing CT accounting to be enabled
[  291.918193][T11719] x_tables: ip6_tables: mh match: only valid for protocol 135
[  292.075892][T11726] vlan2: entered promiscuous mode
[  292.081797][T11726] vlan2: entered allmulticast mode
[  292.088151][T11726] hsr_slave_1: entered allmulticast mode
[  292.396698][T11738] netlink: 'syz.0.1552': attribute type 1 has an invalid length.
[  292.404746][T11738] netlink: 'syz.0.1552': attribute type 2 has an invalid length.
[  292.613526][ T6304] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.631623][T11745] netlink: 'syz.2.1554': attribute type 10 has an invalid length.
[  292.819587][ T6304] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.032977][ T6304] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.112755][ T6304] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.217715][ T6304] bridge_slave_1: left allmulticast mode
[  293.223418][ T6304] bridge_slave_1: left promiscuous mode
[  293.231793][ T6304] bridge0: port 2(bridge_slave_1) entered disabled state
[  293.242976][ T6304] bridge_slave_0: left allmulticast mode
[  293.249066][ T6304] bridge_slave_0: left promiscuous mode
[  293.254798][ T6304] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.593572][ T6304] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  293.605239][ T6304] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  293.615584][ T6304] bond0 (unregistering): Released all slaves
[  293.834658][ T6304] hsr_slave_0: left promiscuous mode
[  293.841868][ T6304] hsr_slave_1: left promiscuous mode
[  293.848487][ T6304] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  293.855952][ T6304] batman_adv: batadv0: Removing interface: batadv_slave_0
[  293.865171][ T6304] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  293.872898][ T6304] batman_adv: batadv0: Removing interface: batadv_slave_1
[  293.897832][ T6304] veth1_macvtap: left promiscuous mode
[  293.903373][ T6304] veth0_macvtap: left promiscuous mode
[  293.909130][ T6304] veth1_vlan: left promiscuous mode
[  293.914448][ T6304] veth0_vlan: left promiscuous mode
[  294.587015][ T5841] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  294.609780][ T5841] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  294.631954][ T5841] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  294.644451][ T5841] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  294.652449][ T5841] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  294.652696][ T6304] team0 (unregistering): Port device team_slave_1 removed
[  294.709321][ T6304] team0 (unregistering): Port device team_slave_0 removed
[  295.404019][T11778] netlink: 'syz.0.1572': attribute type 10 has an invalid length.
[  295.578287][T11787] netlink: 'syz.4.1566': attribute type 1 has an invalid length.
[  295.586087][T11787] netlink: 'syz.4.1566': attribute type 2 has an invalid length.
[  295.689501][T11789] syz.0.1565: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  295.717341][T11789] CPU: 1 UID: 0 PID: 11789 Comm: syz.0.1565 Not tainted 6.16.0-rc1-syzkaller-00227-g8909f5f4ecd5 #0 PREEMPT(full) 
[  295.717376][T11789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  295.717392][T11789] Call Trace:
[  295.717401][T11789]  <TASK>
[  295.717412][T11789]  dump_stack_lvl+0x189/0x250
[  295.717457][T11789]  ? __pfx_dump_stack_lvl+0x10/0x10
[  295.717492][T11789]  ? __pfx__printk+0x10/0x10
[  295.717517][T11789]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  295.717552][T11789]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  295.717578][T11789]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  295.717604][T11789]  warn_alloc+0x214/0x310
[  295.717629][T11789]  ? stack_depot_save_flags+0x40/0x900
[  295.717663][T11789]  ? __pfx_warn_alloc+0x10/0x10
[  295.717691][T11789]  ? kasan_save_track+0x4f/0x80
[  295.717724][T11789]  ? xskq_create+0x56/0x170
[  295.717754][T11789]  ? xsk_init_queue+0xb0/0x110
[  295.717782][T11789]  ? xsk_setsockopt+0x43f/0x710
[  295.717809][T11789]  ? do_sock_setsockopt+0x257/0x3e0
[  295.717834][T11789]  ? __x64_sys_setsockopt+0x18b/0x220
[  295.717858][T11789]  ? do_syscall_64+0xfa/0x3b0
[  295.717877][T11789]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.717908][T11789]  __vmalloc_node_range_noprof+0x125/0x12f0
[  295.717966][T11789]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  295.717997][T11789]  ? __kasan_kmalloc+0x93/0xb0
[  295.718021][T11789]  vmalloc_user_noprof+0xad/0xf0
[  295.718044][T11789]  ? xskq_create+0xbf/0x170
[  295.718076][T11789]  xskq_create+0xbf/0x170
[  295.718113][T11789]  xsk_init_queue+0xb0/0x110
[  295.718148][T11789]  xsk_setsockopt+0x43f/0x710
[  295.718181][T11789]  ? __pfx_xsk_setsockopt+0x10/0x10
[  295.718209][T11789]  ? __lock_acquire+0xab9/0xd20
[  295.718253][T11789]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  295.718281][T11789]  ? __pfx_xsk_setsockopt+0x10/0x10
[  295.718308][T11789]  do_sock_setsockopt+0x257/0x3e0
[  295.718334][T11789]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  295.718366][T11789]  ? __fget_files+0x2a/0x420
[  295.718401][T11789]  __x64_sys_setsockopt+0x18b/0x220
[  295.718435][T11789]  do_syscall_64+0xfa/0x3b0
[  295.718455][T11789]  ? lockdep_hardirqs_on+0x9c/0x150
[  295.718487][T11789]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.718509][T11789]  ? clear_bhb_loop+0x60/0xb0
[  295.718546][T11789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.718568][T11789] RIP: 0033:0x7f61b498e929
[  295.718588][T11789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  295.718608][T11789] RSP: 002b:00007f61b572f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  295.718632][T11789] RAX: ffffffffffffffda RBX: 00007f61b4bb5fa0 RCX: 00007f61b498e929
[  295.718648][T11789] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000008
[  295.718661][T11789] RBP: 00007f61b4a10b39 R08: 0000000000000004 R09: 0000000000000000
[  295.718675][T11789] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  295.718689][T11789] R13: 0000000000000000 R14: 00007f61b4bb5fa0 R15: 00007ffd072c2be8
[  295.718725][T11789]  </TASK>
[  295.718734][T11789] Mem-Info:
[  296.055816][T11789] active_anon:3714 inactive_anon:0 isolated_anon:0
[  296.055816][T11789]  active_file:1680 inactive_file:39960 isolated_file:0
[  296.055816][T11789]  unevictable:768 dirty:236 writeback:0
[  296.055816][T11789]  slab_reclaimable:11590 slab_unreclaimable:100851
[  296.055816][T11789]  mapped:30560 shmem:1369 pagetables:985
[  296.055816][T11789]  sec_pagetables:0 bounce:0
[  296.055816][T11789]  kernel_misc_reclaimable:0
[  296.055816][T11789]  free:1328417 free_pcp:14721 free_cma:0
[  296.121709][T11790] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  296.131040][T11807] netlink: 'syz.4.1569': attribute type 10 has an invalid length.
[  296.142348][T11789] Node 0 active_anon:14956kB inactive_anon:0kB active_file:6720kB inactive_file:159640kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:129140kB dirty:940kB writeback:0kB shmem:3940kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12688kB pagetables:3612kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  296.183246][T11789] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:128kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  296.217445][T11789] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  296.277826][T11805] bond0: (slave dummy0): Releasing backup interface
[  296.288194][T11789] lowmem_reserve[]: 0 2501 2502 2502 2502
[  296.343418][T11769] chnl_net:caif_netlink_parms(): no params data found
[  296.349458][T11789] Node 0 DMA32 free:1393008kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:14612kB inactive_anon:0kB active_file:6720kB inactive_file:157828kB unevictable:1536kB writepending:940kB present:3129332kB managed:2561028kB mlocked:0kB bounce:0kB free_pcp:43876kB local_pcp:13344kB free_cma:0kB
[  296.401499][T11789] lowmem_reserve[]: 0 0 1 1 1
[  296.419084][T11789] Node 0 Normal free:28kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1812kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[  296.453554][T11789] lowmem_reserve[]: 0 0 0 0 0
[  296.458714][T11789] Node 1 Normal free:3905144kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:16032kB local_pcp:8000kB free_cma:0kB
[  296.511243][T11789] lowmem_reserve[]: 0 0 0 0 0
[  296.516029][T11789] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  296.529438][T11789] Node 0 DMA32: 625*4kB (UME) 467*8kB (UM) 296*16kB (UM) 461*32kB (UME) 178*64kB (UME) 71*128kB (UME) 49*256kB (UME) 47*512kB (UME) 39*1024kB (UM) 12*2048kB (U) 304*4096kB (UM) = 1392508kB
[  296.548467][T11789] Node 0 Normal: 1*4kB (M) 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28kB
[  296.564403][T11789] Node 1 Normal: 208*4kB (UME) 63*8kB (UME) 50*16kB (UME) 143*32kB (UME) 41*64kB (UME) 4*128kB (UM) 2*256kB (M) 5*512kB (UME) 3*1024kB (UME) 3*2048kB (UE) 948*4096kB (M) = 3905144kB
[  296.593044][T11789] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  296.603238][T11789] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  296.625003][T11789] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  296.645105][T11789] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  296.656393][T11789] 43006 total pagecache pages
[  296.661366][T11789] 0 pages in swap cache
[  296.665632][T11789] Free swap  = 124996kB
[  296.670356][T11789] Total swap = 124996kB
[  296.674619][T11789] 2097051 pages RAM
[  296.679827][T11789] 0 pages HighMem/MovableOnly
[  296.684836][T11789] 424688 pages reserved
[  296.689384][T11789] 0 pages cma reserved
[  296.713468][T11769] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.725020][T11769] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.732720][T11769] bridge_slave_0: entered allmulticast mode
[  296.738906][ T5832] Bluetooth: hci4: command tx timeout
[  296.749796][T11769] bridge_slave_0: entered promiscuous mode
[  296.758572][T11825] __nla_validate_parse: 357 callbacks suppressed
[  296.758593][T11825] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1575'.
[  296.775531][T11825] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1575'.
[  296.784659][T11825] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1575'.
[  296.794595][T11825] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1575'.
[  296.806494][T11825] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1575'.
[  296.815604][T11825] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1575'.
[  296.824887][T11825] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1575'.
[  296.833916][T11825] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1575'.
[  296.843120][T11825] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1575'.
[  296.852189][T11825] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1575'.
[  296.861781][T11769] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.869192][T11769] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.876657][T11769] bridge_slave_1: entered allmulticast mode
[  296.924260][T11769] bridge_slave_1: entered promiscuous mode
[  297.026778][T11833] validate_nla: 1 callbacks suppressed
[  297.026797][T11833] netlink: 'syz.2.1576': attribute type 10 has an invalid length.
[  297.045989][T11769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  297.074394][T11839] netlink: 'syz.0.1586': attribute type 10 has an invalid length.
