last executing test programs:

1m6.910387621s ago: executing program 4 (id=199):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) (async)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0xa, &(0x7f00000000c0)=[{0xe, 0x80, 0x2, 0x104}, {0x7c, 0x8, 0x90, 0x9}, {0x5, 0xf2, 0x3, 0x8}, {0xc, 0x5, 0x6, 0x5}, {0x5, 0x8, 0xe5, 0x9}, {0x1, 0x7, 0x7, 0x9f24}, {0x7, 0xf, 0x9, 0x3fe0}, {0x7, 0x3, 0x1, 0xa32}, {0xff, 0x7, 0x8, 0xd}, {0x10, 0xf2, 0xb, 0x4000000}]})
ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f0000000500)={'bridge0\x00'}) (async)
socket$alg(0x26, 0x5, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000001c0), r1) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000340)=@bpf_tracing={0x1a, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1e449, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$tipc(0x1e, 0x5, 0x0)
listen(r4, 0x0) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
writev(r5, &(0x7f0000000400)=[{&(0x7f00000002c0)="a609a8", 0x3}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r5, 0x0)
r6 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e20, 0x10001, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}, 0x1c) (async)
unshare(0x24020400) (async)
poll(&(0x7f0000000100)=[{r4, 0xd350}], 0x1, 0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r8=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5000000010000100"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000300012800b00010065727370616e0000200002800400120005001600020000000600180017000000050017"], 0x50}}, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000fc0))
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000001d40)={0x0, 0x0, &(0x7f0000001d00)={&(0x7f0000000200)={0x14, r2, 0x1, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40004}, 0x4)
ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f0000000000))

57.760976203s ago: executing program 2 (id=831):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000080)={0x9, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @broadcast}}}, 0x108)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000800)=ANY=[@ANYBLOB="090000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000002000000ac1e000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006e000000000000000000000000000000000000000000000000000000000000000000020000007f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x290)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[], 0xdc}}, 0x80000)
socket(0x6, 0x80000, 0x80000000)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000080)={r3}, &(0x7f0000000100)=0x8)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000018009480080001d4296991000c0002800500095bcb280029000000"], 0x38}}, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f00000001c0)={0x3, {{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x88)
writev(r0, &(0x7f0000000380)=[{&(0x7f0000000340)="2367992ae5b81a4b882cc9929c7f91da1567e308208c7664e9d927ed1bdb2a15bcd71e82bebae8e5d4d6ad8a3f312c", 0x2f}], 0x1)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000280)=ANY=[@ANYBLOB="090000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000100"/130], 0xb1)

56.244941801s ago: executing program 4 (id=199):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) (async)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0xa, &(0x7f00000000c0)=[{0xe, 0x80, 0x2, 0x104}, {0x7c, 0x8, 0x90, 0x9}, {0x5, 0xf2, 0x3, 0x8}, {0xc, 0x5, 0x6, 0x5}, {0x5, 0x8, 0xe5, 0x9}, {0x1, 0x7, 0x7, 0x9f24}, {0x7, 0xf, 0x9, 0x3fe0}, {0x7, 0x3, 0x1, 0xa32}, {0xff, 0x7, 0x8, 0xd}, {0x10, 0xf2, 0xb, 0x4000000}]})
ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f0000000500)={'bridge0\x00'}) (async)
socket$alg(0x26, 0x5, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000001c0), r1) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000340)=@bpf_tracing={0x1a, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1e449, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$tipc(0x1e, 0x5, 0x0)
listen(r4, 0x0) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
writev(r5, &(0x7f0000000400)=[{&(0x7f00000002c0)="a609a8", 0x3}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r5, 0x0)
r6 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e20, 0x10001, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}, 0x1c) (async)
unshare(0x24020400) (async)
poll(&(0x7f0000000100)=[{r4, 0xd350}], 0x1, 0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r8=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5000000010000100"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000300012800b00010065727370616e0000200002800400120005001600020000000600180017000000050017"], 0x50}}, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000fc0))
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000001d40)={0x0, 0x0, &(0x7f0000001d00)={&(0x7f0000000200)={0x14, r2, 0x1, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40004}, 0x4)
ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f0000000000))

46.935862475s ago: executing program 2 (id=831):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000080)={0x9, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @broadcast}}}, 0x108)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000800)=ANY=[@ANYBLOB="090000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000002000000ac1e000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006e000000000000000000000000000000000000000000000000000000000000000000020000007f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x290)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[], 0xdc}}, 0x80000)
socket(0x6, 0x80000, 0x80000000)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000080)={r3}, &(0x7f0000000100)=0x8)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000018009480080001d4296991000c0002800500095bcb280029000000"], 0x38}}, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f00000001c0)={0x3, {{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x88)
writev(r0, &(0x7f0000000380)=[{&(0x7f0000000340)="2367992ae5b81a4b882cc9929c7f91da1567e308208c7664e9d927ed1bdb2a15bcd71e82bebae8e5d4d6ad8a3f312c", 0x2f}], 0x1)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000280)=ANY=[@ANYBLOB="090000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000100"/130], 0xb1)

45.295115755s ago: executing program 4 (id=199):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) (async)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0xa, &(0x7f00000000c0)=[{0xe, 0x80, 0x2, 0x104}, {0x7c, 0x8, 0x90, 0x9}, {0x5, 0xf2, 0x3, 0x8}, {0xc, 0x5, 0x6, 0x5}, {0x5, 0x8, 0xe5, 0x9}, {0x1, 0x7, 0x7, 0x9f24}, {0x7, 0xf, 0x9, 0x3fe0}, {0x7, 0x3, 0x1, 0xa32}, {0xff, 0x7, 0x8, 0xd}, {0x10, 0xf2, 0xb, 0x4000000}]})
ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f0000000500)={'bridge0\x00'}) (async)
socket$alg(0x26, 0x5, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000001c0), r1) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000340)=@bpf_tracing={0x1a, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1e449, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$tipc(0x1e, 0x5, 0x0)
listen(r4, 0x0) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
writev(r5, &(0x7f0000000400)=[{&(0x7f00000002c0)="a609a8", 0x3}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r5, 0x0)
r6 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e20, 0x10001, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}, 0x1c) (async)
unshare(0x24020400) (async)
poll(&(0x7f0000000100)=[{r4, 0xd350}], 0x1, 0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r8=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5000000010000100"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000300012800b00010065727370616e0000200002800400120005001600020000000600180017000000050017"], 0x50}}, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000fc0))
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000001d40)={0x0, 0x0, &(0x7f0000001d00)={&(0x7f0000000200)={0x14, r2, 0x1, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40004}, 0x4)
ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f0000000000))

33.847148274s ago: executing program 2 (id=831):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000080)={0x9, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @broadcast}}}, 0x108)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000800)=ANY=[@ANYBLOB="090000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000002000000ac1e000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006e000000000000000000000000000000000000000000000000000000000000000000020000007f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x290)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[], 0xdc}}, 0x80000)
socket(0x6, 0x80000, 0x80000000)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000080)={r3}, &(0x7f0000000100)=0x8)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000018009480080001d4296991000c0002800500095bcb280029000000"], 0x38}}, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f00000001c0)={0x3, {{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x88)
writev(r0, &(0x7f0000000380)=[{&(0x7f0000000340)="2367992ae5b81a4b882cc9929c7f91da1567e308208c7664e9d927ed1bdb2a15bcd71e82bebae8e5d4d6ad8a3f312c", 0x2f}], 0x1)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000280)=ANY=[@ANYBLOB="090000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000100"/130], 0xb1)

32.409520882s ago: executing program 4 (id=199):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) (async)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0xa, &(0x7f00000000c0)=[{0xe, 0x80, 0x2, 0x104}, {0x7c, 0x8, 0x90, 0x9}, {0x5, 0xf2, 0x3, 0x8}, {0xc, 0x5, 0x6, 0x5}, {0x5, 0x8, 0xe5, 0x9}, {0x1, 0x7, 0x7, 0x9f24}, {0x7, 0xf, 0x9, 0x3fe0}, {0x7, 0x3, 0x1, 0xa32}, {0xff, 0x7, 0x8, 0xd}, {0x10, 0xf2, 0xb, 0x4000000}]})
ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f0000000500)={'bridge0\x00'}) (async)
socket$alg(0x26, 0x5, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000001c0), r1) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000340)=@bpf_tracing={0x1a, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1e449, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$tipc(0x1e, 0x5, 0x0)
listen(r4, 0x0) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
writev(r5, &(0x7f0000000400)=[{&(0x7f00000002c0)="a609a8", 0x3}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r5, 0x0)
r6 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e20, 0x10001, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}, 0x1c) (async)
unshare(0x24020400) (async)
poll(&(0x7f0000000100)=[{r4, 0xd350}], 0x1, 0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r8=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5000000010000100"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000300012800b00010065727370616e0000200002800400120005001600020000000600180017000000050017"], 0x50}}, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000fc0))
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000001d40)={0x0, 0x0, &(0x7f0000001d00)={&(0x7f0000000200)={0x14, r2, 0x1, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40004}, 0x4)
ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f0000000000))

22.232013696s ago: executing program 2 (id=831):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000080)={0x9, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @broadcast}}}, 0x108)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000800)=ANY=[@ANYBLOB="090000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000002000000ac1e000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006e000000000000000000000000000000000000000000000000000000000000000000020000007f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x290)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[], 0xdc}}, 0x80000)
socket(0x6, 0x80000, 0x80000000)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000080)={r3}, &(0x7f0000000100)=0x8)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000018009480080001d4296991000c0002800500095bcb280029000000"], 0x38}}, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f00000001c0)={0x3, {{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x88)
writev(r0, &(0x7f0000000380)=[{&(0x7f0000000340)="2367992ae5b81a4b882cc9929c7f91da1567e308208c7664e9d927ed1bdb2a15bcd71e82bebae8e5d4d6ad8a3f312c", 0x2f}], 0x1)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000280)=ANY=[@ANYBLOB="090000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000100"/130], 0xb1)

20.523487507s ago: executing program 4 (id=199):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) (async)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0xa, &(0x7f00000000c0)=[{0xe, 0x80, 0x2, 0x104}, {0x7c, 0x8, 0x90, 0x9}, {0x5, 0xf2, 0x3, 0x8}, {0xc, 0x5, 0x6, 0x5}, {0x5, 0x8, 0xe5, 0x9}, {0x1, 0x7, 0x7, 0x9f24}, {0x7, 0xf, 0x9, 0x3fe0}, {0x7, 0x3, 0x1, 0xa32}, {0xff, 0x7, 0x8, 0xd}, {0x10, 0xf2, 0xb, 0x4000000}]})
ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f0000000500)={'bridge0\x00'}) (async)
socket$alg(0x26, 0x5, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000001c0), r1) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000340)=@bpf_tracing={0x1a, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1e449, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$tipc(0x1e, 0x5, 0x0)
listen(r4, 0x0) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
writev(r5, &(0x7f0000000400)=[{&(0x7f00000002c0)="a609a8", 0x3}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r5, 0x0)
r6 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e20, 0x10001, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}, 0x1c) (async)
unshare(0x24020400) (async)
poll(&(0x7f0000000100)=[{r4, 0xd350}], 0x1, 0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r8=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5000000010000100"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000300012800b00010065727370616e0000200002800400120005001600020000000600180017000000050017"], 0x50}}, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000fc0))
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000001d40)={0x0, 0x0, &(0x7f0000001d00)={&(0x7f0000000200)={0x14, r2, 0x1, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40004}, 0x4)
ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f0000000000))

11.485550289s ago: executing program 2 (id=831):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000080)={0x9, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @broadcast}}}, 0x108)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000800)=ANY=[@ANYBLOB="090000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000002000000ac1e000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006e000000000000000000000000000000000000000000000000000000000000000000020000007f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x290)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[], 0xdc}}, 0x80000)
socket(0x6, 0x80000, 0x80000000)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000080)={r3}, &(0x7f0000000100)=0x8)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000018009480080001d4296991000c0002800500095bcb280029000000"], 0x38}}, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f00000001c0)={0x3, {{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x88)
writev(r0, &(0x7f0000000380)=[{&(0x7f0000000340)="2367992ae5b81a4b882cc9929c7f91da1567e308208c7664e9d927ed1bdb2a15bcd71e82bebae8e5d4d6ad8a3f312c", 0x2f}], 0x1)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000280)=ANY=[@ANYBLOB="090000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000100"/130], 0xb1)

9.580914031s ago: executing program 4 (id=199):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) (async)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0xa, &(0x7f00000000c0)=[{0xe, 0x80, 0x2, 0x104}, {0x7c, 0x8, 0x90, 0x9}, {0x5, 0xf2, 0x3, 0x8}, {0xc, 0x5, 0x6, 0x5}, {0x5, 0x8, 0xe5, 0x9}, {0x1, 0x7, 0x7, 0x9f24}, {0x7, 0xf, 0x9, 0x3fe0}, {0x7, 0x3, 0x1, 0xa32}, {0xff, 0x7, 0x8, 0xd}, {0x10, 0xf2, 0xb, 0x4000000}]})
ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f0000000500)={'bridge0\x00'}) (async)
socket$alg(0x26, 0x5, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000001c0), r1) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000340)=@bpf_tracing={0x1a, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1e449, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$tipc(0x1e, 0x5, 0x0)
listen(r4, 0x0) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
writev(r5, &(0x7f0000000400)=[{&(0x7f00000002c0)="a609a8", 0x3}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r5, 0x0)
r6 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e20, 0x10001, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}, 0x1c) (async)
unshare(0x24020400) (async)
poll(&(0x7f0000000100)=[{r4, 0xd350}], 0x1, 0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r8=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5000000010000100"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000300012800b00010065727370616e0000200002800400120005001600020000000600180017000000050017"], 0x50}}, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000fc0))
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000001d40)={0x0, 0x0, &(0x7f0000001d00)={&(0x7f0000000200)={0x14, r2, 0x1, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40004}, 0x4)
ioctl$FAT_IOCTL_GET_VOLUME_ID(r1, 0x80047213, &(0x7f0000000000))

2.932149347s ago: executing program 0 (id=2116):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_buf_alloc\x00', r1, 0x0, 0x1}, 0x18)
pipe(&(0x7f0000000000))
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000080)=ANY=[@ANYRES64=0x0], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

2.81668339s ago: executing program 0 (id=2119):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'bond0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x10}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18}}}]}, 0x48}}, 0xfffffffc)

2.737037795s ago: executing program 0 (id=2121):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)=ANY=[@ANYBLOB="18000000240001"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
recvmmsg(r0, &(0x7f0000004ec0)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/4077, 0xfed}], 0x1}, 0x9}], 0x1, 0x2000, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000004c0)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @dev}, {0x2, 0x0, @empty}})
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000440)=ANY=[@ANYBLOB="1801"], 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0) (fail_nth: 4)

2.246192833s ago: executing program 0 (id=2124):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x400, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff3f}, 0xc)
r3 = socket$tipc(0x1e, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bind$tipc(r3, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000000)={0x200042, 0x0, 0x3}, 0x10)
close(r3)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
shutdown(r1, 0x2)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000080)=0x1b0c, 0x4)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x41, 0x3, 0x258, 0x0, 0x19, 0x0, 0xf0, 0x0, 0x1c0, 0x1f0, 0x1f0, 0x1c0, 0x1f0, 0x3, 0x0, {[{{@ip={@private, @dev, 0x0, 0x0, 'wlan1\x00', 'wg1\x00'}, 0x0, 0xd0, 0xf0, 0x0, {0x0, 0xffffffffa0028000}, [@common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x7f}}, @inet=@rpfilter={{0x28}, {0xa}}]}, @unspec=@TRACE={0x20}}, {{@ip={@empty, @empty, 0x0, 0x0, 'veth0_vlan\x00', 'netpci0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x0, 0x6]}, {0xffffffffffffffff}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2b8)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r6 = openat$cgroup_devices(r5, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r6, &(0x7f0000000140)=ANY=[@ANYBLOB='b 75:*\trmr'], 0xa)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x20000090)

