last executing test programs:

49.795392441s ago: executing program 2 (id=2363):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x0, 0x0, 0xe}, 0x1c)
close(0x3)

42.092407064s ago: executing program 2 (id=2363):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x0, 0x0, 0xe}, 0x1c)
close(0x3)

31.236617423s ago: executing program 2 (id=2363):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x0, 0x0, 0xe}, 0x1c)
close(0x3)

21.01885853s ago: executing program 2 (id=2363):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x0, 0x0, 0xe}, 0x1c)
close(0x3)

11.893300931s ago: executing program 2 (id=2363):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x0, 0x0, 0xe}, 0x1c)
close(0x3)

2.369465937s ago: executing program 3 (id=2740):
r0 = socket(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000000)=@framed={{0x62, 0xa, 0x0, 0xffc4, 0x0, 0x71, 0x10, 0x19}}, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848200000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x24000000)

2.229698897s ago: executing program 0 (id=2742):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
socket$nl_route(0x10, 0x3, 0x0) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYBLOB="980000004800010029bd7000fddb9f250a00816a", @ANYRES32, @ANYBLOB="0000000014000100ff01000000000000000000000000000114000100fe8000000000000000000000000000bb1400010020010000000000000000000000000002080002000b00000014000100fe88000000000000000000000000010114000100fc000000000000000000000000000001080002000500000008"], 0x98}}, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000600)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58) (async)
bind$alg(r3, &(0x7f0000000600)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
accept4(r3, 0x0, 0x0, 0x80000) (async)
r4 = accept4(r3, 0x0, 0x0, 0x80000)
sendto$rxrpc(r4, &(0x7f0000000d80)="95c54366", 0x4, 0x4000855, 0x0, 0x0) (async)
sendto$rxrpc(r4, &(0x7f0000000d80)="95c54366", 0x4, 0x4000855, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r5=>0x0})
r6 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r5, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0) (async)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r5, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendto$rxrpc(r6, &(0x7f00000003c0)="408c3213adbf97b4e10734f95f46c222d82891b95917f33dfd3e45e848871359443571a9332a84fac7f2ddf4076a687e4fb67e550c3333555b17657710c996cc310ff26468896cb981f3e595285a8e67f844d3a0d0704b558f02d1a5a4ac940c3ea74916e98e20a614621b51a6e4e3e7237f817604f33ff3286f1570ea98c0b9c146d21f582a9cb26f2008ac4d50ed6d3970c4b49b16fb2e9e7025916a5d086e9da3", 0xa2, 0x80, &(0x7f0000000480)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e23, 0x5, @private2, 0x1ff}}, 0x24)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000240), r8)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r7, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r9, @ANYBLOB="20002cbd7000fedbdf25011661ff52f8cb4d8fa411e21f319ff67c969ec46adab9001d0410350a34e9519295e34a4c600a4b45e34a007bb518c193994ceafb5c30132a0070e766d84f229c27665d2f3f3173f49fb5f14a65fc1d8b6cdd273ba1afb64395f5018b9ad5d353193d8691749f12be161bd6610813ed"], 0x1c}, 0x1, 0x0, 0x0, 0x4000010}, 0x20000000) (async)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r7, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r9, @ANYBLOB="20002cbd7000fedbdf25011661ff52f8cb4d8fa411e21f319ff67c969ec46adab9001d0410350a34e9519295e34a4c600a4b45e34a007bb518c193994ceafb5c30132a0070e766d84f229c27665d2f3f3173f49fb5f14a65fc1d8b6cdd273ba1afb64395f5018b9ad5d353193d8691749f12be161bd6610813ed"], 0x1c}, 0x1, 0x0, 0x0, 0x4000010}, 0x20000000)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r5, {}, {}, {0xfff3}}}, 0x24}}, 0x0)

2.163173651s ago: executing program 1 (id=2743):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003d00000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000000400)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000007640)=ANY=[], 0x3aa0}}, 0x0)
clock_gettime(0x0, &(0x7f0000005e80))
recvmmsg$unix(r3, &(0x7f0000005d00)=[{{0x0, 0x0, &(0x7f0000002000)=[{&(0x7f0000001c80)=""/88, 0x58}, {&(0x7f0000001d00)=""/197, 0xc5}], 0x2}}], 0x1, 0x40, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)={@map=r4, r1, 0x7, 0x0, 0x0, @void, @value}, 0x10)
setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000400)=0xa4, 0x4)
syz_emit_ethernet(0x6e, &(0x7f0000000200)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000086dd6000000000383a00fe880000000000000000000000000001ff020000000000000000000000000001010f9078000000006000b29500003a00fe80000000000000000000060000001d20010000000000000000000000000001caa7c1b7f4c336af206505030f8d6a14310e92cdc9b86b9283b15b90581faacea2c66bdba31e6c084f403fb62745220d767eb230b49b986c04148635f6a5069d274d6f79545fd91b2510779acac9bd2b5000fc7421c043a5fffa61b0e6f1132ac4559caf0ce6d9c90b021440b3ef93eeb08147a0b35d68e9416f5974ad4076c5334df147c6c65eebe9cdba53ef644ff00886f7b42926ade5f53dc8a3948b10b595bc"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xe, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x8}], {0x95, 0x0, 0x700}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
recvmmsg(r0, &(0x7f0000002780)=[{{0x0, 0xfffffffffffffde1, 0x0}}], 0x1, 0x2140, 0x0)

2.112190319s ago: executing program 4 (id=2744):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3c0, 0x0, 0xe8, 0xe8, 0x2d8, 0x2d8, 0x2d8, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x20, '\x00', 0x0, 0x2d8}}, {{@uncond, 0xc0, 0x100, 0x0, {0x0, 0x1e03}}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "2c3bb27d9d5b379b853c7744b526e29755ec721db80fdb00f95f8a608b8d"}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pim6reg0\x00', 'netpci0\x00'}, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x410) (async, rerun: 64)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (rerun: 64)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r2, 0x0, 0x482, &(0x7f0000001640)=""/139, &(0x7f0000000100)=0x8)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$key(0xf, 0x3, 0x2) (async)
sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=@ipmr_newroute={0x24, 0x18, 0x800, 0x70bd25, 0x25dfdbfb, {0x80, 0x20, 0x10, 0x2, 0xfe, 0x2, 0xbead19d470e6119e, 0xb, 0x100}, [@RTA_NH_ID={0x8, 0x1e, 0x10}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x20000000) (async, rerun: 64)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r3) (async, rerun: 64)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a60000000060a09040000000000000000020000000900020073797a32000000000900010073797a3000000000340004803000018008000100636d70002400028008000140654a00041000038009000100701e1630b7000000080002"], 0x88}}, 0x0)

2.010477735s ago: executing program 3 (id=2745):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r6=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r4, &(0x7f0000004340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="310300000000000000000900000008000300", @ANYRES32=r6, @ANYBLOB="0800060037b98c0892d0"], 0x24}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x5c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}]}]}, 0x5c}}, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(twofish-asm)\x00'}, 0x58)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c0000003b0007010000000000000000037c0000040000000c00018066feb2b9"], 0x3c}}, 0xc000)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'bond0\x00', <r8=>0x0})
ioctl$sock_SIOCBRDELBR(r4, 0x89a1, &(0x7f0000000200)='bond0\x00')
sendmsg$nl_route(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYBLOB="5c00000010000304000000000000000000000400", @ANYRES32=r8, @ANYBLOB="60bc010004a701003c00128009000100626f6e64000000002c000280050015000100000005001b005400000008000f0003c04e"], 0x5c}, 0x1, 0x0, 0x0, 0x11}, 0x4000044)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000040)=0x13, 0x4)

1.941988843s ago: executing program 1 (id=2746):
r0 = socket$inet6(0xa, 0x80002, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000002880)={0x0})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x58, 0x9, 0x6, 0x501, 0x0, 0x0, {0x7, 0x0, 0x1}, [@IPSET_ATTR_LINENO={0x8}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_ADT={0x30, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x5}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAME={0x9, 0x12, 'syz0\x00'}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_LINENO={0x8}}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x20000044)
sendmsg$inet6(r0, &(0x7f00000011c0)={&(0x7f0000000000)={0xa, 0x4e20, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xb78}, 0x1c, 0x0, 0x0, &(0x7f0000003600)=[@dstopts_2292={{0x18, 0x29, 0x4, {0x2f}}}, @flowinfo={{0x14, 0x29, 0xb, 0x4a}}], 0x30}, 0x4000)
socket$inet6(0xa, 0x80002, 0x0) (async)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10) (async)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000002880)={0x0}) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x58, 0x9, 0x6, 0x501, 0x0, 0x0, {0x7, 0x0, 0x1}, [@IPSET_ATTR_LINENO={0x8}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_ADT={0x30, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x5}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAME={0x9, 0x12, 'syz0\x00'}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_LINENO={0x8}}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x20000044) (async)
sendmsg$inet6(r0, &(0x7f00000011c0)={&(0x7f0000000000)={0xa, 0x4e20, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xb78}, 0x1c, 0x0, 0x0, &(0x7f0000003600)=[@dstopts_2292={{0x18, 0x29, 0x4, {0x2f}}}, @flowinfo={{0x14, 0x29, 0xb, 0x4a}}], 0x30}, 0x4000) (async)

1.871304583s ago: executing program 4 (id=2747):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000fe0200ff00000000000000008500000041000000850000000e00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x11000000, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
sendmsg$TIPC_CMD_DISABLE_BEARER(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x2c, 0x0, 0x12b084226d2dad07, 0x0, 0x0, {{}, {}, {0x10, 0x13, @udp='udp:syz0\x00'}}}, 0x2c}}, 0x0)
r2 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'ip6gretap0\x00', <r3=>0x0})
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_add_memb(r4, 0x107, 0x18, &(0x7f0000000800)={r3, 0x1, 0x6}, 0x10)
sendto$packet(r4, &(0x7f0000000040)="02030007ffff0000000045", 0xff4b, 0x4000050, &(0x7f0000000000)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @remote}, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000006000000040000000000000e0400000000000000000000000000000d040000000000000000000004000000000400000000000008030000000000000061"], 0x0, 0x52, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x10000, 0x0, r6, 0x0, '\x00', 0x0, r5, 0x2, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000008000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f03000000000000e5000500000000002604fdffff02000014010000033800001d13f8ff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x15, 0x1c, &(0x7f0000000100)=ANY=[@ANYBLOB="1808000000400000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b7060000000000008500000005000000bf0900000000000035090100000000209500000000000000b7020000000000007b9af8ff00000000b5090000000000007baaf0ff00000000ae8900000000000007080000f8ffffffbf8400000000000007040000f0ffffffc70200000800000018260000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7040000080000004608f0ff76000000bf9800000000000056080000000000008500000007000000b700000000000000950000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sk_reuseport=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x7, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b708000000000000a50a000000000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
r10 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1e9042, 0x0)
ioctl$PPPIOCNEWUNIT(r10, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r10, 0x40107447, &(0x7f00000000c0)={0x2, &(0x7f0000000100)=[{0x50, 0xff, 0x0, 0x4}, {0x6, 0x60}]})
pwritev(r10, &(0x7f0000000080)=[{&(0x7f0000000000)='cB;', 0x3}], 0x1, 0x5, 0xffffff95)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x8000, @mcast2}, 0xe01f25a)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0)
write$cgroup_int(r11, &(0x7f0000000000), 0xffffff6a)

1.854341022s ago: executing program 0 (id=2748):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
socket$packet(0x11, 0x3, 0x300)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x400, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x4004)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x20}, {0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x2}, {0x0, 0x0, 0x0, 0xfffffffffffffffe}}}, 0xb8}}, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000200)="ad56b6cc0400aeb995298992ea5400c2", 0x10)
sendmmsg$unix(r2, &(0x7f0000001840)=[{{0x0, 0x0, &(0x7f0000000f00)=[{&(0x7f0000000a80)="02ad", 0x2}, {&(0x7f0000000d40)="741635b0", 0x4}], 0x2}}], 0x1, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000015"], 0xb8}, 0x1, 0x0, 0x0, 0x8c0}, 0x8004)

1.853458003s ago: executing program 2 (id=2363):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x0, 0x0, 0xe}, 0x1c)
close(0x3)

854.172401ms ago: executing program 0 (id=2749):
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x12, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000008c000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000003100000095"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x66, '\x00', 0x0, @cgroup_sock_addr=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc84, @void, @value}, 0x94)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c00000010003df600"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001400030064766d72700900000000000000000000180012800800010070707000"], 0x4c}}, 0x0)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x4ae}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x4040010)

853.753614ms ago: executing program 1 (id=2750):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a00100000000280", 0x2a}, {&(0x7f0000000400)="6a6f8e5e", 0x4}], 0x2}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000a00)=@ipv4_delrule={0x24, 0x21, 0x1, 0x0, 0x0, {0x2, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}, [@FRA_SRC={0x8, 0x2, @dev}]}, 0x24}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, r2, 0x8, 0x70bd26, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4000)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602240000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
socket$kcm(0x10, 0x2, 0x0) (async)
sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a00100000000280", 0x2a}, {&(0x7f0000000400)="6a6f8e5e", 0x4}], 0x2}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000a00)=@ipv4_delrule={0x24, 0x21, 0x1, 0x0, 0x0, {0x2, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}, [@FRA_SRC={0x8, 0x2, @dev}]}, 0x24}, 0x1, 0x0, 0x0, 0x4010}, 0x0) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async)
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, r2, 0x8, 0x70bd26, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4000) (async)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602240000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) (async)

853.088073ms ago: executing program 3 (id=2751):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000600)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000400), &(0x7f00000005c0)='%-010d \x00'}, 0x20)
r2 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r3=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x98, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r3, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x68, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x2, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME_EXTENSION={0xc, 0x9, 0x4}]}}]}, 0x98}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xf, 0x5, 0x2, 0x4, 0x8000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @value, @void, @void, @value}, 0x50)
close(r4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000800)={{r4}, &(0x7f0000000780), &(0x7f00000007c0)}, 0x20)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000010000e1250000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x18, 0xf, &(0x7f0000000640)=@raw=[@generic={0x2, 0x7, 0x1, 0x3, 0x7}, @func={0x85, 0x0, 0x1, 0x0, 0x4}, @jmp={0x5, 0x1, 0x0, 0x9d910eaf809c759c, 0xb, 0x10, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xf}, @map_val={0x18, 0xf, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x85}, @exit, @map_idx={0x18, 0xa, 0x5, 0x0, 0xc}, @alu={0x4, 0x0, 0x4, 0x2, 0x2, 0xffffffffffffffff, 0x10}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @map_idx={0x18, 0x3, 0x5, 0x0, 0x9}], &(0x7f0000000700)='syzkaller\x00', 0x5, 0xca, &(0x7f0000000780)=""/202, 0x41000, 0x60, '\x00', r3, @fallback=0x11, 0xffffffffffffffff, 0x8, &(0x7f0000000880)={0x8, 0x3}, 0x8, 0x10, &(0x7f00000008c0)={0x0, 0x3, 0x1, 0x8}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x6, &(0x7f0000000900)=[r4], &(0x7f0000000940)=[{0x1, 0x3, 0x5, 0xc}, {0x5, 0x3, 0x10, 0x9}, {0x4, 0x1, 0xe, 0x4}, {0x4, 0x2, 0xe, 0x9}, {0x2, 0x3, 0x3, 0xa}, {0x5, 0x5, 0x2, 0x4}], 0x10, 0x7, @void, @value}, 0x94)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
connect$inet(r0, &(0x7f00000006c0)={0x2, 0x0, @empty}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000440)='\x00'/16, 0x10)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000640)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_MEMORY_LIMIT={0x8, 0x8, 0xe}, @TCA_FQ_PIE_QUANTUM={0x8, 0x7, 0xbaf6}]}}]}, 0x44}}, 0x0)
r10 = accept4(r6, 0x0, 0x0, 0x0)
accept4(r10, 0x0, 0x0, 0x0)
recvmsg(r6, &(0x7f0000000380)={&(0x7f0000000140)=@l2, 0x80, &(0x7f0000000540)=[{&(0x7f0000000080)=""/64, 0x40}, {&(0x7f00000001c0)=""/59, 0x3b}, {&(0x7f0000000200)=""/24, 0x18}, {&(0x7f0000000240)=""/2, 0x2}, {&(0x7f0000000280)=""/156, 0x9c}, {&(0x7f0000000480)=""/188, 0xbc}, {&(0x7f0000000340)=""/25, 0x19}], 0x7}, 0x2122)
bind$tipc(0xffffffffffffffff, &(0x7f0000000400)=@name={0x1e, 0x2, 0x3, {{0x40, 0x4}}}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x2, '\x00', r9, 0xffffffffffffffff, 0x5, 0x2, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000340)='cgroup\x00'}, 0x30)
r11 = syz_open_procfs$namespace(0x0, &(0x7f0000000340))
preadv(r11, &(0x7f00000003c0), 0x364, 0x0, 0x0)

849.105448ms ago: executing program 4 (id=2752):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x38, 0x1404, 0x20, 0x70bd25, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000001}, 0x20040003)
syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYRESOCT=r0, @ANYRESDEC=r0], 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x24044080)

640.039903ms ago: executing program 4 (id=2753):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$netlink(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000b00)=ANY=[@ANYBLOB="1c0000005a000d0300000000000000000400008008"], 0x1c}], 0x1}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=@newsa={0x180, 0x10, 0x1, 0x0, 0x0, {{@in6=@empty, @in6=@mcast1, 0x0, 0x0, 0x0, 0x20, 0x2, 0x0, 0x0, 0x84}, {@in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x4d5, 0x6c}, @in6=@empty, {0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x0, 0x4}, {0x8000, 0x0, 0x0, 0x10e}, {0x0, 0xfffffffc}, 0x70bd2b, 0x0, 0xa, 0x0, 0x0, 0x2a}, [@algo_comp={0x48, 0x3, {{'lzs\x00'}}}, @algo_crypt={0x48, 0x2, {{'cts-cbc-aes-neon\x00'}}}]}, 0x180}}, 0x4044)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000140)="005b4aa3d49100dc50ecc3b4000082e3", 0x10)
r3 = accept4(r2, 0x0, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'team_slave_1\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=@newqdisc={0x24, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {0x10, 0xb}, {0x0, 0xa}}}, 0x24}}, 0x4000)
sendmsg$nl_route_sched_retired(r3, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000fc0)=@newtfilter={0x540, 0x2c, 0x800, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff3}, {0x8, 0x6}, {0x7, 0xfff1}}, [@f_tcindex={{0xc}, {0x510, 0x2, [@TCA_TCINDEX_ACT={0x50c, 0x7, [@m_police={0x508, 0xe, 0x0, 0x0, {{0xb}, {0x408, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x5, 0x8, 0x7, 0x9, 0x101, 0xb, 0x129900d3, 0x6, 0x2, 0x3, 0x5, 0xfffffffd, 0x8e1d, 0x401, 0x3ff, 0x9, 0x6, 0x6, 0xc, 0x9fc8, 0x7fffffff, 0x100, 0x3, 0x3, 0xfffffff9, 0x1, 0x29, 0x1, 0x417e, 0x5, 0x7, 0x80000000, 0x3, 0x1, 0x3, 0x3, 0x4, 0x7, 0x8, 0x1f86, 0xffff, 0xf, 0x7a25, 0x7fff, 0x4, 0x14000, 0x7e0e8a1a, 0x81, 0x81, 0x9, 0x3, 0xdd1e, 0x9, 0x0, 0x1, 0x1, 0x7, 0x5, 0x2, 0x7, 0x1b, 0x1, 0x7466a912, 0xffffffff, 0x7, 0x2, 0x0, 0x80, 0x1, 0xc, 0x16d, 0xffff, 0x9, 0x10, 0x8, 0x8, 0x9, 0x8, 0x9, 0xa1d, 0xb, 0x6, 0x7, 0x8c24, 0xf4, 0xffffffff, 0xc, 0x200, 0xfff, 0x8, 0xfffffff7, 0x7, 0x3, 0x8, 0x1ff, 0x6, 0x6a39, 0x6, 0x6, 0x9, 0x8, 0x1, 0x3, 0x35, 0x4, 0x8, 0x8761, 0x306381ab, 0x7, 0x8, 0x7, 0x2, 0x8000, 0xffff, 0x6, 0x9, 0x7, 0xfffffff8, 0x9, 0x9, 0xad13, 0xf8f, 0x24a6, 0xfffffffe, 0x5f8, 0xa66, 0xfffffffc, 0x1, 0x1, 0x3, 0x5, 0x485c, 0x3, 0x3, 0x3, 0xfffffff7, 0x4, 0x3, 0x101, 0x1bf, 0x7, 0x5, 0x5, 0x97a1, 0x7, 0x3, 0x5fe, 0xf, 0x8, 0xe, 0x8, 0xdb9, 0x4, 0x7ff, 0x3693, 0xffff, 0x4, 0x2ac8, 0x4, 0x3, 0xe, 0x40, 0x8, 0x5, 0x8000, 0x3, 0x1, 0x7, 0x3, 0x401, 0x0, 0x6, 0x48, 0x1ff, 0x3, 0xfffffff7, 0x7fff, 0x100, 0x3, 0x7, 0x6, 0x4, 0x2, 0x4, 0x40, 0x56f9, 0x7, 0x9, 0x1, 0x80000001, 0x8001, 0x81, 0x200, 0x0, 0x2, 0x3, 0x42d, 0x6, 0xfff, 0xdee, 0x7, 0x3, 0xfffff210, 0x34b490e8, 0x1, 0x6, 0x0, 0x8, 0x3, 0x101, 0x8, 0x4, 0x7f, 0x2, 0xa, 0x0, 0x4, 0xcdf, 0xfffffff9, 0x7, 0x5d, 0x2020000, 0x1, 0xffff, 0x0, 0x5, 0xfffffffc, 0x5, 0x4, 0x2, 0x8, 0x0, 0xc, 0x3000, 0x1ff, 0x1, 0xd, 0x0, 0x1f7, 0x2689, 0x3, 0xe000003, 0x140000, 0x4, 0x3477, 0x8, 0x1, 0x9, 0x2, 0x80, 0x5, 0x4, 0x0, 0x2, 0x80000000, 0xfffffff9]}]]}, {0xd6, 0x6, "94f7701920c059fa6b0caba5d23befc6f89a150279fc86498232c62c7176990e727154103ea93894c5f58cd89c3891bd0c189232a3c4530e56ce8ad78b4aff42730386fa3266da9db29966ca7125c00ac44a350b7b88dc49b236f183584b051e55397b84c9aae3f9e8296f2208b53c56e52217f52ff84f5119dfc586be8e9a7f6213dee8b9b99f995cc70cb3ba6fb10d250e1184ec8a0224d95e3efa65b3c4b3f23a4df01e64d3fbb2ee7f7ebacb2e0237378cb97f79616ccc075da2cd814df5b13216d1cd02a675410ccfce7a4d3e3ba012"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x540}, 0x1, 0x0, 0x0, 0x20004041}, 0x5)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000000)={<r7=>0x0, 0x4, 0x882}, &(0x7f0000000100)=0x8)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000140)={r7, 0xd4, 0x5, [0xf86, 0x8, 0xffff, 0x2, 0x4]}, 0x12)