[  297.079823][T11769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  297.178775][T11769] team0: Port device team_slave_0 added
[  297.193382][T11769] team0: Port device team_slave_1 added
[  297.281214][T11769] batman_adv: batadv0: Adding interface: batadv_slave_0
[  297.295703][T11769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  297.323275][T11769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  297.345875][T11769] batman_adv: batadv0: Adding interface: batadv_slave_1
[  297.361272][T11769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  297.389261][T11769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  297.521467][T11769] hsr_slave_0: entered promiscuous mode
[  297.528688][T11769] hsr_slave_1: entered promiscuous mode
[  298.178121][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  298.573945][T11885] netlink: 'syz.0.1595': attribute type 2 has an invalid length.
[  298.587405][T11884] netlink: 'syz.0.1595': attribute type 2 has an invalid length.
[  298.823253][ T5841] Bluetooth: hci4: command tx timeout
[  298.930387][T11902] netlink: 'syz.4.1598': attribute type 10 has an invalid length.
[  298.964216][T11902] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  299.239800][T11769] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  299.273842][T11769] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  299.293693][T11769] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  299.313080][T11769] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  299.348620][T11914] macvtap1: entered promiscuous mode
[  299.381981][T11914] gretap0: entered promiscuous mode
[  299.387897][T11914] macvtap1: entered allmulticast mode
[  299.393479][T11914] gretap0: entered allmulticast mode
[  299.656325][T11769] 8021q: adding VLAN 0 to HW filter on device bond0
[  299.666422][T11926] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  299.752958][T11923] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  299.754369][T11769] 8021q: adding VLAN 0 to HW filter on device team0
[  299.843355][ T6304] bridge0: port 1(bridge_slave_0) entered blocking state
[  299.850685][ T6304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  299.900756][ T6304] bridge0: port 2(bridge_slave_1) entered blocking state
[  299.908003][ T6304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  300.368911][T11953] vlan2: left promiscuous mode
[  300.387723][T11953] vlan2: left allmulticast mode
[  300.392653][T11953] hsr_slave_1: left allmulticast mode
[  300.533934][T11964] netlink: 'syz.4.1619': attribute type 10 has an invalid length.
[  300.585681][T11769] 8021q: adding VLAN 0 to HW filter on device batadv0
[  300.694711][T11769] veth0_vlan: entered promiscuous mode
[  300.720920][T11769] veth1_vlan: entered promiscuous mode
[  300.814010][T11769] veth0_macvtap: entered promiscuous mode
[  300.849396][T11769] veth1_macvtap: entered promiscuous mode
[  300.894071][T11769] batman_adv: batadv0: Interface activated: batadv_slave_0
[  300.901755][ T5841] Bluetooth: hci4: command tx timeout
[  300.962049][T11769] batman_adv: batadv0: Interface activated: batadv_slave_1
[  301.002150][T11769] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  301.016330][T11769] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  301.028109][T11769] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  301.037643][T11769] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  301.084997][T11981] FAULT_INJECTION: forcing a failure.
[  301.084997][T11981] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  301.107637][T11981] CPU: 1 UID: 0 PID: 11981 Comm: syz.0.1626 Not tainted 6.16.0-rc1-syzkaller-00227-g8909f5f4ecd5 #0 PREEMPT(full) 
[  301.107670][T11981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  301.107683][T11981] Call Trace:
[  301.107692][T11981]  <TASK>
[  301.107701][T11981]  dump_stack_lvl+0x189/0x250
[  301.107740][T11981]  ? __pfx____ratelimit+0x10/0x10
[  301.107773][T11981]  ? __pfx_dump_stack_lvl+0x10/0x10
[  301.107806][T11981]  ? __pfx__printk+0x10/0x10
[  301.107831][T11981]  ? __might_fault+0xb0/0x130
[  301.107863][T11981]  should_fail_ex+0x414/0x560
[  301.107896][T11981]  _copy_from_iter+0x1db/0x16f0
[  301.107933][T11981]  ? rcu_is_watching+0x15/0xb0
[  301.107968][T11981]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  301.107992][T11981]  ? __pfx__copy_from_iter+0x10/0x10
[  301.108024][T11981]  ? __build_skb_around+0x257/0x3e0
[  301.108054][T11981]  ? netlink_sendmsg+0x642/0xb30
[  301.108078][T11981]  ? skb_put+0x11b/0x210
[  301.108107][T11981]  netlink_sendmsg+0x6b2/0xb30
[  301.108151][T11981]  ? __pfx_netlink_sendmsg+0x10/0x10
[  301.108181][T11981]  ? aa_sock_msg_perm+0x94/0x160
[  301.108211][T11981]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  301.108238][T11981]  ? __pfx_netlink_sendmsg+0x10/0x10
[  301.108264][T11981]  __sock_sendmsg+0x219/0x270
[  301.108301][T11981]  ____sys_sendmsg+0x505/0x830
[  301.108335][T11981]  ? __pfx_____sys_sendmsg+0x10/0x10
[  301.108372][T11981]  ? import_iovec+0x74/0xa0
[  301.108397][T11981]  ___sys_sendmsg+0x21f/0x2a0
[  301.108432][T11981]  ? __pfx____sys_sendmsg+0x10/0x10
[  301.108468][T11981]  ? rcu_read_unlock_special+0x3fe/0x4c0
[  301.108526][T11981]  ? __fget_files+0x2a/0x420
[  301.108549][T11981]  ? __fget_files+0x3a0/0x420
[  301.108585][T11981]  __x64_sys_sendmsg+0x19b/0x260
[  301.108617][T11981]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  301.108653][T11981]  ? __pfx_ksys_write+0x10/0x10
[  301.108669][T11981]  ? rcu_is_watching+0x15/0xb0
[  301.108707][T11981]  ? do_syscall_64+0xbe/0x3b0
[  301.108731][T11981]  do_syscall_64+0xfa/0x3b0
[  301.108748][T11981]  ? lockdep_hardirqs_on+0x9c/0x150
[  301.108779][T11981]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.108798][T11981]  ? clear_bhb_loop+0x60/0xb0
[  301.108825][T11981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.108845][T11981] RIP: 0033:0x7f61b498e929
[  301.108872][T11981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  301.108891][T11981] RSP: 002b:00007f61b572f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  301.108914][T11981] RAX: ffffffffffffffda RBX: 00007f61b4bb5fa0 RCX: 00007f61b498e929
[  301.108929][T11981] RDX: 0000000000004000 RSI: 0000200000000500 RDI: 0000000000000003
[  301.108943][T11981] RBP: 00007f61b572f090 R08: 0000000000000000 R09: 0000000000000000
[  301.108957][T11981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  301.108969][T11981] R13: 0000000000000000 R14: 00007f61b4bb5fa0 R15: 00007ffd072c2be8
[  301.109004][T11981]  </TASK>
[  301.524871][ T6324] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  301.557174][ T6324] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  301.633465][ T6324] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  301.665283][ T6324] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  301.838261][T12003] __nla_validate_parse: 476 callbacks suppressed
[  301.838285][T12003] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1635'.
[  302.040503][T12012] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1639'.
[  302.076031][T12013] netlink: 'syz.0.1638': attribute type 10 has an invalid length.
[  302.115711][T12015] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1640'.
[  302.209601][T12022] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1643'.
[  302.942523][T12037] xt_CT: You must specify a L4 protocol and not use inversions on it
[  302.988930][ T5832] Bluetooth: hci4: command tx timeout
[  303.009673][T12040] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1650'.
[  303.271329][T12046] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1653'.
[  303.391659][T12051] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1655'.
[  303.422057][T12056] vlan2: entered promiscuous mode
[  303.427727][T12056] vlan2: entered allmulticast mode
[  303.433054][T12056] hsr_slave_1: entered allmulticast mode
[  303.570608][T12062] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1660'.
[  303.643160][T12067] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1662'.
[  303.826737][T12072] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1664'.
[  303.827802][T12073] netlink: 'syz.1.1665': attribute type 14 has an invalid length.
[  303.845324][T12073] netlink: 'syz.1.1665': attribute type 12 has an invalid length.
[  304.668764][T12112] netlink: 'syz.2.1683': attribute type 18 has an invalid length.
[  304.689693][T12112] ip6t_srh: unknown srh invflags 4000
[  304.697706][T12113] openvswitch: netlink: Geneve opt len 126 is not a multiple of 4.
[  304.917677][T12125] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  305.122426][T12132] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  305.418361][T12148] sctp: [Deprecated]: syz.0.1698 (pid 12148) Use of int in max_burst socket option.
[  305.418361][T12148] Use struct sctp_assoc_value instead
[  305.445645][T12149] bond0: (slave dummy0): Releasing backup interface
[  305.499763][T12157] netlink: 'syz.4.1699': attribute type 10 has an invalid length.
[  305.561307][T12157] bond0: (slave wlan1): refused to change device type
[  305.727006][T12164] 8021q: adding VLAN 0 to HW filter on device bond14
[  305.736114][T12164] bond13: (slave bond14): Enslaving as an active interface with an up link
[  305.748948][T12160] 8021q: adding VLAN 0 to HW filter on device bond13
[  306.010008][T12178] FAULT_INJECTION: forcing a failure.