1.94163682s ago: executing program 0 (id=2126):
r0 = accept(0xffffffffffffffff, &(0x7f0000000000)=@qipcrtr, &(0x7f0000000080)=0x80)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0x1, 0x58, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000001c0)=[0x0, 0x0], ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x2, 0x5, &(0x7f0000000200)=[0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x31, &(0x7f0000000280)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xf3, 0x8, 0x8, &(0x7f0000000380)}}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000005c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)=@ipv4_delroute={0x48, 0x19, 0x20, 0x70bd2c, 0x25dfdbfd, {0x2, 0x10, 0x80, 0x8, 0xff, 0x1, 0x0, 0x6, 0x1200}, [@RTA_GATEWAY={0x8, 0x5, @empty}, @RTA_SRC={0x8, 0x2, @loopback}, @RTA_IIF={0x8, 0x3, r1}, @RTA_OIF={0x8}, @RTA_MULTIPATH={0xc, 0x9, {0x8, 0x21, 0x5, r2}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40081}, 0x80)
r3 = accept4(r0, &(0x7f0000000600)=@tipc=@id, &(0x7f0000000680)=0x80, 0x0)
r4 = syz_genetlink_get_family_id$gtp(&(0x7f0000000700), r0)
r5 = ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
r6 = ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
r7 = ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
sendmsg$GTP_CMD_ECHOREQ(r3, &(0x7f0000000800)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x6c, r4, 0x3f0c37d2b42b8ff2, 0x70bd2d, 0x25dfdbfd, {}, [@GTPA_FAMILY={0x5, 0xd, 0x22}, @GTPA_FLOW={0x6, 0x6, 0x3}, @GTPA_NET_NS_FD={0x8, 0x7, r5}, @GTPA_TID={0xc, 0x3, 0x1}, @GTPA_MS_ADDR6={0x14, 0xc, @mcast1}, @GTPA_NET_NS_FD={0x8, 0x7, r6}, @GTPA_O_TEI={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r7}, @GTPA_O_TEI={0x8, 0x9, 0x4}]}, 0x6c}, 0x1, 0x0, 0x0, 0x14}, 0x4000)
sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x40, r4, 0x4, 0x70bd2b, 0x25dfdbfd, {}, [@GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_PEER_ADDR6={0x14, 0xb, @loopback}, @GTPA_PEER_ADDRESS={0x8, 0x4, @loopback}, @GTPA_PEER_ADDRESS={0x8, 0x4, @remote}]}, 0x40}, 0x1, 0x0, 0x0, 0x4040}, 0x0)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000940), 0x4)
sendto$inet6(r3, &(0x7f0000000980)="a676485ae3a7f294a5c7f1c73c79634dc3a3e88db7de3fb3ea0d2f1bb82d4e9781dcd119abc12d9174ac82b4d53f6dc6f6c59bbeaf6a409629db5447d6041861e2fbcfdd893b79b2ff58ae5f3754bff08acdc2d5db13835696171b490442e22dd6edf5948628e4a65d1eb69c3d2d6f3bb4b254889b2081b30afe1907a4bcd05c1fe0c5e8404314884b721f243005a6ba5218", 0x92, 0x0, 0x0, 0x0)
r8 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000a80)=@o_path={&(0x7f0000000a40)='./file0\x00', 0x0, 0xc, r7}, 0x18)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000b40)={r8, 0x58, &(0x7f0000000ac0)}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000c00)={0x1, 0x58, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000c80), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r10, &(0x7f0000000d40)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x38, r11, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_SEC_KEY={0xc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xf}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000054}, 0x14)
ioctl$sock_ipv6_tunnel_SIOCADDPRL(r3, 0x89f5, &(0x7f0000000dc0)={'sit0\x00', &(0x7f0000000d80)={@local, 0x0, 0x0, 0x30, 0x0, [{@local}, {@dev}, {@dev}]}})
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000e40)={&(0x7f0000000e00)=""/13, 0x214000, 0x1800, 0xfffff800, 0x3}, 0x20)
r12 = syz_genetlink_get_family_id$gtp(&(0x7f0000000ec0), r0)
sendmsg$GTP_CMD_GETPDP(r0, &(0x7f0000000f80)={&(0x7f0000000e80)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000f40)={&(0x7f0000000f00)={0x24, r12, 0x300, 0x70bd26, 0x25dfdbfe, {}, [@GTPA_FAMILY={0x5, 0xd, 0x21}, @GTPA_LINK={0x8, 0x1, r9}]}, 0x24}, 0x1, 0x0, 0x0, 0x8004}, 0x4081)
r13 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000fc0)=0xffffffffffffffff, 0x4)
bpf$ITER_CREATE(0x21, &(0x7f0000001000)={r13}, 0x8)
ioctl$sock_SIOCGIFINDEX_802154(r10, 0x8933, &(0x7f0000001040)={'wpan4\x00'})
r14 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r14, &(0x7f0000002b00)={&(0x7f0000001080)=@pptp={0x18, 0x2, {0x1, @multicast2}}, 0x80, &(0x7f0000001580)=[{&(0x7f0000001100)="9026f195677e3b4284548c5e5036257e28a5d7ce324a4247c35c782d7bbb2cc52417e45d20139ef8d9726b05c948bc2c42ab8cb8997143a63c42325f048cfa4d8ef33f71b886516e6cd69720cf32afe63bd2c93fe20031afa88f1e18fcdcdd21c8d3cca5dd3044ba9b9a1fc6bed35c6a591dfbffe23a017ce6823faf739ce35722dbf8bc44ba17a4cc6103590f9c53b93457016de004bfcc3fd846a98fb2deabf6811746e41e41086245a6fc8413982b6a535fa786b7c0a413dd78f9592de89b", 0xc0}, {&(0x7f00000011c0)}, {&(0x7f0000001200)="99bae3a1c8e1d69af099306dca91859e1ceaa18bf8a87d267c9df7b95058a121ed2edf2679c392e10bd5b187fa4706dc7cb89b053567a3f5cadea3f18668aecf09a2a46ccd250833183a132925ce766033d423c61be8158532ee3f06e29f242299d08b28bc1a99f408ebc3304d2992e7d020a7402696dcc29b03e31de4bed3ecda", 0x81}, {&(0x7f00000012c0)="0722ba21349386451a0ac2eddb8a429dd836c471883b1148d7830d7d40d951959c134efd663656bbb3491afab46e509d4c06a1ee452b6ed63cba4330c9e477f1c7db20f26801bc801029779c0ba437aa4f083207e290fd4b555a4171f6b2ad2a65e7d2fe252add7add9380a0a0d4846c331d390ea7cce62620125d907e1eb3bdaa598a98d4e6fab34cfe043811d2797ea5f3f9b2b7443bead8c8e1215cb1a75870715fd2a00b1d8bee600c6e7f87899cd958d239f803a7e622e405e4624de6913a8b6da3e4ba35a39db6ff4a1df0f2ab48c0b0c5a18872d2eabcbd1b4873e9b8f4466285f84978ef3b007da7800ad994c7f5", 0xf2}, {&(0x7f00000013c0)="db0ac23e50b34bd5fe6b91c4df535a3035a37ea10f84940835b79e212f61d8e2c5ba78db8188fd3060decffb296ce9efb0e1e916", 0x34}, {&(0x7f0000001400)="c50335cac218cf7ac28b4e3b18d35cb9f28de1bba3164f5e1b87d6fb8ed52c87d70627a950cc671a3ff6f4fcf2c9afc90a777bcfca1f3ae1ed1e63c78b385a73209e41cc4262c4af20eefeaa20bac4c4", 0x50}, {&(0x7f0000001480)="a333f1f0967800e9e126024d5f0c65a1f26d1df66df0f7c2f37091b91cdcde347cd8b4904c6ceb9b3d58b9cca1ed9b8aee0200243e7e978d34d2d37e4d77e2cc2f985e6b6b646257078da99bc689762a5f8a94b8563f69b64e246f3899050192bb8c1e5aa05ed2f63c646f5ada06ea", 0x6f}, {&(0x7f0000001500)="716dde23f002c847dc216ad5603053585ad7e1a4e563040a452c30037004a0f867d51d38d4272ae750df8e36ada284c429627912f5efdf4652e1bcd25326fab811ae9fd72eb7c3883b2c6721502cf2e55c0cd86686bb9b65abba2dd999ce075280", 0x61}], 0x8, &(0x7f0000001600)=[{0x110, 0x107, 0x1, "2ecc0aed9caec63c0e06b4b68b534d1453058e90c21dff673b4a98b69b4c7233dedf915f2ae577a9b1f43ab47933abd9bbaad4e036c1e7d6269c69331644835668cd8d0f5e6eac78d21ce72dc5c1148883850bbc72dd6937f0979a2bc3539bc6efd6d4ff49685b116ac853741f22fb4e004dd26c12384a897719eb391ae53c34d5b9142c8d3c391c024d29a74a6c7e8038af86d111e49abdce054590b68cad426f54c0440de9417cf129544aa1f25ffc0aab2a93d0e44bcc85e90f298f7dea013e2c660abad76d78c4e1e69bfd7f2958ea4475ee030284c8da9c046d2a30bb0b1b411a96a7e8501ef2c305e2ac71fae5f4e8ba2a41b37049fa"}, {0xb8, 0x114, 0x9, "da091f057d46ca3ef5ca3cd77a1a5d2de3d062683e17908fb2e6eb321c107c72788072fee87d4417e97b9f823cf6f6af0b21b533b3c28551f3a70714677cd1f933fbbe98e265fbc8f10a1d6b2ca73535a74f5462a86a9bccb0373c3ce353a2bfecaa914130c229f20e4b61946709529a831f37660531258d17cf5b919f81f13d69e513222caf7a664a457f862fa1f2af821c84fe2d8c9306458428a0fb58ed3fd33dfd80d7"}, {0x110, 0x10c, 0x0, "c2a477754fc4a7a2c283bf8e94681696f8323b52592e85d6b306a8498cd2e5bc4a238ebc9c331a80a0fe12e4e5089f154dd5f8c02c49f6de73142e9e6c8daef8b998eb1965cfe570b80ca14d3d4ebf9cce271675533f1849fa0030e523fabdc312dd46306497aacd2b77de5c3e43bfa6f5c65148846a724c8539122cd4212b124faf2ac271b9707f0acccb742253038771a871cf186d407ecd41d61bb9fca9e494f963549cc6bdd011e51699f8b222d256159171af1f52570385518fe9e2338109aaf87c7b5bdf8d5abd9573479ab1c56997e118fa6cda064b7b344c4956d1742bcde948c819ae7d8ec8d6effd2e020df0c9fcd14974c0cc0698b1238064"}, {0xa8, 0x10b, 0x4, "3a19190673196ec2661eb6e23ea238c7c4bdd2bfdb67d529ce42bcb36c45689fbbef3a7d02a0ff72f9843f9109c5db64ec1e7e4a936bdab0fae792c7c572daad6a21579df22dd1bce2fa14dc42b91a86621708abf868e28f811af39c5e6269a8c7e4016f128904779b80550b124b32a74c54d0c9a1b332c3a97a8e2be488d89c7c41452e6deeb7d3fb9fcd1c86779b1df004b1bf5c"}, {0xc0, 0x10e, 0x9, "126c68035fd6b3049a77aa1fdbbc880ce96030f72695f334bf53a9023fd2394335a1610c5c5bb3f4089275c192445b2cddfa8b6af7a6d37b9c4aa39d4b5f820d5fe2b01e4389cc32c4af4e44900ab89afaf57d2433d651625372676d1524f808427c05c63f505343f2d8f69a61befff6cf8122580e9c8efacd24e807cbba0822555c54b019d1bb3cf06f6c2ed28fad1f411fdc70b2231cf7f8b1cc24100b5f8d8c19d737d33f17ae7bbfa8"}, {0x1010, 0x181, 0x8, "6f2d8e42f7464e9b293cf23e2ccbd2a55e39b5d140c98099a13bba75db674bb0abdfb2bb1be7716be6b833ec6be754299251ef0e1c794c6c525844abd37a5dd0dcf89063c022e9904bcadb41c9a8e8ffeb459f74b7cd8bb98607d813748b577356627683386eaa621ecb042e32124f28f8521cdf6d7e187bec6c6311ddc92dc3e37b9badc8271ec696184b1501601c9eb094ee2f47052d67f4c52286c06d287d5ad266e8f9c15afd3b6f53517aef19bc8b42c8bc09d30526dbe51e55e2d2058357a2a6aa828dfc8826393786dc4f1e76f5301c0b72bf13e6f3c9fa40e5dc11f83eb0993be185f0bfe2ec2e59032d9372198731b57c2c92b2183baf06d9b12099dce08204e938cd1d7f70d8923383f40ce9ed302e41693fd2daba45b71991b7f024a9cd21abf1c4682c69012c5089d16d0849d2df8dd8c96b80c2fbed06f24a6b313e4a57f0acfa675feeb6a7157b4241d24b0a196738bd69e656dc267370f53dd0b4e752a77b760548b2ec61eb110798b884cf653a0b6a4a303b517bca4f0253dab8aff95db2bafa6d58279474ae753f304c7efb837b2cb93e403727d2896d06fee18b14c53a39ecba9dc76158f9b05e1fbcdfc343adb66390b131e696d51bf6b717acbf63dd4ea2717f8369b564e0646608c0e9344fbfc037757dc89194ea186b73554fe1c42267585a371065dee554754376d88c34c8e397d8868f17022362f43bdf3f520b2660d601437bc1e1d476f631919bd6a475be8ceb9fab22e0a2362cc55de2515e613784a7df55c3791e4409fce1a061c39f3f27d5b99985a989522ba4563d0b223923dce463e549e2fd6b12ce525956cb6fb7d4acb99ae0312ab16f608e0260b6d3e7a6d89409f1461553768686271c271518400327c7c837c2b2786a40eb4cab7650036328bd621e7994a5c9c6cb72a91e0c53b103fa0fd27e5137c0af3f1d6d0c7783198200cfba89594b9d5543e150f4bff393b03cecb06c06c0953f1732ed10d42e94e063f8e5fe1448d3f61a3e7b583b0fd4906133e227c3e002b58911531655d9838a7f28ad339aac59a39c540f2b162d7ae1f77d8e5b3f27db2b709ae7320353ea2a017f31bfafa5bdf8e91358310246f556254dc6652b189cdb1329d22d9bf7c3727bfb4056986748d0d0a2654454017ee8c432d4725df4a337c2255282812c562fbcc6191ca3d95d5ad36a9dd5525f8beb3d97697cd94c94d33c9223e8ee27ad3fec1ed53e139f9f8fd06c9f89aea2eb90ae9ba9363afd43a73218e19042814230775099a4cafb4b4acec31617f613fe502eb0ac8aaad2f020b7786c117dfa0a5918765114519d42da1778dbd6f2cd603ff670c4f75a0d32f0fdbe58563c71e0f49c4df448248b90fb7a229c384010800faab3fa39d8ccf7cd53ccf876c5933668050fa82158105ffd39043d0c549610aa5c0896b3317c386d68d78efbe5b3f4dc39f12eed7bfb069f6e1d504ac3b584d0c1d69b2776c6517d5bc662fba281c95e0b892d2bcc33d9861062e9936410758b0310e559c10bbc98b294c4cd9daf388f4ea31729e7a16b7cc4f7ed361a5ab3e647bfea7b10dfb99cadde90fdac53a206ac1f6bdf730bde2fa9e107e175dac65861cdc00b6ad9fd82e12ecdd60d5681415328baed4036dee309f5b821b7173adbb621daebd06e528855f0fd3af3db77e49911ad189c7925497682e723e52ab4a4394aa10384b22b443ace4bc27ccb626a313c86186ee0935a0d24d370974099a7bcd30fa7c18fcb7c472599ec3ba4383e72c92c8fdfa192c33ffdea05c977973078d78ef95918c09e1ba610b58f6d19117a1792efffcfd17b4fb9cb4eef786431c8e95d35ad113b1ed15c2d25795795e8c9a6d4af704abc6bbbd61f9d0a76112a91eeb1f10bcee8639863793f6ce89bf4b4b04380051baf58edc1bfdafa1790300ddcff5650c3cddb16ab29f1890484b465787f9921cdd7a3af050f9343a1a9c754728496f810e7f2587c0ea2d9394c4253a2235872b3a9cd24477322d88c3e4673289a17e2e36da1095b783a4d0d46f7a1cf3d7dc52dc925f2f2c54f997fc6b47b038e8765304d61dc996bd54b926aa1c20f89b4a22341fbb0da58fa64685b1005da73c016b188c673eeb416f1d97011f85678daa30cd999405e3d8f003af467ef1e54d762cfc14a3bac0e6800d3d0b0a7caecdf979bf3d716f67d0382f0ad0f823f0eecfd32c0ce39a70f08bfcf6d017fbd3282c03e0cb5406d946d36fa67409bc4e0ad7b68171037b44de53140df173a3a0f09026acc2267d670cdd57d93f8fd4b6475fc3e8917307cbca58eeff3ca213bc97a5257623cf966f5eca60ed5468b00a0f65f724a326a1100b2150dffb551829e51c9d296f754420f73b34ec54f5239fbe5642e4c5b62e81410d1111c8ce98a5281b94d5f3298f691929400f48db68b4b4d5c7eca760383f072a23b8572d3e6e202924360f743e37be0af12eacc6e831af48da0a6232a7db16650e6aaaf38bfc8b3f6f49591bb2b0f6c2d2cb42632d2414948f5942f8a3d98316b771e8e799c37f050871838cc23d0f393b4780afb48cd7092c2df2ea662b9facee45adf4b08577ccd918dcdf30d18a648597629d58f64f4128cba54dbd95ad0126f39d90ac753bf4e0e2c570d22ba165cc87158eec8336922c209e7c8788b003aee8e0d0f903a6444ceb9d8d1fbcaab1ef320bcb47f70778b8d753398268c6f443cf69fec60af11401cde060989af0b29263891a40273a91fb1352f5bce817c5b4e43790096b901001387391d21c30e2862412969e8e1a244862976ddc2e81b9719b4590636246c1b34217a7b131634134c02d9e5587cdb127935b9735286551afb553e6e92dc8ca7376dca6a9d9f89f38e2c1dd8d2d7aa9764959eed34665d7a742356f570500777121b8721508d31b0312b999108249c219de9f4d238f81c85fd563b1984fd7094d3be8f08fe5c1e622af55fbabfc96d2e555700bca8230a7fb86b6f7f4e690800eb25fab218695a0a06d628f85e9eb58e105868031b8bbaea2c791922dba8ca04169a20dd467b0df0e8fe104c1d7d3796059df380e0048a7b8bf4a07ae60131b59742b6a02d94c269ab7c9163cd0d2b79582c16bb566ee04b093e72cbb40c7614ecd39d05cb9b56f9ee4640c5640bb53f8a2bb7b6dac751fd1c2d6364326333faa6c223dcd3af8e296d5f4059a62c84de66678b8c7cc62b411302535c84a945aea9718afb83c53aa4df4ba8776a7740bbf493cfb27eae719a0f1b16a82a5490f8f7962e957ec6fa5d6e02dae240bdac8542881f0a12c2306d36a4ff7f740ab6e082942dd84d19a82e70cac4be33788b103af7e90db964ac040dda2d1f8272c062c3e7132ccb15513634df9d41c197b2fe951ab0384b4ad4d1289550c42f4eef3da748258bd30f1e6f62377461f04b3a8de3444082964049f24bc74a19a49a4ac823d2900098874de3f2b4ca2fdeda14bd70eb1d90fafda631a2858759b68c5b39a6af3938756dcba9bd612c3bff1d2f381dd39c1590cbd54587fc55d0ffc85083f962fcb38086e5451ed8e1e2d5aaeec170da5b496942f3cb200c4ca009b76da0bd6d70153b87f05279a5a656cf2dc9f7e3d8cc587c002188e7584b3e306c7853432eb0f1768cd6d4dc3884ff8acd9817216d74f07d9a5e1412c8091007add9e0a7bc04332146d67d70108957fc501c30153b087f5ea233a484ae38569ac020c27e046187ad43573b312bb200f62d0a25f862d447922890c65a8ad40d92c80fc4191c3c00c57dfa06fdc22758e8cc708d279c1a5d84ef941cc59d51f85f60df0e4c734d3fdeb5a374e7ab8109e211c8a020248e3924a207064e61341898e6db00e36a9e36fa5407ad08ca7de5f86c1b6c920eb355c43057f722d68407e3ca2145d33db1e2909ebcbe449848734d375f5520ece2ddb80a01703abe53c8e407608604267a88de2bac9f48b26f19ad3431c5ccd329c7841cd3f990ec705a634642b5cb81de98f3d3f910cf281eaf49e6ac027efbe48ab8c78af2013f9db662bdc73fd9444a479f0cc4cb735221af3d8b8c4048334881f94d87e97fc46c0d0041fec5a19f378c44984712ef2c26a3ceda7c14554eb7df351edd665648d3dd54872501bc26f7530e8d86fec9346d15cb3f4e514c39274ec2f5ea31aafd429c629facf222547468762d1e04e6895c8471ea711a05358106a38bb9b04e15ca047ca3748c8733505a4f75d83ce5eca3f5b04ae4711b93a3ea80cf263043588fac34e8aac3b4b7998764e39fb92f973874531e57058a13c04823da9108858eb1ec0d98008328b1ed7a6505eef32504ee31a2f8c4d07222b77585855c4e24cf0c26a6096ed775060c9e344fc5915bbd277078927e5f8867966f64c919810c25f91d789a6aa5657bae64119d0da9cbe3227261517f3719348eb38992d7e4d7c0f32a67aa2c49adb8498309e99f018f261a3c3bc939e29e6df8b48c65212e6b3a6a5710472ebf42063f2d6c0bf3b99fda475daaed9e476f301675ed6ca199c6d24574c2a520f60e516c489498725b4234543eec7fcfc12e2ad3d30baad1a3b31fe0f64591acf01e67bc2e49fbc6ebdb0016c13186c86cef5b7ae382df3c32c6bafa35bebf0ffe8e579468677bd524f26ab07879a475d15fcf151e77f9ff6557809097d5332ca378d7529efdc64e79b3079794fed63820a7b6eb111d6c0c3d55591c86187ef8a83b1158b1ca8d336419a2b40492c27500e5295cd0cf8c46e867dfc50b3a99d8529d3a4a270e21875d1955994755d8ef8b924758676f120e47671eab0779c1d8835e94bd6dde3532209647daa05f9970f81dd780cd9fdce330edff817e827e7e04637c06ec888575f15689eab43dbc49adba2691f8f5f7fef4f93c91aa1b712c778cb977b681b13814ece88282ff4fe5682957d266951c82f21fae425580ea44706165b6186c52bcc1cfd9c3aed1c1a6013ed547f14d27621d33afdd6a4956888493e7af887009de056734cfc5740c115b37b5a6565e52ad80213406131825979725d3388c4b96fee6efb3050181464d32d9f9def62ab7769c8e7e0b14377263bf53f8103b87f5a8f129f84fcdd1fdef133bdefbd981f1be76bda94fe8ec3c852ab87fb0c0b36f467680a0531929929e63665d826d019f290deccb42a7df555b173c7fc2bd6d5d06334c55504e003e914ba5160943f33b8457efa26d80aacd70e6ff2976b51c656e3eee1570f91001de076cfaeb6ab5a107821750a7634ea762ae28698ba29502a0c9d71baff2fb9aa946ac1b6d0049599610d4df13ea2d2b98932072dadb50351d111939eb7d1eb9cde3de591a437e8e8128fb3930d3f50081e9087e03b3fd40e001f77b0d8857e79ef7b5aa5c9df511a2a5d8ada8926b940320ada4fe3befd1adefb47673f392e7e6c5c2f9a743361c39b106cfaa4a932e366b99952828f2f1a2529da43f3c9b00df521bcedb931ac3286fab232d0e8de0fc7d6bcf4763555616b0e16e22c88d620ee4facd9d28bab3d49df61037294c5536173ab9fc7f344f18dc14845f407e177603ce2890df2a799a5b8d68dc69ccf8e6cd5cfdc8d4d127a09ef9a4a7004320cd56105bfa4541634ed51eb420ab93e9537b41b721fa8b3dff20d7b097fc3b3e33f4f681d0fab4a44a08e8832229b4d41e08db6a894b367b792c57af8072839e24b56ba13f7ab733660a119ab86dfc9dbe305fe546a2c9f47fd8b1e6ee6e903fad3b109976f8abfb35da3e892529fa845f2ab12c60dd4e2d268f8e5a30a8e151fc2c"}, {0x50, 0x1da, 0x7fff, "307541e087754f540ed6017b0f889323857339cb564b9df9c990a47be9a21a9e3c33331226a5b503d638e5e8813aed24f934b83259e8beb89a"}, {0x28, 0x10a, 0x4, "19af2737aaeca75a209897b3e1d7cafcdf"}], 0x14c8}, 0x10)
r15 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000002b40), 0x4)
bpf$ITER_CREATE(0x21, &(0x7f0000002b80)={r15}, 0x8)