637.702553ms ago: executing program 0 (id=2754):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="9feb010018000000000000006c0000006c0000000b000000090000000000000c050000000800000007000013020000000600008005000000040000000c00000001000000030000000b0000000600000005001000100000001000000002000000070000000900000008000000070000006d78000003000000070000000300000007000000005f300000612e5f2e5f"], &(0x7f0000000080)=""/15, 0x8f, 0xf, 0x1, 0x5, 0x0, @void, @value}, 0x28)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a320000000014000000110001"], 0x54}}, 0x80)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000002580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000080a01010000000000000000020000000900010073797a300000000038000000060a17d50000000000000000020000000900020073797a32000000000900010073797a30000000000c0003"], 0xcdc}, 0x1, 0x0, 0x0, 0x1}, 0x0)

599.177551ms ago: executing program 3 (id=2755):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a9"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0f00000004000000040000001200000000180000", @ANYRES32, @ANYBLOB="000000000000e6ffff8374ab45149800"/26, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)

571.772796ms ago: executing program 1 (id=2756):
syz_emit_ethernet(0x42, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffff00000000000086dd601e1907000c2f00fe80000000000000000000"], 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x5, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000004830000000000000fa40000007010000080020007500feff00008200"], &(0x7f0000000100)='GPL\x00', 0x4, 0xfa, &(0x7f00000007c0)=""/250, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000011c0)=@newtaction={0xe98, 0x30, 0x25, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x30, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x4}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {0x0, 0x7}, {}, {0x80000000}, {}, {}, {}, {}, {0xfffffffc}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xb}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x400}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
pselect6(0x40, &(0x7f0000000140)={0x5, 0x6, 0x8, 0x8, 0x0, 0x2, 0x0, 0x8}, &(0x7f0000000180)={0x9, 0x2, 0x7fff, 0x22c, 0x5, 0x0, 0xa9e, 0x7}, &(0x7f00000001c0)={0x7fffffff, 0x9, 0x81, 0xa1, 0x3, 0xff, 0x1, 0xffff}, &(0x7f0000000200)={0x77359400}, &(0x7f00000004c0)={&(0x7f0000000240)={[0xc6]}, 0x8})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000008c0)=ANY=[@ANYBLOB="2c000000100001000000000000000000000000007842174502ca9d10e6a0e24fb193b38b73a22430a816f79d8606366bb567b811b4022185e68226f0e8e6e8df2cf1ba4694b8e3314eb19a412243f1520d5e04eeb5cec2d4e87de3fcd6629c5b0532a0fa690334733890c49195bfb9dbe2a1732a3ee0057fa23520b98a0c8373ecb60841fede3e78f06b7c5466", @ANYRES32=0x0, @ANYBLOB="008000000000000004002b8008001b0000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2e}}, 0x10)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe8000000000"], 0xfdef)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f00000000c0)={0x0, 0xe1}, 0x8)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x5, 0x0, 0x0, {}, {0x0, 0x2710}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "5b979e01d2038d84"}}, 0x48}}, 0x0)
sendmsg$can_bcm(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000980)=ANY=[@ANYBLOB="050000000300"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="000000000100000000000000000000009dfc47318ccc3455a8c49f41d8916b86846b33b1213bf491b36cadc3914709b32d58d38b7dd914f2626fabbe8484be55f30db829d3bd5f789f9ce486a3aba60b636b693089b3617b1f769d2cc8b4aef55cb7251639584ecbb182c7d039daacafa30d53cccebddcb75f43417731ec9de0e5eed2cb62ff1d7e2d173b2d280b0e16e527e17127627511571e494433ed4d9db6ae1b87dc22878e1f5a42da91b33a2023ed0928420da55d6c904ed15fab1bfd44ea228385802529e2129035fa6da04e1e36d1633e511f7f0442d05990939317f0f619dcf9bf3fbbf247b8603d6245ad429a88279e3339011b96a23bb92aefcb6a5b46ef7d4b7a133391cd1de423a0"], 0x48}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4c00000002060108000034e400000000000000020500010006000000050004000000fe000900020073797a3100000000050005000200000012000300686173683a6e65742c706f7274000000ff5b3b8767"], 0x4c}}, 0x2)
bind$alg(0xffffffffffffffff, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="54000000090601080000000000000000050000000900020073797a310000000005000100070000002c000780060004404e21000005000700e30000000c00018008000140850101010c00028008000140"], 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

511.189549ms ago: executing program 4 (id=2757):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r1}, 0x10) (async)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040)) (async)
ioctl$PPPIOCGDEBUG(r0, 0x80047441, &(0x7f0000000000)) (async)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000c00)=ANY=[@ANYBLOB="b4000000020000006600000000000000730120000000000095000000000000004bb5eea0a6ec9fcd4b0a008a8443f22702000000e63bde9e4a0587536a966992ae7011d6e6c03175717e9912e0dd1a59541f7cbb1548ee5bd627f5b0b8ec77bd6d5f7b543f9aafaabe53339b12fbbe7decc4aa61b8aad0359083bdd61543fbeee8d560bb4b5925fae801f4c91e31674b124a1b38000000bc4da4a9b3d5cc9e0000f6a7a729009973ff07000000000000ac79e5d84abbec7d96629490727375b853f6308a980fba61fbe0131f3c7a026d8f000008000000000000000b20d7ac2df89d7989bf53bec908213d396edf24e9fc3cc004a1097fddc65c1b1b328277ff85ed56b9261eb7bcee28ec2d3616689ab3f31f849eebce6f21e6302003c0467844e000000000db0700bd694a09b253a1c6c7c138b3ec6ee9b83edcc55d3403acd5c50e2740a7ab7069790da79b7ab45184caffff00009bab066bf7a4ab148d44c7e2e4d219cdd7ebeb51511d9df85a648b1b85f93cb6cd21f93d5ea3da2b31657c065d052d9b9ee00320def97ebac25b929b3c15e33be6e7d54e622b427ee8d181d2f18d772fb5c58a936620ba1f5fbb48703ab211f442697edc165b449db2e3c221fbf270a6db414516949b97c200000096a1cbe81a38a23f03bd741a3e60c2e294f828e06f1b2cb70328f151f949e369efed52a28b87aae9d7d2800c8eff7f93c05adc9086d3f143a7b87d06838c6525cafdc01820a8912a131ff1f6acb9439f2d95a746291641b38333ce1c84b0d9d033edc9da00c8a2b42e8adfeff69fce7a35f79748e3e5b235269310988a05bf7c4e4cef3d1aa550c83d6328eb000000044a6458c31431d58973c93f5e9452258a7098bc3d014afe638a40948498fa9561213bc20845526e054d6b3ba5ca8f357df67c41acc28edacb31d38994544c3511ea1e8a448e66039425cfb03efb5d5eb81a306746adb8809ef969187763c00085e2dc401325327e54cbfceb400c2663466cd4a79c94b62c9882626499a8a29c564464f2a7aee6a929f831c93d23005787d272b5eaf0c6e11a7f0f1f39f68df44f6bf2d9b51d99c89e327b4bf7b96ad33abbd3a8b5814b5e7f85d1a47ee604ccef20bda53c9ce06910568fc200eee12fc6ef2734a6e9af5132f0c507e277fd97f9b48c840697289d38e454467f4d2f94b2f76d06edd083dafefd76deb251b5818de9c27d0df6e7b8862fe42f6c453f551f35b6d76395a1d205f276ae628fbdb8081905a1d7c2805532d3387b88f2997e8ce41c5dca83659cfb7f3a1c7b2bec8a7575dc4241dde6c680ee9a27b197739f4ad86f3bad3e42d4954bef864586ad02c27858d63efc495bcfb6ed49a5ca8987b0f2a8b14054e30f30fedf536d63769a196fc3b472195d0a1a13ecf803136d751cefb0edb5794cab8681214b39f86d88f3aebea4d465ef05f975b09f264d6c8d8e3bb6ea7d21c6602bcc8f76f2546cccc074f55c22aa8b502968040000000000000047c8a50036dd268a1aeff951f5090492b5e941feb1d3785aafe1655876e5a36c40fb5afcfd1eb28952662782097836a4d1aa3de0c06bb7dc27cf1a546b6aa6ce9932f3c6a013bc3791da4d8a33680ba8f1334d75a43e991ebd4582d786ec05cdd3152d52ab15fc7595cbd339f730d2ec8e37e6c500c4c30280a6af986f62a22d9c5c275e7798c165545abfcd304243274db15924a136a0896d56576ed7de90b1bda90f4024b9a0b3b33f688db8e38f784ae3942aba874f95d10c47e2405ceb0438cc272133fac718a6553710e4ca97df646b21d02652c54eade2e99344e11a2671cf274d397650fba8fcfb7e51a926e37b3980a1732111175dd99b9d979042b3ea411a7b4f9081ae9b82974d5eb6fd4e4bcd95e4f897dfba4e44777e6d02a896b650a66d9139696b926c36a33eb3bdc092bf4586bfab34002f802bbfe6a7679cec20cc25e01f129bbe92a65961fac7bffa3d8feda2ac927743d2bce57ee39b671948576337535180aa754e035421cf1709bc1b5e46c35515fb1fcda637a6405e9b216d2ca09795c5d2f27665da5b17bcf0f387e6dd58202a3a1148e46e55ac7ea027eb3022eee4a000ca543ab566921e5db4f741a762e5705f942855a9fa30b912045f78ab1e3fdeada84bc8ac36cc1223901e56f6ecbabbc3263098c9c47a1f505a8299b5715a455e834ddddc430f387cafa07bf915522f9a42e34eea5169b796320e892d27924045bcf56135684ca96ada82749371d5766c0d0cae8772f140eef001ca39dc28aef8a5236393fce29b0531cbd3265c209761ed41a2e473fbd84ca9b67e3ceb58a4b774ee127628faba8702c0a73f8311d269429aaadf74c439404fc9f864e69807dfe257c0c4a26c60bfa77f89bae2bd4c498a10d4e17dddb1f7539bfeb392e22e7b93d0ecf66cd253a4062bbc8a437f8924ee7a89ab73dd7c11be13707482c369f02d7b6f242599f95dbfcb55bea158665231f8fe04ed2a8c407fed1a8702e2486386f2ae6347231128be789186ff5651208c80781f85d3fb51bd28b939a8bc88a471c36fa17fd04c3fbdbd3f7bf144b1466014a77c582aa0380e612cd101d557dd1e5b7bae3da3ea2659f66a3641eaa3b008b9788a63c8f7009f9149fd9c740eddd300000000000000000000e620e3657ac82a5bd27dfa4f2add31a402346571e87b2644edb73d4affdcbbe2b8e2539b44554c10dc0ac8ba67ab9901c8e9564b4c26a87cf59b11978a86d4938ca4db01a9d8426aed32eb0d0d1dd894bbf3197f3b5744b5a4f813fd7330"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb=0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000002c0), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x47)

371.96135ms ago: executing program 3 (id=2758):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r6, &(0x7f0000000200), 0x806000)
socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f00006a9000/0x2000)=nil, 0x2000, 0x1000005, 0x12, 0xffffffffffffffff, 0xcd44a000)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRES32], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="19000000040000000400000002"], 0x48)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xf, &(0x7f00000000c0)=0x8, 0x4)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r8, &(0x7f00000000c0), &(0x7f0000000000)=""/10, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r8, &(0x7f0000000080), &(0x7f0000000000)=""/10, 0x2}, 0x20)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000780)={@local, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00 \x00', 0x18, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @local, {[], @mld={0x187, 0x0, 0x0, 0x0, 0x0, @local}}}}}}, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r1, 0x0)

371.287463ms ago: executing program 0 (id=2759):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r1, 0x84, 0x82, &(0x7f00000002c0)="1a00000002000000", 0x8)
sendmmsg$sock(r0, &(0x7f0000001d80)=[{{&(0x7f0000000240)=@in6={0xa, 0x4e20, 0x7, @loopback, 0x5}, 0x80, 0x0, 0x0, &(0x7f0000000480)=[@mark={{0x14, 0x1, 0x51, 0x6c}}], 0x18}}], 0x1, 0x4000)
r2 = socket(0x2, 0x80805, 0x0)
unshare(0x20000400)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r3, 0x0, 0x20000000)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r2, 0x0, 0x48c, &(0x7f0000000180)={0x1, 'bridge_slave_0\x00'}, 0x18)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000008c0)="d8000000180081000181f782db4cb904021d0800ff007c05e8fe50a10a000700014002020c600e41b0000900ac000a0501000000160012000a00ff150048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5a02000000ca9ec855eff0eb3f365d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505dba36efab70cdb67e8d1cc5c7b06b1eab31f7b05da962834cedde6fdfcf45add8e51ff159ca9680d0", 0xd8}], 0x1}, 0x0)

278.776827ms ago: executing program 1 (id=2760):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000a000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x12, 0x0, &(0x7f0000001a00)="2000cb3c0000000022385ba988a88dc288a8", 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0xffffffff}, 0x10)
listen(r2, 0x0)
accept4$unix(r2, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x20}, {0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x2}, {0x0, 0x0, 0x0, 0xfffffffffffffffe}}}, 0xb8}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000015"], 0xb8}}, 0x0)

263.841647ms ago: executing program 3 (id=2761):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x13, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000009400000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2f)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r1=>0xffffffffffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'erspan0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x48, 0x10, 0x41b, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_FWMARK={0x8, 0x14, 0x400}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x3}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x48}}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x2a, &(0x7f0000000100)=r5, 0x4)
r6 = openat$cgroup_ro(r5, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$sock(r7, &(0x7f0000000cc0)=[{{&(0x7f0000000100)=@l2tp={0x2, 0x0, @broadcast, 0x3}, 0x80, 0x0}}, {{&(0x7f0000000700)=@in6={0xa, 0x4e20, 0x7, @dev={0xfe, 0x80, '\x00', 0x18}, 0x60}, 0x80, 0x0}}], 0x2, 0x48094)
connect$llc(r7, &(0x7f00000004c0)={0x1a, 0x302, 0x4a, 0xe3, 0xb, 0x24, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x22}}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
sendmsg$nl_xfrm(r6, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000580)=@delsa={0x17c, 0x11, 0x200, 0x70bd29, 0x25dfdbfb, {@in6=@mcast1, 0x4d2, 0x2, 0x6c}, [@proto={0x5, 0x19, 0x32}, @encap={0x1c, 0x4, {0x1, 0x4e22, 0x4e23, @in6=@local}}, @etimer_thresh={0x8, 0xc, 0x6}, @algo_auth={0x120, 0x1, {{'blake2s-256-generic\x00'}, 0x6c0, "73f82f2ac6a1f015702c62de5c97efb6072ba9115eff047cf014db56f0f0ed99cb14ea5c1ec7c3ed3851a2965a4c052fe0ca82a39be7198be3bf83ad0c5b8c7f0e098c25f437027eb09ff956d8c34391578077b299854f603c44998b47d8003342af9f556224ebce2d9054202eed5ba841b59d94dba515a0eb391bf0e512cdeb6f00365258481df1bc2743e2f526a6b4ece709c5e7695de8af5b240b24d212b8ef91959ace4b54bb7bc53990ec5a5444fbedf98b8ce43ac6493a13541ce56d76052cabb92241126a3c52bfe075016e8101d31830bf7f67cc"}}, @XFRMA_SET_MARK={0x8, 0x1d, 0xe40}]}, 0x17c}, 0x1, 0x0, 0x0, 0x801}, 0x4000801)

262.743084ms ago: executing program 4 (id=2762):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0x7f, 0xffffffc1, 0x0, 0x222e, 0xffffffffffffffff, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x80000000, 0x5, @void, @value, @void, @value}, 0x48)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$int_in(r0, 0x5452, &(0x7f0000000340)=0x8)
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x30, r4, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}]}, 0x30}}, 0x0)
setsockopt$ax25_int(r2, 0x101, 0xc, &(0x7f0000000080)=0x10000, 0x4)
socket(0x5, 0x0, 0x4)
connect$ax25(r2, &(0x7f0000000100)={{0x3, @bcast, 0x4}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x48)

198.363297ms ago: executing program 0 (id=2763):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create1(0x0)
r2 = socket(0x1, 0x80802, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f00000000c0)={0x10000001})
shutdown(r2, 0x0)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0x3, 0x1}, 0x6)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x5c, r4, 0x1, 0xffffffff, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_REKEY_DATA={0x40, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "4ef8cb0000c94def"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="e184c62c03dddea6ed0000000000ff03"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="6a4e2b3b75ffa408fc71bb98a979073ba063e9d98c5758ed"}]}]}, 0x5c}}, 0x4000840)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket(0x2, 0x80805, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r9 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
write$tun(r8, &(0x7f0000000600)={@val={0x0, 0x88e5}, @void, @eth={@local, @broadcast, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x6, 0x28, 0x66, 0x6000, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, {[@end]}}, {0xa000, 0x6558, 0x10, 0x0, @gue={{0x2, 0x0, 0x2, 0x29, 0x0, @val=0x80}}}}}}}}, 0x3a)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r10=>0x0}, &(0x7f0000001080)=0x4)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x1f, &(0x7f0000000580)={r10, @in6={{0xa, 0x4e21, 0x4, @empty, 0xc}}, 0x0, 0x8}, 0x90)