[  306.010008][T12178] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  306.023325][T12178] CPU: 1 UID: 0 PID: 12178 Comm: syz.2.1709 Not tainted 6.16.0-rc1-syzkaller-00227-g8909f5f4ecd5 #0 PREEMPT(full) 
[  306.023357][T12178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  306.023371][T12178] Call Trace:
[  306.023382][T12178]  <TASK>
[  306.023393][T12178]  dump_stack_lvl+0x189/0x250
[  306.023432][T12178]  ? __pfx____ratelimit+0x10/0x10
[  306.023456][T12178]  ? __pfx_dump_stack_lvl+0x10/0x10
[  306.023480][T12178]  ? __pfx__printk+0x10/0x10
[  306.023496][T12178]  ? __might_fault+0xb0/0x130
[  306.023526][T12178]  should_fail_ex+0x414/0x560
[  306.023550][T12178]  _copy_to_iter+0x1db/0x16f0
[  306.023572][T12178]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  306.023593][T12178]  ? lockdep_hardirqs_on+0x9c/0x150
[  306.023618][T12178]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  306.023640][T12178]  ? __pfx__copy_to_iter+0x10/0x10
[  306.023660][T12178]  ? __skb_try_recv_from_queue+0x2b2/0x730
[  306.023685][T12178]  ? __skb_try_recv_datagram+0x3da/0x4e0
[  306.023710][T12178]  __skb_datagram_iter+0xf8/0x990
[  306.023732][T12178]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  306.023773][T12178]  skb_copy_datagram_iter+0xc5/0x230
[  306.023809][T12178]  netlink_recvmsg+0x2ab/0xa30
[  306.023848][T12178]  ? __pfx_netlink_recvmsg+0x10/0x10
[  306.023871][T12178]  ? aa_sock_msg_perm+0x94/0x160
[  306.023892][T12178]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  306.023911][T12178]  ? security_socket_recvmsg+0x7e/0x2e0
[  306.023935][T12178]  ? __pfx_netlink_recvmsg+0x10/0x10
[  306.023953][T12178]  sock_recvmsg+0x229/0x270
[  306.023991][T12178]  sock_read_iter+0x231/0x2f0
[  306.024025][T12178]  ? __pfx_sock_read_iter+0x10/0x10
[  306.024073][T12178]  ? __pfx_aa_file_perm+0x10/0x10
[  306.024101][T12178]  do_iter_readv_writev+0x56b/0x7f0
[  306.024119][T12178]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  306.024139][T12178]  ? bpf_lsm_file_permission+0x9/0x20
[  306.024159][T12178]  ? security_file_permission+0x75/0x290
[  306.024176][T12178]  ? rw_verify_area+0x258/0x650
[  306.024202][T12178]  vfs_readv+0x253/0x850
[  306.024225][T12178]  ? __pfx_vfs_readv+0x10/0x10
[  306.024254][T12178]  ? __fget_files+0x2a/0x420
[  306.024275][T12178]  ? __fget_files+0x3a0/0x420
[  306.024290][T12178]  ? __fget_files+0x2a/0x420
[  306.024313][T12178]  do_readv+0x14d/0x2d0
[  306.024333][T12178]  ? __pfx_do_readv+0x10/0x10
[  306.024349][T12178]  ? rcu_is_watching+0x15/0xb0
[  306.024383][T12178]  ? do_syscall_64+0xbe/0x3b0
[  306.024407][T12178]  do_syscall_64+0xfa/0x3b0
[  306.024426][T12178]  ? lockdep_hardirqs_on+0x9c/0x150
[  306.024460][T12178]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.024476][T12178]  ? clear_bhb_loop+0x60/0xb0
[  306.024495][T12178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.024510][T12178] RIP: 0033:0x7f0eb5b8e929
[  306.024533][T12178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  306.024546][T12178] RSP: 002b:00007f0eb6968038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  306.024562][T12178] RAX: ffffffffffffffda RBX: 00007f0eb5db5fa0 RCX: 00007f0eb5b8e929
[  306.024572][T12178] RDX: 0000000000000001 RSI: 0000200000000740 RDI: 0000000000000003
[  306.024582][T12178] RBP: 00007f0eb6968090 R08: 0000000000000000 R09: 0000000000000000
[  306.024590][T12178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  306.024599][T12178] R13: 0000000000000000 R14: 00007f0eb5db5fa0 R15: 00007ffdc388edb8
[  306.024622][T12178]  </TASK>
[  306.456359][T12183] vlan2: entered promiscuous mode
[  306.461654][T12183] hsr_slave_1: entered promiscuous mode
[  306.469498][T12183] vlan2: entered allmulticast mode
[  306.475448][T12183] hsr_slave_1: entered allmulticast mode
[  306.719711][T12191] x_tables: ip6_tables: mh match: only valid for protocol 135
[  306.860114][T12199] __nla_validate_parse: 17 callbacks suppressed
[  306.860136][T12199] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1718'.
[  306.886337][T12201] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1719'.
[  306.927752][T12199] macsec1: entered allmulticast mode
[  306.934084][T12199] bridge0: entered allmulticast mode
[  306.965208][T12199] bridge0: left allmulticast mode
[  307.053213][T12207] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1722'.
[  307.077390][T12213] netlink: 'syz.4.1721': attribute type 10 has an invalid length.
[  307.107870][T12213] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  307.284922][T12220] sysfs: cannot create duplicate filename '/class/ieee80211/žÀ^–>º>ùMv^µ
â侦¸ÑKc'A¥»–_à›xDä±pj8¼•TTí!'
[  307.298380][T12220] CPU: 0 UID: 0 PID: 12220 Comm: syz.1.1725 Not tainted 6.16.0-rc1-syzkaller-00227-g8909f5f4ecd5 #0 PREEMPT(full) 
[  307.298426][T12220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  307.298441][T12220] Call Trace:
[  307.298450][T12220]  <TASK>
[  307.298460][T12220]  dump_stack_lvl+0x189/0x250
[  307.298507][T12220]  ? __pfx_dump_stack_lvl+0x10/0x10
[  307.298542][T12220]  ? __pfx__printk+0x10/0x10
[  307.298566][T12220]  ? kernfs_path_from_node+0x2c/0x260
[  307.298601][T12220]  ? kernfs_path_from_node+0x2c/0x260
[  307.298625][T12220]  ? kernfs_path_from_node+0x2c/0x260
[  307.298653][T12220]  ? kernfs_path_from_node+0x22c/0x260
[  307.298678][T12220]  ? kernfs_path_from_node+0x2c/0x260
[  307.298708][T12220]  sysfs_warn_dup+0x8e/0xa0
[  307.298732][T12220]  sysfs_do_create_link_sd+0xc0/0x110
[  307.298760][T12220]  device_add_class_symlinks+0x1cf/0x240
[  307.298789][T12220]  device_add+0x475/0xb50
[  307.298817][T12220]  wiphy_register+0x199a/0x26b0
[  307.298862][T12220]  ? __pfx_wiphy_register+0x10/0x10
[  307.298885][T12220]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  307.298921][T12220]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  307.298954][T12220]  ieee80211_register_hw+0x33e1/0x4120
[  307.299004][T12220]  ? ieee80211_register_hw+0x1451/0x4120
[  307.299045][T12220]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  307.299080][T12220]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  307.299120][T12220]  ? __hrtimer_setup+0x187/0x210
[  307.299151][T12220]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  307.299180][T12220]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  307.299239][T12220]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  307.299260][T12220]  ? trace_kmalloc+0x1f/0xd0
[  307.299282][T12220]  ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0
[  307.299304][T12220]  ? kstrndup+0xbf/0x160
[  307.299343][T12220]  hwsim_new_radio_nl+0xea4/0x1b10
[  307.299369][T12220]  ? __pfx___nla_validate_parse+0x10/0x10
[  307.299432][T12220]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  307.299457][T12220]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  307.299502][T12220]  ? __nla_parse+0x40/0x60
[  307.299538][T12220]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  307.299582][T12220]  genl_family_rcv_msg_doit+0x215/0x300
[  307.299624][T12220]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  307.299675][T12220]  ? bpf_lsm_capable+0x9/0x20
[  307.299694][T12220]  ? security_capable+0x7e/0x2e0
[  307.299731][T12220]  genl_rcv_msg+0x60e/0x790
[  307.299772][T12220]  ? __pfx_genl_rcv_msg+0x10/0x10
[  307.299802][T12220]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  307.299843][T12220]  netlink_rcv_skb+0x205/0x470
[  307.299870][T12220]  ? __pfx_genl_rcv_msg+0x10/0x10
[  307.299903][T12220]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  307.299951][T12220]  ? down_read+0x1ad/0x2e0
[  307.299976][T12220]  genl_rcv+0x28/0x40
[  307.300006][T12220]  netlink_unicast+0x758/0x8d0
[  307.300042][T12220]  netlink_sendmsg+0x805/0xb30
[  307.300080][T12220]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.300111][T12220]  ? aa_sock_msg_perm+0x94/0x160
[  307.300141][T12220]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  307.300178][T12220]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.300206][T12220]  __sock_sendmsg+0x219/0x270
[  307.300242][T12220]  ____sys_sendmsg+0x505/0x830
[  307.300276][T12220]  ? __pfx_____sys_sendmsg+0x10/0x10
[  307.300315][T12220]  ? import_iovec+0x74/0xa0
[  307.300343][T12220]  ___sys_sendmsg+0x21f/0x2a0
[  307.300374][T12220]  ? __pfx____sys_sendmsg+0x10/0x10
[  307.300456][T12220]  ? __fget_files+0x2a/0x420
[  307.300480][T12220]  ? __fget_files+0x3a0/0x420
[  307.300520][T12220]  __x64_sys_sendmsg+0x19b/0x260
[  307.300551][T12220]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  307.300593][T12220]  ? rcu_is_watching+0x15/0xb0
[  307.300634][T12220]  ? do_syscall_64+0xbe/0x3b0
[  307.300659][T12220]  do_syscall_64+0xfa/0x3b0
[  307.300678][T12220]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.300709][T12220]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.300730][T12220]  ? clear_bhb_loop+0x60/0xb0
[  307.300757][T12220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.300779][T12220] RIP: 0033:0x7f5ff118e929
[  307.300799][T12220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.300818][T12220] RSP: 002b:00007f5ff205a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  307.300840][T12220] RAX: ffffffffffffffda RBX: 00007f5ff13b5fa0 RCX: 00007f5ff118e929
[  307.300857][T12220] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000006
[  307.300870][T12220] RBP: 00007f5ff1210b39 R08: 0000000000000000 R09: 0000000000000000
[  307.300884][T12220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  307.300897][T12220] R13: 0000000000000000 R14: 00007f5ff13b5fa0 R15: 00007fff57e02cb8
[  307.300933][T12220]  </TASK>
[  308.067742][T12236] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1731'.
[  308.272216][T12244] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1734'.
[  308.281581][T12244] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1734'.
[  308.290857][T12244] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1734'.
[  308.300235][T12244] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1734'.
[  308.309299][T12244] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1734'.
[  308.318744][T12244] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1734'.
[  308.559331][T12254] netlink: 'syz.4.1739': attribute type 10 has an invalid length.
[  309.639663][T12276] trusted_key: syz.1.1746 sent an empty control message without MSG_MORE.
[  310.346798][T12298] netlink: 'syz.2.1755': attribute type 10 has an invalid length.
[  310.923016][T12317] Cannot find map_set index 0 as target
[  311.181933][T12326] vlan2: left promiscuous mode
[  311.187482][T12326] vlan2: left allmulticast mode
[  311.195506][T12326] hsr_slave_1: left allmulticast mode
[  311.962366][T12362] __nla_validate_parse: 206 callbacks suppressed
[  311.962389][T12362] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1779'.
[  312.065934][T12362] macvtap2: entered promiscuous mode
[  312.099817][T12362] gretap0: entered promiscuous mode
[  312.116524][T12365] netlink: 'syz.1.1781': attribute type 10 has an invalid length.
[  312.146714][T12362] macvtap2: entered allmulticast mode
[  312.157212][T12362] gretap0: entered allmulticast mode
[  312.645797][T12377] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1789'.
[  312.655375][T12377] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1789'.
[  312.664455][T12377] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1789'.
[  312.676536][T12377] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1789'.
[  312.685944][T12377] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1789'.
[  312.695836][T12377] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1789'.
[  312.712031][T12377] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1789'.
[  312.721681][T12377] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1789'.
[  312.731059][T12377] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1789'.
[  312.825197][T12387] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: invalid value (64)
[  312.845326][T12387] macsec1: entered allmulticast mode
[  312.851325][T12387] team0: entered allmulticast mode
[  312.858981][T12387] team0: left allmulticast mode
[  313.019068][T12393] netlink: 'syz.0.1794': attribute type 1 has an invalid length.
[  313.660962][T12407] FAULT_INJECTION: forcing a failure.