1.821029182s ago: executing program 0 (id=2129):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000040)={'ip6tnl0\x00', &(0x7f0000000140)={'ip6gre0\x00', 0x0, 0x2f, 0x9, 0x2, 0x5, 0x69, @private1, @mcast2, 0x1, 0x0, 0x1, 0x1}})
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001180)=ANY=[@ANYBLOB="14008100180001002dbf57a2aaf147ca01c370241b00fddbdb2500000500"], 0x14}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001140)={r3, 0xe0, &(0x7f0000001040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, &(0x7f0000000e80)=[0x0], &(0x7f0000000ec0)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x70, &(0x7f0000000f00)=[{}, {}], 0x10, 0x10, &(0x7f0000000f40), &(0x7f0000000f80), 0x8, 0x90, 0x8, 0x8, &(0x7f0000000fc0)}}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000e40)=ANY=[@ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="0200000002"], 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x70)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$MRT_DEL_VIF(r7, 0x0, 0x1a, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000800)=ANY=[@ANYRES32=r6, @ANYRES32=r5, @ANYBLOB="02"], 0x10)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000003c0)='sys_enter\x00', r9}, 0x18)
r10 = socket$kcm(0x29, 0x5, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
splice(r10, 0x0, r11, 0x0, 0xf3e, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r8, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMRRU(r8, 0x4010744d, &(0x7f0000000080)=0xc)
r12 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r12, 0x8923, &(0x7f0000000000)={'bridge_slave_0\x00', 0x1})

1.027513948s ago: executing program 1 (id=2138):
r0 = accept4$ax25(0xffffffffffffffff, &(0x7f0000000000)={{0x3, @rose}, [@null, @rose, @bcast, @null, @remote, @netrom, @null, @default]}, &(0x7f0000000080)=0x48, 0x800)
sendto$ax25(r0, &(0x7f00000000c0), 0x0, 0x40000040, &(0x7f0000000100)={{0x3, @bcast, 0x1}, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @bcast, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48) (async)
ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000180)) (async)
socketpair(0x3, 0x1, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$IPSET_CMD_SWAP(r1, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x84, 0x6, 0x6, 0x401, 0x0, 0x0, {0xbece6411e2939c73, 0x0, 0x5}, [@IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz1\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x84}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='cgroup.stat\x00', 0x0, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
r5 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_LIST_RULES(r5, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x10, 0x3f5, 0x8, 0x70bd2b, 0x25dfdbfe, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x20000080}, 0x4000000) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r3, &(0x7f00000007c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x1040}, 0xc, &(0x7f0000000780)={&(0x7f0000000580)={0x1d0, r4, 0x800, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x9, 0x1}}}}, [@NL80211_ATTR_REKEY_DATA={0x68, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "adf7988130c65708"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="597ad5321424d5c2c8e4299374b0b6f24165724f30db466b60fba8bf37a2d9e0"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="9902217260fc96341d88d874835717c9"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "3a8921eae12d8b58"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="e492374ff657f689da1e0b03d1d58f9e"}]}, @NL80211_ATTR_REKEY_DATA={0x18, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="1e9f642f16fbe887b64169e399c58c3d"}]}, @NL80211_ATTR_REKEY_DATA={0x1c, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "1483ae304e4658a8"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "61449e6db1ed4684"}]}, @NL80211_ATTR_REKEY_DATA={0x70, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "c943ae1d5034c81b"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "8f131043ae6fdc4f"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="61d05c3c3d8e4fa8afc5145b79eec3a6"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="a2be0f8429ed474add8926efb043c8459a8ca4380fb9a1c6"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="b198554bc92c317694f7b5938f97df9657994953b536c112"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x96}]}, @NL80211_ATTR_REKEY_DATA={0x64, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="fc16ec3f76c0576735703ef679daf829"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "6822a47c1e4be60a"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x3}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "05cbb58ddc02a852"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="7bd8909537e656640e8ce4d5dd164086"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "c771f9bc68b67926"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "d6c70148be7a912c"}]}, @NL80211_ATTR_REKEY_DATA={0x38, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "c519ca1d653126c1"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x5}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="31367a19faf42aaceabea45481362689"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "9efe9ce033f68323"}]}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x1}, 0x800) (async, rerun: 64)
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r2, &(0x7f0000000900)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000008c0)={&(0x7f0000000840)={0x44, r4, 0x4, 0x70bd25, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0xfffffffd, 0x1a}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x1b}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x59}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x72}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000800}, 0x810) (async, rerun: 64)
r7 = accept(r0, &(0x7f0000000940)=@rc={0x1f, @none}, &(0x7f00000009c0)=0x80)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000a40)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_STOP_AP(r7, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x820401}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x28, r4, 0x10, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0xfffffffa, 0x1a}}}}, ["", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20048000}, 0x20004081) (async, rerun: 64)
r9 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)
r10 = syz_genetlink_get_family_id$devlink(&(0x7f0000000b80), r9)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r2, &(0x7f0000000dc0)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000d80)={&(0x7f0000000bc0)={0x198, r10, 0x400, 0x70bd29, 0x25dfdbff, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x10001}, {0x6, 0x11, 0x9}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x5}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0xff}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x60}, {0x6, 0x11, 0x5}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x4ef7}, {0x6, 0x11, 0x800}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8}, {0x6, 0x11, 0x2}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x94}, {0x6, 0x11, 0x8}}]}, 0x198}, 0x1, 0x0, 0x0, 0x20000000}, 0x84)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r11, &(0x7f0000000ec0)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x38, 0x3, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x9000}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x805}]}, 0x38}, 0x1, 0x0, 0x0, 0x94}, 0x404c000)
sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f0000000fc0)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000f80)={&(0x7f0000000f40)={0x14, r4, 0x2, 0x70bd26, 0x25dfdbfe, {{}, {@void, @void, @void}}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x8c1}, 0x8040)
getpid() (async)
sendmsg$NL80211_CMD_SET_KEY(r1, &(0x7f00000010c0)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001080)={&(0x7f0000001040)={0x20, r4, 0x8, 0x70bd2a, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x20}, 0x1, 0x0, 0x0, 0x881}, 0x41) (async)
bind$packet(r2, &(0x7f0000001100)={0x11, 0x8, 0x0, 0x1, 0xc0, 0x6, @local}, 0x14) (async)
getsockopt$ax25_int(r2, 0x101, 0xc, &(0x7f0000001140), &(0x7f0000001180)=0x4) (async)
syz_genetlink_get_family_id$wireguard(&(0x7f00000011c0), r3)
socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_NODELAY(0xffffffffffffffff, 0x84, 0x3, &(0x7f0000001200), &(0x7f0000001240)=0x4) (async)
sendmsg$nl_xfrm(r3, &(0x7f0000001340)={&(0x7f0000001280)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001300)={&(0x7f00000012c0)=@getspdinfo={0x14, 0x25, 0x1, 0x70bd25, 0x25dfdbfb, 0x2, ["", "", "", "", "", "", ""]}, 0x14}}, 0x5) (async, rerun: 32)
sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f0000001480)={&(0x7f0000001380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000001440)={&(0x7f0000001400)={0x38, 0x0, 0x20, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x3}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x6}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x20008001}, 0x40000) (rerun: 32)

884.075762ms ago: executing program 1 (id=2141):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000cc0)={'wlan0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000e40)={0x0, 0xd, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2508007a0000000400000700000008000300", @ANYRES32=r2, @ANYBLOB="1400140064756d6d7930000000000000000000001400040076657468315f746f5f626f016400000005005300010000000800050004"], 0x54}}, 0x0)