0s ago: executing program 1 (id=2764):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000002680)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000340)="18e4", 0x2}], 0x1}}, {{&(0x7f0000000140)={0xa, 0x4e20, 0x0, @private0, 0x80000001}, 0x1c, &(0x7f0000000800)=[{&(0x7f0000000180)="ed", 0x1}], 0x1}}], 0x2, 0x0)
shutdown(r0, 0x1)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000480)={<r1=>0x0, 0xf8, "70908efaf2b64c276404eb7ce00a9117af1d5509752dbca3042b5437489272723849ac77a0193e0c5efe7fcd82a90a8a306d66cebc946e33238f76810deb5722b73fad78127d974313b1c4bc7d4444a39a30450d8117bc59dfd0cc4702dd0496ea50518e92b104593e88cc01fc6a084392fd9e85fd0cebefa712541341dc491a05f54f5ec14e7551205b2378a5f855f5f3474491db337c4582ec733e1d632f7b4ceebf949959cc66e1faf5ec8695d908671a15a03304d64faad9a4d019fdb412882f2e96a875c267baa566a499473944a571914e40142543a0afd278142654bd5aba5f0cb5215d9863273e3a0f033a3a787977d7eb16b83d"}, &(0x7f00000000c0)=0x100)
getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000400)={r1, 0x7f, 0x719627e9, 0x1}, &(0x7f0000000440)=0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$NFT_BATCH(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)={{0x14}, [], {0x14}}, 0x28}, 0x1, 0x0, 0x0, 0x4000080}, 0x4002000)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="05002abd7000fbdbdf250f00000008000300", @ANYRES32=0x0, @ANYBLOB="0c00990066b800000400000033000e0048000000080211000000080211000001ffffffffffff00000000000000000000640000000000060200800503edbb040008923e0155491c5593b6dfcb62"], 0x5c}}, 0x0)

kernel console output (not intermixed with test programs):