[  313.660962][T12407] name failslab, interval 1, probability 0, space 0, times 0
[  313.697274][T12407] CPU: 1 UID: 0 PID: 12407 Comm: syz.4.1800 Not tainted 6.16.0-rc1-syzkaller-00227-g8909f5f4ecd5 #0 PREEMPT(full) 
[  313.697308][T12407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  313.697321][T12407] Call Trace:
[  313.697330][T12407]  <TASK>
[  313.697340][T12407]  dump_stack_lvl+0x189/0x250
[  313.697381][T12407]  ? __pfx____ratelimit+0x10/0x10
[  313.697414][T12407]  ? __pfx_dump_stack_lvl+0x10/0x10
[  313.697448][T12407]  ? __pfx__printk+0x10/0x10
[  313.697475][T12407]  ? __pfx___might_resched+0x10/0x10
[  313.697507][T12407]  ? fs_reclaim_acquire+0x7d/0x100
[  313.697536][T12407]  should_fail_ex+0x414/0x560
[  313.697569][T12407]  should_failslab+0xa8/0x100
[  313.697594][T12407]  __kmalloc_noprof+0xcb/0x4f0
[  313.697613][T12407]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  313.697654][T12407]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  313.697695][T12407]  genl_family_rcv_msg_doit+0xb8/0x300
[  313.697736][T12407]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  313.697772][T12407]  ? rcu_is_watching+0x15/0xb0
[  313.697803][T12407]  ? apparmor_capable+0x137/0x1b0
[  313.697829][T12407]  ? bpf_lsm_capable+0x9/0x20
[  313.697842][T12407]  ? security_capable+0x7e/0x2e0
[  313.697867][T12407]  genl_rcv_msg+0x60e/0x790
[  313.697894][T12407]  ? __pfx_genl_rcv_msg+0x10/0x10
[  313.697923][T12407]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  313.697943][T12407]  ? __pfx_nl80211_set_channel+0x10/0x10
[  313.697959][T12407]  ? __pfx_nl80211_post_doit+0x10/0x10
[  313.697992][T12407]  netlink_rcv_skb+0x205/0x470
[  313.698010][T12407]  ? __pfx_genl_rcv_msg+0x10/0x10
[  313.698033][T12407]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  313.698065][T12407]  ? down_read+0x1ad/0x2e0
[  313.698083][T12407]  genl_rcv+0x28/0x40
[  313.698103][T12407]  netlink_unicast+0x758/0x8d0
[  313.698127][T12407]  netlink_sendmsg+0x805/0xb30
[  313.698153][T12407]  ? __pfx_netlink_sendmsg+0x10/0x10
[  313.698176][T12407]  ? aa_sock_msg_perm+0x94/0x160
[  313.698197][T12407]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  313.698215][T12407]  ? __pfx_netlink_sendmsg+0x10/0x10
[  313.698234][T12407]  __sock_sendmsg+0x219/0x270
[  313.698260][T12407]  ____sys_sendmsg+0x505/0x830
[  313.698283][T12407]  ? __pfx_____sys_sendmsg+0x10/0x10
[  313.698310][T12407]  ? import_iovec+0x74/0xa0
[  313.698327][T12407]  ___sys_sendmsg+0x21f/0x2a0
[  313.698348][T12407]  ? __pfx____sys_sendmsg+0x10/0x10
[  313.698396][T12407]  ? __fget_files+0x2a/0x420
[  313.698412][T12407]  ? __fget_files+0x3a0/0x420
[  313.698437][T12407]  __x64_sys_sendmsg+0x19b/0x260
[  313.698458][T12407]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  313.698485][T12407]  ? __pfx_ksys_write+0x10/0x10
[  313.698497][T12407]  ? rcu_is_watching+0x15/0xb0
[  313.698523][T12407]  ? do_syscall_64+0xbe/0x3b0
[  313.698540][T12407]  do_syscall_64+0xfa/0x3b0
[  313.698553][T12407]  ? lockdep_hardirqs_on+0x9c/0x150
[  313.698574][T12407]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.698589][T12407]  ? clear_bhb_loop+0x60/0xb0
[  313.698607][T12407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.698622][T12407] RIP: 0033:0x7fb5dfb8e929
[  313.698635][T12407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.698648][T12407] RSP: 002b:00007fb5e091d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  313.698664][T12407] RAX: ffffffffffffffda RBX: 00007fb5dfdb5fa0 RCX: 00007fb5dfb8e929
[  313.698675][T12407] RDX: 0000000000004000 RSI: 0000200000000500 RDI: 0000000000000003
[  313.698684][T12407] RBP: 00007fb5e091d090 R08: 0000000000000000 R09: 0000000000000000
[  313.698693][T12407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  313.698702][T12407] R13: 0000000000000000 R14: 00007fb5dfdb5fa0 R15: 00007ffd78296748
[  313.698736][T12407]  </TASK>
[  314.288866][T12417] netlink: 'syz.0.1803': attribute type 10 has an invalid length.
[  314.618676][T12423] netlink: 'syz.1.1806': attribute type 1 has an invalid length.
[  314.626691][T12423] netlink: 'syz.1.1806': attribute type 2 has an invalid length.
[  314.735199][T12427] netlink: 'syz.4.1817': attribute type 1 has an invalid length.
[  314.743314][T12427] netlink: 'syz.4.1817': attribute type 2 has an invalid length.
[  314.856060][T12430] netlink: 'syz.2.1808': attribute type 1 has an invalid length.
[  314.906581][T12430] 8021q: adding VLAN 0 to HW filter on device bond9
[  315.985093][T12461] netlink: 'syz.1.1821': attribute type 1 has an invalid length.
[  315.997001][T12461] netlink: 'syz.1.1821': attribute type 2 has an invalid length.
[  316.425746][T12478] gretap0: left allmulticast mode
[  316.432080][T12478] gretap0: left promiscuous mode
[  316.439134][T12478] macvtap2: left promiscuous mode
[  316.444363][T12478] macvtap2: left allmulticast mode
[  317.042013][T12504] __nla_validate_parse: 220 callbacks suppressed
[  317.042034][T12504] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1836'.
[  317.137666][T12504] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  317.222875][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  317.230563][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  317.659001][T12523] validate_nla: 2 callbacks suppressed
[  317.659021][T12523] netlink: 'syz.1.1846': attribute type 1 has an invalid length.
[  317.679664][T12523] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1846'.
[  317.827422][T12530] netlink: 'syz.0.1848': attribute type 10 has an invalid length.
[  317.855350][T12529] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1850'.
[  317.864550][T12529] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1850'.
[  317.873927][T12529] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1850'.
[  317.883066][T12529] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1850'.
[  317.892356][T12529] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1850'.
[  317.917919][T12529] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1850'.
[  317.927528][T12529] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1850'.
[  317.936627][T12529] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1850'.
[  317.948442][T12533] netlink: 'syz.1.1849': attribute type 29 has an invalid length.
[  318.434768][T12560] netlink: 'syz.1.1859': attribute type 1 has an invalid length.
[  318.997016][T12590] netlink: 'syz.4.1873': attribute type 1 has an invalid length.
[  319.009862][T12590] netlink: 'syz.4.1873': attribute type 2 has an invalid length.
[  319.361198][T12604] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  319.399883][T12602] 8021q: adding VLAN 0 to HW filter on device bond7
[  319.462474][T12607] 8021q: adding VLAN 0 to HW filter on device bond7
[  319.473007][T12607] bond7: (slave ip6tnl1): The slave device specified does not support setting the MAC address
[  319.488075][T12607] bond7: (slave ip6tnl1): Error -95 calling set_mac_address
[  319.795267][T12626] netlink: 'syz.1.1884': attribute type 1 has an invalid length.
[  319.819593][T12626] netlink: 'syz.1.1884': attribute type 2 has an invalid length.
[  319.832433][T12628] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  320.042851][T12638] netdevsim netdevsim0 netdevsim0: left promiscuous mode
[  320.055003][T12638] bond0: (slave wlan1): Releasing backup interface
[  320.084911][T12638] netlink: 'syz.0.1887': attribute type 10 has an invalid length.
[  320.103495][T12638] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  320.334520][T12645] 8021q: adding VLAN 0 to HW filter on device bond3
[  320.368104][T12645] bond2: (slave bond3): Enslaving as an active interface with an up link
[  320.389899][T12650] 8021q: adding VLAN 0 to HW filter on device bond2
[  320.442881][T12657] FAULT_INJECTION: forcing a failure.
[  320.442881][T12657] name failslab, interval 1, probability 0, space 0, times 0
[  320.455958][T12657] CPU: 1 UID: 0 PID: 12657 Comm: syz.4.1894 Not tainted 6.16.0-rc1-syzkaller-00227-g8909f5f4ecd5 #0 PREEMPT(full) 
[  320.455993][T12657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  320.456007][T12657] Call Trace:
[  320.456015][T12657]  <TASK>
[  320.456024][T12657]  dump_stack_lvl+0x189/0x250
[  320.456063][T12657]  ? __pfx____ratelimit+0x10/0x10
[  320.456096][T12657]  ? __pfx_dump_stack_lvl+0x10/0x10
[  320.456130][T12657]  ? __pfx__printk+0x10/0x10
[  320.456160][T12657]  ? __pfx___might_resched+0x10/0x10
[  320.456193][T12657]  ? fs_reclaim_acquire+0x7d/0x100
[  320.456223][T12657]  should_fail_ex+0x414/0x560
[  320.456257][T12657]  should_failslab+0xa8/0x100
[  320.456282][T12657]  __kmalloc_cache_noprof+0x70/0x3d0
[  320.456303][T12657]  ? rtnl_newlink+0xed/0x1c70
[  320.456325][T12657]  ? __lock_acquire+0xab9/0xd20
[  320.456359][T12657]  rtnl_newlink+0xed/0x1c70
[  320.456393][T12657]  ? __pfx_rtnl_newlink+0x10/0x10
[  320.456414][T12657]  ? is_bpf_text_address+0x26/0x2b0
[  320.456477][T12657]  ? __lock_acquire+0xab9/0xd20
[  320.456519][T12657]  ? __lock_acquire+0xab9/0xd20
[  320.456571][T12657]  ? is_bpf_text_address+0x26/0x2b0
[  320.456609][T12657]  ? is_bpf_text_address+0x292/0x2b0
[  320.456641][T12657]  ? is_bpf_text_address+0x26/0x2b0
[  320.456677][T12657]  ? kernel_text_address+0xa5/0xe0
[  320.456719][T12657]  ? __lock_acquire+0xab9/0xd20
[  320.456778][T12657]  ? __pfx_rtnl_newlink+0x10/0x10
[  320.456800][T12657]  rtnetlink_rcv_msg+0x7cf/0xb70
[  320.456827][T12657]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  320.456849][T12657]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  320.456888][T12657]  netlink_rcv_skb+0x205/0x470
[  320.456914][T12657]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  320.456943][T12657]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  320.456981][T12657]  ? netlink_deliver_tap+0x2e/0x1b0
[  320.457005][T12657]  ? netlink_deliver_tap+0x2e/0x1b0
[  320.457036][T12657]  netlink_unicast+0x758/0x8d0
[  320.457068][T12657]  netlink_sendmsg+0x805/0xb30
[  320.457104][T12657]  ? __pfx_netlink_sendmsg+0x10/0x10
[  320.457133][T12657]  ? aa_sock_msg_perm+0x94/0x160
[  320.457162][T12657]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  320.457189][T12657]  ? __pfx_netlink_sendmsg+0x10/0x10
[  320.457215][T12657]  __sock_sendmsg+0x219/0x270
[  320.457253][T12657]  ____sys_sendmsg+0x505/0x830
[  320.457285][T12657]  ? __pfx_____sys_sendmsg+0x10/0x10
[  320.457323][T12657]  ? import_iovec+0x74/0xa0
[  320.457348][T12657]  ___sys_sendmsg+0x21f/0x2a0
[  320.457379][T12657]  ? __pfx____sys_sendmsg+0x10/0x10
[  320.457458][T12657]  ? __fget_files+0x2a/0x420
[  320.457483][T12657]  ? __fget_files+0x3a0/0x420
[  320.457518][T12657]  __x64_sys_sendmsg+0x19b/0x260
[  320.457548][T12657]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  320.457587][T12657]  ? __pfx_ksys_write+0x10/0x10
[  320.457604][T12657]  ? rcu_is_watching+0x15/0xb0
[  320.457644][T12657]  ? do_syscall_64+0xbe/0x3b0
[  320.457668][T12657]  do_syscall_64+0xfa/0x3b0
[  320.457687][T12657]  ? lockdep_hardirqs_on+0x9c/0x150
[  320.457717][T12657]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.457739][T12657]  ? clear_bhb_loop+0x60/0xb0
[  320.457765][T12657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.457786][T12657] RIP: 0033:0x7fb5dfb8e929
[  320.457806][T12657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.457825][T12657] RSP: 002b:00007fb5dd9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  320.457849][T12657] RAX: ffffffffffffffda RBX: 00007fb5dfdb6080 RCX: 00007fb5dfb8e929
[  320.457865][T12657] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000006
[  320.457878][T12657] RBP: 00007fb5dd9f6090 R08: 0000000000000000 R09: 0000000000000000
[  320.457891][T12657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  320.457904][T12657] R13: 0000000000000000 R14: 00007fb5dfdb6080 R15: 00007ffd78296748
[  320.457938][T12657]  </TASK>
[  320.858760][T12654] netlink: 'syz.4.1894': attribute type 10 has an invalid length.