769.860354ms ago: executing program 3 (id=2142):
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000000)=0x1, 0x4) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000000c0)={'gre0\x00', &(0x7f0000000040)={'gre0\x00', <r0=>0x0, 0x8, 0x8000, 0x5, 0x2, {{0x14, 0x4, 0x1, 0x5, 0x50, 0x67, 0x0, 0x0, 0x2f, 0x0, @remote, @multicast2, {[@noop, @timestamp={0x44, 0x2c, 0x46, 0x0, 0xd, [0x4, 0x7, 0x952, 0x3, 0x7, 0x1, 0x115, 0x1, 0x446, 0x2]}, @rr={0x7, 0xf, 0xd8, [@rand_addr=0x64010102, @loopback, @multicast2]}]}}}}}) (async)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x6c, 0x6c, 0x5, [@func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{0x5, 0x5}, {0x3, 0x5}, {0x2, 0x3}, {0x10, 0x2}, {0xf, 0x1}]}, @volatile={0x5, 0x0, 0x0, 0x9, 0x2}, @typedef={0x1, 0x0, 0x0, 0x8, 0x4}, @int={0x8, 0x0, 0x0, 0x1, 0x0, 0x1e, 0x0, 0x7b, 0x2}, @decl_tag={0x3, 0x0, 0x0, 0x11, 0x3, 0xffffffffffffffff}]}, {0x0, [0x61, 0x30, 0x0]}}, &(0x7f00000001c0)=""/134, 0x89, 0x86, 0x0, 0x9, 0x10000}, 0x28)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, '\x00', r0, r1, 0x2, 0x1, 0x2}, 0x50) (async, rerun: 32)
ioctl$NS_GET_USERNS(0xffffffffffffffff, 0xb701, 0x0) (async, rerun: 32)
r3 = socket$kcm(0x29, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, &(0x7f0000000340)={<r4=>r2})
socket$inet_udplite(0x2, 0x2, 0x88) (async)
ioctl$sock_TIOCOUTQ(r3, 0x5411, &(0x7f0000000380))
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0xe4}}, &(0x7f0000000400)='syzkaller\x00', 0x1000, 0xf2, &(0x7f0000000440)=""/242, 0x40f00, 0x40, '\x00', r0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000540)={0x1, 0x2, 0xffffffff, 0x6}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000580)=[r2, r2], &(0x7f00000005c0)=[{0x0, 0x5, 0x9, 0xb}, {0x4, 0x2, 0x10, 0xc}], 0x10, 0x8}, 0x94)
setsockopt$inet6_mreq(r5, 0x29, 0x15, &(0x7f00000006c0)={@loopback, r0}, 0x14)
socket$packet(0x11, 0x3, 0x300) (async)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f0000000700)={0x0, 0xfe00}, &(0x7f0000000740)=0x8) (async)
r6 = syz_open_procfs$namespace(0x0, &(0x7f0000000780)='ns/time_for_children\x00')
ioctl$NS_GET_USERNS(r6, 0xb701, 0x0) (async)
ioctl$NS_GET_USERNS(r4, 0xb701, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6) (async, rerun: 64)
getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000800)={{{@in6=@loopback, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in6=@initdev}, 0x0, @in6=@private0}}, &(0x7f0000000900)=0xe8) (rerun: 64)
sendmsg$nl_xfrm(r7, &(0x7f0000000d00)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000940)=@updsa={0x354, 0x1a, 0x100, 0x70bd2d, 0x25dfdbfd, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in=@broadcast, 0x4e21, 0x8000, 0x4e23, 0xc, 0x2, 0x90, 0x0, 0x16, r0, r8}, {@in=@empty, 0x4d3, 0x33}, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, {0x0, 0x4, 0x0, 0x4, 0x7, 0x183, 0x8, 0x9}, {0x4, 0x7, 0x5, 0x7ff}, {0x8, 0xf}, 0x70bd2d, 0x34ff, 0x2, 0x4, 0x66, 0x2}, [@XFRMA_SET_MARK={0x8}, @XFRMA_IF_ID={0x8, 0x1f, 0x2}, @user_kmaddress={0x2c, 0x13, {@in6=@private2, @in6=@loopback, 0x0, 0xa}}, @migrate={0x180, 0x11, [{@in=@loopback, @in=@private=0xa010100, @in6=@dev={0xfe, 0x80, '\x00', 0x35}, @in=@remote, 0x3c, 0x3, 0x0, 0x0, 0xa, 0x2}, {@in=@local, @in6=@private1, @in6=@dev={0xfe, 0x80, '\x00', 0x44}, @in=@remote, 0x33, 0x1, 0x0, 0x3507, 0xa, 0xa}, {@in=@private=0xa010102, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@dev={0xac, 0x14, 0x14, 0x17}, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x6c, 0x2, 0x0, 0x3507, 0x2, 0xa}, {@in6=@mcast1, @in=@rand_addr=0x64010100, @in6=@empty, @in=@multicast1, 0x2b, 0x2, 0x0, 0x3506, 0x2, 0x2}, {@in=@broadcast, @in6=@remote, @in6=@mcast1, @in=@broadcast, 0x2b, 0x4, 0x0, 0x0, 0xa, 0x2}]}, @algo_aead={0xa6, 0x12, {{'gcm_base(ctr(serpent),blake2s-160)\x00'}, 0x2d0, 0xa0, "8af3d038d2ffe9c190c67accd111e7c04781bb1617bf3598c683b22846aed3d77d27f7aded426d1af0998744c54de9173d37bddfb5382b67827209d593ecd2b05463a769ef9cda3e95c587d26e5c3c7daf090f8665e31c31249f"}}]}, 0x354}, 0x1, 0x0, 0x0, 0xc4}, 0x20004)
setsockopt$WPAN_WANTLQI(r4, 0x0, 0x3, &(0x7f0000000d40), 0x4) (async)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r4, &(0x7f0000001480)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001440)={&(0x7f0000000dc0)={0x64c, 0x0, 0x8, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x7, 0x5e}}}}, [@NL80211_ATTR_TID_CONFIG={0x62c, 0x11d, 0x0, 0x1, [{0x2e8, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x2c4, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x7c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x0, 0x9, 0x9, 0x6, 0x3, 0x1, 0xe]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x7, 0x1000, 0x1, 0x0, 0x7, 0x8, 0x1]}}, @NL80211_TXRATE_HT={0x22, 0x2, [{0x6, 0x8}, {0x7, 0x5}, {0x7}, {0x6, 0x6}, {0x6, 0x5}, {0x5, 0x5}, {0x6, 0x4}, {0x2, 0x4}, {0x5, 0x3}, {0x1, 0x7}, {0x0, 0x2}, {0x2, 0x7}, {0x4, 0xa}, {0x4}, {0x4, 0x8}, {0x1, 0x9}, {0x7, 0x8}, {0x4, 0x5}, {0x7, 0x2}, {0x5, 0x7}, {0x0, 0x1}, {0x7, 0x4}, {0x5, 0x5}, {0x3, 0x2}, {0x4, 0x5}, {0x4, 0x6}, {0x0, 0xa}, {0x4, 0x7}, {0x6, 0x1}, {0x6}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x6, 0x0, 0xf3a8, 0x40, 0x7, 0xf, 0x1]}}]}, @NL80211_BAND_2GHZ={0xd0, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x3b, 0x2, [{0x7, 0x4}, {0x7, 0x4}, {0x4, 0x7}, {0x0, 0x5}, {0x4, 0x1}, {0x3, 0x3}, {0x0, 0x5}, {0x4, 0x7}, {0x0, 0x9}, {0x0, 0x7}, {0x4, 0x8}, {0x6, 0x7}, {0x1}, {0x0, 0x6}, {0x5, 0x9}, {0x6, 0x5}, {0x2}, {0x5, 0x4}, {0x0, 0x8}, {0x1, 0x2}, {0x1, 0x2}, {0x6, 0x5}, {0x6, 0x8}, {0x6, 0x3}, {0x6, 0x8}, {0x4, 0xa}, {0x2, 0xa}, {0x7, 0xa}, {0x0, 0x2}, {0x0, 0x5}, {0x2, 0x1}, {0x3, 0x6}, {0x2, 0x3}, {0x2, 0x7}, {0x2, 0x6}, {0x0, 0x9}, {0x1, 0x9}, {0x6, 0x8}, {0x6}, {0x2, 0xa}, {0x0, 0x1}, {0x1, 0x1}, {0x0, 0x6}, {0x0, 0x7}, {0x5, 0xd}, {0x2}, {0x2, 0x5}, {0x7, 0x3}, {0x4, 0x4}, {0x5, 0x8}, {0x5, 0x3}, {0x4, 0xa}, {0x1, 0x9}, {0x7, 0x3}, {0x4, 0xa}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0x8, 0x9, 0x3, 0x6, 0xa429, 0x400, 0xf00]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0x35, 0x2, [{0x0, 0x8}, {0x0, 0x7}, {0x1, 0x7}, {0x4, 0x1}, {0x4}, {0x4, 0x5}, {0x3, 0x3}, {0x4}, {0x5, 0x5}, {0x5}, {0x2, 0x2}, {0x5, 0x5}, {0x5, 0xa}, {0x3}, {0x1, 0x7}, {0x1, 0x5}, {0x6, 0x4}, {0x5, 0x1}, {0x3, 0x6}, {0x6, 0x8}, {}, {0x3, 0x7}, {0x2, 0x8}, {0x5, 0x2}, {0x3, 0x7}, {0x6, 0x9}, {0x4, 0x5}, {0x0, 0x7}, {0x6, 0x6}, {0x0, 0x9}, {0x0, 0x7}, {0x6, 0x1}, {0x2}, {0x5, 0xa}, {0x0, 0x7}, {0x1, 0x9}, {0x2, 0x7}, {0x0, 0x3}, {0x3, 0x4}, {0x7}, {0x4}, {0x2, 0xa}, {0x0, 0x1}, {0x5, 0x5}, {0x6, 0x1}, {0x3, 0x1}, {0x1}, {0x5, 0x8}, {0x6, 0x4}]}, @NL80211_TXRATE_LEGACY={0x24, 0x1, [0x9, 0x6, 0x36, 0x30, 0x5, 0xb, 0xc, 0x60, 0x5b, 0x1b, 0x36, 0x16, 0x6, 0x36, 0x3, 0x32, 0x1b, 0x36, 0x12, 0x60, 0x4, 0x6, 0x18, 0x14, 0x48, 0x6c, 0xc, 0x16, 0x12, 0x22e7a93e208a8364, 0xb, 0x1b]}]}, @NL80211_BAND_5GHZ={0x3c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x36, 0x2, [{0x3, 0x4}, {0x3}, {0x2, 0x1d}, {0x5, 0x9}, {}, {0x0, 0xa}, {0x5}, {0x3}, {0x2, 0x5}, {0x5, 0xa}, {0x1, 0x1}, {0x7, 0x1}, {0x2, 0x7}, {0x4, 0x1}, {0x1, 0x3}, {0x3, 0x6}, {0x5, 0xa}, {0x7, 0x9}, {0x1, 0x5}, {0x3}, {0x1, 0x4}, {0x0, 0x8}, {0x0, 0x5}, {0x2, 0x2}, {0x1, 0x4}, {0x2, 0x3}, {0x4, 0x3}, {0x4, 0x6}, {0x0, 0x8}, {0x3, 0xa}, {0x4, 0x4}, {0x1, 0x6}, {0x1, 0x7}, {0x5, 0x1}, {0x5, 0x2}, {0x1, 0x8}, {0x3, 0x2}, {0x6, 0x7}, {0x6, 0xa}, {0x0, 0x6}, {0x1, 0x2}, {0x1, 0x7}, {}, {0x6, 0x3}, {0x3, 0x3}, {0x4, 0x3}, {0x0, 0x5}, {0x6, 0x1}, {0x3, 0x9}, {0x2, 0x9}]}]}, @NL80211_BAND_5GHZ={0x7c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HT={0xc, 0x2, [{0x7, 0x2}, {0x0, 0x8}, {0x4, 0x2}, {0x3, 0x3}, {0x0, 0x3}, {0x2, 0x1}, {0x5, 0x2}, {0x5, 0x9}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x1c, 0x1, [0x6, 0x5, 0x1b, 0x5, 0x30, 0x1, 0x5, 0x24, 0x6, 0x4f, 0xb, 0x18, 0x3, 0x3, 0x3, 0x16, 0x2, 0x5, 0x5, 0x24, 0x1, 0x1, 0x18, 0x24]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0xffe6, 0x248, 0x2, 0xffff, 0x9, 0xff01, 0x8]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x1, 0x7, 0x1, 0xc8aa, 0x10, 0x0, 0x1]}}, @NL80211_TXRATE_HE_LTF={0x5}]}, @NL80211_BAND_2GHZ={0x4c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x9, 0xfffd, 0x100, 0x0, 0xd221, 0x2, 0x7b]}}, @NL80211_TXRATE_LEGACY={0xc, 0x1, [0x1b, 0x0, 0x5, 0x6, 0x4, 0x67, 0x2, 0x4]}, @NL80211_TXRATE_LEGACY={0x1e, 0x1, [0x36, 0x1b, 0x12, 0x60, 0x12, 0x4, 0x12, 0x1b, 0x0, 0x60, 0x3, 0xa7b580c098d9ef01, 0xc, 0x3, 0x6c, 0x9, 0x30, 0x1e, 0x18, 0x9, 0x1, 0x1, 0x48, 0x9, 0x5, 0x60]}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x16]}]}, @NL80211_BAND_6GHZ={0x70, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x84, 0x10, 0x9, 0x856, 0x101, 0x5, 0x1]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xfff8, 0xc, 0xa09, 0x4, 0x40, 0x6, 0x0, 0x8]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x47e, 0xfffb, 0x3, 0x9, 0x8, 0x2, 0x5]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_GI={0x5}]}]}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x34}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8c0a}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x1f}]}, {0x244, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x56}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x96}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x9}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x18, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x14, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}]}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x39}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x1e0, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x3c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x400, 0x45ef, 0x5, 0x6, 0x84f3, 0x20, 0x771c]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0xff8b, 0xa, 0x0, 0x8, 0x1, 0x6, 0x9]}}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_2GHZ={0x34, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1b, 0x1, [0x6c, 0x12, 0x18, 0xc, 0x0, 0x1, 0x60, 0x16, 0xc, 0x6, 0x6c, 0x24, 0x6, 0xb, 0x30, 0x48, 0x47, 0x2, 0x10, 0xb, 0x6c, 0xd, 0x6c]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x7, 0x5, 0x1, 0x3, 0x3, 0x200, 0x6]}}]}, @NL80211_BAND_5GHZ={0x1c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xe, 0x1, [0x12, 0x12, 0x4, 0x12, 0x18, 0x2, 0x4, 0x48, 0x3e, 0x3]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_6GHZ={0x98, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x34, 0x2, [{0x0, 0x1}, {0x0, 0x7}, {0x6, 0xa}, {0x0, 0x8}, {0x5, 0x2}, {0x6, 0x9}, {0x2}, {0x0, 0x3}, {0x4, 0x3}, {0x1, 0x2}, {0x5, 0x7}, {0x2, 0x9}, {0x7, 0x9}, {0x1, 0x2}, {0x7, 0x8}, {0x4, 0x6}, {0x6, 0x1}, {0x6, 0x8}, {0x3, 0x2}, {0x2, 0x7}, {0x1, 0x9}, {0x5, 0x9}, {0x7, 0x8}, {0x2, 0x2}, {0x7, 0x9}, {0x7, 0x9}, {0x1, 0x7}, {0x2, 0x2}, {0x6, 0x4}, {0x4, 0x7}, {0x3, 0x7}, {0x4, 0x8}, {0x5, 0x2}, {0x1, 0x1}, {0x1, 0x5}, {0x2, 0x1}, {0x6, 0x4}, {0x3, 0x7}, {0x6, 0x1}, {0x2, 0x3}, {0x5, 0xa}, {0x4, 0x6}, {0x4, 0xa}, {0x5, 0x3}, {0x5, 0x1}, {0x1, 0x1}, {0x4}, {0x3, 0x9}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x4, 0x3, 0x1, 0x6e7, 0x1, 0xe, 0x8]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x5, 0xfffb, 0x6, 0xff00, 0x2, 0xc, 0x27f]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0xf, 0x1, [0x24, 0x30, 0x1b, 0x1, 0x6, 0x6d, 0x18, 0x5, 0x2, 0x1b, 0x1]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}]}, @NL80211_BAND_6GHZ={0x4c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x101, 0x7f, 0x100, 0x8, 0x1, 0x1, 0x5, 0xa909]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x8, 0x4, 0x2, 0x4, 0x458d, 0x10, 0x800]}}, @NL80211_TXRATE_HT={0xf, 0x2, [{0x0, 0xa}, {0x7, 0x1}, {0x5, 0x1}, {0x3, 0x2}, {0x3, 0x2}, {0x1, 0x7}, {0x3, 0x2}, {0x3, 0x8}, {}, {0x0, 0x1}, {0x4, 0x6}]}, @NL80211_TXRATE_HE_GI={0x5}]}, @NL80211_BAND_2GHZ={0x48, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x20, 0x2, [{0x7, 0x1}, {0x0, 0x3}, {0x1, 0x5}, {0x2}, {0x2, 0x2}, {0x0, 0x1}, {0x4}, {0x5, 0x5}, {0x0, 0x2}, {0x3, 0x2}, {0x4, 0xa}, {0x4, 0x6}, {0x0, 0xa}, {0x3, 0x7}, {0x4, 0x4}, {}, {0x7, 0xa}, {0x3, 0x7}, {}, {}, {0x0, 0x4}, {0x5, 0x2}, {0x5, 0x4}, {}, {0x2, 0x8}, {0x0, 0x5}, {0x7, 0xa}, {0x2, 0x6}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x83, 0xffff, 0x4, 0x1, 0x5, 0x200, 0x7ff, 0x5]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_2GHZ={0x24, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1d, 0x1, [0xc, 0x0, 0xc, 0x0, 0x60, 0x36, 0x2, 0x4, 0x6c, 0xc, 0x1e, 0xc, 0xc, 0x3, 0x1b, 0xc, 0x48, 0x4, 0xb, 0x1, 0x2, 0x3, 0x1, 0x36, 0x36]}]}]}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x20}]}, {0x5c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x7}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x9}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x7b}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x26}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x14}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x377}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}]}, {0x38, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x9}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x5b}]}]}]}, 0x64c}, 0x1, 0x0, 0x0, 0x40015}, 0x4040005) (async)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001500), r1)
sendmsg$TIPC_NL_PUBL_GET(r4, &(0x7f0000001780)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001740)={&(0x7f0000001540)={0x1cc, r9, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x5}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x800}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8000}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7fff}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}]}, @TIPC_NLA_BEARER={0x100, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x52d5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffb}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x800}]}, @TIPC_NLA_BEARER_NAME={0x17, 0x1, @l2={'ib', 0x3a, 'veth0_virt_wifi\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @rand_addr=0x64010101}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @multicast1}, 0xff}}}}, @TIPC_NLA_BEARER_NAME={0xe, 0x1, @l2={'ib', 0x3a, 'dvmrp1\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}}, {0x14, 0x2, @in={0x2, 0x4e24, @multicast1}}}}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}]}]}, @TIPC_NLA_SOCK={0x6c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x3ff}]}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x38ac1195}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x544e}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x10001}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5}]}, @TIPC_NLA_SOCK={0x10, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x81}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0x1cc}, 0x1, 0x0, 0x0, 0x200400c4}, 0x4000005) (async)
ioctl$NS_GET_USERNS(r6, 0xb701, 0x0) (async)
sendmsg$nl_route(r4, &(0x7f0000001880)={&(0x7f00000017c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001840)={&(0x7f0000001800)=@ipv6_getanyicast={0x14, 0x3e, 0x400, 0x70bd2c, 0x25dfdbfb, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000c1}, 0x4000000) (async)
r10 = syz_genetlink_get_family_id$SEG6(&(0x7f0000001900), r4)
sendmsg$SEG6_CMD_SETHMAC(r4, &(0x7f00000019c0)={&(0x7f00000018c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001980)={&(0x7f0000001940)={0x14, r10, 0x100, 0x70bd29, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x4)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r11, 0x8933, &(0x7f0000001a00)={'wpan3\x00'}) (async)
ioctl$NS_GET_USERNS(r6, 0xb701, 0x0)

665.172765ms ago: executing program 1 (id=2143):
socket$xdp(0x2c, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000580)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x9, [@volatile={0x0, 0x0, 0x0, 0x9, 0x5}, @var={0x7, 0x0, 0x0, 0xe, 0x1}, @func_proto={0x0, 0x0, 0x0, 0xd, 0x2}, @func_proto, @union={0x0, 0x0, 0x0, 0x2}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f]}}, 0x0, 0x61}, 0x20)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40)
socket$inet6(0xa, 0x3, 0x8000000003c)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='cpuacct.usage_user\x00', 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$NFQNL_MSG_VERDICT(r1, 0x0, 0x40000)
setsockopt$MRT_FLUSH(0xffffffffffffffff, 0x0, 0xd4, &(0x7f0000000040)=0xc, 0x4)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000200)={0x0, 0x40}, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="540000000206010200000000000000000500000005000100060000000d000300686173683a6e6574000000000900020073797a31000000000c00078008000640000000400500050002000000050004"], 0x54}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000001c0007800c00018025889f6f131e399b0c000280080001407f0000017168e76762f3bb310470264b82236cc534daca07acd43ba262e3dc3f5082d67b9a9605bc62546079c207919083cc0de8236f102b1158f448b2ae85fd338e20c4ff16f2792c6a6d00fcca0aac210ffcbadbdbe361427b74704e0a0ec8cfdba17a7b1068e0262500fd3107e6fb8325043b49c593f559dd40cdbc35428014766355a3d197b9087c1e246dfbfb9b4af18d77e66a1e08071483b2a6b32f874dce6fa871143c465b01e0c256315b8063688fcb3a9ebac46d3706b0ff0ff4bf6a82825c2c3a7a2c29794422392d5d616427bbc1727297af3db177b79e13e9412b31b9192377e4dbddd093a2142e00008a713754a6240392248f9b1e9f"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)

538.784371ms ago: executing program 3 (id=2144):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0}, 0x200001}, {{0x0, 0x0, 0x0}, 0x2046}, {{0x0, 0x0, 0x0}, 0x10001}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000800)=""/213, 0xd5}, {&(0x7f0000000900)=""/242, 0xf2}, {&(0x7f0000003e00)=""/4098, 0x1002}, {&(0x7f00000006c0)=""/229, 0xe5}], 0x4}, 0x101}, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x40}, {{0x0, 0x0, 0x0}, 0x409}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000540)=""/130, 0x82}, {&(0x7f0000001900)=""/229, 0xe5}, {&(0x7f0000001a00)=""/4109, 0x100d}, {&(0x7f0000006080)=""/4085, 0xff5}, {&(0x7f0000000240)=""/112, 0x70}, {&(0x7f0000000340)=""/113, 0x71}], 0x6}, 0x4db}, {{0x0, 0x0, 0x0}, 0x8}], 0x8, 0x40010020, 0x0)