le 02/12/2025
[  290.402105][T12775] Call Trace:
[  290.402113][T12775]  <TASK>
[  290.402122][T12775]  dump_stack_lvl+0x241/0x360
[  290.402156][T12775]  ? __pfx_dump_stack_lvl+0x10/0x10
[  290.402180][T12775]  ? __pfx__printk+0x10/0x10
[  290.402208][T12775]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  290.402240][T12775]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  290.402271][T12775]  warn_alloc+0x278/0x410
[  290.402297][T12775]  ? __vmalloc_node_range_noprof+0x106/0x1380
[  290.402321][T12775]  ? __pfx_warn_alloc+0x10/0x10
[  290.402344][T12775]  ? kasan_save_track+0x3f/0x80
[  290.402366][T12775]  ? __kasan_kmalloc+0x98/0xb0
[  290.402392][T12775]  ? xsk_setsockopt+0x4aa/0x810
[  290.402413][T12775]  ? do_sock_setsockopt+0x3af/0x720
[  290.402438][T12775]  ? __x64_sys_setsockopt+0x1ee/0x280
[  290.402462][T12775]  ? do_syscall_64+0xf3/0x230
[  290.402493][T12775]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.402532][T12775]  __vmalloc_node_range_noprof+0x126/0x1380
[  290.402585][T12775]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  290.402613][T12775]  ? __kasan_kmalloc+0x98/0xb0
[  290.402645][T12775]  vmalloc_user_noprof+0x74/0x80
[  290.402667][T12775]  ? xskq_create+0xb6/0x170
[  290.402690][T12775]  xskq_create+0xb6/0x170
[  290.402716][T12775]  xsk_init_queue+0xa1/0x100
[  290.402743][T12775]  xsk_setsockopt+0x4aa/0x810
[  290.402768][T12775]  ? __pfx_xsk_setsockopt+0x10/0x10
[  290.402791][T12775]  ? __pfx_aa_sk_perm+0x10/0x10
[  290.402836][T12775]  ? aa_sock_opt_perm+0x79/0x120
[  290.402875][T12775]  ? __pfx_xsk_setsockopt+0x10/0x10
[  290.402897][T12775]  do_sock_setsockopt+0x3af/0x720
[  290.402929][T12775]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  290.402961][T12775]  ? __fget_files+0x395/0x410
[  290.402990][T12775]  ? __fget_files+0x2a/0x410
[  290.403031][T12775]  __x64_sys_setsockopt+0x1ee/0x280
[  290.403064][T12775]  do_syscall_64+0xf3/0x230
[  290.403097][T12775]  ? clear_bhb_loop+0x35/0x90
[  290.403131][T12775]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.403160][T12775] RIP: 0033:0x7f9b2338d169
[  290.403179][T12775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.403197][T12775] RSP: 002b:00007f9b24283038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  290.403220][T12775] RAX: ffffffffffffffda RBX: 00007f9b235a5fa0 RCX: 00007f9b2338d169
[  290.403235][T12775] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000006
[  290.403247][T12775] RBP: 00007f9b2340e2a0 R08: 0000000000000004 R09: 0000000000000000
[  290.403260][T12775] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  290.403273][T12775] R13: 0000000000000000 R14: 00007f9b235a5fa0 R15: 00007fff4a98e6c8
[  290.403306][T12775]  </TASK>
[  290.405705][T12775] Mem-Info:
[  290.710758][T12775] active_anon:7407 inactive_anon:0 isolated_anon:0
[  290.710758][T12775]  active_file:1672 inactive_file:38386 isolated_file:0
[  290.710758][T12775]  unevictable:768 dirty:347 writeback:0
[  290.710758][T12775]  slab_reclaimable:11437 slab_unreclaimable:104320
[  290.710758][T12775]  mapped:29741 shmem:1411 pagetables:807
[  290.710758][T12775]  sec_pagetables:0 bounce:0
[  290.710758][T12775]  kernel_misc_reclaimable:0
[  290.710758][T12775]  free:1336587 free_pcp:173 free_cma:0
[  290.799713][T12775] Node 0 active_anon:29828kB inactive_anon:0kB active_file:6688kB inactive_file:153468kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:118964kB dirty:1388kB writeback:0kB shmem:4108kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11908kB pagetables:3228kB sec_pagetables:0kB all_unreclaimable? no
[  290.909728][T12775] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  290.975886][T12775] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  291.042002][T12775] lowmem_reserve[]: 0 2489 2490 2490 2490
[  291.060232][T12775] Node 0 DMA32 free:1422132kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:30392kB inactive_anon:0kB active_file:6688kB inactive_file:153160kB unevictable:1536kB writepending:1388kB present:3129332kB managed:2549692kB mlocked:0kB bounce:0kB free_pcp:3172kB local_pcp:1264kB free_cma:0kB
[  291.117425][T12775] lowmem_reserve[]: 0 0 0 0 0
[  291.136307][T12775] Node 0 Normal free:4kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:308kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[  291.182295][T12775] lowmem_reserve[]: 0 0 0 0 0
[  291.187277][T12775] Node 1 Normal free:3906608kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  291.239871][T12775] lowmem_reserve[]: 0 0 0 0 0
[  291.244786][T12775] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  291.271353][T12775] Node 0 DMA32: 140*4kB (UE) 395*8kB (UME) 184*16kB (UME) 213*32kB (UME) 129*64kB (UME) 140*128kB (UM) 72*256kB (UM) 27*512kB (UM) 14*1024kB (UME) 6*2048kB (UM) 323*4096kB (UM) = 1421544kB
[  291.303961][T12775] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  291.325164][T12775] Node 1 Normal: 204*4kB (UME) 54*8kB (UME) 39*16kB (UME) 195*32kB (UME) 74*64kB (UME) 30*128kB (UME) 11*256kB (UME) 8*512kB (UME) 6*1024kB (UME) 1*2048kB (E) 946*4096kB (M) = 3906608kB
[  291.448817][T12775] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  291.499177][T12775] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  291.508530][T12775] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  291.567149][T12775] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  291.629439][T12775] 43119 total pagecache pages
[  291.637619][T12775] 0 pages in swap cache
[  291.653840][T12775] Free swap  = 124996kB
[  291.668175][T12775] Total swap = 124996kB
[  291.682792][T12775] 2097051 pages RAM
[  291.694717][T12775] 0 pages HighMem/MovableOnly
[  291.709993][T12775] 427906 pages reserved
[  291.714208][T12775] 0 pages cma reserved
[  291.930095][T12801] netlink: 'syz.0.2023': attribute type 1 has an invalid length.
[  292.031598][T12801] 8021q: adding VLAN 0 to HW filter on device bond11
[  292.074220][T12785] netlink: 'syz.4.2018': attribute type 5 has an invalid length.
[  292.130468][T12804] lo speed is unknown, defaulting to 1000
[  292.137713][T12804] lo speed is unknown, defaulting to 1000
[  292.221329][T12813] __nla_validate_parse: 34 callbacks suppressed
[  292.221352][T12813] netlink: 116 bytes leftover after parsing attributes in process `syz.2.2026'.
[  292.261882][T12818] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2027'.
[  292.296579][T12818] netlink: 120 bytes leftover after parsing attributes in process `syz.3.2027'.
[  292.338182][T12822] netlink: 'syz.1.2025': attribute type 10 has an invalid length.
[  292.347091][T12818] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  292.604818][T12829] mac80211_hwsim hwsim2 syzkaller0: entered promiscuous mode
[  292.632783][T12831] netlink: 'syz.3.2031': attribute type 4 has an invalid length.
[  292.644665][T12832] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2030'.
[  292.662105][T12833] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2032'.
[  292.676748][T12829] mac80211_hwsim hwsim2 syzkaller0: entered allmulticast mode
[  292.876581][T12843] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2036'.
[  292.916427][T12843] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2036'.
[  292.942607][T12843] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2036'.
[  292.958057][T12843] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2036'.
[  293.127055][T12858] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2040'.
[  293.422251][T12877] batadv2: entered promiscuous mode
[  293.435287][T12877] batadv2: entered allmulticast mode
[  294.466014][T12906] lo speed is unknown, defaulting to 1000
[  294.514605][T12906] lo speed is unknown, defaulting to 1000
[  294.637407][T12915] netlink: 'syz.2.2059': attribute type 1 has an invalid length.
[  294.679959][T12915] nbd: socks must be embedded in a SOCK_ITEM attr
[  294.687884][T12915] block nbd1: shutting down sockets
[  295.594201][T12953] ip6gre1: entered allmulticast mode
[  295.958216][T12970] vlan1: entered promiscuous mode
[  295.969427][T12970] dummy0: entered promiscuous mode
[  295.982997][T12970] batman_adv: batadv0: Adding interface: vlan1
[  296.003812][T12970] batman_adv: batadv0: The MTU of interface vlan1 is too small (1280) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1340 would solve the problem.
[  296.040628][T12970] batman_adv: batadv0: Not using interface vlan1 (retrying later): interface not active
[  296.082132][T12980] netlink: 'syz.1.2074': attribute type 1 has an invalid length.
[  296.191337][T12980] bond6: entered promiscuous mode
[  296.240074][T12980] 8021q: adding VLAN 0 to HW filter on device bond6
[  296.333236][T12982] 8021q: adding VLAN 0 to HW filter on device bond6
[  296.350010][T12982] bond6: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  296.374023][T12982] bond6: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  296.412824][T12982] bond6: (slave ip6gre1): making interface the new active one
[  296.431235][T12982] ip6gre1: entered promiscuous mode
[  296.451602][T12982] bond6: (slave ip6gre1): Enslaving as an active interface with an up link
[  296.467667][T13002] x_tables: duplicate underflow at hook 2
[  296.695698][T13009] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  296.998743][T13016] xt_cgroup: invalid path, errno=-2
[  297.410848][T13034] netlink: 'syz.0.2090': attribute type 21 has an invalid length.
[  297.418741][T13034] FAULT_INJECTION: forcing a failure.
[  297.418741][T13034] name failslab, interval 1, probability 0, space 0, times 0
[  297.439614][T13034] CPU: 0 UID: 0 PID: 13034 Comm: syz.0.2090 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  297.439644][T13034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  297.439658][T13034] Call Trace:
[  297.439665][T13034]  <TASK>
[  297.439675][T13034]  dump_stack_lvl+0x241/0x360
[  297.439706][T13034]  ? __pfx_dump_stack_lvl+0x10/0x10
[  297.439730][T13034]  ? __pfx__printk+0x10/0x10
[  297.439753][T13034]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  297.439785][T13034]  ? __pfx___might_resched+0x10/0x10
[  297.439811][T13034]  ? trace_contention_end+0x3c/0x120
[  297.439841][T13034]  should_fail_ex+0x40a/0x550
[  297.439879][T13034]  should_failslab+0xac/0x100
[  297.439909][T13034]  kmem_cache_alloc_node_noprof+0x77/0x380
[  297.439939][T13034]  ? __alloc_skb+0x1c3/0x440
[  297.439967][T13034]  __alloc_skb+0x1c3/0x440
[  297.439997][T13034]  ? __pfx___alloc_skb+0x10/0x10
[  297.440027][T13034]  ? netlink_ack_tlv_len+0x6e/0x200
[  297.440063][T13034]  netlink_ack+0x145/0xa60
[  297.440093][T13034]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  297.440145][T13034]  netlink_rcv_skb+0x294/0x480
[  297.440179][T13034]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  297.440214][T13034]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  297.440269][T13034]  ? netlink_deliver_tap+0x2e/0x1b0
[  297.440315][T13034]  netlink_unicast+0x7f6/0x990
[  297.440353][T13034]  ? __pfx_netlink_unicast+0x10/0x10
[  297.440381][T13034]  ? __virt_addr_valid+0x45f/0x530
[  297.440403][T13034]  ? __phys_addr_symbol+0x2f/0x70
[  297.440422][T13034]  ? __check_object_size+0x47a/0x730
[  297.440455][T13034]  netlink_sendmsg+0x8de/0xcb0
[  297.440489][T13034]  ? __pfx_netlink_sendmsg+0x10/0x10
[  297.440514][T13034]  ? aa_sock_msg_perm+0x91/0x160
[  297.440560][T13034]  ? __pfx_netlink_sendmsg+0x10/0x10
[  297.440578][T13034]  __sock_sendmsg+0x221/0x270
[  297.440614][T13034]  ____sys_sendmsg+0x53a/0x860
[  297.440650][T13034]  ? __pfx_____sys_sendmsg+0x10/0x10
[  297.440675][T13034]  ? __fget_files+0x2a/0x410
[  297.440709][T13034]  ? __fget_files+0x2a/0x410
[  297.440747][T13034]  __sys_sendmsg+0x269/0x350
[  297.440775][T13034]  ? __pfx___sys_sendmsg+0x10/0x10
[  297.440812][T13034]  ? do_sys_openat2+0x17a/0x1d0
[  297.440867][T13034]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  297.440901][T13034]  ? do_syscall_64+0x100/0x230
[  297.440935][T13034]  ? do_syscall_64+0xb6/0x230
[  297.440969][T13034]  do_syscall_64+0xf3/0x230
[  297.441000][T13034]  ? clear_bhb_loop+0x35/0x90
[  297.441034][T13034]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.441062][T13034] RIP: 0033:0x7f3b4e78d169
[  297.441081][T13034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.441099][T13034] RSP: 002b:00007f3b4f5fb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  297.441121][T13034] RAX: ffffffffffffffda RBX: 00007f3b4e9a5fa0 RCX: 00007f3b4e78d169
[  297.441136][T13034] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000015
[  297.441149][T13034] RBP: 00007f3b4f5fb090 R08: 0000000000000000 R09: 0000000000000000
[  297.441162][T13034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.441174][T13034] R13: 0000000000000000 R14: 00007f3b4e9a5fa0 R15: 00007ffffc02bb18
[  297.441204][T13034]  </TASK>
[  297.469413][T13036] __nla_validate_parse: 15 callbacks suppressed
[  297.469437][T13036] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2093'.
[  297.929191][T13036] (unnamed net_device) (uninitialized): option ad_actor_system: mode dependency failed, not supported in mode balance-rr(0)
[  298.021355][T13054] syzkaller1: entered promiscuous mode
[  298.028603][T13054] syzkaller1: entered allmulticast mode
[  298.043242][T13054] netlink: 'syz.2.2096': attribute type 2 has an invalid length.
[  298.064141][T13054] netlink: 'syz.2.2096': attribute type 1 has an invalid length.
[  298.470975][T13068] tipc: Can't bind to reserved service type 1
[  298.770392][T13077] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  298.785679][T13078] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2106'.
[  298.953906][T13082] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2107'.
[  299.127622][T13088] lo speed is unknown, defaulting to 1000
[  299.137920][T13088] lo speed is unknown, defaulting to 1000
[  299.190180][T13077] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  299.325755][T13097] netlink: 47 bytes leftover after parsing attributes in process `syz.1.2113'.
[  299.573549][T13113] netlink: 'syz.4.2117': attribute type 29 has an invalid length.
[  299.582957][T13113] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2117'.
[  299.724478][T13115] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2118'.
[  299.818603][T13117] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2119'.
[  299.852002][T13117] netlink: 136 bytes leftover after parsing attributes in process `syz.4.2119'.
[  299.868190][T13119] syzkaller1: entered promiscuous mode
[  299.880208][T13119] syzkaller1: entered allmulticast mode
[  299.996146][T13124] netlink: 'syz.2.2122': attribute type 21 has an invalid length.
[  300.138143][T13134] netlink: 'syz.1.2125': attribute type 1 has an invalid length.
[  300.190090][T13134] 8021q: adding VLAN 0 to HW filter on device bond7
[  300.229798][T13137] netlink: 'syz.2.2126': attribute type 1 has an invalid length.
[  300.355498][T13143] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !寿$ûÌÌULÙvy¸ÚØ¢
…D£øUDŒw˜}�z
[  300.863749][T13174] lo speed is unknown, defaulting to 1000
[  300.881617][T13174] lo speed is unknown, defaulting to 1000
[  301.050202][T13179] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2138'.
[  301.180792][T13184] netlink: 'syz.4.2139': attribute type 1 has an invalid length.
[  301.269813][T13184] 8021q: adding VLAN 0 to HW filter on device bond5
[  301.657174][T13190] lo speed is unknown, defaulting to 1000
[  301.750561][T13190] lo speed is unknown, defaulting to 1000
[  301.871842][T13210] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2147'.
[  302.480060][T13237] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2155'.
[  302.527576][T13238] FAULT_INJECTION: forcing a failure.
[  302.527576][T13238] name failslab, interval 1, probability 0, space 0, times 0
[  302.570388][T13238] CPU: 0 UID: 0 PID: 13238 Comm: syz.1.2156 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  302.570420][T13238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  302.570434][T13238] Call Trace:
[  302.570441][T13238]  <TASK>
[  302.570451][T13238]  dump_stack_lvl+0x241/0x360
[  302.570482][T13238]  ? __pfx_dump_stack_lvl+0x10/0x10
[  302.570506][T13238]  ? __pfx__printk+0x10/0x10
[  302.570528][T13238]  ? kmem_cache_alloc_noprof+0x48/0x380
[  302.570565][T13238]  ? __pfx___might_resched+0x10/0x10
[  302.570598][T13238]  should_fail_ex+0x40a/0x550
[  302.570635][T13238]  should_failslab+0xac/0x100
[  302.570663][T13238]  ? __kernfs_new_node+0xd8/0x870
[  302.570692][T13238]  kmem_cache_alloc_noprof+0x70/0x380
[  302.570726][T13238]  __kernfs_new_node+0xd8/0x870
[  302.570755][T13238]  ? up_write+0x1a9/0x590
[  302.570785][T13238]  ? __pfx___kernfs_new_node+0x10/0x10
[  302.570812][T13238]  ? up_write+0x1a9/0x590
[  302.570838][T13238]  ? __pfx_up_write+0x10/0x10
[  302.570870][T13238]  kernfs_new_node+0x137/0x240
[  302.570910][T13238]  __kernfs_create_file+0x49/0x2e0
[  302.570933][T13238]  sysfs_add_file_mode_ns+0x24a/0x310
[  302.570962][T13238]  internal_create_group+0x782/0x12d0
[  302.571002][T13238]  ? __pfx_internal_create_group+0x10/0x10
[  302.571039][T13238]  sysfs_create_groups+0x56/0x120
[  302.571067][T13238]  device_add_attrs+0xe5/0x600
[  302.571090][T13238]  ? __pfx_device_add_attrs+0x10/0x10
[  302.571118][T13238]  device_add+0x576/0xbf0
[  302.571137][T13238]  ? device_initialize+0x266/0x460
[  302.571159][T13238]  netdev_register_kobject+0x157/0x2f0
[  302.571188][T13238]  register_netdevice+0x12c3/0x1b70
[  302.571227][T13238]  ? __pfx_register_netdevice+0x10/0x10
[  302.571259][T13238]  ? alloc_netdev_mqs+0xe8e/0x1210
[  302.571290][T13238]  register_netdev+0x40/0x50
[  302.571313][T13238]  gprs_attach+0x187/0x530
[  302.571346][T13238]  pep_setsockopt+0x3c0/0x5c0
[  302.571374][T13238]  ? __pfx_pep_setsockopt+0x10/0x10
[  302.571401][T13238]  ? __pfx_lock_acquire+0x10/0x10
[  302.571428][T13238]  ? aa_sock_opt_perm+0x79/0x120
[  302.571457][T13238]  ? sock_common_setsockopt+0x37/0xc0
[  302.571490][T13238]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  302.571519][T13238]  do_sock_setsockopt+0x3af/0x720
[  302.571548][T13238]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  302.571575][T13238]  ? __fget_files+0x395/0x410
[  302.571602][T13238]  ? __fget_files+0x2a/0x410
[  302.571638][T13238]  __x64_sys_setsockopt+0x1ee/0x280
[  302.571666][T13238]  do_syscall_64+0xf3/0x230
[  302.571697][T13238]  ? clear_bhb_loop+0x35/0x90
[  302.571729][T13238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.571756][T13238] RIP: 0033:0x7f9b2338d169
[  302.571774][T13238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.571793][T13238] RSP: 002b:00007f9b24262038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  302.571815][T13238] RAX: ffffffffffffffda RBX: 00007f9b235a6080 RCX: 00007f9b2338d169
[  302.571830][T13238] RDX: 0000000000000001 RSI: 0000000000000113 RDI: 0000000000000007
[  302.571842][T13238] RBP: 00007f9b24262090 R08: 0000000000000004 R09: 0000000000000000
[  302.571855][T13238] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000002
[  302.571869][T13238] R13: 0000000000000000 R14: 00007f9b235a6080 R15: 00007fff4a98e6c8
[  302.571910][T13238]  </TASK>
[  303.013085][T13240] netlink: 'syz.2.2157': attribute type 21 has an invalid length.
[  303.029537][T13240] FAULT_INJECTION: forcing a failure.
[  303.029537][T13240] name failslab, interval 1, probability 0, space 0, times 0
[  303.054008][T13240] CPU: 1 UID: 0 PID: 13240 Comm: syz.2.2157 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  303.054040][T13240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  303.054053][T13240] Call Trace:
[  303.054060][T13240]  <TASK>
[  303.054069][T13240]  dump_stack_lvl+0x241/0x360
[  303.054102][T13240]  ? __pfx_dump_stack_lvl+0x10/0x10
[  303.054126][T13240]  ? __pfx__printk+0x10/0x10
[  303.054150][T13240]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  303.054183][T13240]  ? __pfx___might_resched+0x10/0x10
[  303.054210][T13240]  ? trace_contention_end+0x3c/0x120
[  303.054240][T13240]  should_fail_ex+0x40a/0x550
[  303.054278][T13240]  should_failslab+0xac/0x100
[  303.054309][T13240]  kmem_cache_alloc_node_noprof+0x77/0x380
[  303.054340][T13240]  ? __alloc_skb+0x1c3/0x440
[  303.054368][T13240]  __alloc_skb+0x1c3/0x440
[  303.054397][T13240]  ? __pfx___alloc_skb+0x10/0x10
[  303.054426][T13240]  ? netlink_ack_tlv_len+0x6e/0x200
[  303.054462][T13240]  netlink_ack+0x145/0xa60
[  303.054491][T13240]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  303.054532][T13240]  ? ref_tracker_free+0x643/0x7e0
[  303.054561][T13240]  netlink_rcv_skb+0x294/0x480
[  303.054595][T13240]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  303.054632][T13240]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  303.054689][T13240]  ? netlink_deliver_tap+0x2e/0x1b0
[  303.054726][T13240]  netlink_unicast+0x7f6/0x990
[  303.054765][T13240]  ? __pfx_netlink_unicast+0x10/0x10
[  303.054793][T13240]  ? __virt_addr_valid+0x45f/0x530
[  303.054815][T13240]  ? __phys_addr_symbol+0x2f/0x70
[  303.054835][T13240]  ? __check_object_size+0x47a/0x730
[  303.054877][T13240]  netlink_sendmsg+0x8de/0xcb0
[  303.054911][T13240]  ? __pfx_netlink_sendmsg+0x10/0x10
[  303.054936][T13240]  ? aa_sock_msg_perm+0x91/0x160
[  303.054975][T13240]  ? __pfx_netlink_sendmsg+0x10/0x10
[  303.054994][T13240]  __sock_sendmsg+0x221/0x270
[  303.055029][T13240]  ____sys_sendmsg+0x53a/0x860
[  303.055064][T13240]  ? __pfx_____sys_sendmsg+0x10/0x10
[  303.055088][T13240]  ? __fget_files+0x2a/0x410
[  303.055122][T13240]  ? __fget_files+0x2a/0x410
[  303.055162][T13240]  __sys_sendmsg+0x269/0x350
[  303.055194][T13240]  ? __pfx___sys_sendmsg+0x10/0x10
[  303.055234][T13240]  ? do_sys_openat2+0x17a/0x1d0
[  303.055291][T13240]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  303.055325][T13240]  ? do_syscall_64+0x100/0x230
[  303.055361][T13240]  ? do_syscall_64+0xb6/0x230
[  303.055396][T13240]  do_syscall_64+0xf3/0x230
[  303.055427][T13240]  ? clear_bhb_loop+0x35/0x90
[  303.055461][T13240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.055490][T13240] RIP: 0033:0x7f1ca898d169
[  303.055509][T13240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.055527][T13240] RSP: 002b:00007f1ca9845038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  303.055550][T13240] RAX: ffffffffffffffda RBX: 00007f1ca8ba5fa0 RCX: 00007f1ca898d169
[  303.055565][T13240] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000015
[  303.055578][T13240] RBP: 00007f1ca9845090 R08: 0000000000000000 R09: 0000000000000000
[  303.055591][T13240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.055603][T13240] R13: 0000000000000000 R14: 00007f1ca8ba5fa0 R15: 00007ffe7fbb1808
[  303.055634][T13240]  </TASK>
[  303.449571][T13246] openvswitch: netlink: Actions may not be safe on all matching packets
[  303.696174][T13263] netlink: 'syz.0.2162': attribute type 1 has an invalid length.
[  303.753998][T13263] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2162'.
[  303.882529][T13270] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2165'.
[  304.068621][ T7511] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.077552][ T7511] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.247889][T13290] netlink: 'syz.0.2171': attribute type 21 has an invalid length.
[  304.396905][T13295] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2173'.
[  304.719488][T13305] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2177'.
[  304.770303][T13308] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  305.064806][T13315] tun0: tun_chr_ioctl cmd 1074025675
[  305.070495][T13315] tun0: persist enabled
[  305.133253][T13323] tun0: tun_chr_ioctl cmd 1074025675
[  305.138615][T13323] tun0: persist disabled
[  305.154772][T13323] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2180'.
[  305.267352][T13328] xt_l2tp: missing protocol rule (udp|l2tpip)
[  305.603110][T13348] netlink: 'syz.1.2187': attribute type 13 has an invalid length.
[  305.619808][T13348] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2187'.
[  305.675955][T13348] syz_tun: refused to change device tx_queue_len
[  305.738538][T13345] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2187'.
[  305.748263][T13348] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  305.913954][T13358] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2192'.
[  305.999613][T13373] netlink: 'syz.2.2198': attribute type 46 has an invalid length.
[  306.016063][T13373] netlink: 212868 bytes leftover after parsing attributes in process `syz.2.2198'.
[  306.722854][T13405] FAULT_INJECTION: forcing a failure.
[  306.722854][T13405] name failslab, interval 1, probability 0, space 0, times 0