[  321.048297][T12667] FAULT_INJECTION: forcing a failure.
[  321.048297][T12667] name failslab, interval 1, probability 0, space 0, times 0
[  321.077940][T12667] CPU: 1 UID: 0 PID: 12667 Comm: syz.1.1896 Not tainted 6.16.0-rc1-syzkaller-00227-g8909f5f4ecd5 #0 PREEMPT(full) 
[  321.077973][T12667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  321.077986][T12667] Call Trace:
[  321.077994][T12667]  <TASK>
[  321.078004][T12667]  dump_stack_lvl+0x189/0x250
[  321.078043][T12667]  ? __pfx____ratelimit+0x10/0x10
[  321.078076][T12667]  ? __pfx_dump_stack_lvl+0x10/0x10
[  321.078111][T12667]  ? __pfx__printk+0x10/0x10
[  321.078142][T12667]  ? __pfx___might_resched+0x10/0x10
[  321.078181][T12667]  should_fail_ex+0x414/0x560
[  321.078214][T12667]  should_failslab+0xa8/0x100
[  321.078240][T12667]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  321.078261][T12667]  ? __alloc_skb+0x112/0x2d0
[  321.078291][T12667]  __alloc_skb+0x112/0x2d0
[  321.078320][T12667]  netlink_dump+0x22b/0xe20
[  321.078358][T12667]  ? __pfx_netlink_dump+0x10/0x10
[  321.078398][T12667]  ? kmem_cache_free+0x18f/0x400
[  321.078426][T12667]  netlink_recvmsg+0x676/0xa30
[  321.078473][T12667]  ? __pfx_netlink_recvmsg+0x10/0x10
[  321.078506][T12667]  ? aa_sock_msg_perm+0x94/0x160
[  321.078537][T12667]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  321.078565][T12667]  ? security_socket_recvmsg+0x7e/0x2e0
[  321.078598][T12667]  ? __pfx_netlink_recvmsg+0x10/0x10
[  321.078625][T12667]  sock_recvmsg+0x229/0x270
[  321.078663][T12667]  sock_read_iter+0x231/0x2f0
[  321.078698][T12667]  ? __pfx_sock_read_iter+0x10/0x10
[  321.078742][T12667]  ? __pfx_aa_file_perm+0x10/0x10
[  321.078781][T12667]  do_iter_readv_writev+0x56b/0x7f0
[  321.078808][T12667]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  321.078836][T12667]  ? bpf_lsm_file_permission+0x9/0x20
[  321.078866][T12667]  ? security_file_permission+0x75/0x290
[  321.078891][T12667]  ? rw_verify_area+0x258/0x650
[  321.078928][T12667]  vfs_readv+0x253/0x850
[  321.078960][T12667]  ? __pfx_vfs_readv+0x10/0x10
[  321.079004][T12667]  ? __fget_files+0x2a/0x420
[  321.079033][T12667]  ? __fget_files+0x3a0/0x420
[  321.079056][T12667]  ? __fget_files+0x2a/0x420
[  321.079090][T12667]  do_readv+0x14d/0x2d0
[  321.079118][T12667]  ? __pfx_do_readv+0x10/0x10
[  321.079149][T12667]  ? do_syscall_64+0xbe/0x3b0
[  321.079173][T12667]  do_syscall_64+0xfa/0x3b0
[  321.079190][T12667]  ? lockdep_hardirqs_on+0x9c/0x150
[  321.079221][T12667]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.079241][T12667]  ? clear_bhb_loop+0x60/0xb0
[  321.079268][T12667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.079287][T12667] RIP: 0033:0x7f5ff118e929
[  321.079307][T12667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.079324][T12667] RSP: 002b:00007f5ff2039038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  321.079346][T12667] RAX: ffffffffffffffda RBX: 00007f5ff13b6080 RCX: 00007f5ff118e929
[  321.079361][T12667] RDX: 0000000000000001 RSI: 0000200000000740 RDI: 0000000000000003
[  321.079374][T12667] RBP: 00007f5ff2039090 R08: 0000000000000000 R09: 0000000000000000
[  321.079387][T12667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  321.079399][T12667] R13: 0000000000000001 R14: 00007f5ff13b6080 R15: 00007fff57e02cb8
[  321.079432][T12667]  </TASK>
[  321.724546][T12671] xt_CT: No such helper "snmp"
[  322.282869][T12701] __nla_validate_parse: 112 callbacks suppressed
[  322.282891][T12701] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1910'.
[  322.574569][T12711] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1915'.
[  322.987491][T12697] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  323.090072][T12734] validate_nla: 3 callbacks suppressed
[  323.090092][T12734] netlink: 'syz.4.1922': attribute type 2 has an invalid length.
[  323.107003][T12734] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1922'.
[  323.261843][T12740] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1926'.
[  323.279628][T12740] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1926'.
[  323.391444][T12744] pim6reg1: entered allmulticast mode
[  323.441286][T12748] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1930'.
[  323.454363][T12748] netlink: 'syz.1.1930': attribute type 1 has an invalid length.
[  323.630908][T12756] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1934'.
[  323.742981][T12760] netlink: 'syz.0.1936': attribute type 10 has an invalid length.
[  323.759216][T12761] netlink: 'syz.1.1935': attribute type 2 has an invalid length.
[  323.779362][T12761] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1935'.
[  323.950981][T12770] netlink: 34 bytes leftover after parsing attributes in process `syz.0.1940'.
[  324.402961][T12786] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1945'.
[  324.693426][T12793] netlink: 'syz.1.1948': attribute type 10 has an invalid length.
[  324.701332][T12795] netlink: 'syz.4.1949': attribute type 1 has an invalid length.
[  325.659721][T12825] netlink: 'syz.0.1960': attribute type 1 has an invalid length.
[  325.803690][T12834] netlink: 'syz.4.1962': attribute type 10 has an invalid length.
[  326.111088][T12847] netlink: 'syz.0.1970': attribute type 1 has an invalid length.
[  326.205429][T12852] netlink: 'syz.0.1973': attribute type 12 has an invalid length.
[  326.640418][T12869] 8021q: adding VLAN 0 to HW filter on device bond4
[  326.692399][T12873] 8021q: adding VLAN 0 to HW filter on device bond4
[  326.711797][T12873] bond4: (slave ip6tnl2): The slave device specified does not support setting the MAC address
[  326.739096][T12873] bond4: (slave ip6tnl2): Error -95 calling set_mac_address
[  327.213474][T12896] vlan3: entered promiscuous mode
[  327.224664][T12896] team0: entered promiscuous mode
[  327.316780][T12902] __nla_validate_parse: 362 callbacks suppressed
[  327.316810][T12902] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1988'.
[  327.334897][T12902] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1988'.
[  327.352683][T12902] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1988'.
[  327.365013][T12904] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1991'.
[  327.365278][T12902] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1988'.
[  327.384005][T12902] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1988'.
[  327.393090][T12902] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1988'.
[  327.403554][T12902] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1988'.
[  327.413204][T12902] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1988'.
[  327.425626][T12902] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1988'.
[  327.442888][T12904] macvlan3: entered allmulticast mode
[  327.448542][T12904] mac80211_hwsim hwsim10 wlan0: entered allmulticast mode
[  328.098663][T12936] FAULT_INJECTION: forcing a failure.