535.69974ms ago: executing program 1 (id=2145):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000000000639100000000000000000000ff7f0000292f17cee19d0001000000000000000000cb04fcbb0ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4852f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5d053bdec75dca3772be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67d4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1c6edc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc972a3fd2c46f3c1cde71a19d1a2982492abaa96665372831210e00d2bfea3bf97ff8836d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000100), 0x237}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x1f00, 0xf, 0x2f, &(0x7f00000007c0)="9f44948721919580684010a49e66", 0x0, 0x7ff, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23) (async)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = gettid() (async, rerun: 32)
r3 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 32)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213) (async, rerun: 32)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@ipv6_getroute={0x28, 0x1a, 0x400, 0x0, 0x0, {0xa, 0x0, 0x0, 0x9}, [@RTA_MULTIPATH={0xc, 0x1d, {0xb, 0x1, 0x60}}]}, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x0) (async, rerun: 32)
syz_open_procfs$namespace(r2, &(0x7f0000000000)='ns/uts\x00')
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000240)=<r4=>0x0) (async)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$int_in(r5, 0x5452, &(0x7f0000000180)=0x401)
listen(r5, 0x0)
r6 = gettid()
ioctl$sock_SIOCSPGRP(r5, 0x8902, &(0x7f0000000080)=r6) (async, rerun: 64)
r7 = socket$inet(0x2, 0x80001, 0x84) (rerun: 64)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r7, 0x89f3, &(0x7f0000000900)={'sit0\x00', &(0x7f0000000700)={'ip_vti0\x00', 0x0, 0x1, 0x0, 0xffff, 0xfffffff9, {{0x5, 0x4, 0x0, 0x32, 0x14, 0x67, 0x0, 0xb, 0x4, 0x0, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}}}}}) (async, rerun: 64)
r8 = socket$phonet(0x23, 0x2, 0x1) (async, rerun: 64)
r9 = socket$netlink(0x10, 0x3, 0xc)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000002840)={0x0, <r10=>0x0}, &(0x7f0000002880)=0xc)
sendmsg$netlink(r9, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000002780)=[{&(0x7f0000000980)={0x10, 0x32, 0x4, 0x70bd25, 0x25dfdbff}, 0x10}], 0x1, &(0x7f0000002900)=[@cred={{0x1c, 0x1, 0x2, {0x0, r10}}}], 0x20, 0x50}, 0x40880)
sendmsg$netlink(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001a40)=[{&(0x7f00000001c0)={0x74, 0x21, 0x100, 0x70bd2c, 0x25dfdbfd, "", [@nested={0x48, 0x18, 0x0, 0x1, [@nested={0x4, 0x68}, @nested={0x4, 0xc7}, @typed={0x14, 0x131, 0x0, 0x0, @ipv6=@loopback}, @generic="a95b815af1b2ae", @generic="2b30ff8e7311553c57258c85b7b459892f9e17a89d778abbebd05d33a77770cf22"]}, @nested={0x8, 0x59, 0x0, 0x1, [@nested={0x4, 0xf3}]}, @typed={0x14, 0xf1, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x30}}]}, 0x74}, {&(0x7f0000000280)={0x3c, 0x21, 0x200, 0x70bd27, 0x25dfdbfe, "", [@typed={0x8, 0xc1, 0x0, 0x0, @u32=0x8}, @nested={0xc, 0xc1, 0x0, 0x1, [@nested={0x4, 0x78}, @nested={0x4, 0xaa}]}, @typed={0x8, 0x108, 0x0, 0x0, @pid=r2}, @typed={0x6, 0x5b, 0x0, 0x0, @str='#\x00'}, @typed={0x8, 0x34, 0x0, 0x0, @pid=r4}]}, 0x3c}, {&(0x7f00000002c0)={0x18, 0x3b, 0x200, 0x70bd2a, 0x25dfdbff, "", [@nested={0x8, 0x83, 0x0, 0x1, [@nested={0x4, 0xa7}]}]}, 0x18}, {&(0x7f0000001bc0)=ANY=[@ANYBLOB="18000000170020002abd3f12b9e545c16cf74c0a5b2d7000fcdbdf250600dd00210000003c136e9f36c7cdb1bee63787e8142e5c9705f1954fe6cfc97153b4d6b53ab75210a9a56573f11158ebfc6cdc4857a0401eccedcbbd5f02abe31d85f1da932a133b99d83ecb07028bc9ed23"], 0x18}, {&(0x7f0000000340)={0x4f0, 0x2a, 0x400, 0x70bd2b, 0x3, "", [@generic="f65572c27306c0e09480dcbfa766db3cab186ae092279bc22ffc3c6df00f315cef385251f37608340b5721fd644b99c62117c08ca11f6be34343b3b557be4da0481daed128d30e2b2789619598909f3ca39044ce9666e0ea2220682d7875ab384961d5f394a010b1db0f629df7f48dfad6dde8d26e7d52eda8", @generic="ed0c861dee3fbd848bd59f923dbb4e64495099db10b06c0daa92e9d2e4e5d41950f221a0c75589fe28ee34f4ad286172c970080ae8c66b7d414fec8bc1da3c2bd84d52bf1cf38e9e193b282b5e1d3b362c0b", @nested={0xa4, 0xa4, 0x0, 0x1, [@typed={0x4, 0x9d}, @generic="964c8a16eeb1a8204e5fff64f15a5119d3530166d9ae3fba201086f1f8960ee7205b48801fa1a14988a3cfcd0ce5152bc030ea58e5a99ff04b3ffb257e5962a2030f82ed0e7ba35a4d035ac122194fae9bd528bde8a23b49bc18efd9c325195984a58066d7edaeaf7f47dba4abfa4a8557f5353b55a7975a8be70b18b6cb141491cc03eb7b84b149dfa6b031b32a7c54433f0a94", @typed={0x8, 0xb5, 0x0, 0x0, @fd=r1}]}, @typed={0x4, 0xed}, @nested={0x1f7, 0x151, 0x0, 0x1, [@typed={0xc, 0x9e, 0x0, 0x0, @u64=0xa}, @typed={0x45, 0x14, 0x0, 0x0, @binary="a1f6203286ceccd2491e9ce5ccfd2fa520fb447cdaff6e9ea2a3eb9d8ced830f6ac0781fc3d0f48f38d3a7fe51c6fd4ddf75e1e27bc4658d3cae372f2287ed6140"}, @typed={0x4, 0x11c, 0x0, 0x0, @str}, @generic="c3d96c7c3750e68f1f6793abdf052ebde300ee4a1c594b2282d344b6228111adbe8ca8697c3e4f047c1cad89810bb19283244183ce43327b797225db1f5f788506934fd91743d9ddad8e44ff249a4c11d586316f5f15ce7d43598987237808c5fd7003c91f55dff28de65537c8ad95ffc343765bff96363896ee0c566332081a1a60a21500bcdc4c538a1808e43238f6dafa48f563db152c0a8ffdaaa0df830b5d457afe880ce73b9c9ab28c9cfe325d7e0d8aca784bc4852daf285471f3e42db9a3bd0c90ceaa71855f3aebf485459416b50f1f0aaf4d7d875ed268e384116b4063984a1837", @typed={0x5, 0x66, 0x0, 0x0, @str='\x00'}, @nested={0x4, 0x12b}, @generic="7db909d34c7fe71e060e107157b358932926f6cc14e29a5ecadadd6e72cc8e910f9902ff2c178088d046360ac6544255d9327f6aeff824ca7baced726502ac577842e9a7f171359983abcd18f5866c27ee985a37e57a27363213cd317f623d96b61bc745bf6d6e8f9984aca1d26b68008085b62dd0824cdaeaaff8ebc6e5ae5f189e18e73971815306fb2f275721739e05237bd7a98bfcd3d2f4ac902c827c32ef", @typed={0x8, 0x109, 0x0, 0x0, @uid=0xee01}]}, @generic="7b4162be5028afb1c14c945e9176cf4e3f5fa506cdbfa487b0f5a8c00913096204e2d78b5ac003387bd41c9fd0daf3581196847379361d9ddd16b19db3c2e46db07fd46017435106d71526820195b30604f0eabebe9ec212e774c7d8a5b9197c16c4270a55ee31b2c732cbcae16aa0d01d6d349b568e359d8321486caafe7dde7dd5b0bb17", @generic="a8e315e1b799127f122bbc10e33a486372d2ad752d66e51a26", @generic="75feb960d9a426e941c705e2bae11118fbee63622be0d37513674140b345bb06bd4f91f71069fcc305314c9ff9636bbbaa7e4a0aefe3e7e14a62b2e4a72e265aa8ac5eb5c3781d6655b5571a40d3f68ef8a10209ada14f92ff36c6060f1d9a81cb1ca80822b830d4c8f61e7fdab2090f544fecf2281c4b2b94c90dbd5a96c3d70ee8da052ac5f5659d5567947b0cc60ac3509bfe807137f7b4fce58355bb3763f785946217dc9fbd84ee5e7e1f3d1cd29374c15e90a18d724687c2632e5962dda3ec5766cff3059582173e78b702b8ac4fe904e7c2e7"]}, 0x4f0}, {&(0x7f0000000840)={0x100, 0x37, 0xf84d54accc73b4d6, 0x70bd28, 0x25dfdbfe, "", [@typed={0x4, 0xb3}, @generic="2cdc81c2ac4d042135802f2e28574d89009bf2fd246163ac95bf808bc87df472c4e3d2a12be8ca11f97bc6cd1291e7d143e967b3fe56161aa651de20ad2aa18332cd8ed3bc984c6853fc3e502f1986a35cd3544cd0dc8d4c53a0270e5adf98bfc96995526da5559f94c93c533684a989a86e5ea44b42f9698aabf4d63afe4c0bc6353265064b60c456c6eb2f305c780b4e40cc0f28513a666fb9563646cdcdeefda3f07a61827bfa5e7e8e0f8fa4837496c5a44e1d73dabf81fb6dfb422683aa25ff1fe915d502c3d45f309d4874085c78b30fa98b79435b8f8d126d532280bbdf", @typed={0x8, 0x4a, 0x0, 0x0, @ipv4=@multicast1}]}, 0x100}, {&(0x7f0000000940)={0x10, 0x42, 0x109, 0x70bd27, 0x25dfdbff}, 0x10}, {&(0x7f00000029c0)={0x1094, 0x14, 0x100, 0x70bd25, 0x25dfdbfb, "", [@typed={0x6, 0x115, 0x0, 0x0, @str='*\x00'}, @typed={0x8, 0x8e, 0x0, 0x0, @fd=r1}, @typed={0x1004, 0x14b, 0x0, 0x0, @binary="71bd0a78923e7dfd94ae589b5b9a878be52e9512856b748ff1ea3c5dd54555732044ee2ff2a87f9417ebf28feab16e988de520f028b495826742910e5dfeb2f8394f7b6f3d90a3264067929995df4aaab898c73ba56b8e9a6d9d4e8cc9914fbde8344e9ff65194e8f7d3309887ab6e18774d9ecd51de50641020f54f229951630851a2f2f2d63b093b8e0dbfcd8bf150822d77884fa3efdba0cccd1e5ff9971007ac00516b5f9c6526ea731313903b741e750830643e86987954e16680f58fbe23479d06bcd0e2dc4f9c98052298ded8dd5a9bcf503a99cf02e25b0924c5b1fd8bd8f10da7b6f7dfb78646420bfe035a6e53f2c950b26aa743bdf8f43b565899945719f2c6bc433a7db55f2c2edef76494662fce5c65e0a8e55ec051172167991dccffd9fbec1f72e60805e3aeb366039dc2c820fc817c3c2d6453468b29019db114897cc47c00665ef58ee5ae850c0cd7d10f44d8d2e210cb95072663d133812f61216faa0310dadd6607d838be678abb343f15d528b69b345898865e72da9e74ef58ec0e1eed79b64b86650879d09830d63fa096e2519d8cb6896b3e5b9b80f405a20e4ef3f20d4f7a8c4f1acdf5d9378a5725508a49b23a29ad4772432d83e827d180e474e71212bcb070f49363e2e1a3027c8dca26ee945332c0ffed87a8388a0a813a3d7ce67de425820dbf0bfe6d3bb6de64851b7e247136f9db93c61392abb29ccdd1ed46d1a88540331174b774b3d66ebc4319e12ffd86405d45edb8ca967cea00ea36ffb14afe8207aad577c55796e6fe9cede4f04e4adb9ae2cccf143a36f9c8f7763513ec1f7a70fd650c2da33f53c2d9985218f564ec514a9c7dcae24aa28356cf76bf233163c0ea5d18afc474a6db1f9201c41ac3dc1d8e3188cfa96431be54bdce8627e88237cd0a688494e080a1a4a055bb4759e463ba7109e7ac457d30390992051e4f1e4b88055318bc414779dc8e5fab9e0755e16a8ade0e862a4d77e57340866ac135f3e05ba4d187f4235f35d8f832080cd20a45f66c348396f553c8d4627ca213ff4cf03d09d6af125a252a181db34a03857ba5d013ab6e8c223e01ea4268988449891607e4899adb16db546a679ab20f0636c2d097ff12b9933f9f20697dc802a8d93b1dcb126565cc2499b938e10d532347b8a8604fb6653d9df67ba46b369156da9e3d3b22070387ac329ebaf20be05bd0c896fa634696050f05131607782193ca48af31e3fab1a60763feb4d57f75488528847be4af9e7093fa92780ac9fd72908391cf4a97c960b33a91ea32da6d73ab396abb7d0d11a5fda20aff4a492d086a6fc749dbf7f01e4f134ad4280c44b3f07f0935b4392beb4a89b66cc6b2763f1449f445134d9cff752d81a8981ef120a7ce7fd094297403424dae8e43b96d154bdade274274242cd8a4656018050e515be770320f78be614d183868983f9a1d52717f079e0294dcac87b3256b16e0f68db69af00c5a1bc08bc3667d244b22039999a5b13b028e475e668eb5bdb089029660e455551ce69f09a180361c068f61e253b7169b0694c9c2b874a015a22f6ce9a0b1d0e6d4a3d15999787062774c146c45800bad3ab4534829e643138db87fd8b80079c75fe4b1913d62b0fed4017df25a9f49d27b969c0c80df82c754a597555c52a50981909258296fa4d65254dd711145975fbc61d37e95f523f4ae357e5306ed922c269974741f8909f8596f059d4e98b9fa29e0070add8b7b86898f94cd45d1c3ef777f5a5432fb08cf81a128edb237036475aa16a7e2a26ad69d9ed1d0bde4c6d388f15466e2366a7f68245ada613a89ee50bf373edc77e3079f957b88dc4f8d8ec84f0bc220c8398f2d4bd3d7e85a6b78007e7af563bb9985301d2d499005da35d2f8e10f32c80a57d0b0d5f2d46abb0568760cca22be3381208b0b06b36662842728d3caacfbdd389aecb883f1853a6ac2eb7e25c3011322717d82d73cdd7f1d67cef4f26892640c153691bbf68312de2c2b094b4b7643be52f749359bbaefff37b8339388254ab958ab7f35929875ac0d083dc4f6e461afb7ad25a6070ba8ddf5c170d992acfc9b164200c60237d08cddcda0d773d35f896ea1f52d22c97d68989973029c55954583fc1f185f141c5bb9d83295e51d2ee23df44d61586eb411761aa8b9b2e2ecb304a508419807c0bdc4a74167b0b65e77c41c14d9e396efc31a3c0ac1f4483d967ddfa9c47c2262db2ac7c53844c86158814df3a256b8ef95ec04c0c7a4f2ff52f346680827b7484e59ffd0867593e11066220bbd63077a33c4c9c424028b57731c3dde7c85bb04641804d45a7ed166f31890796f1de19195868276418c41255e4575171c7cee1981acae2c5a801d4f159517cdf2a04bd82fc5cc35abcb82934a4db3da9cecb156f594017bec07293bece9c59420e7627e494fdf62d73d6646d9fbcb1a6b2613b9e392480a9abfd6bf8a54951ab8c67cff30708e5ede3a24d2338aeb934fcd6b9cf8ff35a6f4e11f1deaea1b517c6b041e9eec4b305c0589f380361b665fa7f0cd71724a993eaed5d69ae982f90f2e2a33e656381c60f1baafb7e7c9b962729d9018a42146e74c70cfc72512adee964012d95b851cf8344c98e2f9a93ba5da5a1d644002aba36a0ec99cf1c51726eced8bd140ad65b3bde0124a34c0fc6cf8edf6caf3fb07a19ce592f60897c6bbcb1349cdb423c7f522b761933eec6861ca885992140177d9fc25c6557c72bea7225623eb7a8ebe5f228b7520c56b0aa15d5b5140a6d2975769ff03b3d658ba8d034f367d1e68cb28e7e461d5d9a24886a522cd4034cd0425d85189b8577ea35748a63121b1863b732d24e2d5c0e651103bd95b2c5b7ad9a9547de2252ad4212f0abd6bd3b132c82e1a2cd876956a51e414e0b02ca7290f27416639ab2e5bc16d6a4fcec333e3232beaaa71ecdcea48fb46feb710b4f710903450431e58dcf7dc2cef0629b21723e33de1b552c4452b0c03b29bcbb28e1a0115622ed5d7470b93138f6b947ee8bb5d8556c1cd42f906af2dadab50788115166a1c58d766499ae003e7b01106fdbcfceada7b0fd5b15c42dd2eee73957a5c0bbe8310e2e1318fbe1ab91e4696d5c91bccfc78ba9ce57ae65f6aa57ceb4a1534f2049cdb42d0296ea8d78e15096bf699e2c07320f1b4d53f4808b34f82f3c249f94dd87a665211656836b853c2aa0f9167fdb0ce2d6e9b20456228decfdee1bc917d3978ed8dd9f15c140921f89025a52ce8c82fd805710ee160b300d52c1ed0575519c13b2a8a38469329000b09004d8d8740347649c7e8812433600b3d7de302a934c682f7a30f78452e279f12d64ab40684ce09ec2cc447c8e7055e580c05025acb9f6e15c1961022508716e2ea1f8b09e364f03da6b283e100dede17266a335cf1ab4f3b0834da6093028895e206d119d43fa020ab0c7d940054324de4096cb9a1a12282a0f283ef0849f8b173905756650a8c1dd76918371d5e49427833299698697fb30b67d4ea3be52951fdd214054ed19c3e3d215b9fa18211100c927e74b77bb8b76fa05291d5687249e8e5015be11767ceb3dbeec2c9cc543a840cb72d532c41ec16bd77684da26c8e3d0348069dfee4f72f364cae54aff390e88fa5309b9e889392745d17ddd168a05406b5b92bf26384b02f5b14d35ece102ed89f174097b319a00f8eb345e5e747b1ab07e57ef5acd407dee9d3718aa279bc2ac8962cafa22b1c3682b39c993827872632dbd1610abff9d677c04ef7b026092b86c4b411c0b2aa100252a434c101431014a549cd9598374f33917148fa9825165714372c1c97fcd8fc83bdb26c563122ea210c66e64d8ea3a51fbbbad713b289f3852b3c5198b0eaf884cc9c4605a0fe89eb63db6385623814803ab4663f6767ee6ddcb41a361f41080cb0a87fce0cf66dfa848d2c14fa4dcf41056ae2cf54a668113ec348f68dce940c085fa11e5651082fe8ef12bcd375281ce439ed81c23007e4e2e0cf0d65d80ddbc45e1aea29ca5018508d535dd3db7d10675fc42bea4e538d34914475e9186613679608dda195d64fe66e064e3ae671b79115c3c8034228415d6b8386c564f3f2f46a1bc71ee81390c605b41439fd9635b471c556f7df7c4c9d0d8b94f84069a0c15900b17497b3c7f82b5b879a2c3536b2b0713fe546b9496bccc538a8af9562b9105bd0e3d91ddbe34119485c43a0e3891c0b795c347db6c17a7ba7e39fc6f5a6d19cc2323e92d7ea1c79f74b34ccf962aab46c6fd35b7a96b3176bba3d99a882c34948453981c2ac7dd4c6429cd50960e3f664d779b00f9ca610cd077d3dd78bfe1c5660abfcce1bcbe02060a606b26b52a11a517fe7a19967a31d23a86064010e8aeb54d73656b57e1e0d2ec177af5dd56f267da83f07940844c3fe266c5279d9a9ad10eca935a49b60f850d8db2fdfbcd08dea58c3297c275a1c0cb14ebf59fda301cc4b48c5404263b2bc121247a1e8fa0456c318af2e4f984689961573071c12195cac98a73f00913cc353543cfe8f692f8a13aef35eac45fb9729df7a1b9af723eaed2b383e18a0cd17928307ed5b8a17fbab6f498a866d367edff73c7dc14392a08f0f4e18cc39757e5b6014ed57f8a5eeb90247e9abce24084d86702d23acf87d8478a4482c4c4ebbeece0bf07c5c6e5f9d4db9efc915d09e3f2093bccd3a2787c29bbc7582f49f71ac9cf8916211cfdf5431280a6d63910b592ad24fb1574119db6b4a7dfced055638289a18684df1534344120acfb43d4f37cd2857dda47c1deaa3c395c11d3e10cd6772bd5ca9fd5378fde8f9ed91edc6e5e5e38f81da27def288ac198ee32e9134cd33f8477f6631d4302ba5104fc98bc9eed6a6bcd224cea7dc693c82ac6b2106a77cd3cb47fc68b039cc3983757a552a66bcd3076d0bc56162946165fa7fe209e0718fdf62fb65122e89a3c29e66310b8478720823a8000e3b364e3e9aa6331415abae42183a711cdbac5ba36031b6e7fb216eee096c3da180fa73443268513d8439209f63913e36cde4700e65f5fe5050881c4b4c3f477c7931fb091172143e22a9afc746965b04795d37f02ad83e37a243ca2e25430d722b1b448464aec6d7528d7c031ec715745502fe9468a743f0e1aa5e62b1932ad405f18fdf96f7da24412e0b4e427bf5cef93f6aa58e24bc4ea5f270dab209a9504719b3d90df294cc975036319b2ca6c5942113bcac07d6f198cf428332d33d672ae5a9c41e7e8a02784bac15e34fcc0eae70718045ab918e5921567c7957e812e6de689a7cc652305a4679a4945763898bdfbbbc81063030c93a6e33e02f47aed86fcb06745b78435326606d0d7a6c19bd6a85e685233d49881cc7c05c75e70ac41aadecdf24850a24fab0d81d937feb95dfa7b840ca9231b89fd318c24d7e696e0cfd10db7d8781573de3a66347eab7c503b7683f90510b7ba06bf259e6266b5291297066a8339e4b8f9bc2d313fc0fb914c613a96cfc4d4780b128fb9b4b8e189e2e4be2239511fcd127bad01031788ef5baa4b03436fab7fdfb4576c93e908a6ec15f44ffd15947365581a9915dda795287176b184bbe9ee7018e73b4071110111d01c2023ffe8cb13790748516827a35b55d026db6572ad0295091003a70d243318ebf5679f901167dff7acdd0e6fadfcbf98743ab3713eac753cb7349eb35a46d9feb133bfe64c281ee99120477d97e7f1bd00024661af9e23391db214982f9ec3252a729e4c55ce80fbdc42521d6fe9e2367344eebc7f702"}, @nested={0x17, 0x114, 0x0, 0x1, [@generic="2860adf212ce9b770c880bf9ca46064f645625"]}, @typed={0x5, 0xde, 0x0, 0x0, @str='\x00'}, @generic="89a21c8f2fc0ba7da42f10b57d0a2c58f97cfaa98086681f14ba39d1197388ac9440e074e699181d74f9188caaaa89ffcc16c47359", @typed={0x8, 0x105, 0x0, 0x0, @ipv4=@rand_addr=0x64010100}, @nested={0x10, 0x110, 0x0, 0x1, [@nested={0x4, 0xe3}, @typed={0x8, 0xb2, 0x0, 0x0, @str='nfc\x00'}]}]}, 0x1094}], 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="2c000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r6, @ANYRES32=r10, @ANYRES32, @ANYBLOB="000000006cb6e20ca581efe69c620f8cadc0ec736085b647488b335a87f4b7fd854f61d5cc9211e6b3e2bbf24c59a14faf30fff787eaf3716353430c7add6d4c3345d6df3ffef392b170146d82bbe7a77856fd24fba5646291fa9db91d4d6c972b8925f96f245650db17c91f09b6e5290e44a4ca7890b2e08b3d8fd4e5d8ec04aeb4082b761a0e0b06cbb7c30957945532adf325a0429f42de4a500d77518a3f42a76dba30a876c0082e792ddce00baad505086183f83914ca2fe07bc7d8df08e9de32126e72cd6a31bde59534"], 0x50, 0x8000}, 0x4)
bind$inet(r3, &(0x7f0000001b80)={0x2, 0x4e22, @remote}, 0x10)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r12)
sendmsg$NFC_CMD_GET_TARGET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001b40)={0x14, r13, 0x1, 0x2, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x894}, 0x0) (async)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r12) (async, rerun: 32)
r14 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r12) (rerun: 32)
sendmsg$NBD_CMD_STATUS(r11, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000580)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r14, @ANYBLOB="010027bd7000fddbdf250520000008000100000000000c0005000c8092a90cabfd76"], 0x28}, 0x1, 0x0, 0x0, 0x81}, 0x4000000)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x114, 0x2d, 0x1, 0x0, 0x0, "", [@nested={0x102, 0x0, 0x0, 0x1, [@typed={0xc, 0x11, 0x0, 0x0, @u64=0x20}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback={0x100000000000}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e8823f9f3cb639cfb05bc48c26c0a26237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf1374875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0)