[  306.763789][T13405] CPU: 0 UID: 0 PID: 13405 Comm: syz.2.2210 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  306.763823][T13405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  306.763836][T13405] Call Trace:
[  306.763843][T13405]  <TASK>
[  306.763852][T13405]  dump_stack_lvl+0x241/0x360
[  306.763884][T13405]  ? __pfx_dump_stack_lvl+0x10/0x10
[  306.763909][T13405]  ? __pfx__printk+0x10/0x10
[  306.763933][T13405]  ? kmem_cache_alloc_noprof+0x48/0x380
[  306.763964][T13405]  ? __pfx___might_resched+0x10/0x10
[  306.763999][T13405]  should_fail_ex+0x40a/0x550
[  306.764044][T13405]  should_failslab+0xac/0x100
[  306.764074][T13405]  ? __kernfs_new_node+0xd8/0x870
[  306.764103][T13405]  kmem_cache_alloc_noprof+0x70/0x380
[  306.764139][T13405]  __kernfs_new_node+0xd8/0x870
[  306.764170][T13405]  ? up_write+0x1a9/0x590
[  306.764201][T13405]  ? __pfx___kernfs_new_node+0x10/0x10
[  306.764231][T13405]  ? up_write+0x1a9/0x590
[  306.764261][T13405]  ? __pfx_up_write+0x10/0x10
[  306.764298][T13405]  kernfs_new_node+0x137/0x240
[  306.764334][T13405]  __kernfs_create_file+0x49/0x2e0
[  306.764361][T13405]  sysfs_add_file_mode_ns+0x24a/0x310
[  306.764395][T13405]  internal_create_group+0x782/0x12d0
[  306.764441][T13405]  ? __pfx_internal_create_group+0x10/0x10
[  306.764484][T13405]  sysfs_create_groups+0x56/0x120
[  306.764516][T13405]  device_add_attrs+0xe5/0x600
[  306.764542][T13405]  ? __pfx_device_add_attrs+0x10/0x10
[  306.764574][T13405]  device_add+0x576/0xbf0
[  306.764596][T13405]  ? device_initialize+0x266/0x460
[  306.764629][T13405]  netdev_register_kobject+0x157/0x2f0
[  306.764661][T13405]  register_netdevice+0x12c3/0x1b70
[  306.764690][T13405]  ? __mutex_lock+0x602/0x1010
[  306.764737][T13405]  ? __pfx_register_netdevice+0x10/0x10
[  306.764773][T13405]  ? alloc_netdev_mqs+0xe8e/0x1210
[  306.764808][T13405]  register_netdev+0x40/0x50
[  306.764834][T13405]  gprs_attach+0x187/0x530
[  306.764870][T13405]  pep_setsockopt+0x3c0/0x5c0
[  306.764901][T13405]  ? __pfx_pep_setsockopt+0x10/0x10
[  306.764932][T13405]  ? __pfx_lock_acquire+0x10/0x10
[  306.764961][T13405]  ? aa_sock_opt_perm+0x79/0x120
[  306.764992][T13405]  ? sock_common_setsockopt+0x37/0xc0
[  306.765027][T13405]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  306.765061][T13405]  do_sock_setsockopt+0x3af/0x720
[  306.765094][T13405]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  306.765124][T13405]  ? __fget_files+0x395/0x410
[  306.765153][T13405]  ? __fget_files+0x2a/0x410
[  306.765191][T13405]  __x64_sys_setsockopt+0x1ee/0x280
[  306.765224][T13405]  do_syscall_64+0xf3/0x230
[  306.765256][T13405]  ? clear_bhb_loop+0x35/0x90
[  306.765290][T13405]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.765318][T13405] RIP: 0033:0x7f1ca898d169
[  306.765337][T13405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  306.765355][T13405] RSP: 002b:00007f1ca9845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  306.765377][T13405] RAX: ffffffffffffffda RBX: 00007f1ca8ba5fa0 RCX: 00007f1ca898d169
[  306.765393][T13405] RDX: 0000000000000001 RSI: 0000000000000113 RDI: 0000000000000007
[  306.765406][T13405] RBP: 00007f1ca9845090 R08: 0000000000000004 R09: 0000000000000000
[  306.765419][T13405] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000002
[  306.765432][T13405] R13: 0000000000000000 R14: 00007f1ca8ba5fa0 R15: 00007ffe7fbb1808
[  306.765463][T13405]  </TASK>
[  307.108902][T13404] lo speed is unknown, defaulting to 1000
[  307.127870][T13404] lo speed is unknown, defaulting to 1000
[  307.357076][T13427] netlink: 'syz.3.2211': attribute type 10 has an invalid length.
[  307.983547][T13444] netlink: 'syz.2.2224': attribute type 21 has an invalid length.
[  308.159742][T13456] FAULT_INJECTION: forcing a failure.
[  308.159742][T13456] name failslab, interval 1, probability 0, space 0, times 0
[  308.199805][T13456] CPU: 0 UID: 0 PID: 13456 Comm: syz.1.2226 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  308.199836][T13456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  308.199848][T13456] Call Trace:
[  308.199855][T13456]  <TASK>
[  308.199864][T13456]  dump_stack_lvl+0x241/0x360
[  308.199896][T13456]  ? __pfx_dump_stack_lvl+0x10/0x10
[  308.199920][T13456]  ? __pfx__printk+0x10/0x10
[  308.199943][T13456]  ? kmem_cache_alloc_noprof+0x48/0x380
[  308.199974][T13456]  ? __pfx___might_resched+0x10/0x10
[  308.200009][T13456]  should_fail_ex+0x40a/0x550
[  308.200047][T13456]  should_failslab+0xac/0x100
[  308.200076][T13456]  ? __kernfs_new_node+0xd8/0x870
[  308.200105][T13456]  kmem_cache_alloc_noprof+0x70/0x380
[  308.200141][T13456]  __kernfs_new_node+0xd8/0x870
[  308.200172][T13456]  ? up_write+0x1a9/0x590
[  308.200202][T13456]  ? __pfx___kernfs_new_node+0x10/0x10
[  308.200230][T13456]  ? up_write+0x1a9/0x590
[  308.200260][T13456]  ? __pfx_up_write+0x10/0x10
[  308.200296][T13456]  kernfs_new_node+0x137/0x240
[  308.200331][T13456]  __kernfs_create_file+0x49/0x2e0
[  308.200357][T13456]  sysfs_add_file_mode_ns+0x24a/0x310
[  308.200390][T13456]  internal_create_group+0x782/0x12d0
[  308.200437][T13456]  ? __pfx_internal_create_group+0x10/0x10
[  308.200479][T13456]  sysfs_create_groups+0x56/0x120
[  308.200520][T13456]  device_add_attrs+0xe5/0x600
[  308.200546][T13456]  ? __pfx_device_add_attrs+0x10/0x10
[  308.200578][T13456]  device_add+0x576/0xbf0
[  308.200600][T13456]  ? device_initialize+0x266/0x460
[  308.200624][T13456]  netdev_register_kobject+0x157/0x2f0
[  308.200655][T13456]  register_netdevice+0x12c3/0x1b70
[  308.200700][T13456]  ? __pfx_register_netdevice+0x10/0x10
[  308.200736][T13456]  ? alloc_netdev_mqs+0xe8e/0x1210
[  308.200772][T13456]  register_netdev+0x40/0x50
[  308.200800][T13456]  gprs_attach+0x187/0x530
[  308.200835][T13456]  pep_setsockopt+0x3c0/0x5c0
[  308.200868][T13456]  ? __pfx_pep_setsockopt+0x10/0x10
[  308.200900][T13456]  ? __pfx_lock_acquire+0x10/0x10
[  308.200930][T13456]  ? aa_sock_opt_perm+0x79/0x120
[  308.200964][T13456]  ? sock_common_setsockopt+0x37/0xc0
[  308.201003][T13456]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  308.201037][T13456]  do_sock_setsockopt+0x3af/0x720
[  308.201069][T13456]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  308.201100][T13456]  ? __fget_files+0x395/0x410
[  308.201131][T13456]  ? __fget_files+0x2a/0x410
[  308.201170][T13456]  __x64_sys_setsockopt+0x1ee/0x280
[  308.201202][T13456]  do_syscall_64+0xf3/0x230
[  308.201235][T13456]  ? clear_bhb_loop+0x35/0x90
[  308.201269][T13456]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.201298][T13456] RIP: 0033:0x7f9b2338d169
[  308.201317][T13456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  308.201335][T13456] RSP: 002b:00007f9b24262038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  308.201358][T13456] RAX: ffffffffffffffda RBX: 00007f9b235a6080 RCX: 00007f9b2338d169
[  308.201373][T13456] RDX: 0000000000000001 RSI: 0000000000000113 RDI: 0000000000000007
[  308.201386][T13456] RBP: 00007f9b24262090 R08: 0000000000000004 R09: 0000000000000000
[  308.201399][T13456] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000002
[  308.201412][T13456] R13: 0000000000000000 R14: 00007f9b235a6080 R15: 00007fff4a98e6c8
[  308.201445][T13456]  </TASK>
[  308.818243][T13468] __nla_validate_parse: 1 callbacks suppressed
[  308.818262][T13468] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2233'.
[  308.910565][T13475] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  309.249261][T13488] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2237'.
[  309.301499][T13488] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2237'.
[  309.312048][T13501] FAULT_INJECTION: forcing a failure.
[  309.312048][T13501] name failslab, interval 1, probability 0, space 0, times 0
[  309.379239][T13501] CPU: 0 UID: 0 PID: 13501 Comm: syz.3.2240 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  309.379274][T13501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  309.379287][T13501] Call Trace:
[  309.379294][T13501]  <TASK>
[  309.379303][T13501]  dump_stack_lvl+0x241/0x360
[  309.379335][T13501]  ? __pfx_dump_stack_lvl+0x10/0x10
[  309.379363][T13501]  ? __pfx__printk+0x10/0x10
[  309.379388][T13501]  ? kmem_cache_alloc_noprof+0x48/0x380
[  309.379419][T13501]  ? __pfx___might_resched+0x10/0x10
[  309.379453][T13501]  should_fail_ex+0x40a/0x550
[  309.379499][T13501]  should_failslab+0xac/0x100
[  309.379528][T13501]  ? __kernfs_new_node+0xd8/0x870
[  309.379557][T13501]  kmem_cache_alloc_noprof+0x70/0x380
[  309.379592][T13501]  __kernfs_new_node+0xd8/0x870
[  309.379622][T13501]  ? up_write+0x1a9/0x590
[  309.379653][T13501]  ? __pfx___kernfs_new_node+0x10/0x10
[  309.379681][T13501]  ? up_write+0x1a9/0x590
[  309.379711][T13501]  ? __pfx_up_write+0x10/0x10
[  309.379747][T13501]  kernfs_new_node+0x137/0x240
[  309.379783][T13501]  __kernfs_create_file+0x49/0x2e0
[  309.379809][T13501]  sysfs_add_file_mode_ns+0x24a/0x310
[  309.379843][T13501]  internal_create_group+0x782/0x12d0
[  309.379889][T13501]  ? __pfx_internal_create_group+0x10/0x10
[  309.379930][T13501]  sysfs_create_groups+0x56/0x120
[  309.379961][T13501]  device_add_attrs+0xe5/0x600
[  309.379986][T13501]  ? __pfx_device_add_attrs+0x10/0x10
[  309.380018][T13501]  device_add+0x576/0xbf0
[  309.380040][T13501]  ? device_initialize+0x266/0x460
[  309.380064][T13501]  netdev_register_kobject+0x157/0x2f0
[  309.380096][T13501]  register_netdevice+0x12c3/0x1b70
[  309.380141][T13501]  ? __pfx_register_netdevice+0x10/0x10
[  309.380178][T13501]  ? alloc_netdev_mqs+0xe8e/0x1210
[  309.380212][T13501]  register_netdev+0x40/0x50
[  309.380239][T13501]  gprs_attach+0x187/0x530
[  309.380275][T13501]  pep_setsockopt+0x3c0/0x5c0
[  309.380308][T13501]  ? __pfx_pep_setsockopt+0x10/0x10
[  309.380338][T13501]  ? __pfx_lock_acquire+0x10/0x10
[  309.380367][T13501]  ? aa_sock_opt_perm+0x79/0x120
[  309.380400][T13501]  ? sock_common_setsockopt+0x37/0xc0
[  309.380437][T13501]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  309.380476][T13501]  do_sock_setsockopt+0x3af/0x720
[  309.380509][T13501]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  309.380539][T13501]  ? __fget_files+0x395/0x410
[  309.380569][T13501]  ? __fget_files+0x2a/0x410
[  309.380609][T13501]  __x64_sys_setsockopt+0x1ee/0x280
[  309.380642][T13501]  do_syscall_64+0xf3/0x230
[  309.380674][T13501]  ? clear_bhb_loop+0x35/0x90
[  309.380707][T13501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.380736][T13501] RIP: 0033:0x7fa61f78d169
[  309.380755][T13501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  309.380772][T13501] RSP: 002b:00007fa62068b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  309.380793][T13501] RAX: ffffffffffffffda RBX: 00007fa61f9a6080 RCX: 00007fa61f78d169
[  309.380808][T13501] RDX: 0000000000000001 RSI: 0000000000000113 RDI: 0000000000000007
[  309.380821][T13501] RBP: 00007fa62068b090 R08: 0000000000000004 R09: 0000000000000000
[  309.380833][T13501] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000002
[  309.380846][T13501] R13: 0000000000000000 R14: 00007fa61f9a6080 R15: 00007ffe100a86a8
[  309.380878][T13501]  </TASK>
[  309.382044][T13488] team0: No ports can be present during mode change
[  309.799516][ T3574] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  309.807393][ T3574] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  309.956658][T13516] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2246'.
[  309.973923][T13516] netlink: 'syz.1.2246': attribute type 10 has an invalid length.
[  309.995072][T13516] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  310.134283][T13528] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2249'.
[  310.447463][T13546] macvlan0: entered allmulticast mode
[  310.598120][T13555] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2258'.
[  310.614893][T13554] vlan1: entered promiscuous mode
[  310.624576][T13554] bridge_slave_0: entered promiscuous mode
[  310.636678][T13554] vlan1: entered allmulticast mode
[  310.642520][T13558] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2259'.
[  310.651647][T13554] bridge_slave_0: entered allmulticast mode
[  310.669419][T13557] netlink: 3 bytes leftover after parsing attributes in process `syz.3.2260'.
[  310.793649][T13562] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2260'.
[  310.850428][T13557] batadv1: entered promiscuous mode
[  310.940426][T13557] batadv1: entered allmulticast mode
[  311.073902][T13573] netlink: 'syz.1.2264': attribute type 1 has an invalid length.
[  311.167691][T13573] bond0: (slave ip6gretap1): Enslaving as an active interface with an up link
[  311.220586][T13575] 8021q: adding VLAN 0 to HW filter on device bond0
[  311.279640][T13573] veth3: entered promiscuous mode
[  311.356827][T13583] netlink: 'syz.4.2267': attribute type 1 has an invalid length.
[  311.425636][T13583] 8021q: adding VLAN 0 to HW filter on device bond7
[  311.653867][T13598] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2272'.
[  312.035373][T13610] netlink: set zone limit has 4 unknown bytes
[  312.499785][T13631] netlink: 'syz.3.2282': attribute type 10 has an invalid length.
[  313.044995][T13658] netlink: 'syz.0.2292': attribute type 7 has an invalid length.
[  313.975355][T13674] __nla_validate_parse: 2 callbacks suppressed
[  313.975378][T13674] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2297'.
[  314.213783][T13682] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check.
[  314.272272][T13685] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2302'.
[  314.355031][T13688] syz.3.2303: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  314.358917][T13690] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  314.477961][T13688] CPU: 0 UID: 0 PID: 13688 Comm: syz.3.2303 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  314.477991][T13688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  314.478004][T13688] Call Trace:
[  314.478011][T13688]  <TASK>
[  314.478021][T13688]  dump_stack_lvl+0x241/0x360
[  314.478052][T13688]  ? __pfx_dump_stack_lvl+0x10/0x10
[  314.478077][T13688]  ? __pfx__printk+0x10/0x10
[  314.478103][T13688]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  314.478132][T13688]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  314.478164][T13688]  warn_alloc+0x278/0x410
[  314.478189][T13688]  ? __vmalloc_node_range_noprof+0x106/0x1380
[  314.478213][T13688]  ? __pfx_warn_alloc+0x10/0x10
[  314.478236][T13688]  ? kasan_save_track+0x3f/0x80
[  314.478258][T13688]  ? __kasan_kmalloc+0x98/0xb0
[  314.478284][T13688]  ? xsk_setsockopt+0x4aa/0x810
[  314.478304][T13688]  ? do_sock_setsockopt+0x3af/0x720
[  314.478328][T13688]  ? __x64_sys_setsockopt+0x1ee/0x280
[  314.478352][T13688]  ? do_syscall_64+0xf3/0x230
[  314.478381][T13688]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.478429][T13688]  __vmalloc_node_range_noprof+0x126/0x1380
[  314.478482][T13688]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  314.478509][T13688]  ? __kasan_kmalloc+0x98/0xb0
[  314.478540][T13688]  vmalloc_user_noprof+0x74/0x80
[  314.478562][T13688]  ? xskq_create+0xb6/0x170
[  314.478585][T13688]  xskq_create+0xb6/0x170
[  314.478611][T13688]  xsk_init_queue+0xa1/0x100
[  314.478643][T13688]  xsk_setsockopt+0x4aa/0x810
[  314.478668][T13688]  ? __pfx_xsk_setsockopt+0x10/0x10
[  314.478691][T13688]  ? __pfx_aa_sk_perm+0x10/0x10
[  314.478727][T13688]  ? aa_sock_opt_perm+0x79/0x120
[  314.478765][T13688]  ? __pfx_xsk_setsockopt+0x10/0x10
[  314.478786][T13688]  do_sock_setsockopt+0x3af/0x720
[  314.478818][T13688]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  314.478850][T13688]  ? __fget_files+0x395/0x410
[  314.478880][T13688]  ? __fget_files+0x2a/0x410
[  314.478921][T13688]  __x64_sys_setsockopt+0x1ee/0x280
[  314.478953][T13688]  do_syscall_64+0xf3/0x230
[  314.478983][T13688]  ? clear_bhb_loop+0x35/0x90
[  314.479015][T13688]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.479044][T13688] RIP: 0033:0x7fa61f78d169
[  314.479061][T13688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.479078][T13688] RSP: 002b:00007fa6206ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  314.479100][T13688] RAX: ffffffffffffffda RBX: 00007fa61f9a5fa0 RCX: 00007fa61f78d169
[  314.479114][T13688] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000005
[  314.479126][T13688] RBP: 00007fa61f80e2a0 R08: 0000000000000004 R09: 0000000000000000
[  314.479139][T13688] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  314.479152][T13688] R13: 0000000000000000 R14: 00007fa61f9a5fa0 R15: 00007ffe100a86a8
[  314.479183][T13688]  </TASK>
[  314.776847][T13688] Mem-Info:
[  314.786224][T13688] active_anon:5945 inactive_anon:0 isolated_anon:0
[  314.786224][T13688]  active_file:1672 inactive_file:38396 isolated_file:0
[  314.786224][T13688]  unevictable:768 dirty:267 writeback:0
[  314.786224][T13688]  slab_reclaimable:11786 slab_unreclaimable:104098
[  314.786224][T13688]  mapped:29775 shmem:1411 pagetables:873
[  314.786224][T13688]  sec_pagetables:0 bounce:0
[  314.786224][T13688]  kernel_misc_reclaimable:0
[  314.786224][T13688]  free:1337027 free_pcp:843 free_cma:0
[  314.860051][T13688] Node 0 active_anon:23780kB inactive_anon:0kB active_file:6688kB inactive_file:153508kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:119200kB dirty:1068kB writeback:0kB shmem:4108kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11992kB pagetables:3492kB sec_pagetables:0kB all_unreclaimable? no
[  314.900470][T13688] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  314.950891][T13705] netlink: 'syz.4.2305': attribute type 10 has an invalid length.
[  314.990696][T13688] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  315.026812][T13688] lowmem_reserve[]: 0 2489 2490 2490 2490
[  315.035510][T13688] Node 0 DMA32 free:1427028kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:23744kB inactive_anon:0kB active_file:6688kB inactive_file:153200kB unevictable:1536kB writepending:1068kB present:3129332kB managed:2549692kB mlocked:0kB bounce:0kB free_pcp:2044kB local_pcp:1848kB free_cma:0kB
[  315.075127][T13688] lowmem_reserve[]: 0 0 0 0 0
[  315.087529][T13688] Node 0 Normal free:4kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:308kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[  315.183772][T13688] lowmem_reserve[]: 0 0 0 0 0
[  315.188593][T13688] Node 1 Normal free:3906608kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  315.258467][T13688] lowmem_reserve[]: 0 0 0 0 0
[  315.265482][T13688] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  315.280271][T13688] Node 0 DMA32: 31*4kB (UME) 168*8kB (UME) 233*16kB (UME) 220*32kB (UME) 172*64kB (UME) 149*128kB (UME) 82*256kB (UM) 30*512kB (UM) 12*1024kB (UM) 6*2048kB (UM) 323*4096kB (UM) = 1426252kB
[  315.299598][T13688] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  315.312879][T13688] Node 1 Normal: 204*4kB (UME) 54*8kB (UME) 39*16kB (UME) 195*32kB (UME) 74*64kB (UME) 30*128kB (UME) 11*256kB (UME) 8*512kB (UME) 6*1024kB (UME) 1*2048kB (E) 946*4096kB (M) = 3906608kB
[  315.332877][T13688] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  315.382605][T13688] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  315.411236][T13688] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  315.430751][T13688] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  315.440771][T13688] 41479 total pagecache pages
[  315.448508][T13688] 0 pages in swap cache
[  315.459942][T13688] Free swap  = 124996kB
[  315.466151][T13688] Total swap = 124996kB
[  315.470736][T13688] 2097051 pages RAM
[  315.475239][T13688] 0 pages HighMem/MovableOnly
[  315.500434][T13688] 427906 pages reserved
[  315.519087][T13688] 0 pages cma reserved
[  315.687401][T13738] sctp: [Deprecated]: syz.0.2315 (pid 13738) Use of int in maxseg socket option.
[  315.687401][T13738] Use struct sctp_assoc_value instead
[  315.872365][T13743] IPv6: sit3: Disabled Multicast RS
[  315.888229][T13743] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2318'.
[  316.256284][T13756] netlink: 'syz.2.2322': attribute type 10 has an invalid length.
[  316.396892][T13766] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2325'.
[  316.417733][T13766] gretap0: left allmulticast mode
[  316.423514][T13766] gretap0: left promiscuous mode
[  316.428900][T13766] bridge0: port 1(gretap0) entered disabled state
[  316.675124][T13775] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2328'.
[  316.808401][T13781] lo speed is unknown, defaulting to 1000
[  316.841680][T13781] lo speed is unknown, defaulting to 1000
[  317.287572][T13805] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  317.767847][T13819] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2342'.
[  317.917451][T13824] netlink: 'syz.4.2343': attribute type 1 has an invalid length.
[  317.934308][T13824] netlink: 'syz.4.2343': attribute type 1 has an invalid length.
[  317.985628][T13826] netlink: 'syz.3.2345': attribute type 21 has an invalid length.
[  317.989994][T13828] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  318.002974][T13826] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2345'.
[  318.229171][   T30] audit: type=1800 audit(1742730725.411:8): pid=13824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2343" name="memory.events" dev="tmpfs" ino=2641 res=0 errno=0
[  318.280478][T13838] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2349'.
[  318.372181][T13842] x_tables: duplicate underflow at hook 2
[  318.374885][T13843] netlink: 'syz.3.2348': attribute type 10 has an invalid length.
[  318.593249][T13853] netlink: 'syz.4.2353': attribute type 21 has an invalid length.
[  318.876772][T13863] FAULT_INJECTION: forcing a failure.
[  318.876772][T13863] name failslab, interval 1, probability 0, space 0, times 0
[  318.899376][T13863] CPU: 0 UID: 0 PID: 13863 Comm: syz.4.2357 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  318.899407][T13863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  318.899420][T13863] Call Trace:
[  318.899427][T13863]  <TASK>
[  318.899437][T13863]  dump_stack_lvl+0x241/0x360
[  318.899469][T13863]  ? __pfx_dump_stack_lvl+0x10/0x10
[  318.899493][T13863]  ? __pfx__printk+0x10/0x10
[  318.899518][T13863]  ? kmem_cache_alloc_noprof+0x48/0x380
[  318.899554][T13863]  ? __pfx___might_resched+0x10/0x10
[  318.899589][T13863]  should_fail_ex+0x40a/0x550
[  318.899627][T13863]  should_failslab+0xac/0x100
[  318.899657][T13863]  ? __kernfs_new_node+0xd8/0x870
[  318.899686][T13863]  kmem_cache_alloc_noprof+0x70/0x380
[  318.899721][T13863]  __kernfs_new_node+0xd8/0x870
[  318.899752][T13863]  ? up_write+0x1a9/0x590
[  318.899783][T13863]  ? __pfx___kernfs_new_node+0x10/0x10
[  318.899813][T13863]  ? up_write+0x1a9/0x590
[  318.899844][T13863]  ? __pfx_up_write+0x10/0x10
[  318.899880][T13863]  kernfs_new_node+0x137/0x240
[  318.899916][T13863]  __kernfs_create_file+0x49/0x2e0
[  318.899942][T13863]  sysfs_add_file_mode_ns+0x24a/0x310
[  318.899975][T13863]  internal_create_group+0x782/0x12d0
[  318.900022][T13863]  ? __pfx_internal_create_group+0x10/0x10
[  318.900076][T13863]  sysfs_create_groups+0x56/0x120
[  318.900108][T13863]  device_add_attrs+0xe5/0x600
[  318.900133][T13863]  ? __pfx_device_add_attrs+0x10/0x10
[  318.900166][T13863]  device_add+0x576/0xbf0
[  318.900188][T13863]  ? device_initialize+0x266/0x460
[  318.900212][T13863]  netdev_register_kobject+0x157/0x2f0
[  318.900245][T13863]  register_netdevice+0x12c3/0x1b70
[  318.900290][T13863]  ? __pfx_register_netdevice+0x10/0x10
[  318.900328][T13863]  ? alloc_netdev_mqs+0xe8e/0x1210
[  318.900362][T13863]  register_netdev+0x40/0x50
[  318.900390][T13863]  gprs_attach+0x187/0x530
[  318.900427][T13863]  pep_setsockopt+0x3c0/0x5c0
[  318.900460][T13863]  ? __pfx_pep_setsockopt+0x10/0x10
[  318.900490][T13863]  ? __pfx_lock_acquire+0x10/0x10
[  318.900520][T13863]  ? aa_sock_opt_perm+0x79/0x120
[  318.900557][T13863]  ? sock_common_setsockopt+0x37/0xc0
[  318.900595][T13863]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  318.900628][T13863]  do_sock_setsockopt+0x3af/0x720
[  318.900661][T13863]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  318.900691][T13863]  ? __fget_files+0x395/0x410
[  318.900721][T13863]  ? __fget_files+0x2a/0x410
[  318.900762][T13863]  __x64_sys_setsockopt+0x1ee/0x280
[  318.900795][T13863]  do_syscall_64+0xf3/0x230
[  318.900827][T13863]  ? clear_bhb_loop+0x35/0x90
[  318.900861][T13863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.900889][T13863] RIP: 0033:0x7ff2d158d169
[  318.900908][T13863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.900925][T13863] RSP: 002b:00007ff2d23c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  318.900948][T13863] RAX: ffffffffffffffda RBX: 00007ff2d17a6080 RCX: 00007ff2d158d169
[  318.900963][T13863] RDX: 0000000000000001 RSI: 0000000000000113 RDI: 0000000000000007