[  328.098663][T12936] name failslab, interval 1, probability 0, space 0, times 0
[  328.137190][T12936] CPU: 0 UID: 0 PID: 12936 Comm: syz.1.2001 Not tainted 6.16.0-rc1-syzkaller-00227-g8909f5f4ecd5 #0 PREEMPT(full) 
[  328.137223][T12936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  328.137237][T12936] Call Trace:
[  328.137245][T12936]  <TASK>
[  328.137255][T12936]  dump_stack_lvl+0x189/0x250
[  328.137293][T12936]  ? __pfx____ratelimit+0x10/0x10
[  328.137326][T12936]  ? __pfx_dump_stack_lvl+0x10/0x10
[  328.137360][T12936]  ? __pfx__printk+0x10/0x10
[  328.137391][T12936]  ? __pfx___might_resched+0x10/0x10
[  328.137423][T12936]  ? fs_reclaim_acquire+0x7d/0x100
[  328.137454][T12936]  should_fail_ex+0x414/0x560
[  328.137487][T12936]  should_failslab+0xa8/0x100
[  328.137512][T12936]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  328.137533][T12936]  ? rtnl_prop_list_size+0x1ba/0x1e0
[  328.137564][T12936]  ? __alloc_skb+0x112/0x2d0
[  328.137597][T12936]  __alloc_skb+0x112/0x2d0
[  328.137626][T12936]  rtmsg_ifinfo_build_skb+0x84/0x260
[  328.137669][T12936]  rtnetlink_event+0x1b7/0x270
[  328.137707][T12936]  notifier_call_chain+0x1b3/0x3e0
[  328.137751][T12936]  netdev_lower_state_changed+0xc6/0x140
[  328.137778][T12936]  ? __pfx_netdev_lower_state_changed+0x10/0x10
[  328.137821][T12936]  bond_set_slave_inactive_flags+0x1be/0x4c0
[  328.137855][T12936]  ? __pfx_bond_set_slave_inactive_flags+0x10/0x10
[  328.137882][T12936]  ? __lock_acquire+0xab9/0xd20
[  328.137929][T12936]  __bond_release_one+0x27a/0x10e0
[  328.137971][T12936]  ? rcu_is_watching+0x15/0xb0
[  328.138008][T12936]  ? __pfx___bond_release_one+0x10/0x10
[  328.138055][T12936]  ? mutex_is_locked+0x17/0x50
[  328.138074][T12936]  ? rtnl_is_locked+0x15/0x20
[  328.138099][T12936]  ? netif_state_change+0x256/0x3a0
[  328.138125][T12936]  ? mutex_is_locked+0x17/0x50
[  328.138149][T12936]  do_set_master+0x30f/0x6d0
[  328.138186][T12936]  do_setlink+0xcf0/0x41c0
[  328.138215][T12936]  ? __kernel_text_address+0xd/0x40
[  328.138245][T12936]  ? arch_stack_walk+0xfc/0x150
[  328.138273][T12936]  ? __pfx_do_setlink+0x10/0x10
[  328.138320][T12936]  ? __lock_acquire+0xab9/0xd20
[  328.138360][T12936]  ? __mutex_trylock_common+0x153/0x260
[  328.138387][T12936]  ? __pfx___mutex_trylock_common+0x10/0x10
[  328.138415][T12936]  ? rcu_is_watching+0x15/0xb0
[  328.138449][T12936]  ? trace_contention_end+0x39/0x120
[  328.138471][T12936]  ? __mutex_lock+0x330/0xe80
[  328.138495][T12936]  ? __pfx_aa_get_newest_label+0x10/0x10
[  328.138529][T12936]  ? rtnl_newlink+0x8db/0x1c70
[  328.138550][T12936]  ? rcu_is_watching+0x15/0xb0
[  328.138584][T12936]  ? __pfx___mutex_lock+0x10/0x10
[  328.138616][T12936]  ? ns_capable+0x8a/0xf0
[  328.138650][T12936]  ? rtnl_link_get_net_capable+0x16a/0x350
[  328.138680][T12936]  rtnl_newlink+0x149f/0x1c70
[  328.138716][T12936]  ? __pfx_rtnl_newlink+0x10/0x10
[  328.138736][T12936]  ? is_bpf_text_address+0x26/0x2b0
[  328.138777][T12936]  ? __lock_acquire+0xab9/0xd20
[  328.138821][T12936]  ? __lock_acquire+0xab9/0xd20
[  328.138874][T12936]  ? is_bpf_text_address+0x26/0x2b0
[  328.138925][T12936]  ? is_bpf_text_address+0x292/0x2b0
[  328.138957][T12936]  ? is_bpf_text_address+0x26/0x2b0
[  328.138994][T12936]  ? kernel_text_address+0xa5/0xe0
[  328.139037][T12936]  ? __lock_acquire+0xab9/0xd20
[  328.139097][T12936]  ? __pfx_rtnl_newlink+0x10/0x10
[  328.139119][T12936]  rtnetlink_rcv_msg+0x7cf/0xb70
[  328.139146][T12936]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  328.139168][T12936]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  328.139211][T12936]  netlink_rcv_skb+0x205/0x470
[  328.139238][T12936]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  328.139262][T12936]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  328.139304][T12936]  ? netlink_deliver_tap+0x2e/0x1b0
[  328.139328][T12936]  ? netlink_deliver_tap+0x2e/0x1b0
[  328.139360][T12936]  netlink_unicast+0x758/0x8d0
[  328.139396][T12936]  netlink_sendmsg+0x805/0xb30
[  328.139433][T12936]  ? __pfx_netlink_sendmsg+0x10/0x10
[  328.139464][T12936]  ? aa_sock_msg_perm+0x94/0x160
[  328.139493][T12936]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  328.139520][T12936]  ? __pfx_netlink_sendmsg+0x10/0x10
[  328.139547][T12936]  __sock_sendmsg+0x219/0x270
[  328.139584][T12936]  ____sys_sendmsg+0x505/0x830
[  328.139619][T12936]  ? __pfx_____sys_sendmsg+0x10/0x10
[  328.139658][T12936]  ? import_iovec+0x74/0xa0
[  328.139684][T12936]  ___sys_sendmsg+0x21f/0x2a0
[  328.139714][T12936]  ? __pfx____sys_sendmsg+0x10/0x10
[  328.139787][T12936]  ? __fget_files+0x2a/0x420
[  328.139810][T12936]  ? __fget_files+0x3a0/0x420
[  328.139847][T12936]  __x64_sys_sendmsg+0x19b/0x260
[  328.139879][T12936]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  328.139926][T12936]  ? __pfx_ksys_write+0x10/0x10
[  328.139943][T12936]  ? rcu_is_watching+0x15/0xb0
[  328.139983][T12936]  ? do_syscall_64+0xbe/0x3b0
[  328.140008][T12936]  do_syscall_64+0xfa/0x3b0
[  328.140026][T12936]  ? lockdep_hardirqs_on+0x9c/0x150
[  328.140058][T12936]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.140079][T12936]  ? clear_bhb_loop+0x60/0xb0
[  328.140106][T12936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.140126][T12936] RIP: 0033:0x7f5ff118e929
[  328.140146][T12936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.140166][T12936] RSP: 002b:00007f5ff2039038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  328.140189][T12936] RAX: ffffffffffffffda RBX: 00007f5ff13b6080 RCX: 00007f5ff118e929
[  328.140205][T12936] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000006
[  328.140219][T12936] RBP: 00007f5ff2039090 R08: 0000000000000000 R09: 0000000000000000
[  328.140233][T12936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  328.140246][T12936] R13: 0000000000000000 R14: 00007f5ff13b6080 R15: 00007fff57e02cb8
[  328.140282][T12936]  </TASK>
[  328.706479][T12936] bond0: (slave wlan1): Releasing backup interface
[  328.714141][T12930] validate_nla: 5 callbacks suppressed
[  328.714161][T12930] netlink: 'syz.1.2001': attribute type 10 has an invalid length.
[  328.758812][T12936] bond13: (slave bond14): Releasing backup interface
[  328.786176][T12930] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  328.939866][T12946] netlink: 'syz.1.2006': attribute type 10 has an invalid length.
[  329.009080][T12950] x_tables: ip6_tables: mh match: only valid for protocol 135
[  329.061223][T12947] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  329.370817][T12968] netlink: 'syz.0.2013': attribute type 10 has an invalid length.
[  330.069856][T12997] netlink: 'syz.2.2026': attribute type 1 has an invalid length.
[  330.078934][T12998] vlan3: entered promiscuous mode
[  330.094321][T12997] netlink: 'syz.2.2026': attribute type 2 has an invalid length.
[  330.200113][T13002] xt_cgroup: xt_cgroup: no path or classid specified
[  330.764293][T13032] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  330.880010][T13046] netlink: 'syz.4.2041': attribute type 10 has an invalid length.
[  330.884902][T13045] veth0_to_hsr: entered allmulticast mode
[  331.752152][T13073] netlink: 'syz.2.2056': attribute type 1 has an invalid length.
[  331.766639][T13073] netlink: 'syz.2.2056': attribute type 2 has an invalid length.
[  332.030843][T13088] FAULT_INJECTION: forcing a failure.
[  332.030843][T13088] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  332.069465][T13088] CPU: 1 UID: 0 PID: 13088 Comm: syz.4.2063 Not tainted 6.16.0-rc1-syzkaller-00227-g8909f5f4ecd5 #0 PREEMPT(full) 
[  332.069500][T13088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  332.069513][T13088] Call Trace:
[  332.069521][T13088]  <TASK>
[  332.069530][T13088]  dump_stack_lvl+0x189/0x250
[  332.069579][T13088]  ? __pfx____ratelimit+0x10/0x10
[  332.069612][T13088]  ? __pfx_dump_stack_lvl+0x10/0x10
[  332.069646][T13088]  ? __pfx__printk+0x10/0x10
[  332.069682][T13088]  should_fail_ex+0x414/0x560
[  332.069714][T13088]  _copy_to_user+0x31/0xb0
[  332.069738][T13088]  finalize_log+0xe1/0x160
[  332.069764][T13088]  ? __pfx_finalize_log+0x10/0x10
[  332.069785][T13088]  ? btf_check_type_tags+0x679/0x680
[  332.069816][T13088]  btf_new_fd+0x6fa/0xc90
[  332.069838][T13088]  ? apparmor_capable+0x137/0x1b0
[  332.069881][T13088]  ? __pfx_btf_new_fd+0x10/0x10
[  332.069906][T13088]  ? bpf_token_put+0x143/0x160
[  332.069935][T13088]  ? bpf_btf_load+0x126/0x190
[  332.069968][T13088]  __sys_bpf+0x635/0x860
[  332.069999][T13088]  ? __pfx___sys_bpf+0x10/0x10
[  332.070042][T13088]  ? ksys_write+0x22a/0x250
[  332.070064][T13088]  ? __pfx_ksys_write+0x10/0x10
[  332.070093][T13088]  __x64_sys_bpf+0x7c/0x90
[  332.070120][T13088]  do_syscall_64+0xfa/0x3b0
[  332.070138][T13088]  ? lockdep_hardirqs_on+0x9c/0x150
[  332.070170][T13088]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.070191][T13088]  ? clear_bhb_loop+0x60/0xb0
[  332.070217][T13088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.070238][T13088] RIP: 0033:0x7fb5dfb8e929
[  332.070257][T13088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.070276][T13088] RSP: 002b:00007fb5e091d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  332.070298][T13088] RAX: ffffffffffffffda RBX: 00007fb5dfdb5fa0 RCX: 00007fb5dfb8e929
[  332.070315][T13088] RDX: 0000000000000020 RSI: 0000200000001340 RDI: 0000000000000012
[  332.070328][T13088] RBP: 00007fb5e091d090 R08: 0000000000000000 R09: 0000000000000000
[  332.070342][T13088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  332.070354][T13088] R13: 0000000000000001 R14: 00007fb5dfdb5fa0 R15: 00007ffd78296748
[  332.070387][T13088]  </TASK>
[  332.411900][T13096] xt_CT: You must specify a L4 protocol and not use inversions on it
[  332.792800][T13115] __nla_validate_parse: 320 callbacks suppressed
[  332.792836][T13115] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2076'.
[  332.881251][T13120] netlink: 'syz.1.2076': attribute type 9 has an invalid length.
[  333.064147][T13124] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2078'.
[  333.117729][T13123] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2079'.
[  333.593399][T13150] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2090'.
[  333.600222][T13148] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2089'.
[  333.757931][T13156] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2094'.
[  333.854675][T13156] netlink: 'syz.4.2094': attribute type 9 has an invalid length.
[  333.875493][T13161] netlink: 'syz.0.2096': attribute type 1 has an invalid length.
[  334.019361][T13164] netlink: 'syz.0.2096': attribute type 1 has an invalid length.
[  334.037699][T13164] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2096'.
[  334.093785][T13164] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2096'.
[  334.372009][T13177] netlink: 'syz.4.2104': attribute type 1 has an invalid length.
[  334.380838][T13181] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2102'.