351.960734ms ago: executing program 3 (id=2146):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="760a0000000003e86011500000000000180000000000000000000000100000009500002000000000"], &(0x7f0000000080)='syzkaller\x00'}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r2, 0x0, 0xe, 0x0, &(0x7f000000eb40))
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010400000500000000000500fffe0900010073797a30000000002c000000030a01020000000000000000050000000900010073797a30000000000900030073797a300000000054000000060a010400000000000000000500000008000b40000000000900010073797a30000000002c0004802800018008000100647570"], 0xc8}}, 0x0)
r3 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f00000000c0)='xfrm0\x00', 0x10)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10)
sendmmsg$inet(r3, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r0, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001280)=[0x0], 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYRES8=r1], 0x40}}, 0x10)

350.655023ms ago: executing program 1 (id=2147):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_emit_ethernet(0x5a, &(0x7f0000000700)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff08004500004c0000000000019078ac1e0001ac1414aa03049078030000004c00000000000000002f0000ac14140a0000000044146ab3e000000400000001ac1e010100007fff8907c47f000001000420676a8f1c7aff1746646fa230eaa5c0241f42150c9d476abc31081a6ce86e2f68327bb95614907018bf259761da3a8149fd6df1f850c625fb22d9c68d510ccf558e34efad86558783757fd273b01d1c38d02d9e46641fc79acbad61964222f70d05370bc1c1c2b6d06c6b2693fe8ab139d7583c54e14cd3d82a3e87ffdeb0db0935a5cafe22cf18c6357dc1952b48e4d75d5387e84e4b6eb918b1b989a626b068028af83ba7b4a1fbdf1e3ff316c22dcf1b0f563ee62b9bf14a856932eb467858d14c7ff981763b09c21e987cb7c1a9ea5ea22ef96cc5ffb5e53fd9fb"], 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x10, 0x2e, 0x1, 0x0, 0x25dfdbfc}, 0x10}], 0x1, 0x0, 0x0, 0x20008080}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000003e000709fefffffffcffffff017c0000040042801400018006"], 0x30}, 0x1, 0x0, 0x0, 0x4048110}, 0xc800)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000ac0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
r4 = socket$inet_icmp(0x2, 0x2, 0x1)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r4, 0x0, 0x41, &(0x7f0000000140)={'nat\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78)
sendmsg$sock(r3, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000400)="c3ebdf02ccf049bcc145ba28e73853bc2beca0e03d5bd6c012e42d1428b917e255bc9e75cc701a5deacd14f062187f82e85e20e19b9ebfb6aef45d2ad0a7bc634373c630c98214899de376e8a8c2008b754001691c7b09262a9486cdd1654e717ddf0adc63e0a44f09a257aeb4827cea5c5eb652a7c34ace0d86abb34410bebcdd914d56bf83fd55d154e89e48870351e008a7462652501c07f9eabf4051243ef58362b6870778dbd820f1f674c5314c3dc2c9e671d1acc8a39f526c02fa98be", 0xc0}], 0x1}, 0x84)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), r1)
syz_emit_ethernet(0xed, &(0x7f0000000440)={@multicast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @val={@val={0x88a8, 0x5, 0x1, 0x4}, {0x8100, 0x4, 0x1, 0x2}}, {@generic={0xa00, "e7ab8f6daf457ffc6b477b6a9de399c2c60e867adfd2dec94b6bfd42d1c27b4c0833083ca74d11470def45651a9bc5c69f4c2231ff5bb400fb8539b1843541366c428c3ccb0e2cb7854532afee237c56ee23e632e48402b05f2395a857d66e113cbf80655046815e8844a292203393cf43f185a487ffbe4ba3b2a804ecfa63167152314df2e05f2b22f080c2ca7425073e0f64dabe21feae3e67045e2ba2bb6b6a29648535472da6f64e1840e6a73886ce2ced2d403246395a3fdfa91c9a9a9713522a53f61ceb724cd78ee42ebabe1a6020faa4974b7f"}}}, &(0x7f0000000340)={0x1, 0x3, [0xd1, 0x3b4, 0x9b3, 0xf43]})
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0x1f, 0xf, &(0x7f0000000680)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {0x85, 0x0, 0x0, 0x8b}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r8=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="3f9d00000000000000001700000008000300", @ANYRES32=r8, @ANYBLOB="60003080050002000000000014000400403a050c5bae9c544ef2b6d713459a7a1c000180050002000000000008000400050000000800010002000000240003"], 0x7c}}, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x40, r7, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_DEVKEY={0x18, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0xc}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0202}}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}]}, 0x40}, 0x1, 0x0, 0x0, 0x41}, 0x4084)
syz_emit_ethernet(0x2b, &(0x7f00000003c0)={@local, @dev, @void, {@arp={0x806, @generic={0x6, 0x6004, 0x6, 0x4, 0x3, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 'EzVL', @multicast, "5c917b8e44"}}}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$ITER_CREATE(0x21, &(0x7f00000000c0), 0x8)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r11=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r10, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r11, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0)

234.137406ms ago: executing program 3 (id=2148):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r3)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x7, 0x6361, 0x5, 0x1, 0xffffffff}}}}]}, 0x4c}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r6, {}, {0x8, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}]}, 0x34}, 0x1, 0x0, 0x0, 0x2000c161}, 0x4008000)
ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

135.511588ms ago: executing program 3 (id=2149):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000000300)={0x10, 0x0, 0x400000}, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r3, &(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000}, 0xc)
r4 = socket$netlink(0x10, 0x3, 0x2)
bind$netlink(r4, &(0x7f00000002c0)={0x10, 0x0, 0x25dfdbfb, 0x400000}, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc)
r5 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r5, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc)
r6 = socket$netlink(0x10, 0x3, 0xb)
bind$netlink(r6, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x22ffffffff}, 0xc)
r7 = socket$netlink(0x10, 0x3, 0x14)
bind$netlink(r7, &(0x7f0000000200)={0x10, 0x0, 0xffffffff, 0x400}, 0xc)
r8 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r8, &(0x7f0000000340)={0x10, 0x0, 0x1, 0x1000}, 0xc)
r9 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r9, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x22ffffffff}, 0xc)
socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r8, &(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000000}, 0xc)
r10 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r10, &(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x10, 0x0, 0x25dfdbff, 0x100}, 0x1)
bind$netlink(r1, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x80020000}, 0x48)
r11 = socket$netlink(0x10, 0x3, 0x4)
writev(r11, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)

52.377742ms ago: executing program 1 (id=2150):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="400000000f140100010000000000000008000300040000000c00450072646d615f636d0008000100000002000c00450072646d615f636d000800030001"], 0x40}}, 0x10)

47.150825ms ago: executing program 2 (id=831):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000080)={0x9, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @broadcast}}}, 0x108)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000800)=ANY=[@ANYBLOB="090000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000002000000ac1e000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006e000000000000000000000000000000000000000000000000000000000000000000020000007f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x290)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[], 0xdc}}, 0x80000)
socket(0x6, 0x80000, 0x80000000)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000080)={r3}, &(0x7f0000000100)=0x8)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000018009480080001d4296991000c0002800500095bcb280029000000"], 0x38}}, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f00000001c0)={0x3, {{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x88)
writev(r0, &(0x7f0000000380)=[{&(0x7f0000000340)="2367992ae5b81a4b882cc9929c7f91da1567e308208c7664e9d927ed1bdb2a15bcd71e82bebae8e5d4d6ad8a3f312c", 0x2f}], 0x1)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000280)=ANY=[@ANYBLOB="090000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000100"/130], 0xb1)

0s ago: executing program 3 (id=2151):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000080)={0xa, 0x0, 0x6, @empty, 0x0, 0x3}, 0x20)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5cfeffff", @ANYRES16=r2, @ANYBLOB="0100000000000000000001000500050007000000000008000900030000001400200000000000000000000000e1ffe000000108000a0000000000060002000100000014001f"], 0x5c}, 0x1, 0x6c}, 0x0)

kernel console output (not intermixed with test programs):