[  318.900975][T13863] RBP: 00007ff2d23c6090 R08: 0000000000000004 R09: 0000000000000000
[  318.900988][T13863] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000002
[  318.901001][T13863] R13: 0000000000000000 R14: 00007ff2d17a6080 R15: 00007ffdf52f0cf8
[  318.901033][T13863]  </TASK>
[  319.310115][T13866] netlink: 'syz.3.2360': attribute type 21 has an invalid length.
[  319.319264][T13866] netlink: 'syz.3.2360': attribute type 6 has an invalid length.
[  319.330099][T13866] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2360'.
[  319.601155][T13874] sctp: [Deprecated]: syz.3.2362 (pid 13874) Use of struct sctp_assoc_value in delayed_ack socket option.
[  319.601155][T13874] Use struct sctp_sack_info instead
[  319.769213][T13882] netlink: 'syz.0.2364': attribute type 21 has an invalid length.
[  320.249650][ T5834] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  320.279677][ T5834] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  320.299450][ T5834] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  320.308300][ T5834] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  320.318156][ T5834] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  320.327749][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  320.403641][T13899] lo speed is unknown, defaulting to 1000
[  320.427718][T13899] lo speed is unknown, defaulting to 1000
[  320.605754][T13899] chnl_net:caif_netlink_parms(): no params data found
[  320.775963][T13899] bridge0: port 1(bridge_slave_0) entered blocking state
[  320.790068][T13899] bridge0: port 1(bridge_slave_0) entered disabled state
[  320.805884][T13899] bridge_slave_0: entered allmulticast mode
[  320.817576][T13899] bridge_slave_0: entered promiscuous mode
[  320.851452][T13899] bridge0: port 2(bridge_slave_1) entered blocking state
[  320.858626][T13899] bridge0: port 2(bridge_slave_1) entered disabled state
[  320.886966][T13899] bridge_slave_1: entered allmulticast mode
[  320.909743][T13899] bridge_slave_1: entered promiscuous mode
[  320.962876][T13899] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  320.982791][T13899] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  321.057382][T13899] team0: Port device team_slave_0 added
[  321.077864][T13899] team0: Port device team_slave_1 added
[  321.173044][T13899] batman_adv: batadv0: Adding interface: batadv_slave_0
[  321.187568][T13899] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  321.214317][T13899] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  321.229627][T13930] netlink: 'syz.4.2378': attribute type 21 has an invalid length.
[  321.244578][T13899] batman_adv: batadv0: Adding interface: batadv_slave_1
[  321.256507][T13899] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  321.291555][T13899] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  321.339535][T13924] lo speed is unknown, defaulting to 1000
[  321.397242][T13924] lo speed is unknown, defaulting to 1000
[  321.403844][T13899] hsr_slave_0: entered promiscuous mode
[  321.406025][T13899] hsr_slave_1: entered promiscuous mode
[  321.422754][T13899] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  321.433962][T13899] Cannot create hsr debugfs directory
[  321.561227][T13936] xt_CT: No such helper "snmp"
[  321.581724][T13938] xt_CT: No such helper "snmp"
[  321.764884][T13944] netlink: 'syz.0.2381': attribute type 21 has an invalid length.
[  321.811768][T13947] FAULT_INJECTION: forcing a failure.
[  321.811768][T13947] name failslab, interval 1, probability 0, space 0, times 0
[  321.830841][T13947] CPU: 1 UID: 0 PID: 13947 Comm: syz.4.2382 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  321.830873][T13947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  321.830886][T13947] Call Trace:
[  321.830894][T13947]  <TASK>
[  321.830902][T13947]  dump_stack_lvl+0x241/0x360
[  321.830934][T13947]  ? __pfx_dump_stack_lvl+0x10/0x10
[  321.830958][T13947]  ? __pfx__printk+0x10/0x10
[  321.830981][T13947]  ? kmem_cache_alloc_noprof+0x48/0x380
[  321.831012][T13947]  ? __pfx___might_resched+0x10/0x10
[  321.831047][T13947]  should_fail_ex+0x40a/0x550
[  321.831086][T13947]  should_failslab+0xac/0x100
[  321.831115][T13947]  ? __kernfs_new_node+0xd8/0x870
[  321.831143][T13947]  kmem_cache_alloc_noprof+0x70/0x380
[  321.831178][T13947]  __kernfs_new_node+0xd8/0x870
[  321.831210][T13947]  ? up_write+0x1a9/0x590
[  321.831240][T13947]  ? __pfx___kernfs_new_node+0x10/0x10
[  321.831269][T13947]  ? up_write+0x1a9/0x590
[  321.831299][T13947]  ? __pfx_up_write+0x10/0x10
[  321.831335][T13947]  kernfs_new_node+0x137/0x240
[  321.831370][T13947]  __kernfs_create_file+0x49/0x2e0
[  321.831396][T13947]  sysfs_add_file_mode_ns+0x24a/0x310
[  321.831430][T13947]  internal_create_group+0x782/0x12d0
[  321.831477][T13947]  ? __pfx_internal_create_group+0x10/0x10
[  321.831519][T13947]  sysfs_create_groups+0x56/0x120
[  321.831550][T13947]  device_add_attrs+0xe5/0x600
[  321.831584][T13947]  ? __pfx_device_add_attrs+0x10/0x10
[  321.831616][T13947]  device_add+0x576/0xbf0
[  321.831637][T13947]  ? device_initialize+0x266/0x460
[  321.831661][T13947]  netdev_register_kobject+0x157/0x2f0
[  321.831693][T13947]  register_netdevice+0x12c3/0x1b70
[  321.831719][T13947]  ? __mutex_lock+0x602/0x1010
[  321.831765][T13947]  ? __pfx_register_netdevice+0x10/0x10
[  321.831802][T13947]  ? alloc_netdev_mqs+0xe8e/0x1210
[  321.831837][T13947]  register_netdev+0x40/0x50
[  321.831864][T13947]  gprs_attach+0x187/0x530
[  321.831900][T13947]  pep_setsockopt+0x3c0/0x5c0
[  321.831933][T13947]  ? __pfx_pep_setsockopt+0x10/0x10
[  321.831964][T13947]  ? __pfx_lock_acquire+0x10/0x10
[  321.831992][T13947]  ? aa_sock_opt_perm+0x79/0x120
[  321.832026][T13947]  ? sock_common_setsockopt+0x37/0xc0
[  321.832062][T13947]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  321.832096][T13947]  do_sock_setsockopt+0x3af/0x720
[  321.832128][T13947]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  321.832158][T13947]  ? __fget_files+0x395/0x410
[  321.832187][T13947]  ? __fget_files+0x2a/0x410
[  321.832228][T13947]  __x64_sys_setsockopt+0x1ee/0x280
[  321.832261][T13947]  do_syscall_64+0xf3/0x230
[  321.832292][T13947]  ? clear_bhb_loop+0x35/0x90
[  321.832326][T13947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.832353][T13947] RIP: 0033:0x7ff2d158d169
[  321.832372][T13947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.832389][T13947] RSP: 002b:00007ff2d23e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  321.832411][T13947] RAX: ffffffffffffffda RBX: 00007ff2d17a5fa0 RCX: 00007ff2d158d169
[  321.832427][T13947] RDX: 0000000000000001 RSI: 0000000000000113 RDI: 0000000000000007
[  321.832439][T13947] RBP: 00007ff2d23e7090 R08: 0000000000000004 R09: 0000000000000000
[  321.832451][T13947] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000002
[  321.832464][T13947] R13: 0000000000000000 R14: 00007ff2d17a5fa0 R15: 00007ffdf52f0cf8
[  321.832496][T13947]  </TASK>
[  322.234879][T13950] netlink: 'syz.0.2383': attribute type 13 has an invalid length.
[  322.372757][ T5843] Bluetooth: hci3: command tx timeout
[  322.445113][T13958] netlink: 'syz.1.2386': attribute type 21 has an invalid length.
[  322.449013][T13954] gtp0: entered promiscuous mode
[  322.462143][T13959] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2385'.
[  322.473960][T13958] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2386'.
[  322.492788][T13959] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2385'.
[  322.501774][T13958] netlink: 'syz.1.2386': attribute type 4 has an invalid length.
[  322.501799][T13958] netlink: 'syz.1.2386': attribute type 5 has an invalid length.
[  322.501816][T13958] netlink: 3 bytes leftover after parsing attributes in process `syz.1.2386'.
[  322.508826][T13958] netlink: 'syz.1.2386': attribute type 29 has an invalid length.
[  322.538766][T13958] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2386'.
[  322.547900][T13958] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2386'.
[  322.560599][T13958] IPv6: sit1: Disabled Multicast RS
[  322.599974][T13962] netlink: 'syz.1.2386': attribute type 29 has an invalid length.
[  322.656649][T13964] netlink: 'syz.3.2384': attribute type 10 has an invalid length.
[  322.707125][T13965] netlink: zone id is out of range
[  322.734998][T13965] netlink: zone id is out of range
[  322.740565][T13967] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2389'.
[  322.752019][T13965] netlink: zone id is out of range
[  322.773407][T13965] netlink: zone id is out of range
[  322.789476][T13965] netlink: zone id is out of range
[  322.806679][T13965] netlink: zone id is out of range
[  322.824897][T13965] netlink: zone id is out of range
[  322.833982][T13965] netlink: zone id is out of range
[  322.846065][T13965] netlink: zone id is out of range
[  322.884878][T13899] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  322.903047][T13899] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  322.944161][T13899] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  322.973886][T13899] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  322.998229][T13971] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2391'.
[  323.005635][T13973] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2392'.
[  323.172910][T13899] 8021q: adding VLAN 0 to HW filter on device bond0
[  323.190752][T13982] lo speed is unknown, defaulting to 1000
[  323.225111][T13982] lo speed is unknown, defaulting to 1000
[  323.228476][T13899] 8021q: adding VLAN 0 to HW filter on device team0
[  323.261129][T13982] lo speed is unknown, defaulting to 1000
[  323.297461][T13985] xt_ecn: cannot match TCP bits for non-tcp packets
[  323.299695][ T3574] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.311268][ T3574] bridge0: port 1(bridge_slave_0) entered forwarding state
[  323.411297][T13982] infiniband syz0: set down
[  323.416262][T13982] infiniband syz0: added lo
[  323.468846][T13982] RDS/IB: syz0: added
[  323.475907][ T5882] lo speed is unknown, defaulting to 1000
[  323.477578][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.489060][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  323.517861][T13982] smc: adding ib device syz0 with port count 1
[  323.541907][T13982] smc:    ib device syz0 port 1 has pnetid 
[  323.566764][ T5882] lo speed is unknown, defaulting to 1000
[  323.601803][T13982] lo speed is unknown, defaulting to 1000
[  323.827504][T14002] Timeout policy `syz0' can only be used by L3 protocol number 34916
[  323.926331][T14009] net_ratelimit: 304 callbacks suppressed
[  323.926352][T14009] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  324.016092][T14014] netlink: 'syz.3.2401': attribute type 6 has an invalid length.
[  324.039647][T14014] netlink: 'syz.3.2401': attribute type 7 has an invalid length.
[  324.081471][T13982] lo speed is unknown, defaulting to 1000
[  324.114885][T13899] 8021q: adding VLAN 0 to HW filter on device batadv0
[  324.260904][T13899] veth0_vlan: entered promiscuous mode
[  324.292593][T13899] veth1_vlan: entered promiscuous mode
[  324.351058][T13899] veth0_macvtap: entered promiscuous mode
[  324.380827][T13899] veth1_macvtap: entered promiscuous mode
[  324.422004][T13899] batman_adv: batadv0: Interface activated: batadv_slave_0
[  324.439858][ T5843] Bluetooth: hci3: command tx timeout
[  324.469862][T13982] lo speed is unknown, defaulting to 1000
[  324.487022][T13899] batman_adv: batadv0: Interface activated: batadv_slave_1
[  324.507515][T13899] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  324.529704][T13899] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  324.549079][T13899] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  324.557843][T13899] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  324.698519][ T7514] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  324.716509][ T7514] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  324.749159][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  324.757578][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  324.833367][T13982] lo speed is unknown, defaulting to 1000
[  325.125777][T13982] lo speed is unknown, defaulting to 1000
[  325.447400][T13982] lo speed is unknown, defaulting to 1000
[  325.769987][T14045] FAULT_INJECTION: forcing a failure.
[  325.769987][T14045] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  325.819246][T14045] CPU: 1 UID: 0 PID: 14045 Comm: syz.3.2412 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  325.819278][T14045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  325.819290][T14045] Call Trace:
[  325.819297][T14045]  <TASK>
[  325.819306][T14045]  dump_stack_lvl+0x241/0x360
[  325.819336][T14045]  ? __pfx_dump_stack_lvl+0x10/0x10
[  325.819359][T14045]  ? __pfx__printk+0x10/0x10
[  325.819382][T14045]  ? __pfx_lock_release+0x10/0x10
[  325.819422][T14045]  should_fail_ex+0x40a/0x550
[  325.819455][T14045]  _copy_from_user+0x2d/0xb0
[  325.819484][T14045]  copy_msghdr_from_user+0xae/0x680
[  325.819519][T14045]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  325.819557][T14045]  ? __fget_files+0x2a/0x410
[  325.819589][T14045]  ? __fget_files+0x2a/0x410
[  325.819626][T14045]  __sys_sendmsg+0x209/0x350
[  325.819657][T14045]  ? __pfx___sys_sendmsg+0x10/0x10
[  325.819694][T14045]  ? do_sys_openat2+0x17a/0x1d0
[  325.819748][T14045]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  325.819779][T14045]  ? do_syscall_64+0x100/0x230
[  325.819813][T14045]  ? do_syscall_64+0xb6/0x230
[  325.819845][T14045]  do_syscall_64+0xf3/0x230
[  325.819876][T14045]  ? clear_bhb_loop+0x35/0x90
[  325.819908][T14045]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  325.819933][T14045] RIP: 0033:0x7fa61f78d169
[  325.819951][T14045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  325.819968][T14045] RSP: 002b:00007fa6206ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  325.819989][T14045] RAX: ffffffffffffffda RBX: 00007fa61f9a5fa0 RCX: 00007fa61f78d169
[  325.820004][T14045] RDX: 000000000000c094 RSI: 0000200000000200 RDI: 0000000000000003
[  325.820018][T14045] RBP: 00007fa6206ac090 R08: 0000000000000000 R09: 0000000000000000
[  325.820030][T14045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  325.820041][T14045] R13: 0000000000000000 R14: 00007fa61f9a5fa0 R15: 00007ffe100a86a8
[  325.820070][T14045]  </TASK>
[  326.227750][T14058] __nla_validate_parse: 1 callbacks suppressed
[  326.227770][T14058] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.2417'.
[  326.244801][T14058] netlink: zone id is out of range
[  326.250735][T14058] netlink: get zone limit has 8 unknown bytes
[  326.274781][T14058] xt_hashlimit: max too large, truncated to 1048576
[  326.387822][T14065] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2418'.
[  326.431935][T14067] xt_bpf: check failed: parse error
[  326.433830][T14064] 8021q: adding VLAN 0 to HW filter on device bond12
[  326.595190][T14071] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  326.972669][T14085] netlink: 1280 bytes leftover after parsing attributes in process `syz.4.2425'.
[  326.999173][T14085] openvswitch: netlink: Flow actions attr not present in new flow.
[  327.049702][T14085] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2425'.
[  327.282731][T14095] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2428'.
[  327.297708][ T7511] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.526936][T14099] validate_nla: 100 callbacks suppressed
[  327.526959][T14099] netlink: 'syz.4.2430': attribute type 1 has an invalid length.
[  327.638611][T14099] 8021q: adding VLAN 0 to HW filter on device bond8
[  327.830961][ T7511] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.849627][ T5834] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  327.864102][ T5834] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  327.884705][T14104] lo speed is unknown, defaulting to 1000
[  327.892191][ T5834] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  327.908109][ T5834] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  327.918253][ T5834] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  327.926285][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  328.016697][ T7511] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.052342][T14104] lo speed is unknown, defaulting to 1000
[  328.175881][ T7511] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.185724][T14126] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2436'.
[  328.206071][T14104] lo speed is unknown, defaulting to 1000
[  328.217095][T14126] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  328.235656][T14126] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  328.270021][T14126] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  328.278608][T14126] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  328.302425][T14109] lo speed is unknown, defaulting to 1000
[  328.312537][T14127] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2435'.
[  328.354433][T14127] A link change request failed with some changes committed already. Interface macsec0 may have been left with an inconsistent configuration, please check.
[  328.384227][T14109] lo speed is unknown, defaulting to 1000
[  328.507990][ T7511] bridge_slave_1: left allmulticast mode
[  328.524718][ T7511] bridge_slave_1: left promiscuous mode
[  328.541810][ T7511] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.569819][ T7511] bridge_slave_0: left allmulticast mode
[  328.585752][ T7511] bridge_slave_0: left promiscuous mode
[  328.600142][ T7511] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.408920][ T7511] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  329.423948][ T7511] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  329.441643][ T7511] bond0 (unregistering): Released all slaves
[  329.456596][T14109] lo speed is unknown, defaulting to 1000
[  329.815429][T14145] netlink: 'syz.1.2440': attribute type 21 has an invalid length.
[  329.969182][ T5843] Bluetooth: hci3: command tx timeout
[  330.148643][T14154] netlink: 'syz.1.2443': attribute type 1 has an invalid length.
[  330.247637][T14154] 8021q: adding VLAN 0 to HW filter on device bond8
[  330.649246][ T7511] hsr_slave_0: left promiscuous mode
[  330.655465][ T7511] hsr_slave_1: left promiscuous mode
[  330.662054][ T7511] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  330.670041][ T7511] batman_adv: batadv0: Removing interface: batadv_slave_0
[  330.720782][ T7511] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  330.728232][ T7511] batman_adv: batadv0: Removing interface: batadv_slave_1
[  330.806199][ T7511] veth1_macvtap: left promiscuous mode
[  330.812640][ T7511] veth0_macvtap: left promiscuous mode
[  330.818461][ T7511] veth1_vlan: left promiscuous mode
[  330.824487][ T7511] veth0_vlan: left promiscuous mode
[  330.968435][T14166] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  331.373783][T14176] netlink: 'syz.4.2447': attribute type 5 has an invalid length.
[  331.683038][ T7511] team0 (unregistering): Port device team_slave_1 removed
[  331.741470][ T7511] team0 (unregistering): Port device team_slave_0 removed
[  332.041398][ T5843] Bluetooth: hci3: command tx timeout
[  332.258375][T14168] syzkaller1: tun_chr_ioctl cmd 1074025677
[  332.265039][T14168] syzkaller1: linktype set to 780
[  332.373144][T14109] chnl_net:caif_netlink_parms(): no params data found
[  332.672637][T14109] bridge0: port 1(bridge_slave_0) entered blocking state
[  332.685296][T14109] bridge0: port 1(bridge_slave_0) entered disabled state
[  332.693309][T14109] bridge_slave_0: entered allmulticast mode
[  332.701925][T14109] bridge_slave_0: entered promiscuous mode
[  332.711911][T14109] bridge0: port 2(bridge_slave_1) entered blocking state
[  332.724165][T14109] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.731545][T14109] bridge_slave_1: entered allmulticast mode
[  332.739175][T14109] bridge_slave_1: entered promiscuous mode
[  332.745846][T14194] FAULT_INJECTION: forcing a failure.
[  332.745846][T14194] name failslab, interval 1, probability 0, space 0, times 0
[  332.762519][T14192] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input6
[  332.777883][T14194] CPU: 1 UID: 0 PID: 14194 Comm: syz.4.2452 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  332.777914][T14194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  332.777927][T14194] Call Trace:
[  332.777935][T14194]  <TASK>
[  332.777944][T14194]  dump_stack_lvl+0x241/0x360
[  332.777975][T14194]  ? __pfx_dump_stack_lvl+0x10/0x10
[  332.777999][T14194]  ? __pfx__printk+0x10/0x10
[  332.778023][T14194]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  332.778055][T14194]  ? __pfx___might_resched+0x10/0x10
[  332.778089][T14194]  should_fail_ex+0x40a/0x550
[  332.778126][T14194]  should_failslab+0xac/0x100
[  332.778155][T14194]  kmem_cache_alloc_node_noprof+0x77/0x380
[  332.778185][T14194]  ? __alloc_skb+0x1c3/0x440
[  332.778214][T14194]  __alloc_skb+0x1c3/0x440
[  332.778242][T14194]  ? __pfx___alloc_skb+0x10/0x10
[  332.778272][T14194]  ? netlink_ack_tlv_len+0x6e/0x200
[  332.778307][T14194]  netlink_ack+0x145/0xa60
[  332.778337][T14194]  ? __up_read+0x2c2/0x6b0
[  332.778364][T14194]  ? __pfx___up_read+0x10/0x10
[  332.778389][T14194]  ? security_capable+0x7e/0x2d0
[  332.778428][T14194]  rdma_nl_rcv+0x3f6/0x9e0
[  332.778469][T14194]  ? __pfx_rdma_nl_rcv+0x10/0x10
[  332.778528][T14194]  ? netlink_deliver_tap+0x2e/0x1b0
[  332.778564][T14194]  netlink_unicast+0x7f6/0x990
[  332.778603][T14194]  ? __pfx_netlink_unicast+0x10/0x10
[  332.778631][T14194]  ? __virt_addr_valid+0x45f/0x530
[  332.778653][T14194]  ? __phys_addr_symbol+0x2f/0x70
[  332.778672][T14194]  ? __check_object_size+0x47a/0x730
[  332.778706][T14194]  netlink_sendmsg+0x8de/0xcb0
[  332.778739][T14194]  ? __pfx_netlink_sendmsg+0x10/0x10
[  332.778770][T14194]  ? aa_sock_msg_perm+0x91/0x160
[  332.778814][T14194]  ? __pfx_netlink_sendmsg+0x10/0x10
[  332.778833][T14194]  __sock_sendmsg+0x221/0x270
[  332.778868][T14194]  ____sys_sendmsg+0x53a/0x860
[  332.778903][T14194]  ? __pfx_____sys_sendmsg+0x10/0x10
[  332.778927][T14194]  ? __fget_files+0x2a/0x410
[  332.778960][T14194]  ? __fget_files+0x2a/0x410
[  332.778999][T14194]  __sys_sendmsg+0x269/0x350
[  332.779030][T14194]  ? __pfx___sys_sendmsg+0x10/0x10
[  332.779070][T14194]  ? do_sys_openat2+0x17a/0x1d0
[  332.779127][T14194]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  332.779162][T14194]  ? do_syscall_64+0x100/0x230
[  332.779196][T14194]  ? do_syscall_64+0xb6/0x230
[  332.779229][T14194]  do_syscall_64+0xf3/0x230
[  332.779259][T14194]  ? clear_bhb_loop+0x35/0x90
[  332.779292][T14194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.779320][T14194] RIP: 0033:0x7ff2d158d169
[  332.779338][T14194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.779356][T14194] RSP: 002b:00007ff2d23e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  332.779378][T14194] RAX: ffffffffffffffda RBX: 00007ff2d17a5fa0 RCX: 00007ff2d158d169
[  332.779393][T14194] RDX: 000000000000c094 RSI: 0000200000000200 RDI: 0000000000000003
[  332.779406][T14194] RBP: 00007ff2d23e7090 R08: 0000000000000000 R09: 0000000000000000
[  332.779419][T14194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  332.779431][T14194] R13: 0000000000000000 R14: 00007ff2d17a5fa0 R15: 00007ffdf52f0cf8
[  332.779461][T14194]  </TASK>
[  333.314639][T14109] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  333.353060][T14109] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  333.417621][T14206] netlink: 'syz.4.2455': attribute type 10 has an invalid length.
[  333.466669][T14109] team0: Port device team_slave_0 added
[  333.487308][T14109] team0: Port device team_slave_1 added
[  333.661782][T14109] batman_adv: batadv0: Adding interface: batadv_slave_0
[  333.668809][T14109] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  333.703462][T14212] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2457'.
[  333.719373][T14212] netlink: 'syz.4.2457': attribute type 7 has an invalid length.
[  333.727149][T14212] netlink: 'syz.4.2457': attribute type 8 has an invalid length.
[  333.750557][T14109] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  333.756570][T14215] x_tables: duplicate underflow at hook 1
[  333.761206][T14212] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2457'.
[  333.763893][T14109] batman_adv: batadv0: Adding interface: batadv_slave_1
[  333.783941][T14109] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  333.859367][T14109] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  333.977551][T14219] netlink: 'syz.1.2458': attribute type 10 has an invalid length.
[  334.048631][T14109] hsr_slave_0: entered promiscuous mode