[  334.480035][T13181] 8021q: adding VLAN 0 to HW filter on device bond5
[  334.488451][T13177] workqueue: Failed to create a rescuer kthread for wq "bond8": -EINTR
[  334.521718][T13186] 8021q: adding VLAN 0 to HW filter on device bond5
[  334.547842][T13186] bond5: (slave ip6tnl2): The slave device specified does not support setting the MAC address
[  334.562645][T13186] bond5: (slave ip6tnl2): Error -95 calling set_mac_address
[  334.600385][T13192] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2108'.
[  334.699064][T13192] netlink: 'syz.1.2108': attribute type 9 has an invalid length.
[  334.752907][T13197] netlink: 'syz.2.2109': attribute type 9 has an invalid length.
[  334.791069][T13197] macvlan4: entered allmulticast mode
[  334.796528][T13197] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[  335.069160][T13214] bond0: (slave wlan1): Releasing backup interface
[  335.129471][T13217] netlink: 'syz.2.2117': attribute type 10 has an invalid length.
[  335.145715][T13214] bond7: (slave bond8): Releasing backup interface
[  335.279513][T13217] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  336.696201][T13221] workqueue: Failed to create a rescuer kthread for wq "bond6": -EINTR
[  336.707785][T13225] workqueue: Failed to create a rescuer kthread for wq "bond6": -EINTR
[  337.056112][T13245] FAULT_INJECTION: forcing a failure.
[  337.056112][T13245] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  337.084173][T13245] CPU: 1 UID: 0 PID: 13245 Comm: syz.1.2124 Not tainted 6.16.0-rc1-syzkaller-00227-g8909f5f4ecd5 #0 PREEMPT(full) 
[  337.084206][T13245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  337.084219][T13245] Call Trace:
[  337.084226][T13245]  <TASK>
[  337.084314][T13245]  dump_stack_lvl+0x189/0x250
[  337.084356][T13245]  ? __pfx____ratelimit+0x10/0x10
[  337.084388][T13245]  ? __pfx_dump_stack_lvl+0x10/0x10
[  337.084422][T13245]  ? __pfx__printk+0x10/0x10
[  337.084458][T13245]  should_fail_ex+0x414/0x560
[  337.084491][T13245]  _copy_to_user+0x31/0xb0
[  337.084515][T13245]  simple_read_from_buffer+0xe1/0x170
[  337.084543][T13245]  proc_fail_nth_read+0x1df/0x250
[  337.084572][T13245]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  337.084602][T13245]  ? rw_verify_area+0x258/0x650
[  337.084634][T13245]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  337.084662][T13245]  vfs_read+0x200/0x980
[  337.084701][T13245]  ? __pfx___mutex_lock+0x10/0x10
[  337.084721][T13245]  ? __pfx_vfs_read+0x10/0x10
[  337.084737][T13233] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  337.084756][T13245]  ? __fget_files+0x2a/0x420
[  337.084784][T13245]  ? __fget_files+0x3a0/0x420
[  337.084803][T13245]  ? __fget_files+0x2a/0x420
[  337.084840][T13245]  ksys_read+0x145/0x250
[  337.084884][T13245]  ? __pfx_ksys_read+0x10/0x10
[  337.084919][T13245]  ? rcu_is_watching+0x15/0xb0
[  337.084964][T13245]  ? do_syscall_64+0xbe/0x3b0
[  337.084992][T13245]  do_syscall_64+0xfa/0x3b0
[  337.085015][T13245]  ? lockdep_hardirqs_on+0x9c/0x150
[  337.085049][T13245]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.085074][T13245]  ? clear_bhb_loop+0x60/0xb0
[  337.085104][T13245]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.085128][T13245] RIP: 0033:0x7f5ff118d33c
[  337.085151][T13245] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  337.085174][T13245] RSP: 002b:00007f5ff2039030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  337.085199][T13245] RAX: ffffffffffffffda RBX: 00007f5ff13b6080 RCX: 00007f5ff118d33c
[  337.085217][T13245] RDX: 000000000000000f RSI: 00007f5ff20390a0 RDI: 0000000000000005
[  337.085243][T13245] RBP: 00007f5ff2039090 R08: 0000000000000000 R09: 0000000000000000
[  337.085259][T13245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  337.085271][T13245] R13: 0000000000000001 R14: 00007f5ff13b6080 R15: 00007fff57e02cb8
[  337.085310][T13245]  </TASK>
[  337.441344][T13238] syzkaller0: entered promiscuous mode
[  337.447770][T13238] syzkaller0: entered allmulticast mode
[  337.454452][T13238] tipc: Resetting bearer <eth:syzkaller0>
[  337.498683][T13260] netlink: 'syz.1.2128': attribute type 1 has an invalid length.
[  337.522848][T13260] netlink: 'syz.1.2128': attribute type 2 has an invalid length.
[  337.554426][T13231] tipc: Resetting bearer <eth:syzkaller0>
[  337.636244][T13267] netlink: 'syz.0.2129': attribute type 1 has an invalid length.
[  338.120325][ T1212] tipc: Node number set to 1016683608
[  339.059003][T13231] tipc: Disabling bearer <eth:syzkaller0>
[  339.069913][T13260] __nla_validate_parse: 7 callbacks suppressed
[  339.069928][T13260] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2128'.
[  339.357838][T13281] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2137'.
[  339.363494][T13282] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2136'.
[  339.410411][T13282] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2136'.
[  339.420724][T13284] FAULT_INJECTION: forcing a failure.
[  339.420724][T13284] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  339.435371][T13284] CPU: 0 UID: 0 PID: 13284 Comm: syz.1.2135 Not tainted 6.16.0-rc1-syzkaller-00227-g8909f5f4ecd5 #0 PREEMPT(full) 
[  339.435403][T13284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  339.435416][T13284] Call Trace:
[  339.435425][T13284]  <TASK>
[  339.435434][T13284]  dump_stack_lvl+0x189/0x250
[  339.435472][T13284]  ? __pfx____ratelimit+0x10/0x10
[  339.435504][T13284]  ? __pfx_dump_stack_lvl+0x10/0x10
[  339.435537][T13284]  ? __pfx__printk+0x10/0x10
[  339.435575][T13284]  should_fail_ex+0x414/0x560
[  339.435609][T13284]  _copy_to_user+0x31/0xb0
[  339.435632][T13284]  simple_read_from_buffer+0xe1/0x170
[  339.435661][T13284]  proc_fail_nth_read+0x1df/0x250
[  339.435690][T13284]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  339.435720][T13284]  ? rw_verify_area+0x258/0x650
[  339.435752][T13284]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  339.435779][T13284]  vfs_read+0x200/0x980
[  339.435818][T13284]  ? __pfx___mutex_lock+0x10/0x10
[  339.435839][T13284]  ? __pfx_vfs_read+0x10/0x10
[  339.435873][T13284]  ? __fget_files+0x2a/0x420
[  339.435902][T13284]  ? __fget_files+0x3a0/0x420
[  339.435924][T13284]  ? __fget_files+0x2a/0x420
[  339.435957][T13284]  ksys_read+0x145/0x250
[  339.435993][T13284]  ? __pfx_ksys_read+0x10/0x10
[  339.436022][T13284]  ? rcu_is_watching+0x15/0xb0
[  339.436062][T13284]  ? do_syscall_64+0xbe/0x3b0
[  339.436085][T13284]  do_syscall_64+0xfa/0x3b0
[  339.436103][T13284]  ? lockdep_hardirqs_on+0x9c/0x150
[  339.436135][T13284]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.436156][T13284]  ? clear_bhb_loop+0x60/0xb0
[  339.436182][T13284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.436203][T13284] RIP: 0033:0x7f5ff118d33c
[  339.436221][T13284] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  339.436239][T13284] RSP: 002b:00007f5ff205a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  339.436271][T13284] RAX: ffffffffffffffda RBX: 00007f5ff13b5fa0 RCX: 00007f5ff118d33c
[  339.436287][T13284] RDX: 000000000000000f RSI: 00007f5ff205a0a0 RDI: 0000000000000005
[  339.436301][T13284] RBP: 00007f5ff205a090 R08: 0000000000000000 R09: 0000000000000000
[  339.436313][T13284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  339.436326][T13284] R13: 0000000000000000 R14: 00007f5ff13b5fa0 R15: 00007fff57e02cb8
[  339.436360][T13284]  </TASK>
[  339.685030][T13286] vlan3: entered promiscuous mode
[  340.040634][T13304] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2146'.
[  340.356177][T13314] 8021q: adding VLAN 0 to HW filter on device bond8
[  340.382272][T13314] bond8: entered promiscuous mode
[  340.401585][T13319] xt_limit: Overflow, try lower: 262144/524288
[  340.417704][T13314] team0: Port device bond8 added
[  340.932860][T13338] validate_nla: 1 callbacks suppressed
[  340.932882][T13338] netlink: 'syz.2.2155': attribute type 1 has an invalid length.
[  340.953064][T13338] netlink: 216 bytes leftover after parsing attributes in process `syz.2.2155'.
[  341.356631][T13349] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2159'.
[  341.378492][T13351] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2158'.