0
[  265.019837][   T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.055570][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  265.066531][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  265.101358][   T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  265.110554][   T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  265.215345][   T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.478106][   T13] bridge_slave_1: left allmulticast mode
[  265.485219][   T13] bridge_slave_1: left promiscuous mode
[  265.490985][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.500391][   T13] bridge_slave_0: left allmulticast mode
[  265.506463][   T13] bridge_slave_0: left promiscuous mode
[  265.513047][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.782756][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  265.795035][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  265.805588][   T13] bond0 (unregistering): Released all slaves
[  266.144384][T11731] FAULT_INJECTION: forcing a failure.
[  266.144384][T11731] name failslab, interval 1, probability 0, space 0, times 0
[  266.163081][T11733] SET target dimension over the limit!
[  266.172063][T11730] IPVS: length: 138 != 8
[  266.177174][T11730] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1739'.
[  266.188444][T11730] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1739'.
[  266.213094][T11731] CPU: 0 UID: 0 PID: 11731 Comm: syz.3.1741 Not tainted 6.16.0-rc4-syzkaller-00121-g80852774ba0a #0 PREEMPT(full) 
[  266.213120][T11731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  266.213130][T11731] Call Trace:
[  266.213137][T11731]  <TASK>
[  266.213144][T11731]  dump_stack_lvl+0x189/0x250
[  266.213169][T11731]  ? __pfx____ratelimit+0x10/0x10
[  266.213193][T11731]  ? __pfx_dump_stack_lvl+0x10/0x10
[  266.213213][T11731]  ? __pfx__printk+0x10/0x10
[  266.213241][T11731]  ? __pfx___might_resched+0x10/0x10
[  266.213260][T11731]  ? fs_reclaim_acquire+0x7d/0x100
[  266.213291][T11731]  should_fail_ex+0x414/0x560
[  266.213320][T11731]  should_failslab+0xa8/0x100
[  266.213343][T11731]  __kmalloc_cache_noprof+0x70/0x3d0
[  266.213363][T11731]  ? __request_module+0x2b5/0x5e0
[  266.213385][T11731]  __request_module+0x2b5/0x5e0
[  266.213409][T11731]  ? __pfx___request_module+0x10/0x10
[  266.213424][T11731]  ? __up_read+0x280/0x680
[  266.213447][T11731]  ? __pfx___up_read+0x10/0x10
[  266.213483][T11731]  crypto_alg_mod_lookup+0xa5/0x5f0
[  266.213507][T11731]  crypto_add_alg+0x235/0x3b0
[  266.213531][T11731]  ? __pfx_crypto_add_alg+0x10/0x10
[  266.213554][T11731]  crypto_user_rcv_msg+0x47a/0x570
[  266.213585][T11731]  ? __pfx_crypto_user_rcv_msg+0x10/0x10
[  266.213627][T11731]  ? __mutex_trylock_common+0x153/0x260
[  266.213651][T11731]  ? __pfx___mutex_trylock_common+0x10/0x10
[  266.213677][T11731]  ? rcu_is_watching+0x15/0xb0
[  266.213696][T11731]  ? trace_contention_end+0x39/0x120
[  266.213724][T11731]  netlink_rcv_skb+0x205/0x470
[  266.213746][T11731]  ? __pfx_crypto_user_rcv_msg+0x10/0x10
[  266.213770][T11731]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  266.213804][T11731]  ? netlink_deliver_tap+0x2e/0x1b0
[  266.213823][T11731]  ? netlink_deliver_tap+0x2e/0x1b0
[  266.213847][T11731]  crypto_netlink_rcv+0x2a/0x40
[  266.213869][T11731]  netlink_unicast+0x759/0x8e0
[  266.213901][T11731]  netlink_sendmsg+0x805/0xb30
[  266.213943][T11731]  ? __pfx_netlink_sendmsg+0x10/0x10
[  266.213967][T11731]  ? aa_sock_msg_perm+0x94/0x160
[  266.213992][T11731]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  266.214013][T11731]  ? __pfx_netlink_sendmsg+0x10/0x10
[  266.214033][T11731]  __sock_sendmsg+0x219/0x270
[  266.214054][T11731]  ____sys_sendmsg+0x505/0x830
[  266.214081][T11731]  ? __pfx_____sys_sendmsg+0x10/0x10
[  266.214112][T11731]  ? import_iovec+0x74/0xa0
[  266.214136][T11731]  ___sys_sendmsg+0x21f/0x2a0
[  266.214159][T11731]  ? __pfx____sys_sendmsg+0x10/0x10
[  266.214219][T11731]  ? __fget_files+0x2a/0x420
[  266.214240][T11731]  ? __fget_files+0x3a0/0x420
[  266.214271][T11731]  __x64_sys_sendmsg+0x19b/0x260
[  266.214296][T11731]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  266.214328][T11731]  ? __pfx_ksys_write+0x10/0x10
[  266.214345][T11731]  ? rcu_is_watching+0x15/0xb0
[  266.214369][T11731]  ? do_syscall_64+0xbe/0x3b0
[  266.214390][T11731]  do_syscall_64+0xfa/0x3b0
[  266.214405][T11731]  ? lockdep_hardirqs_on+0x9c/0x150
[  266.214428][T11731]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.214445][T11731]  ? clear_bhb_loop+0x60/0xb0
[  266.214466][T11731]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.214482][T11731] RIP: 0033:0x7f96d4f8e929
[  266.214498][T11731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.214512][T11731] RSP: 002b:00007f96d5e04038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  266.214531][T11731] RAX: ffffffffffffffda RBX: 00007f96d51b5fa0 RCX: 00007f96d4f8e929
[  266.214543][T11731] RDX: 0000000000040040 RSI: 0000200000000880 RDI: 0000000000000003
[  266.214554][T11731] RBP: 00007f96d5e04090 R08: 0000000000000000 R09: 0000000000000000
[  266.214564][T11731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.214574][T11731] R13: 0000000000000000 R14: 00007f96d51b5fa0 R15: 00007ffdf193a248
[  266.214604][T11731]  </TASK>
[  266.759412][   T13] hsr_slave_0: left promiscuous mode
[  266.769135][   T13] hsr_slave_1: left promiscuous mode
[  266.776740][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  266.787259][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  266.799264][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  266.810003][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  266.837167][   T13] veth1_macvtap: left promiscuous mode
[  266.842833][   T13] veth0_macvtap: left promiscuous mode
[  266.854150][   T13] veth1_vlan: left promiscuous mode
[  266.861685][   T13] veth0_vlan: left promiscuous mode
[  266.865297][ T5856] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  266.877099][ T5856] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  266.888471][ T5856] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  266.897705][ T5856] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  266.908587][ T5856] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  267.218451][   T13] team0 (unregistering): Port device team_slave_1 removed
[  267.252106][   T13] team0 (unregistering): Port device team_slave_0 removed
[  267.709663][T11735] chnl_net:caif_netlink_parms(): no params data found
[  267.788123][T11735] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.795555][T11735] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.802735][T11735] bridge_slave_0: entered allmulticast mode
[  267.810408][T11735] bridge_slave_0: entered promiscuous mode
[  267.818210][T11735] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.825515][T11735] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.832690][T11735] bridge_slave_1: entered allmulticast mode
[  267.841471][T11735] bridge_slave_1: entered promiscuous mode
[  267.948253][T11735] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  267.985630][T11735] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  268.088497][T11735] team0: Port device team_slave_0 added
[  268.169337][   T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.214539][T11735] team0: Port device team_slave_1 added
[  268.237281][T11757] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  268.315594][   T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.349738][T11735] batman_adv: batadv0: Adding interface: batadv_slave_0
[  268.357740][T11735] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.401671][T11735] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  268.413354][ T5853] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  268.422952][ T5853] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  268.431159][ T5853] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  268.441057][ T5853] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  268.454750][ T5853] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  268.493914][   T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.509260][T11735] batman_adv: batadv0: Adding interface: batadv_slave_1
[  268.518147][T11735] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.547824][T11735] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  268.587390][   T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.729355][T11735] hsr_slave_0: entered promiscuous mode
[  268.744018][T11735] hsr_slave_1: entered promiscuous mode
[  268.840751][T11775] netlink: 'syz.1.1753': attribute type 20 has an invalid length.
[  268.923549][ T5853] Bluetooth: hci2: command tx timeout
[  269.085907][   T13] bridge_slave_1: left allmulticast mode
[  269.091598][   T13] bridge_slave_1: left promiscuous mode
[  269.098090][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.109137][   T13] bridge_slave_0: left allmulticast mode
[  269.118881][   T13] bridge_slave_0: left promiscuous mode
[  269.125695][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.590157][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  269.615386][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  269.626360][   T13] bond0 (unregistering): Released all slaves
[  269.789940][T11805] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1764'.
[  269.867992][T11808] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  270.101442][T11763] chnl_net:caif_netlink_parms(): no params data found
[  270.108356][T11797] infiniband syz1: set down
[  270.116069][T11797] infiniband syz1: added syz_tun
[  270.200273][T11797] RDS/IB: syz1: added
[  270.220319][T11797] smc: adding ib device syz1 with port count 1
[  270.227249][T11797] smc:    ib device syz1 port 1 has pnetid SYZ0 (user defined)
[  270.239973][   T13] hsr_slave_0: left promiscuous mode
[  270.247531][   T13] hsr_slave_1: left promiscuous mode
[  270.253719][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  270.261131][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  270.270212][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  270.277933][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  270.296847][   T13] veth1_macvtap: left promiscuous mode
[  270.302362][   T13] veth0_macvtap: left promiscuous mode
[  270.308279][   T13] veth1_vlan: left promiscuous mode
[  270.313655][   T13] veth0_vlan: left promiscuous mode
[  270.536705][ T5853] Bluetooth: hci4: command tx timeout
[  270.722770][   T13] team0 (unregistering): Port device team_slave_1 removed
[  270.768253][   T13] team0 (unregistering): Port device team_slave_0 removed
[  271.013178][ T5856] Bluetooth: hci2: command tx timeout
[  271.201680][T11763] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.209295][T11763] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.217891][T11763] bridge_slave_0: entered allmulticast mode
[  271.225946][T11763] bridge_slave_0: entered promiscuous mode
[  271.268145][T11763] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.275758][T11763] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.283205][T11763] bridge_slave_1: entered allmulticast mode
[  271.291218][T11763] bridge_slave_1: entered promiscuous mode
[  271.413471][T11763] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  271.466165][T11763] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  271.669990][T11763] team0: Port device team_slave_0 added
[  271.687633][T11735] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  271.735466][T11763] team0: Port device team_slave_1 added
[  271.805932][T11735] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  271.827862][T11763] batman_adv: batadv0: Adding interface: batadv_slave_0
[  271.838352][T11843] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  271.851578][T11763] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  271.883306][T11763] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  271.897429][T11735] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  271.909510][T11735] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  271.926372][T11763] batman_adv: batadv0: Adding interface: batadv_slave_1
[  271.934759][T11763] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  271.961224][T11763] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  272.077076][T11763] hsr_slave_0: entered promiscuous mode
[  272.094379][T11763] hsr_slave_1: entered promiscuous mode
[  272.100496][T11763] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  272.108731][T11763] Cannot create hsr debugfs directory
[  272.419403][T11735] 8021q: adding VLAN 0 to HW filter on device bond0
[  272.453844][T11735] 8021q: adding VLAN 0 to HW filter on device team0
[  272.472066][T11852] FAULT_INJECTION: forcing a failure.
[  272.472066][T11852] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  272.473666][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.492313][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  272.504246][T11852] CPU: 1 UID: 0 PID: 11852 Comm: syz.0.1778 Not tainted 6.16.0-rc4-syzkaller-00121-g80852774ba0a #0 PREEMPT(full) 
[  272.504270][T11852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  272.504279][T11852] Call Trace:
[  272.504285][T11852]  <TASK>
[  272.504292][T11852]  dump_stack_lvl+0x189/0x250
[  272.504315][T11852]  ? __pfx____ratelimit+0x10/0x10
[  272.504336][T11852]  ? __pfx_dump_stack_lvl+0x10/0x10
[  272.504353][T11852]  ? __pfx__printk+0x10/0x10
[  272.504381][T11852]  should_fail_ex+0x414/0x560
[  272.504403][T11852]  _copy_from_user+0x2d/0xb0
[  272.504420][T11852]  __copy_msghdr+0x3c5/0x5b0
[  272.504440][T11852]  ___sys_sendmsg+0x1a5/0x2a0
[  272.504460][T11852]  ? __pfx____sys_sendmsg+0x10/0x10
[  272.504509][T11852]  ? __fget_files+0x2a/0x420
[  272.504529][T11852]  ? __fget_files+0x3a0/0x420
[  272.504558][T11852]  __x64_sys_sendmsg+0x19b/0x260
[  272.504581][T11852]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  272.504612][T11852]  ? __pfx_ksys_write+0x10/0x10
[  272.504629][T11852]  ? rcu_is_watching+0x15/0xb0
[  272.504653][T11852]  ? do_syscall_64+0xbe/0x3b0
[  272.504674][T11852]  do_syscall_64+0xfa/0x3b0
[  272.504689][T11852]  ? lockdep_hardirqs_on+0x9c/0x150
[  272.504713][T11852]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.504729][T11852]  ? clear_bhb_loop+0x60/0xb0
[  272.504749][T11852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.504765][T11852] RIP: 0033:0x7efcd798e929
[  272.504780][T11852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.504795][T11852] RSP: 002b:00007efcd87b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  272.504817][T11852] RAX: ffffffffffffffda RBX: 00007efcd7bb5fa0 RCX: 00007efcd798e929
[  272.504830][T11852] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000006
[  272.504841][T11852] RBP: 00007efcd87b7090 R08: 0000000000000000 R09: 0000000000000000
[  272.504851][T11852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.504861][T11852] R13: 0000000000000000 R14: 00007efcd7bb5fa0 R15: 00007fff491fcc58
[  272.504890][T11852]  </TASK>
[  272.613929][ T5853] Bluetooth: hci4: command tx timeout
[  272.655018][T11735] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  272.741081][T11735] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  272.819183][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.826402][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  272.884227][T11854] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  273.065992][T11864] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1781'.
[  273.084395][ T5853] Bluetooth: hci2: command tx timeout
[  273.208822][T11763] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  273.246681][T11763] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  273.364144][T11763] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  273.380699][T11877] FAULT_INJECTION: forcing a failure.
[  273.380699][T11877] name failslab, interval 1, probability 0, space 0, times 0
[  273.394274][T11877] CPU: 0 UID: 0 PID: 11877 Comm: syz.0.1785 Not tainted 6.16.0-rc4-syzkaller-00121-g80852774ba0a #0 PREEMPT(full) 
[  273.394298][T11877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  273.394308][T11877] Call Trace:
[  273.394314][T11877]  <TASK>
[  273.394321][T11877]  dump_stack_lvl+0x189/0x250
[  273.394346][T11877]  ? __pfx____ratelimit+0x10/0x10
[  273.394370][T11877]  ? __pfx_dump_stack_lvl+0x10/0x10
[  273.394390][T11877]  ? __pfx__printk+0x10/0x10
[  273.394427][T11877]  should_fail_ex+0x414/0x560
[  273.394457][T11877]  should_failslab+0xa8/0x100
[  273.394480][T11877]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  273.394501][T11877]  ? __alloc_skb+0x112/0x2d0
[  273.394526][T11877]  __alloc_skb+0x112/0x2d0
[  273.394550][T11877]  xfrm_alloc_compat+0x1a6/0x16f0
[  273.394578][T11877]  ? xfrm_get_translator+0x1b/0x240
[  273.394601][T11877]  ? __pfx_xfrm_alloc_compat+0x10/0x10
[  273.394624][T11877]  xfrm_nlmsg_multicast+0xd7/0x1f0
[  273.394647][T11877]  xfrm_send_state_notify+0xc5f/0x18b0
[  273.394674][T11877]  ? __pfx_xfrm_send_state_notify+0x10/0x10
[  273.394690][T11877]  ? km_state_notify+0x25/0x1f0
[  273.394718][T11877]  ? km_state_notify+0x25/0x1f0
[  273.394736][T11877]  ? km_state_notify+0x25/0x1f0
[  273.394753][T11877]  ? __pfx_xfrm_send_state_notify+0x10/0x10
[  273.394773][T11877]  km_state_notify+0x10d/0x1f0
[  273.394795][T11877]  xfrm_add_sa+0x3728/0x4050
[  273.394826][T11877]  ? __pfx_xfrm_add_sa+0x10/0x10
[  273.394843][T11877]  ? apparmor_capable+0x137/0x1b0
[  273.394868][T11877]  ? __nla_parse+0x40/0x60
[  273.394891][T11877]  xfrm_user_rcv_msg+0x7a3/0xab0
[  273.394917][T11877]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  273.394974][T11877]  ? __mutex_trylock_common+0x153/0x260
[  273.394999][T11877]  ? __pfx___mutex_trylock_common+0x10/0x10
[  273.395025][T11877]  ? rcu_is_watching+0x15/0xb0
[  273.395044][T11877]  ? trace_contention_end+0x39/0x120
[  273.395079][T11877]  netlink_rcv_skb+0x205/0x470
[  273.395101][T11877]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  273.395123][T11877]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  273.395161][T11877]  ? netlink_deliver_tap+0x2e/0x1b0
[  273.395180][T11877]  ? netlink_deliver_tap+0x2e/0x1b0
[  273.395202][T11877]  xfrm_netlink_rcv+0x79/0x90
[  273.395222][T11877]  netlink_unicast+0x759/0x8e0
[  273.395254][T11877]  netlink_sendmsg+0x805/0xb30
[  273.395284][T11877]  ? __pfx_netlink_sendmsg+0x10/0x10
[  273.395307][T11877]  ? aa_sock_msg_perm+0x94/0x160
[  273.395332][T11877]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  273.395347][T11877]  ? __pfx_netlink_sendmsg+0x10/0x10
[  273.395368][T11877]  __sock_sendmsg+0x219/0x270
[  273.395388][T11877]  ____sys_sendmsg+0x505/0x830
[  273.395416][T11877]  ? __pfx_____sys_sendmsg+0x10/0x10
[  273.395447][T11877]  ? import_iovec+0x74/0xa0
[  273.395471][T11877]  ___sys_sendmsg+0x21f/0x2a0
[  273.395494][T11877]  ? __pfx____sys_sendmsg+0x10/0x10
[  273.395557][T11877]  ? __fget_files+0x2a/0x420
[  273.395577][T11877]  ? __fget_files+0x3a0/0x420
[  273.395610][T11877]  __x64_sys_sendmsg+0x19b/0x260
[  273.395634][T11877]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  273.395666][T11877]  ? __pfx_ksys_write+0x10/0x10
[  273.395682][T11877]  ? rcu_is_watching+0x15/0xb0
[  273.395707][T11877]  ? do_syscall_64+0xbe/0x3b0
[  273.395728][T11877]  do_syscall_64+0xfa/0x3b0
[  273.395743][T11877]  ? lockdep_hardirqs_on+0x9c/0x150
[  273.395766][T11877]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.395782][T11877]  ? clear_bhb_loop+0x60/0xb0
[  273.395803][T11877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.395819][T11877] RIP: 0033:0x7efcd798e929
[  273.395834][T11877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  273.395848][T11877] RSP: 002b:00007efcd87b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  273.395866][T11877] RAX: ffffffffffffffda RBX: 00007efcd7bb5fa0 RCX: 00007efcd798e929
[  273.395878][T11877] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000005
[  273.395889][T11877] RBP: 00007efcd87b7090 R08: 0000000000000000 R09: 0000000000000000
[  273.395899][T11877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  273.395909][T11877] R13: 0000000000000000 R14: 00007efcd7bb5fa0 R15: 00007fff491fcc58
[  273.395938][T11877]  </TASK>
[  273.901502][T11735] 8021q: adding VLAN 0 to HW filter on device batadv0
[  273.920556][T11763] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  273.971040][T11735] veth0_vlan: entered promiscuous mode
[  274.077140][T11763] 8021q: adding VLAN 0 to HW filter on device bond0
[  274.106761][T11735] veth1_vlan: entered promiscuous mode
[  274.116755][T11763] 8021q: adding VLAN 0 to HW filter on device team0
[  274.155638][ T1006] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.162790][ T1006] bridge0: port 1(bridge_slave_0) entered forwarding state
[  274.188964][T11896] xt_CT: No such helper "syz0"
[  274.211404][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  274.218624][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  274.233912][T11896] 8021q: VLANs not supported on syzkaller1
[  274.271674][T11735] veth0_macvtap: entered promiscuous mode
[  274.302776][T11763] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  274.322301][T11735] veth1_macvtap: entered promiscuous mode
[  274.357848][T11735] batman_adv: batadv0: Interface activated: batadv_slave_0
[  274.381615][T11735] batman_adv: batadv0: Interface activated: batadv_slave_1
[  274.396676][T11735] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  274.405963][T11735] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  274.426626][T11735] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  274.443059][T11735] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  274.489841][T11902] netlink: 'syz.1.1792': attribute type 20 has an invalid length.
[  274.636759][ T1006] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  274.645097][ T1006] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  274.684687][T11763] 8021q: adding VLAN 0 to HW filter on device batadv0
[  274.693770][ T5853] Bluetooth: hci4: command tx timeout
[  274.702812][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  274.711044][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  274.973966][T11915] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1796'.
[  275.002677][T11915] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1796'.
[  275.031968][T11919] gretap2: entered promiscuous mode
[  275.064874][T11922] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1798'.
[  275.077848][T11922] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1798'.
[  275.290375][T11763] veth0_vlan: entered promiscuous mode
[  275.364681][T11763] veth1_vlan: entered promiscuous mode