[  334.071049][T14109] hsr_slave_1: entered promiscuous mode
[  334.077293][T14109] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  334.100285][T14109] Cannot create hsr debugfs directory
[  334.119342][ T5843] Bluetooth: hci3: command tx timeout
[  334.415429][T14230] bond9: entered promiscuous mode
[  334.452503][T14230] bond9: entered allmulticast mode
[  334.464391][T14230] 8021q: adding VLAN 0 to HW filter on device bond9
[  334.539750][T14230] delete_channel: no stack
[  334.559836][T14238] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2463'.
[  334.577183][T14239] netlink: 'syz.3.2464': attribute type 10 has an invalid length.
[  334.624723][T14236] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2463'.
[  334.667117][T14241] netlink: 'syz.1.2466': attribute type 10 has an invalid length.
[  334.701140][T14238] 8021q: adding VLAN 0 to HW filter on device bond13
[  334.726892][T14241] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  334.928876][T14253] netlink: 'syz.1.2468': attribute type 9 has an invalid length.
[  334.933850][T14109] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  334.949934][T14109] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  334.963752][T14109] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  334.975074][T14109] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  335.115121][T14109] 8021q: adding VLAN 0 to HW filter on device bond0
[  335.202030][T14109] 8021q: adding VLAN 0 to HW filter on device team0
[  335.254061][ T7514] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.261290][ T7514] bridge0: port 1(bridge_slave_0) entered forwarding state
[  335.285166][ T7514] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.292399][ T7514] bridge0: port 2(bridge_slave_1) entered forwarding state
[  335.815816][T14109] 8021q: adding VLAN 0 to HW filter on device batadv0
[  335.932298][T14109] veth0_vlan: entered promiscuous mode
[  335.957557][T14109] veth1_vlan: entered promiscuous mode
[  336.031387][T14109] veth0_macvtap: entered promiscuous mode
[  336.054722][T14109] veth1_macvtap: entered promiscuous mode
[  336.093553][T14109] batman_adv: batadv0: Interface activated: batadv_slave_0
[  336.125233][T14109] batman_adv: batadv0: Interface activated: batadv_slave_1
[  336.161366][T14109] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  336.179068][T14109] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  336.198019][T14109] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  336.213082][T14109] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  336.229039][ T5843] Bluetooth: hci3: command tx timeout
[  336.312507][ T1103] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  336.350961][ T1103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  336.539704][T14272] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2476'.
[  336.539884][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  336.557505][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  336.662638][T14279] lo speed is unknown, defaulting to 1000
[  336.918424][T14279] lo speed is unknown, defaulting to 1000
[  336.965123][T14279] lo speed is unknown, defaulting to 1000
[  338.504904][ T5834] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  338.536306][ T5834] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  338.561206][ T5834] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  338.580553][ T5834] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  338.603553][ T5834] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  338.617582][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  339.465521][T14294] ip_vti0: entered promiscuous mode
[  339.483338][T14294] ip_vti0: entered allmulticast mode
[  339.628427][T14297] lo speed is unknown, defaulting to 1000
[  339.702198][T14310] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2483'.
[  339.749982][T14297] lo speed is unknown, defaulting to 1000
[  339.756831][T14297] lo speed is unknown, defaulting to 1000
[  339.787582][T14306] xt_CT: No such helper "syz1"
[  340.220207][T14326] FAULT_INJECTION: forcing a failure.
[  340.220207][T14326] name failslab, interval 1, probability 0, space 0, times 0
[  340.259417][T14326] CPU: 0 UID: 0 PID: 14326 Comm: syz.1.2485 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  340.259449][T14326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  340.259462][T14326] Call Trace:
[  340.259470][T14326]  <TASK>
[  340.259479][T14326]  dump_stack_lvl+0x241/0x360
[  340.259512][T14326]  ? __pfx_dump_stack_lvl+0x10/0x10
[  340.259536][T14326]  ? __pfx__printk+0x10/0x10
[  340.259560][T14326]  ? kmem_cache_alloc_noprof+0x48/0x380
[  340.259591][T14326]  ? __pfx___might_resched+0x10/0x10
[  340.259626][T14326]  should_fail_ex+0x40a/0x550
[  340.259665][T14326]  should_failslab+0xac/0x100
[  340.259695][T14326]  ? __kernfs_new_node+0xd8/0x870
[  340.259723][T14326]  kmem_cache_alloc_noprof+0x70/0x380
[  340.259759][T14326]  __kernfs_new_node+0xd8/0x870
[  340.259791][T14326]  ? up_write+0x1a9/0x590
[  340.259821][T14326]  ? __pfx___kernfs_new_node+0x10/0x10
[  340.259850][T14326]  ? up_write+0x1a9/0x590
[  340.259881][T14326]  ? __pfx_up_write+0x10/0x10
[  340.259917][T14326]  kernfs_new_node+0x137/0x240
[  340.259953][T14326]  __kernfs_create_file+0x49/0x2e0
[  340.259978][T14326]  sysfs_add_file_mode_ns+0x24a/0x310
[  340.260012][T14326]  internal_create_group+0x782/0x12d0
[  340.260059][T14326]  ? __pfx_internal_create_group+0x10/0x10
[  340.260101][T14326]  sysfs_create_groups+0x56/0x120
[  340.260132][T14326]  device_add_attrs+0xe5/0x600
[  340.260158][T14326]  ? __pfx_device_add_attrs+0x10/0x10
[  340.260190][T14326]  device_add+0x576/0xbf0
[  340.260211][T14326]  ? device_initialize+0x266/0x460
[  340.260244][T14326]  netdev_register_kobject+0x157/0x2f0
[  340.260276][T14326]  register_netdevice+0x12c3/0x1b70
[  340.260304][T14326]  ? __mutex_lock+0x602/0x1010
[  340.260351][T14326]  ? __pfx_register_netdevice+0x10/0x10
[  340.260388][T14326]  ? alloc_netdev_mqs+0xe8e/0x1210
[  340.260422][T14326]  register_netdev+0x40/0x50
[  340.260449][T14326]  gprs_attach+0x187/0x530
[  340.260486][T14326]  pep_setsockopt+0x3c0/0x5c0
[  340.260518][T14326]  ? __pfx_pep_setsockopt+0x10/0x10
[  340.260548][T14326]  ? __pfx_lock_acquire+0x10/0x10
[  340.260583][T14326]  ? aa_sock_opt_perm+0x79/0x120
[  340.260616][T14326]  ? sock_common_setsockopt+0x37/0xc0
[  340.260653][T14326]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  340.260686][T14326]  do_sock_setsockopt+0x3af/0x720
[  340.260718][T14326]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  340.260749][T14326]  ? __fget_files+0x395/0x410
[  340.260778][T14326]  ? __fget_files+0x2a/0x410
[  340.260818][T14326]  __x64_sys_setsockopt+0x1ee/0x280
[  340.260851][T14326]  do_syscall_64+0xf3/0x230
[  340.260882][T14326]  ? clear_bhb_loop+0x35/0x90
[  340.260916][T14326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.260945][T14326] RIP: 0033:0x7f9b2338d169
[  340.260962][T14326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.260980][T14326] RSP: 002b:00007f9b24262038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  340.261003][T14326] RAX: ffffffffffffffda RBX: 00007f9b235a6080 RCX: 00007f9b2338d169
[  340.261017][T14326] RDX: 0000000000000001 RSI: 0000000000000113 RDI: 0000000000000007
[  340.261030][T14326] RBP: 00007f9b24262090 R08: 0000000000000004 R09: 0000000000000000
[  340.261042][T14326] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000002
[  340.261056][T14326] R13: 0000000000000000 R14: 00007f9b235a6080 R15: 00007fff4a98e6c8
[  340.261089][T14326]  </TASK>
[  340.709545][ T5843] Bluetooth: hci3: command tx timeout
[  341.029961][T14356] FAULT_INJECTION: forcing a failure.
[  341.029961][T14356] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  341.123312][T14356] CPU: 1 UID: 0 PID: 14356 Comm: syz.1.2491 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  341.123344][T14356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  341.123357][T14356] Call Trace:
[  341.123364][T14356]  <TASK>
[  341.123383][T14356]  dump_stack_lvl+0x241/0x360
[  341.123416][T14356]  ? __pfx_dump_stack_lvl+0x10/0x10
[  341.123441][T14356]  ? __pfx__printk+0x10/0x10
[  341.123464][T14356]  ? __pfx_lock_release+0x10/0x10
[  341.123503][T14356]  should_fail_ex+0x40a/0x550
[  341.123540][T14356]  _copy_from_user+0x2d/0xb0
[  341.123570][T14356]  sk_getsockopt+0x1cb/0x31f0
[  341.123604][T14356]  ? __pfx_sk_getsockopt+0x10/0x10
[  341.123649][T14356]  ? __pfx___might_resched+0x10/0x10
[  341.123679][T14356]  ? __might_fault+0xaa/0x120
[  341.123700][T14356]  ? __pfx_lock_release+0x10/0x10
[  341.123741][T14356]  ? __might_fault+0xaa/0x120
[  341.123762][T14356]  ? __might_fault+0xc6/0x120
[  341.123787][T14356]  do_sock_getsockopt+0x29f/0x740
[  341.123820][T14356]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  341.123844][T14356]  ? __fget_files+0x2a/0x410
[  341.123876][T14356]  ? __fget_files+0x395/0x410
[  341.123906][T14356]  ? __fget_files+0x2a/0x410
[  341.123944][T14356]  __x64_sys_getsockopt+0x2a1/0x370
[  341.123978][T14356]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  341.124005][T14356]  ? do_syscall_64+0x100/0x230
[  341.124040][T14356]  ? do_syscall_64+0xb6/0x230
[  341.124074][T14356]  do_syscall_64+0xf3/0x230
[  341.124105][T14356]  ? clear_bhb_loop+0x35/0x90
[  341.124160][T14356]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.124189][T14356] RIP: 0033:0x7f9b2338d169
[  341.124208][T14356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.124227][T14356] RSP: 002b:00007f9b24283038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  341.124250][T14356] RAX: ffffffffffffffda RBX: 00007f9b235a5fa0 RCX: 00007f9b2338d169
[  341.124265][T14356] RDX: 0000000000000037 RSI: 0000000000000001 RDI: 0000000000000004
[  341.124277][T14356] RBP: 00007f9b24283090 R08: 00002000000003c0 R09: 0000000000000000
[  341.124291][T14356] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  341.124305][T14356] R13: 0000000000000000 R14: 00007f9b235a5fa0 R15: 00007fff4a98e6c8
[  341.124339][T14356]  </TASK>
[  341.502926][T14297] chnl_net:caif_netlink_parms(): no params data found
[  341.729790][T14369] netlink: 'syz.1.2493': attribute type 10 has an invalid length.
[  341.816968][T14382] netlink: 'syz.0.2495': attribute type 11 has an invalid length.
[  341.829209][T14382] netlink: 232 bytes leftover after parsing attributes in process `syz.0.2495'.
[  341.932004][T14369] dummy0: left promiscuous mode
[  341.944380][T14369] team0: Device dummy0 failed to register rx_handler
[  342.024539][T14297] bridge0: port 1(bridge_slave_0) entered blocking state
[  342.048497][T14297] bridge0: port 1(bridge_slave_0) entered disabled state
[  342.069328][T14297] bridge_slave_0: entered allmulticast mode
[  342.099697][T14297] bridge_slave_0: entered promiscuous mode
[  342.130822][T14297] bridge0: port 2(bridge_slave_1) entered blocking state
[  342.148538][T14297] bridge0: port 2(bridge_slave_1) entered disabled state
[  342.187725][T14297] bridge_slave_1: entered allmulticast mode
[  342.204686][T14297] bridge_slave_1: entered promiscuous mode
[  342.303464][T14297] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  342.332669][T14297] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  342.493095][T14297] team0: Port device team_slave_0 added
[  342.510178][T14420] netlink: 'syz.3.2496': attribute type 10 has an invalid length.
[  342.542805][T14297] team0: Port device team_slave_1 added
[  342.661524][T14297] batman_adv: batadv0: Adding interface: batadv_slave_0
[  342.668532][T14297] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  342.715320][T14297] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  342.728884][T14297] batman_adv: batadv0: Adding interface: batadv_slave_1
[  342.748563][T14297] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  342.779685][ T5843] Bluetooth: hci3: command tx timeout
[  342.803484][T14297] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  342.847736][T14426] netlink: 'syz.4.2503': attribute type 10 has an invalid length.
[  342.861890][T14431] lo speed is unknown, defaulting to 1000
[  342.883441][T14431] lo speed is unknown, defaulting to 1000
[  342.898844][T14431] lo speed is unknown, defaulting to 1000
[  343.001168][T14297] hsr_slave_0: entered promiscuous mode
[  343.031190][T14297] hsr_slave_1: entered promiscuous mode
[  343.037733][T14297] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  343.046063][T14297] Cannot create hsr debugfs directory
[  343.504832][T14297] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  343.563463][T14457] lo speed is unknown, defaulting to 1000
[  343.581681][T14457] lo speed is unknown, defaulting to 1000
[  343.582214][T14460] lo speed is unknown, defaulting to 1000
[  343.591059][T14457] lo speed is unknown, defaulting to 1000
[  343.595273][T14460] lo speed is unknown, defaulting to 1000
[  343.683232][T14463] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2512'.
[  343.726121][T14297] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  343.842595][T14467] netlink: 'syz.4.2513': attribute type 1 has an invalid length.
[  343.860872][T14297] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  343.910099][T14460] lo speed is unknown, defaulting to 1000
[  343.977952][T14467] 8021q: adding VLAN 0 to HW filter on device bond10
[  344.111476][T14297] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.557096][T14486] can: request_module (can-proto-4) failed.
[  344.598630][T14297] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  344.614556][T14297] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  344.650101][T14297] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  344.672765][T14493] netlink: 'syz.4.2520': attribute type 1 has an invalid length.
[  344.681689][T14493] netlink: 228 bytes leftover after parsing attributes in process `syz.4.2520'.
[  344.691542][T14493] netlink: 11 bytes leftover after parsing attributes in process `syz.4.2520'.
[  344.701310][T14297] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  344.838228][T14297] 8021q: adding VLAN 0 to HW filter on device bond0
[  344.847328][ T5843] Bluetooth: hci3: command tx timeout
[  344.890487][T14297] 8021q: adding VLAN 0 to HW filter on device team0
[  344.902499][ T7514] bridge0: port 1(bridge_slave_0) entered blocking state
[  344.909723][ T7514] bridge0: port 1(bridge_slave_0) entered forwarding state
[  344.986691][ T1103] bridge0: port 2(bridge_slave_1) entered blocking state
[  344.993995][ T1103] bridge0: port 2(bridge_slave_1) entered forwarding state
[  345.107118][T14297] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  345.122016][T14499] netlink: 'syz.4.2522': attribute type 10 has an invalid length.
[  345.130229][T14297] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  345.335320][T14506] netlink: 'syz.0.2524': attribute type 1 has an invalid length.
[  345.401785][T14506] 8021q: adding VLAN 0 to HW filter on device bond14
[  345.452211][T14297] 8021q: adding VLAN 0 to HW filter on device batadv0
[  345.511954][T14297] veth0_vlan: entered promiscuous mode
[  345.557910][T14297] veth1_vlan: entered promiscuous mode
[  345.614054][T14516] lo speed is unknown, defaulting to 1000
[  345.630026][T14297] veth0_macvtap: entered promiscuous mode
[  345.642302][T14297] veth1_macvtap: entered promiscuous mode
[  345.663565][T14516] lo speed is unknown, defaulting to 1000
[  345.702140][T14297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  345.714432][T14297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  345.733655][T14297] batman_adv: batadv0: Interface activated: batadv_slave_0
[  345.750252][T14516] lo speed is unknown, defaulting to 1000
[  345.754377][T14297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  345.781964][T14297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  345.808270][T14297] batman_adv: batadv0: Interface activated: batadv_slave_1
[  345.861313][T14519] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  345.870374][T14519] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  345.878592][T14519] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  345.887236][T14519] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  345.941760][T14297] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  345.969343][T14297] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  345.988746][T14297] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  346.006878][T14297] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  346.258409][T14524] mac80211_hwsim hwsim2 syzkaller0: left promiscuous mode
[  346.279599][T14524] mac80211_hwsim hwsim2 syzkaller0: left allmulticast mode
[  346.379534][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  346.397790][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  346.473387][T14537] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2533'.
[  346.500009][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  346.525662][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  346.767431][T14546] netlink: 'syz.3.2536': attribute type 1 has an invalid length.
[  346.789123][T14549] netlink: 'syz.4.2537': attribute type 1 has an invalid length.
[  346.872458][T14546] 8021q: adding VLAN 0 to HW filter on device bond5
[  347.100956][T14565] netlink: 'syz.1.2538': attribute type 10 has an invalid length.
[  347.228624][T14568] netlink: 3 bytes leftover after parsing attributes in process `syz.4.2542'.
[  347.254323][T14568] batadv2: entered promiscuous mode
[  347.274558][T14568] batadv2: entered allmulticast mode
[  347.296318][T14574] netlink: 3 bytes leftover after parsing attributes in process `syz.4.2542'.
[  347.382114][T14574] batadv2: entered promiscuous mode
[  347.387386][T14574] batadv2: entered allmulticast mode
[  347.975558][T14590] netlink: 'syz.1.2551': attribute type 1 has an invalid length.
[  348.038771][T14590] 8021q: adding VLAN 0 to HW filter on device bond9
[  348.187271][T14600] netlink: 'syz.3.2553': attribute type 39 has an invalid length.
[  348.205101][T14602] xt_TPROXY: Can be used only with -p tcp or -p udp
[  348.217455][T14602] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2556'.
[  348.331925][T14604] team0: Port device gtp1 added
[  348.378888][T14609] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2557'.
[  349.341476][T14628] vlan1: entered promiscuous mode
[  349.349575][T14628] bond0: entered promiscuous mode
[  349.355191][T14628] dummy0: entered promiscuous mode
[  349.381109][T14628] bond0: (slave vlan1): Opening slave failed
[  349.409219][T14630] netlink: 'syz.4.2565': attribute type 1 has an invalid length.
[  349.434082][T14625] vlan1: entered promiscuous mode
[  349.456664][T14625] bond0: (slave vlan1): Opening slave failed
[  349.521504][ T5834] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  349.531752][ T5834] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  349.540079][ T5834] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  349.549652][ T5834] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  349.557424][ T5834] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  349.565226][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  349.577943][T14630] 8021q: adding VLAN 0 to HW filter on device bond12
[  349.659359][T14643] (unnamed net_device) (uninitialized): peer notification delay (9) is not a multiple of miimon (100), value rounded to 0 ms
[  349.710906][T14643] (unnamed net_device) (uninitialized): option use_carrier: invalid value (5)
[  349.760366][T14637] lo speed is unknown, defaulting to 1000
[  349.767220][T14637] lo speed is unknown, defaulting to 1000
[  349.820207][T14637] lo speed is unknown, defaulting to 1000
[  349.862112][T14649] lo speed is unknown, defaulting to 1000
[  349.871178][T14652] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2571'.
[  349.898084][T14649] lo speed is unknown, defaulting to 1000
[  349.905797][T14652] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2571'.
[  350.002300][T14658] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2572'.
[  350.033272][T14651] mac80211_hwsim hwsim2 syzkaller0: entered promiscuous mode
[  350.041509][T14651] mac80211_hwsim hwsim2 syzkaller0: entered allmulticast mode
[  350.184659][T14649] lo speed is unknown, defaulting to 1000
[  350.248633][T14664] netlink: 'syz.0.2575': attribute type 1 has an invalid length.
[  350.653805][T14637] chnl_net:caif_netlink_parms(): no params data found
[  350.876294][T14681] ip6tnl2: entered promiscuous mode
[  350.957478][T14637] bridge0: port 1(bridge_slave_0) entered blocking state
[  350.966643][T14637] bridge0: port 1(bridge_slave_0) entered disabled state
[  350.974627][T14637] bridge_slave_0: entered allmulticast mode
[  350.982343][T14637] bridge_slave_0: entered promiscuous mode
[  351.012284][T14637] bridge0: port 2(bridge_slave_1) entered blocking state
[  351.049266][T14637] bridge0: port 2(bridge_slave_1) entered disabled state
[  351.056919][T14637] bridge_slave_1: entered allmulticast mode
[  351.080827][T14637] bridge_slave_1: entered promiscuous mode
[  351.165407][T14694] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2583'.
[  351.177001][T14695] ip_vti0: left promiscuous mode
[  351.187591][T14697] netlink: 165 bytes leftover after parsing attributes in process `syz.4.2584'.
[  351.202711][T14695] ip_vti0: left allmulticast mode
[  351.242937][T14695] vlan0: left promiscuous mode
[  351.247897][T14695] vlan0: left allmulticast mode
[  351.294989][T14695] veth0_vlan: left allmulticast mode
[  351.381462][T14695] mac80211_hwsim hwsim2 syzkaller0: left promiscuous mode
[  351.400981][T14695] mac80211_hwsim hwsim2 syzkaller0: left allmulticast mode
[  351.432211][T14695] ip6gre1: left allmulticast mode
[  351.480401][T14637] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  351.503347][T14637] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  351.633899][T14637] team0: Port device team_slave_0 added
[  351.640039][ T5834] Bluetooth: hci3: command tx timeout
[  351.665048][T14715] __nla_validate_parse: 2 callbacks suppressed
[  351.665071][T14715] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2587'.
[  351.675383][T14637] team0: Port device team_slave_1 added
[  351.725658][T14637] batman_adv: batadv0: Adding interface: batadv_slave_0
[  351.733521][T14637] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  351.760102][T14637] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  351.795019][T14637] batman_adv: batadv0: Adding interface: batadv_slave_1
[  351.803244][T14637] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  351.829516][T14637] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  351.866302][T14720] netlink: 'syz.0.2589': attribute type 4 has an invalid length.
[  351.910431][T14637] hsr_slave_0: entered promiscuous mode
[  351.917374][T14637] hsr_slave_1: entered promiscuous mode
[  351.925254][T14637] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  351.934387][T14637] Cannot create hsr debugfs directory
[  352.128878][T14726] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  352.150392][T14726] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.331248][T14726] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  352.343813][T14726] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.532819][T14637] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.576666][T14726] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  352.587147][T14726] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.678236][T14726] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  352.708134][T14726] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.863676][T14637] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.082231][T14637] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.136601][T14726] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  353.160145][T14726] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  353.169876][T14756] bond0: entered promiscuous mode
[  353.175382][T14756] dummy0: entered promiscuous mode
[  353.197259][T14756] bond0: entered allmulticast mode
[  353.219273][T14756] dummy0: entered allmulticast mode
[  353.245840][T14756] 8021q: adding VLAN 0 to HW filter on device bond0
[  353.278842][T14726] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  353.320793][T14726] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  353.345932][T14726] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  353.367111][T14726] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  353.426882][T14637] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.469808][T14726] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  353.489210][T14726] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  353.548501][T14772] netlink: 'syz.4.2600': attribute type 15 has an invalid length.