[  341.639032][   T10] ==================================================================
[  341.647195][   T10] BUG: KASAN: slab-use-after-free in __mutex_lock+0x738/0xe80
[  341.654697][   T10] Read of size 8 at addr ffff88807b452b20 by task kworker/0:1/10
[  341.662445][   T10] 
[  341.664800][   T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.16.0-rc1-syzkaller-00227-g8909f5f4ecd5 #0 PREEMPT(full) 
[  341.664830][   T10] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  341.664845][   T10] Workqueue: events l2cap_chan_timeout
[  341.664961][   T10] Call Trace:
[  341.664970][   T10]  <TASK>
[  341.664979][   T10]  dump_stack_lvl+0x189/0x250
[  341.665013][   T10]  ? __virt_addr_valid+0x1c8/0x5c0
[  341.665033][   T10]  ? rcu_is_watching+0x15/0xb0
[  341.665063][   T10]  ? __kasan_check_byte+0x12/0x40
[  341.665084][   T10]  ? __pfx_dump_stack_lvl+0x10/0x10
[  341.665115][   T10]  ? rcu_is_watching+0x15/0xb0
[  341.665146][   T10]  ? lock_release+0x4b/0x3e0
[  341.665177][   T10]  ? __virt_addr_valid+0x1c8/0x5c0
[  341.665197][   T10]  ? __virt_addr_valid+0x4a5/0x5c0
[  341.665218][   T10]  print_report+0xd2/0x2b0
[  341.665245][   T10]  ? __mutex_lock+0x738/0xe80
[  341.665262][   T10]  kasan_report+0x118/0x150
[  341.665283][   T10]  ? __mutex_lock+0x738/0xe80
[  341.665305][   T10]  __mutex_lock+0x738/0xe80
[  341.665324][   T10]  ? __mutex_lock+0x51b/0xe80
[  341.665346][   T10]  ? l2cap_chan_timeout+0x63/0x390
[  341.665376][   T10]  ? __pfx___mutex_lock+0x10/0x10
[  341.665392][   T10]  ? process_scheduled_works+0x9ef/0x17b0
[  341.665428][   T10]  ? lock_acquire+0x175/0x360
[  341.665460][   T10]  l2cap_chan_timeout+0x63/0x390
[  341.665488][   T10]  ? process_scheduled_works+0x9ef/0x17b0
[  341.665522][   T10]  process_scheduled_works+0xae1/0x17b0
[  341.665568][   T10]  ? __pfx_process_scheduled_works+0x10/0x10
[  341.665609][   T10]  worker_thread+0x8a0/0xda0
[  341.665655][   T10]  kthread+0x70e/0x8a0
[  341.665679][   T10]  ? __pfx_worker_thread+0x10/0x10
[  341.665711][   T10]  ? __pfx_kthread+0x10/0x10
[  341.665734][   T10]  ? _raw_spin_unlock_irq+0x23/0x50
[  341.665762][   T10]  ? lockdep_hardirqs_on+0x9c/0x150
[  341.665790][   T10]  ? __pfx_kthread+0x10/0x10
[  341.665813][   T10]  ret_from_fork+0x3fc/0x770
[  341.665842][   T10]  ? __pfx_ret_from_fork+0x10/0x10
[  341.665873][   T10]  ? __switch_to_asm+0x39/0x70
[  341.665902][   T10]  ? __switch_to_asm+0x33/0x70
[  341.665923][   T10]  ? __pfx_kthread+0x10/0x10
[  341.665946][   T10]  ret_from_fork_asm+0x1a/0x30
[  341.665978][   T10]  </TASK>
[  341.665985][   T10] 
[  341.881045][   T10] Allocated by task 11975:
[  341.885465][   T10]  kasan_save_track+0x3e/0x80
[  341.890159][   T10]  __kasan_kmalloc+0x93/0xb0
[  341.894751][   T10]  __kmalloc_cache_noprof+0x230/0x3d0
[  341.900216][   T10]  l2cap_conn_add+0xaa/0x8d0
[  341.904841][   T10]  l2cap_chan_connect+0x6c8/0xe30
[  341.909901][   T10]  l2cap_sock_connect+0x5c5/0x7a0
[  341.914940][   T10]  kernel_connect+0x113/0x180
[  341.919632][   T10]  rfcomm_dlc_open+0x8fe/0xed0
[  341.924417][   T10]  rfcomm_sock_connect+0x2f7/0x610
[  341.929535][   T10]  __sys_connect+0x313/0x440
[  341.934129][   T10]  __x64_sys_connect+0x7a/0x90
[  341.938897][   T10]  do_syscall_64+0xfa/0x3b0
[  341.943408][   T10]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.949325][   T10] 
[  341.951661][   T10] Freed by task 11769:
[  341.955735][   T10]  kasan_save_track+0x3e/0x80
[  341.960431][   T10]  kasan_save_free_info+0x46/0x50
[  341.965496][   T10]  __kasan_slab_free+0x62/0x70
[  341.970266][   T10]  kfree+0x18e/0x440
[  341.974183][   T10]  hci_conn_hash_flush+0x10d/0x230
[  341.979415][   T10]  hci_dev_close_sync+0xaef/0x1330
[  341.984535][   T10]  hci_unregister_dev+0x206/0x500
[  341.989567][   T10]  vhci_release+0x80/0xd0
[  341.993908][   T10]  __fput+0x44c/0xa70
[  341.997902][   T10]  task_work_run+0x1d1/0x260
[  342.002502][   T10]  do_exit+0x6ad/0x22e0
[  342.006663][   T10]  do_group_exit+0x21c/0x2d0
[  342.011263][   T10]  __x64_sys_exit_group+0x3f/0x40
[  342.016320][   T10]  x64_sys_call+0x21ba/0x21c0
[  342.021005][   T10]  do_syscall_64+0xfa/0x3b0
[  342.025515][   T10]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.031418][   T10] 
[  342.033746][   T10] The buggy address belongs to the object at ffff88807b452800
[  342.033746][   T10]  which belongs to the cache kmalloc-1k of size 1024
[  342.047910][   T10] The buggy address is located 800 bytes inside of
[  342.047910][   T10]  freed 1024-byte region [ffff88807b452800, ffff88807b452c00)
[  342.061800][   T10] 
[  342.064138][   T10] The buggy address belongs to the physical page:
[  342.070578][   T10] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7b450
[  342.079348][   T10] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  342.087860][   T10] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  342.095855][   T10] page_type: f5(slab)
[  342.099850][   T10] raw: 00fff00000000040 ffff88801a441dc0 0000000000000000 dead000000000001
[  342.108454][   T10] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  342.117064][   T10] head: 00fff00000000040 ffff88801a441dc0 0000000000000000 dead000000000001
[  342.125754][   T10] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  342.134540][   T10] head: 00fff00000000003 ffffea0001ed1401 00000000ffffffff 00000000ffffffff
[  342.143217][   T10] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  342.151888][   T10] page dumped because: kasan: bad access detected
[  342.158316][   T10] page_owner tracks the page as allocated
[  342.164119][   T10] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 37, tgid 37 (kworker/u8:3), ts 96232265935, free_ts 96113066684
[  342.183145][   T10]  post_alloc_hook+0x240/0x2a0
[  342.187924][   T10]  get_page_from_freelist+0x21e4/0x22c0
[  342.193497][   T10]  __alloc_frozen_pages_noprof+0x181/0x370
[  342.199319][   T10]  alloc_pages_mpol+0x232/0x4a0
[  342.204181][   T10]  allocate_slab+0x8a/0x3b0
[  342.208705][   T10]  ___slab_alloc+0xbfc/0x1480
[  342.213393][   T10]  __kmalloc_noprof+0x305/0x4f0
[  342.218258][   T10]  ___neigh_create+0x6d5/0x2260
[  342.223145][   T10]  ip6_finish_output2+0xb4d/0x16a0
[  342.228275][   T10]  ip6_finish_output+0x234/0x7d0
[  342.233241][   T10]  ndisc_send_skb+0xb47/0x1400
[  342.238032][   T10]  addrconf_dad_completed+0x7ae/0xd60
[  342.243428][   T10]  addrconf_dad_work+0xc36/0x14b0
[  342.248473][   T10]  process_scheduled_works+0xae1/0x17b0
[  342.254574][   T10]  worker_thread+0x8a0/0xda0
[  342.259191][   T10]  kthread+0x70e/0x8a0
[  342.263268][   T10] page last free pid 5831 tgid 5831 stack trace:
[  342.269607][   T10]  __free_frozen_pages+0xc71/0xe70
[  342.274742][   T10]  __put_partials+0x161/0x1c0
[  342.279438][   T10]  put_cpu_partial+0x17c/0x250
[  342.284227][   T10]  __slab_free+0x2f7/0x400
[  342.288676][   T10]  qlist_free_all+0x97/0x140
[  342.293296][   T10]  kasan_quarantine_reduce+0x148/0x160
[  342.298784][   T10]  __kasan_slab_alloc+0x22/0x80
[  342.303658][   T10]  __kmalloc_node_noprof+0x21b/0x4e0
[  342.308962][   T10]  qdisc_alloc+0x97/0xaa0
[  342.313303][   T10]  qdisc_create_dflt+0x8e/0x4e0
[  342.318162][   T10]  dev_activate+0x378/0x1150
[  342.322763][   T10]  __dev_open+0x69c/0x880
[  342.327100][   T10]  __dev_change_flags+0x1ea/0x6d0
[  342.332168][   T10]  netif_change_flags+0x88/0x1a0
[  342.337118][   T10]  do_setlink+0xc55/0x41c0
[  342.341542][   T10]  rtnl_newlink+0x160b/0x1c70
[  342.346226][   T10] 
[  342.348554][   T10] Memory state around the buggy address:
[  342.354189][   T10]  ffff88807b452a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  342.362259][   T10]  ffff88807b452a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  342.370325][   T10] >ffff88807b452b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  342.378386][   T10]                                ^
[  342.383495][   T10]  ffff88807b452b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  342.391573][   T10]  ffff88807b452c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  342.399643][   T10] ==================================================================
[  342.409233][   T10] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  342.416471][   T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.16.0-rc1-syzkaller-00227-g8909f5f4ecd5 #0 PREEMPT(full) 
[  342.428390][   T10] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  342.438476][   T10] Workqueue: events l2cap_chan_timeout
[  342.444072][   T10] Call Trace:
[  342.447378][   T10]  <TASK>
[  342.450350][   T10]  dump_stack_lvl+0x99/0x250
[  342.454978][   T10]  ? __asan_memcpy+0x40/0x70
[  342.459603][   T10]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.464848][   T10]  ? __pfx__printk+0x10/0x10
[  342.469481][   T10]  panic+0x2db/0x790
[  342.473414][   T10]  ? __pfx_panic+0x10/0x10
[  342.477872][   T10]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  342.483815][   T10]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  342.489743][   T10]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  342.496103][   T10]  ? print_memory_metadata+0x314/0x400
[  342.501687][   T10]  ? __mutex_lock+0x738/0xe80
[  342.506391][   T10]  check_panic_on_warn+0x89/0xb0
[  342.511345][   T10]  ? __mutex_lock+0x738/0xe80
[  342.516040][   T10]  end_report+0x78/0x160
[  342.520297][   T10]  kasan_report+0x129/0x150
[  342.524812][   T10]  ? __mutex_lock+0x738/0xe80
[  342.529499][   T10]  __mutex_lock+0x738/0xe80
[  342.534019][   T10]  ? __mutex_lock+0x51b/0xe80
[  342.538806][   T10]  ? l2cap_chan_timeout+0x63/0x390
[  342.543932][   T10]  ? __pfx___mutex_lock+0x10/0x10
[  342.549051][   T10]  ? process_scheduled_works+0x9ef/0x17b0
[  342.554798][   T10]  ? lock_acquire+0x175/0x360
[  342.559497][   T10]  l2cap_chan_timeout+0x63/0x390
[  342.564449][   T10]  ? process_scheduled_works+0x9ef/0x17b0
[  342.570185][   T10]  process_scheduled_works+0xae1/0x17b0
[  342.575777][   T10]  ? __pfx_process_scheduled_works+0x10/0x10
[  342.581781][   T10]  worker_thread+0x8a0/0xda0
[  342.586419][   T10]  kthread+0x70e/0x8a0
[  342.590513][   T10]  ? __pfx_worker_thread+0x10/0x10
[  342.595687][   T10]  ? __pfx_kthread+0x10/0x10
[  342.600291][   T10]  ? _raw_spin_unlock_irq+0x23/0x50
[  342.605517][   T10]  ? lockdep_hardirqs_on+0x9c/0x150
[  342.610729][   T10]  ? __pfx_kthread+0x10/0x10
[  342.615433][   T10]  ret_from_fork+0x3fc/0x770
[  342.620040][   T10]  ? __pfx_ret_from_fork+0x10/0x10
[  342.625187][   T10]  ? __switch_to_asm+0x39/0x70
[  342.629968][   T10]  ? __switch_to_asm+0x33/0x70
[  342.634750][   T10]  ? __pfx_kthread+0x10/0x10
[  342.639364][   T10]  ret_from_fork_asm+0x1a/0x30
[  342.644165][   T10]  </TASK>
[  342.647542][   T10] Kernel Offset: disabled
[  342.651973][   T10] Rebooting in 86400 seconds..