[  353.622572][T14774] lo speed is unknown, defaulting to 1000
[  353.705299][T14759] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  353.720941][ T5834] Bluetooth: hci3: command tx timeout
[  353.741157][T14774] lo speed is unknown, defaulting to 1000
[  353.754875][T14774] lo speed is unknown, defaulting to 1000
[  353.772968][T14637] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  353.812400][T14637] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  353.875165][T14637] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  353.926199][T14637] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  353.983357][T14793] ip6tnl1: entered promiscuous mode
[  354.182321][T14637] 8021q: adding VLAN 0 to HW filter on device bond0
[  354.244256][T14637] 8021q: adding VLAN 0 to HW filter on device team0
[  354.291041][ T1103] bridge0: port 1(bridge_slave_0) entered blocking state
[  354.298197][ T1103] bridge0: port 1(bridge_slave_0) entered forwarding state
[  354.322792][ T1103] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.329993][ T1103] bridge0: port 2(bridge_slave_1) entered forwarding state
[  354.493222][T14637] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  354.591106][T14815] netlink: 'syz.1.2612': attribute type 10 has an invalid length.
[  354.978087][T14637] 8021q: adding VLAN 0 to HW filter on device batadv0
[  355.088658][T14637] veth0_vlan: entered promiscuous mode
[  355.125202][T14637] veth1_vlan: entered promiscuous mode
[  355.205803][T14637] veth0_macvtap: entered promiscuous mode
[  355.240185][T14637] veth1_macvtap: entered promiscuous mode
[  355.305743][T14637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  355.331021][T14637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.351486][T14637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  355.376194][T14637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.399660][T14637] batman_adv: batadv0: Interface activated: batadv_slave_0
[  355.441919][T14637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  355.461819][T14637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.474003][T14832] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2617'.
[  355.499784][T14637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  355.519460][T14832] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2617'.
[  355.528672][T14637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.550916][T14637] batman_adv: batadv0: Interface activated: batadv_slave_1
[  355.599119][T14637] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  355.616847][T14637] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  355.635591][T14637] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  355.661637][T14637] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  355.799245][ T5834] Bluetooth: hci3: command tx timeout
[  355.979166][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  355.987017][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  356.100921][T14846] netlink: 'syz.0.2621': attribute type 10 has an invalid length.
[  356.102347][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  356.109889][T14846] netlink: 2 bytes leftover after parsing attributes in process `syz.0.2621'.
[  356.128179][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  356.137809][T14852] netlink: 'syz.4.2622': attribute type 10 has an invalid length.
[  356.200280][T14846] 8021q: adding VLAN 0 to HW filter on device team0
[  356.365252][T14864] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2627'.
[  357.072612][T14891] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2640'.
[  357.093160][T14889] lo speed is unknown, defaulting to 1000
[  357.095363][T14891] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2640'.
[  357.118733][T14889] lo speed is unknown, defaulting to 1000
[  357.137600][T14889] lo speed is unknown, defaulting to 1000
[  358.252565][T14911] netlink: 'syz.1.2643': attribute type 21 has an invalid length.
[  358.569298][T14922] netlink: 'syz.3.2649': attribute type 1 has an invalid length.
[  358.624677][T14922] 8021q: adding VLAN 0 to HW filter on device bond6
[  358.720818][ T5843] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  358.730979][ T5843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  358.740371][ T5843] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  358.748531][ T5843] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  358.756328][T14930] lo speed is unknown, defaulting to 1000
[  358.773445][ T5843] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  358.774588][T14930] lo speed is unknown, defaulting to 1000
[  358.787978][ T5843] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  358.836320][T14930] lo speed is unknown, defaulting to 1000
[  358.944612][T14933] lo speed is unknown, defaulting to 1000
[  358.964053][T14933] lo speed is unknown, defaulting to 1000
[  359.076157][T14951] xt_CT: You must specify a L4 protocol and not use inversions on it
[  359.086808][T14945] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2651'.
[  359.102703][T14933] lo speed is unknown, defaulting to 1000
[  359.117862][T14932] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2651'.
[  359.794673][T14968] netlink: 'syz.0.2659': attribute type 21 has an invalid length.
[  359.804134][T14971] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2660'.
[  359.971405][T14933] chnl_net:caif_netlink_parms(): no params data found
[  360.045379][T14983] bond0: (slave bridge0): Releasing backup interface
[  360.070129][T14983] bond0: (slave bridge0): the permanent HWaddr of slave - aa:aa:aa:aa:aa:0c - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  360.123372][T14985] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2662'.
[  360.140666][T14983] bond0: (slave wlan1): Releasing backup interface
[  360.151640][T14983] bond4: (slave gretap1): Releasing active interface
[  360.171099][T14987] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2664'.
[  360.185772][T14983] bond6: (slave ip6gre1): Releasing backup interface
[  360.208536][T14983] ip6gre1: left promiscuous mode
[  360.244982][T14983] bond0: (slave ip6gretap1): Releasing backup interface
[  360.291599][T14983] team0: Port device gtp1 removed
[  360.421563][T14988] vlan2: entered allmulticast mode
[  360.437419][T14988] bond0: entered allmulticast mode
[  360.457284][T14988] bridge0: port 1(vlan2) entered blocking state
[  360.478850][T14988] bridge0: port 1(vlan2) entered disabled state
[  360.505208][T14988] vlan2: entered promiscuous mode
[  360.519710][T14988] bond0: entered promiscuous mode
[  360.552308][T15001] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2668'.
[  360.850060][ T5843] Bluetooth: hci3: command tx timeout
[  361.018362][T14933] bridge0: port 1(bridge_slave_0) entered blocking state
[  361.035226][T14933] bridge0: port 1(bridge_slave_0) entered disabled state
[  361.050121][T14933] bridge_slave_0: entered allmulticast mode
[  361.057307][T14933] bridge_slave_0: entered promiscuous mode
[  361.066718][T14933] bridge0: port 2(bridge_slave_1) entered blocking state
[  361.085814][T14933] bridge0: port 2(bridge_slave_1) entered disabled state
[  361.093702][T14933] bridge_slave_1: entered allmulticast mode
[  361.101241][T14933] bridge_slave_1: entered promiscuous mode
[  361.109134][T15021] netlink: 'syz.0.2673': attribute type 21 has an invalid length.
[  361.122114][T15023] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2674'.
[  361.158224][T15023] 8021q: VLANs not supported on gre0
[  361.203597][T14933] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  361.235941][T14933] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  361.422280][T14933] team0: Port device team_slave_0 added
[  361.436765][T15032] tun0: tun_chr_ioctl cmd 1074812117
[  361.467771][T15032] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2677'.
[  361.481664][T14933] team0: Port device team_slave_1 added
[  361.490074][T15037] workqueue: Failed to create a rescuer kthread for wq "bond15": -EINTR
[  361.670430][T14933] batman_adv: batadv0: Adding interface: batadv_slave_0
[  361.728121][T14933] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  361.779799][T15048] delete_channel: no stack
[  361.836333][T14933] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  361.867277][T14933] batman_adv: batadv0: Adding interface: batadv_slave_1
[  361.898570][T14933] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  361.980795][T14933] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  362.120224][T14933] hsr_slave_0: entered promiscuous mode
[  362.151042][T14933] hsr_slave_1: entered promiscuous mode
[  362.157316][T14933] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  362.178477][T15056] sctp: [Deprecated]: syz.3.2684 (pid 15056) Use of int in maxseg socket option.
[  362.178477][T15056] Use struct sctp_assoc_value instead
[  362.195339][T14933] Cannot create hsr debugfs directory
[  362.449925][T15070] netlink: 'syz.0.2689': attribute type 21 has an invalid length.
[  362.651125][T15079] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2692'.
[  362.685642][T14933] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.713151][T15079] vlan3: entered allmulticast mode
[  362.733999][T15075] lo speed is unknown, defaulting to 1000
[  362.742969][T15075] lo speed is unknown, defaulting to 1000
[  362.750194][T15075] lo speed is unknown, defaulting to 1000
[  362.886007][T14933] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.908797][T15089] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2691'.
[  362.930929][ T5843] Bluetooth: hci3: command tx timeout
[  363.008842][T14933] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.116239][T14933] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.233926][T15096] lo speed is unknown, defaulting to 1000
[  363.243438][T15096] lo speed is unknown, defaulting to 1000
[  363.250862][T15096] lo speed is unknown, defaulting to 1000
[  363.502605][T15105] batadv_slave_0: left promiscuous mode
[  363.509202][T15105] batadv_slave_0: left allmulticast mode
[  363.552062][T15105] ip6erspan0: left promiscuous mode
[  363.591502][T15108] netlink: 'syz.4.2700': attribute type 11 has an invalid length.
[  363.616877][T15105] gtp0: left promiscuous mode
[  363.695891][T14933] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  363.726834][T14933] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  363.841098][T14933] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  363.891595][T14933] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  364.052538][T15121] netlink: 'syz.0.2704': attribute type 10 has an invalid length.
[  364.064161][T15121] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode
[  364.071958][T15121] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  364.151033][T15126] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2705'.
[  364.309598][T14933] 8021q: adding VLAN 0 to HW filter on device bond0
[  364.366616][T14933] 8021q: adding VLAN 0 to HW filter on device team0
[  364.396378][T15135] netlink: 'syz.0.2707': attribute type 21 has an invalid length.
[  364.400296][ T3538] bridge0: port 1(bridge_slave_0) entered blocking state
[  364.411355][ T3538] bridge0: port 1(bridge_slave_0) entered forwarding state
[  364.457852][T15135] netlink: 'syz.0.2707': attribute type 6 has an invalid length.
[  364.478597][T15135] netlink: 156 bytes leftover after parsing attributes in process `syz.0.2707'.
[  364.502194][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  364.509450][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  364.743992][T15150] netlink: 'syz.4.2711': attribute type 1 has an invalid length.
[  364.776231][T15150] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2711'.
[  364.934898][T14933] 8021q: adding VLAN 0 to HW filter on device batadv0
[  365.000041][ T5843] Bluetooth: hci3: command tx timeout
[  365.042428][T14933] veth0_vlan: entered promiscuous mode
[  365.111503][T15166] pim6reg9: entered allmulticast mode
[  365.125339][T14933] veth1_vlan: entered promiscuous mode
[  365.251412][T15169] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2717'.
[  365.260615][T15173] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2718'.
[  365.280229][T15169] netlink: 'syz.4.2717': attribute type 9 has an invalid length.
[  365.288254][T15169] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2717'.
[  365.344310][T15169] macvlan3: entered promiscuous mode
[  365.357781][T15169] hsr0: entered promiscuous mode
[  365.367105][T15169] macvlan3: entered allmulticast mode
[  365.373035][T15169] hsr0: entered allmulticast mode
[  365.378175][T15169] hsr_slave_0: entered allmulticast mode
[  365.384091][T15169] hsr_slave_1: entered allmulticast mode
[  365.403114][T14933] veth0_macvtap: entered promiscuous mode
[  365.432385][T15179] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2720'.
[  365.448784][T14933] veth1_macvtap: entered promiscuous mode
[  365.494880][T14933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  365.535177][T14933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  365.562304][T14933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  365.599195][T14933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  365.634838][T14933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  365.663628][T14933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  365.703196][T14933] batman_adv: batadv0: Interface activated: batadv_slave_0
[  365.724095][T15186] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2721'.
[  365.767118][T14933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  365.818390][T14933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  365.849610][T14933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  365.875295][T14933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  365.896803][T14933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  365.918350][T14933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  365.937945][T14933] batman_adv: batadv0: Interface activated: batadv_slave_1
[  365.958316][T15183] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  365.968738][T15183] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  366.011597][T14933] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  366.031212][T14933] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  366.049120][T14933] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  366.067704][T14933] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  366.306750][T15203] netlink: 'syz.1.2729': attribute type 3 has an invalid length.
[  366.419714][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  366.427610][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  366.583388][ T7514] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  366.599460][ T7514] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  366.896076][T15229] netlink: 'syz.0.2738': attribute type 1 has an invalid length.
[  366.978440][T15235] netlink: 'syz.3.2740': attribute type 10 has an invalid length.
[  367.078177][T15235] veth0_to_bond: entered promiscuous mode
[  367.096987][T15235] veth0_to_bond: entered allmulticast mode
[  367.114135][T15235] bond0: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  367.135515][T15243] x_tables: arp_tables: .0 target: invalid size 8 (kernel) != (user) 0
[  367.154218][T15243] x_tables: arp_tables: .0 target: invalid size 8 (kernel) != (user) 0
[  367.191396][T15243] x_tables: arp_tables: .0 target: invalid size 8 (kernel) != (user) 0
[  367.201160][T15243] x_tables: arp_tables: .0 target: invalid size 8 (kernel) != (user) 0
[  367.502740][T15262] bond0: option resend_igmp: invalid value (5160963)
[  367.562658][T15262] bond0: option resend_igmp: allowed values 0 - 255
[  368.457409][T15272] __nla_validate_parse: 10 callbacks suppressed
[  368.457436][T15272] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2749'.
[  368.500699][T15273] netlink: 'syz.1.2750': attribute type 10 has an invalid length.
[  368.773203][T15287] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2756'.
[  368.901076][T15293] validate_nla: 3 callbacks suppressed
[  368.901098][T15293] netlink: 'syz.3.2758': attribute type 39 has an invalid length.
[  368.938764][T15295] netlink: 'syz.0.2759': attribute type 7 has an invalid length.
[  369.090961][T15300] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2760'.
[  369.109482][ T5834] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  369.118822][ T5834] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  369.131014][ T5834] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  369.140894][ T5834] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  369.150218][ T5834] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  369.151253][T15308] ax25_connect(): syz.4.2762 uses autobind, please contact jreuter@yaina.de
[  369.167102][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  369.214574][T15306] sctp: [Deprecated]: syz.0.2763 (pid 15306) Use of int in max_burst socket option.
[  369.214574][T15306] Use struct sctp_assoc_value instead
[  369.252126][T15299] ------------[ cut here ]------------
[  369.258104][T15299] refcount_t: decrement hit 0; leaking memory.
[  369.281840][T15299] WARNING: CPU: 1 PID: 15299 at lib/refcount.c:31 refcount_warn_saturate+0xfa/0x1d0
[  369.291712][T15299] Modules linked in:
[  369.295664][T15299] CPU: 1 UID: 0 PID: 15299 Comm: syz.4.2762 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  369.306908][T15299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  369.317069][T15299] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0
[  369.327693][T15299] Code: b2 00 00 00 e8 d7 2e cc fc 5b 5d c3 cc cc cc cc e8 cb 2e cc fc c6 05 38 7b 31 0b 01 90 48 c7 c7 80 b5 80 8c e8 87 e9 8b fc 90 <0f> 0b 90 90 eb d9 e8 ab 2e cc fc c6 05 15 7b 31 0b 01 90 48 c7 c7
[  369.348509][T15299] RSP: 0018:ffffc90005177b68 EFLAGS: 00010246
[  369.355088][T15299] RAX: c549e31b71743d00 RBX: ffff88802274a64c RCX: ffff88805b05da00
[  369.363163][T15299] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  369.371255][T15299] RBP: 0000000000000004 R08: ffffffff8181ae52 R09: fffffbfff1d3a69c
[  369.379598][T15299] R10: dffffc0000000000 R11: fffffbfff1d3a69c R12: ffff88802274a608
[  369.387746][T15299] R13: 0000000000000000 R14: ffff88802274a64c R15: dffffc0000000000
[  369.395923][T15299] FS:  000055558afef500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  369.405045][T15299] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  369.412115][T15299] CR2: 00007f6dd1064440 CR3: 0000000077ff2000 CR4: 00000000003526f0
[  369.420220][T15299] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  369.428307][T15299] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  369.436447][T15299] Call Trace:
[  369.440082][T15299]  <TASK>
[  369.443052][T15299]  ? __warn+0x165/0x4d0
[  369.447246][T15299]  ? refcount_warn_saturate+0xfa/0x1d0
[  369.452853][T15299]  ? report_bug+0x2b3/0x500
[  369.457405][T15299]  ? refcount_warn_saturate+0xfa/0x1d0
[  369.462963][T15299]  ? handle_bug+0x60/0x90
[  369.467325][T15299]  ? exc_invalid_op+0x1a/0x50
[  369.472405][T15299]  ? asm_exc_invalid_op+0x1a/0x20
[  369.477573][T15299]  ? __warn_printk+0x292/0x360
[  369.482588][T15299]  ? refcount_warn_saturate+0xfa/0x1d0
[  369.488250][T15299]  ? refcount_warn_saturate+0xf9/0x1d0
[  369.493970][T15299]  ref_tracker_free+0x6af/0x7e0
[  369.499314][T15299]  ? __pfx_ref_tracker_free+0x10/0x10
[  369.504747][T15299]  ? ax25_destroy_socket+0x551/0x5c0
[  369.510161][T15299]  ax25_release+0x368/0x960
[  369.514819][T15299]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  369.520292][T15299]  sock_close+0xbc/0x240
[  369.524579][T15299]  ? __pfx_sock_close+0x10/0x10
[  369.529819][T15299]  __fput+0x3e9/0x9f0
[  369.533868][T15299]  task_work_run+0x24f/0x310
[  369.538585][T15299]  ? _raw_spin_unlock+0x28/0x50
[  369.543557][T15299]  ? __pfx_task_work_run+0x10/0x10
[  369.548711][T15299]  ? syscall_exit_to_user_mode+0xa3/0x340
[  369.554555][T15299]  syscall_exit_to_user_mode+0x13f/0x340
[  369.560694][T15299]  do_syscall_64+0x100/0x230
[  369.565344][T15299]  ? clear_bhb_loop+0x35/0x90
[  369.570137][T15299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.576078][T15299] RIP: 0033:0x7ff2d158d169
[  369.580571][T15299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  369.600851][T15299] RSP: 002b:00007ffdf52f0e58 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  369.609703][T15299] RAX: 0000000000000000 RBX: 00007ff2d17a7ba0 RCX: 00007ff2d158d169
[  369.617716][T15299] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  369.625789][T15299] RBP: 00007ff2d17a7ba0 R08: 0000000000000154 R09: 0000000bf52f114f
[  369.634195][T15299] R10: 00000000003ffc84 R11: 0000000000000246 R12: 000000000005a4c1
[  369.642656][T15299] R13: 00007ff2d17a6080 R14: ffffffffffffffff R15: 00007ffdf52f0f70
[  369.650771][T15299]  </TASK>
[  369.653834][T15299] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  369.661154][T15299] CPU: 1 UID: 0 PID: 15299 Comm: syz.4.2762 Not tainted 6.14.0-rc7-syzkaller-01431-gbfc17c165835 #0
[  369.671950][T15299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  369.682037][T15299] Call Trace:
[  369.685355][T15299]  <TASK>
[  369.688309][T15299]  dump_stack_lvl+0x241/0x360
[  369.693036][T15299]  ? __pfx_dump_stack_lvl+0x10/0x10
[  369.698270][T15299]  ? __pfx__printk+0x10/0x10
[  369.702931][T15299]  ? _printk+0xd5/0x120
[  369.707124][T15299]  ? __init_begin+0x41000/0x41000
[  369.712195][T15299]  ? vscnprintf+0x5d/0x90
[  369.716550][T15299]  panic+0x349/0x880
[  369.720457][T15299]  ? __warn+0x174/0x4d0
[  369.724624][T15299]  ? __pfx_panic+0x10/0x10
[  369.729076][T15299]  __warn+0x344/0x4d0
[  369.733075][T15299]  ? refcount_warn_saturate+0xfa/0x1d0
[  369.738551][T15299]  report_bug+0x2b3/0x500
[  369.742892][T15299]  ? refcount_warn_saturate+0xfa/0x1d0
[  369.748369][T15299]  handle_bug+0x60/0x90
[  369.752531][T15299]  exc_invalid_op+0x1a/0x50
[  369.757038][T15299]  asm_exc_invalid_op+0x1a/0x20
[  369.761898][T15299] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0
[  369.767981][T15299] Code: b2 00 00 00 e8 d7 2e cc fc 5b 5d c3 cc cc cc cc e8 cb 2e cc fc c6 05 38 7b 31 0b 01 90 48 c7 c7 80 b5 80 8c e8 87 e9 8b fc 90 <0f> 0b 90 90 eb d9 e8 ab 2e cc fc c6 05 15 7b 31 0b 01 90 48 c7 c7
[  369.787602][T15299] RSP: 0018:ffffc90005177b68 EFLAGS: 00010246
[  369.793693][T15299] RAX: c549e31b71743d00 RBX: ffff88802274a64c RCX: ffff88805b05da00
[  369.801690][T15299] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  369.809670][T15299] RBP: 0000000000000004 R08: ffffffff8181ae52 R09: fffffbfff1d3a69c
[  369.817647][T15299] R10: dffffc0000000000 R11: fffffbfff1d3a69c R12: ffff88802274a608
[  369.825630][T15299] R13: 0000000000000000 R14: ffff88802274a64c R15: dffffc0000000000
[  369.833630][T15299]  ? __warn_printk+0x292/0x360
[  369.838414][T15299]  ? refcount_warn_saturate+0xf9/0x1d0
[  369.843891][T15299]  ref_tracker_free+0x6af/0x7e0
[  369.848754][T15299]  ? __pfx_ref_tracker_free+0x10/0x10
[  369.854145][T15299]  ? ax25_destroy_socket+0x551/0x5c0
[  369.859450][T15299]  ax25_release+0x368/0x960
[  369.863962][T15299]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  369.869363][T15299]  sock_close+0xbc/0x240
[  369.873624][T15299]  ? __pfx_sock_close+0x10/0x10
[  369.878495][T15299]  __fput+0x3e9/0x9f0
[  369.882514][T15299]  task_work_run+0x24f/0x310
[  369.887124][T15299]  ? _raw_spin_unlock+0x28/0x50
[  369.892010][T15299]  ? __pfx_task_work_run+0x10/0x10
[  369.897154][T15299]  ? syscall_exit_to_user_mode+0xa3/0x340
[  369.902916][T15299]  syscall_exit_to_user_mode+0x13f/0x340
[  369.908610][T15299]  do_syscall_64+0x100/0x230
[  369.913226][T15299]  ? clear_bhb_loop+0x35/0x90
[  369.917932][T15299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.923847][T15299] RIP: 0033:0x7ff2d158d169
[  369.928275][T15299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  369.947892][T15299] RSP: 002b:00007ffdf52f0e58 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  369.956321][T15299] RAX: 0000000000000000 RBX: 00007ff2d17a7ba0 RCX: 00007ff2d158d169
[  369.964314][T15299] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  369.972293][T15299] RBP: 00007ff2d17a7ba0 R08: 0000000000000154 R09: 0000000bf52f114f
[  369.980361][T15299] R10: 00000000003ffc84 R11: 0000000000000246 R12: 000000000005a4c1
[  369.988340][T15299] R13: 00007ff2d17a6080 R14: ffffffffffffffff R15: 00007ffdf52f0f70
[  369.996342][T15299]  </TASK>
[  369.999538][T15299] Kernel Offset: disabled
[  370.003944][T15299] Rebooting in 86400 seconds..