[  275.478725][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.595159][T11763] veth0_macvtap: entered promiscuous mode
[  275.635865][T11763] veth1_macvtap: entered promiscuous mode
[  275.677331][T11763] batman_adv: batadv0: Interface activated: batadv_slave_0
[  275.713745][T11763] batman_adv: batadv0: Interface activated: batadv_slave_1
[  275.733805][T11763] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  275.742543][T11763] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  275.755491][T11763] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  275.768158][T11763] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  275.837148][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.864106][ T1006] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  275.871978][ T1006] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  275.906083][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  275.915050][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  276.197663][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.516654][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.665739][   T12] bridge_slave_1: left allmulticast mode
[  276.671394][   T12] bridge_slave_1: left promiscuous mode
[  276.680817][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.690102][   T12] bridge_slave_0: left allmulticast mode
[  276.697061][   T12] bridge_slave_0: left promiscuous mode
[  276.702764][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.965744][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  276.977795][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  277.032003][   T12] bond0 (unregistering): Released all slaves
[  277.211872][T11952] veth11: entered promiscuous mode
[  277.224819][T11952] bridge5: port 1(veth11) entered blocking state
[  277.236984][T11952] bridge5: port 1(veth11) entered disabled state
[  277.263491][T11952] veth11: entered allmulticast mode
[  277.528061][ T5856] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  277.538197][ T5856] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  277.547201][ T5856] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  277.556235][ T5856] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  277.564172][ T5856] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  277.740188][   T12] hsr_slave_0: left promiscuous mode
[  277.758540][   T12] hsr_slave_1: left promiscuous mode
[  277.772307][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  277.783954][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  277.792035][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  277.803832][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  277.836005][   T12] veth1_macvtap: left promiscuous mode
[  277.841587][   T12] veth0_macvtap: left promiscuous mode
[  277.848506][   T12] veth1_vlan: left promiscuous mode
[  277.856100][   T12] veth0_vlan: left promiscuous mode
[  278.211226][   T12] team0 (unregistering): Port device team_slave_1 removed
[  278.247476][   T12] team0 (unregistering): Port device team_slave_0 removed
[  278.702307][T11955] chnl_net:caif_netlink_parms(): no params data found
[  278.784006][T11955] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.791175][T11955] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.798760][T11955] bridge_slave_0: entered allmulticast mode
[  278.806638][T11955] bridge_slave_0: entered promiscuous mode
[  278.814632][T11955] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.821710][T11955] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.829756][T11955] bridge_slave_1: entered allmulticast mode
[  278.836920][T11955] bridge_slave_1: entered promiscuous mode
[  278.870373][T11955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  278.883462][T11955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  278.917889][T11955] team0: Port device team_slave_0 added
[  278.927728][T11955] team0: Port device team_slave_1 added
[  278.961075][T11955] batman_adv: batadv0: Adding interface: batadv_slave_0
[  278.968472][T11955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.995209][T11955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  279.007731][T11955] batman_adv: batadv0: Adding interface: batadv_slave_1
[  279.015179][T11955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.041752][T11955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  279.123574][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.317059][T11976] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1816'.
[  279.324281][T11955] hsr_slave_0: entered promiscuous mode
[  279.332661][T11955] hsr_slave_1: entered promiscuous mode
[  279.381183][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.413591][T11976] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1816'.
[  279.542523][ T5853] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  279.562142][ T5853] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  279.571176][ T5853] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  279.591944][ T5853] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  279.602398][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.621397][ T5853] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  279.644668][ T5856] Bluetooth: hci2: command tx timeout
[  280.280898][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.698095][   T12] bridge_slave_1: left allmulticast mode
[  280.709438][   T12] bridge_slave_1: left promiscuous mode
[  280.717106][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.738835][   T12] bridge_slave_0: left allmulticast mode
[  280.758283][   T12] bridge_slave_0: left promiscuous mode
[  280.782624][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.078602][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  281.091199][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  281.102637][   T12] bond0 (unregistering): Released all slaves
[  281.382697][T12049] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1832'.
[  281.574090][T12054] SET target dimension over the limit!
[  281.723264][ T5856] Bluetooth: hci4: command tx timeout
[  281.729155][ T5856] Bluetooth: hci2: command tx timeout
[  281.760847][T12059] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1835'.
[  281.829043][T11955] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  281.928471][T11980] chnl_net:caif_netlink_parms(): no params data found
[  282.048619][T11955] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  282.072537][T12065] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1838'.
[  282.131013][   T12] hsr_slave_0: left promiscuous mode
[  282.148336][   T12] hsr_slave_1: left promiscuous mode
[  282.173911][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  282.196976][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  282.216995][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  282.227574][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  282.281430][   T12] veth1_macvtap: left promiscuous mode
[  282.303456][   T12] veth0_macvtap: left promiscuous mode
[  282.315970][   T12] veth1_vlan: left promiscuous mode
[  282.328010][   T12] veth0_vlan: left promiscuous mode
[  282.754289][   T12] team0 (unregistering): Port device team_slave_1 removed
[  282.790614][   T12] team0 (unregistering): Port device team_slave_0 removed
[  283.142363][T11955] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  283.155394][T12080] bridge: RTM_NEWNEIGH with invalid state 0x8
[  283.239737][T11955] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  283.334096][T12089] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1845'.
[  283.467308][T11980] bridge0: port 1(bridge_slave_0) entered blocking state
[  283.501960][T11980] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.520981][T11980] bridge_slave_0: entered allmulticast mode
[  283.546849][T11980] bridge_slave_0: entered promiscuous mode
[  283.565697][T11980] bridge0: port 2(bridge_slave_1) entered blocking state
[  283.583881][T11980] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.591267][T11980] bridge_slave_1: entered allmulticast mode
[  283.602554][T11980] bridge_slave_1: entered promiscuous mode
[  283.674072][T12110] FAULT_INJECTION: forcing a failure.
[  283.674072][T12110] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  283.691904][T12110] CPU: 1 UID: 0 PID: 12110 Comm: syz.0.1852 Not tainted 6.16.0-rc4-syzkaller-00121-g80852774ba0a #0 PREEMPT(full) 
[  283.691929][T12110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  283.691939][T12110] Call Trace:
[  283.691947][T12110]  <TASK>
[  283.691954][T12110]  dump_stack_lvl+0x189/0x250
[  283.691978][T12110]  ? __pfx____ratelimit+0x10/0x10
[  283.692012][T12110]  ? __pfx_dump_stack_lvl+0x10/0x10
[  283.692030][T12110]  ? __pfx__printk+0x10/0x10
[  283.692052][T12110]  ? __might_fault+0xb0/0x130
[  283.692084][T12110]  should_fail_ex+0x414/0x560
[  283.692112][T12110]  _copy_from_user+0x2d/0xb0
[  283.692132][T12110]  kstrtouint_from_user+0xc4/0x170
[  283.692152][T12110]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  283.692183][T12110]  proc_fail_nth_write+0x88/0x240
[  283.692205][T12110]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  283.692233][T12110]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  283.692255][T12110]  vfs_write+0x27e/0xa90
[  283.692282][T12110]  ? __pfx_vfs_write+0x10/0x10
[  283.692303][T12110]  ? __fget_files+0x2a/0x420
[  283.692329][T12110]  ? __fget_files+0x3a0/0x420
[  283.692347][T12110]  ? __fget_files+0x2a/0x420
[  283.692377][T12110]  ksys_write+0x145/0x250
[  283.692398][T12110]  ? __pfx_ksys_write+0x10/0x10
[  283.692413][T12110]  ? rcu_is_watching+0x15/0xb0
[  283.692435][T12110]  ? do_syscall_64+0xbe/0x3b0
[  283.692455][T12110]  do_syscall_64+0xfa/0x3b0
[  283.692469][T12110]  ? lockdep_hardirqs_on+0x9c/0x150
[  283.692491][T12110]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.692507][T12110]  ? clear_bhb_loop+0x60/0xb0
[  283.692526][T12110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.692540][T12110] RIP: 0033:0x7efcd798d3df
[  283.692555][T12110] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  283.692568][T12110] RSP: 002b:00007efcd87b7030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  283.692586][T12110] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007efcd798d3df
[  283.692596][T12110] RDX: 0000000000000001 RSI: 00007efcd87b70a0 RDI: 0000000000000006
[  283.692605][T12110] RBP: 00007efcd87b7090 R08: 0000000000000000 R09: 0000000000000000
[  283.692615][T12110] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  283.692623][T12110] R13: 0000000000000000 R14: 00007efcd7bb5fa0 R15: 00007fff491fcc58
[  283.692650][T12110]  </TASK>
[  283.947281][ T5856] Bluetooth: hci2: command tx timeout
[  283.952734][ T5856] Bluetooth: hci4: command tx timeout
[  283.977323][T11980] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  284.004615][T11980] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  284.036863][T12114] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1855'.
[  284.047866][T12116] netlink: 'syz.1.1856': attribute type 20 has an invalid length.
[  284.094701][T11980] team0: Port device team_slave_0 added
[  284.148499][T11980] team0: Port device team_slave_1 added
[  284.231508][T11980] batman_adv: batadv0: Adding interface: batadv_slave_0
[  284.258609][T11980] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  284.287421][T11980] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  284.337738][T11980] batman_adv: batadv0: Adding interface: batadv_slave_1
[  284.347810][T11980] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  284.384247][T11980] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  284.408811][T12128] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  284.438448][T12128] netlink: 'syz.0.1863': attribute type 11 has an invalid length.
[  284.477726][T11980] hsr_slave_0: entered promiscuous mode
[  284.488616][T11980] hsr_slave_1: entered promiscuous mode
[  284.496851][T11980] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  284.504780][T11980] Cannot create hsr debugfs directory
[  284.552751][T11955] 8021q: adding VLAN 0 to HW filter on device bond0
[  284.584722][T11955] 8021q: adding VLAN 0 to HW filter on device team0
[  284.664873][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  284.672032][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  284.691934][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  284.699155][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  284.927140][ T4576] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[  284.954918][T12150] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1871'.
[  284.980083][T12150] FAULT_INJECTION: forcing a failure.
[  284.980083][T12150] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.003096][T12150] CPU: 1 UID: 0 PID: 12150 Comm: syz.0.1871 Not tainted 6.16.0-rc4-syzkaller-00121-g80852774ba0a #0 PREEMPT(full) 
[  285.003121][T12150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  285.003132][T12150] Call Trace:
[  285.003139][T12150]  <TASK>
[  285.003147][T12150]  dump_stack_lvl+0x189/0x250
[  285.003172][T12150]  ? __pfx____ratelimit+0x10/0x10
[  285.003197][T12150]  ? __pfx_dump_stack_lvl+0x10/0x10
[  285.003216][T12150]  ? __pfx__printk+0x10/0x10
[  285.003252][T12150]  should_fail_ex+0x414/0x560
[  285.003281][T12150]  _copy_to_user+0x31/0xb0
[  285.003305][T12150]  simple_read_from_buffer+0xe1/0x170
[  285.003332][T12150]  proc_fail_nth_read+0x1df/0x250
[  285.003357][T12150]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  285.003382][T12150]  ? rw_verify_area+0x258/0x650
[  285.003400][T12150]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  285.003425][T12150]  vfs_read+0x200/0x980
[  285.003450][T12150]  ? __pfx___mutex_lock+0x10/0x10
[  285.003469][T12150]  ? __pfx_vfs_read+0x10/0x10
[  285.003490][T12150]  ? __fget_files+0x2a/0x420
[  285.003515][T12150]  ? __fget_files+0x3a0/0x420
[  285.003534][T12150]  ? __fget_files+0x2a/0x420
[  285.003565][T12150]  ksys_read+0x145/0x250
[  285.003588][T12150]  ? __pfx_ksys_read+0x10/0x10
[  285.003604][T12150]  ? rcu_is_watching+0x15/0xb0
[  285.003629][T12150]  ? do_syscall_64+0xbe/0x3b0
[  285.003650][T12150]  do_syscall_64+0xfa/0x3b0
[  285.003665][T12150]  ? lockdep_hardirqs_on+0x9c/0x150
[  285.003689][T12150]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.003705][T12150]  ? clear_bhb_loop+0x60/0xb0
[  285.003726][T12150]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.003741][T12150] RIP: 0033:0x7efcd798d33c
[  285.003758][T12150] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  285.003771][T12150] RSP: 002b:00007efcd87b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  285.003790][T12150] RAX: ffffffffffffffda RBX: 00007efcd7bb5fa0 RCX: 00007efcd798d33c
[  285.003802][T12150] RDX: 000000000000000f RSI: 00007efcd87b70a0 RDI: 0000000000000005
[  285.003812][T12150] RBP: 00007efcd87b7090 R08: 0000000000000000 R09: 0000000000000000
[  285.003823][T12150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.003831][T12150] R13: 0000000000000000 R14: 00007efcd7bb5fa0 R15: 00007fff491fcc58
[  285.003861][T12150]  </TASK>
[  285.571997][T12174] FAULT_INJECTION: forcing a failure.
[  285.571997][T12174] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.599343][T12174] CPU: 1 UID: 0 PID: 12174 Comm: syz.3.1878 Not tainted 6.16.0-rc4-syzkaller-00121-g80852774ba0a #0 PREEMPT(full) 
[  285.599368][T12174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  285.599378][T12174] Call Trace:
[  285.599384][T12174]  <TASK>
[  285.599392][T12174]  dump_stack_lvl+0x189/0x250
[  285.599417][T12174]  ? __pfx____ratelimit+0x10/0x10
[  285.599441][T12174]  ? __pfx_dump_stack_lvl+0x10/0x10
[  285.599459][T12174]  ? __pfx__printk+0x10/0x10
[  285.599481][T12174]  ? __might_fault+0xb0/0x130
[  285.599512][T12174]  should_fail_ex+0x414/0x560
[  285.599541][T12174]  _copy_from_user+0x2d/0xb0
[  285.599560][T12174]  ___sys_sendmsg+0x158/0x2a0
[  285.599585][T12174]  ? __pfx____sys_sendmsg+0x10/0x10
[  285.599640][T12174]  ? __fget_files+0x2a/0x420
[  285.599659][T12174]  ? __fget_files+0x3a0/0x420
[  285.599690][T12174]  __x64_sys_sendmsg+0x19b/0x260
[  285.599713][T12174]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  285.599742][T12174]  ? __pfx_ksys_write+0x10/0x10
[  285.599759][T12174]  ? rcu_is_watching+0x15/0xb0
[  285.599784][T12174]  ? do_syscall_64+0xbe/0x3b0
[  285.599803][T12174]  do_syscall_64+0xfa/0x3b0
[  285.599817][T12174]  ? lockdep_hardirqs_on+0x9c/0x150
[  285.599839][T12174]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.599855][T12174]  ? clear_bhb_loop+0x60/0xb0
[  285.599875][T12174]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.599891][T12174] RIP: 0033:0x7f96d4f8e929
[  285.599909][T12174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.599924][T12174] RSP: 002b:00007f96d5e04038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  285.599942][T12174] RAX: ffffffffffffffda RBX: 00007f96d51b5fa0 RCX: 00007f96d4f8e929
[  285.599954][T12174] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000003
[  285.599965][T12174] RBP: 00007f96d5e04090 R08: 0000000000000000 R09: 0000000000000000
[  285.599973][T12174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.599983][T12174] R13: 0000000000000000 R14: 00007f96d51b5fa0 R15: 00007ffdf193a248
[  285.599990][T12172] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  285.600009][T12174]  </TASK>
[  285.832160][T12172] tipc: Resetting bearer <eth:syzkaller0>
[  285.838750][T12178] syzkaller0: entered promiscuous mode
[  285.844343][T12178] syzkaller0: entered allmulticast mode
[  285.886238][T12171] tipc: Resetting bearer <eth:syzkaller0>
[  285.943134][T12171] tipc: Disabling bearer <eth:syzkaller0>
[  285.964452][ T5853] Bluetooth: hci4: command tx timeout
[  285.969922][ T5856] Bluetooth: hci2: command tx timeout
[  286.137387][T11955] 8021q: adding VLAN 0 to HW filter on device batadv0
[  286.146109][T12192] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1882'.
[  286.250274][T11980] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  286.418998][T11980] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  286.478089][T11980] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  286.521229][T11980] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  286.627556][T12222] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1891'.
[  286.679151][T11955] veth0_vlan: entered promiscuous mode
[  286.683626][T12226] FAULT_INJECTION: forcing a failure.
[  286.683626][T12226] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  286.697644][T11955] veth1_vlan: entered promiscuous mode
[  286.737687][T12226] CPU: 1 UID: 0 PID: 12226 Comm: syz.3.1893 Not tainted 6.16.0-rc4-syzkaller-00121-g80852774ba0a #0 PREEMPT(full) 
[  286.737714][T12226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  286.737724][T12226] Call Trace:
[  286.737731][T12226]  <TASK>
[  286.737739][T12226]  dump_stack_lvl+0x189/0x250
[  286.737763][T12226]  ? __pfx____ratelimit+0x10/0x10
[  286.737787][T12226]  ? __pfx_dump_stack_lvl+0x10/0x10
[  286.737806][T12226]  ? __pfx__printk+0x10/0x10
[  286.737827][T12226]  ? __might_fault+0xb0/0x130
[  286.737858][T12226]  should_fail_ex+0x414/0x560
[  286.737887][T12226]  _copy_from_iter+0x1db/0x16f0
[  286.737910][T12226]  ? rcu_is_watching+0x15/0xb0
[  286.737930][T12226]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  286.737951][T12226]  ? __pfx__copy_from_iter+0x10/0x10
[  286.737970][T12226]  ? __build_skb_around+0x257/0x3e0
[  286.737993][T12226]  ? netlink_sendmsg+0x642/0xb30
[  286.738010][T12226]  ? skb_put+0x11b/0x210
[  286.738033][T12226]  netlink_sendmsg+0x6b2/0xb30
[  286.738062][T12226]  ? __pfx_netlink_sendmsg+0x10/0x10
[  286.738085][T12226]  ? aa_sock_msg_perm+0x94/0x160
[  286.738110][T12226]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  286.738126][T12226]  ? __pfx_netlink_sendmsg+0x10/0x10
[  286.738146][T12226]  __sock_sendmsg+0x219/0x270
[  286.738165][T12226]  ____sys_sendmsg+0x505/0x830
[  286.738192][T12226]  ? __pfx_____sys_sendmsg+0x10/0x10
[  286.738222][T12226]  ? import_iovec+0x74/0xa0
[  286.738245][T12226]  ___sys_sendmsg+0x21f/0x2a0
[  286.738268][T12226]  ? __pfx____sys_sendmsg+0x10/0x10
[  286.738325][T12226]  ? __fget_files+0x2a/0x420
[  286.738345][T12226]  ? __fget_files+0x3a0/0x420
[  286.738377][T12226]  __x64_sys_sendmsg+0x19b/0x260
[  286.738398][T12226]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  286.738429][T12226]  ? __pfx_ksys_write+0x10/0x10
[  286.738446][T12226]  ? rcu_is_watching+0x15/0xb0
[  286.738470][T12226]  ? do_syscall_64+0xbe/0x3b0
[  286.738490][T12226]  do_syscall_64+0xfa/0x3b0
[  286.738505][T12226]  ? lockdep_hardirqs_on+0x9c/0x150
[  286.738528][T12226]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.738543][T12226]  ? clear_bhb_loop+0x60/0xb0
[  286.738562][T12226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.738577][T12226] RIP: 0033:0x7f96d4f8e929
[  286.738591][T12226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.738605][T12226] RSP: 002b:00007f96d5e04038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  286.738631][T12226] RAX: ffffffffffffffda RBX: 00007f96d51b5fa0 RCX: 00007f96d4f8e929
[  286.738640][T12226] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  286.738648][T12226] RBP: 00007f96d5e04090 R08: 0000000000000000 R09: 0000000000000000
[  286.738657][T12226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  286.738667][T12226] R13: 0000000000000000 R14: 00007f96d51b5fa0 R15: 00007ffdf193a248
[  286.738693][T12226]  </TASK>
[  287.039160][T11955] veth0_macvtap: entered promiscuous mode
[  287.140234][T12232] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1895'.
[  287.154480][T11955] veth1_macvtap: entered promiscuous mode
[  287.178838][T11955] batman_adv: batadv0: Interface activated: batadv_slave_0
[  287.195900][T11955] batman_adv: batadv0: Interface activated: batadv_slave_1
[  287.206608][T11955] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  287.215612][T11955] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  287.224503][T11955] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  287.233377][T11955] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  287.351945][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  287.363054][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  287.375287][T12234] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1896'.
[  287.381310][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  287.392827][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  287.457546][T11980] 8021q: adding VLAN 0 to HW filter on device bond0
[  287.521049][T11980] 8021q: adding VLAN 0 to HW filter on device team0
[  287.550921][   T74] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.558133][   T74] bridge0: port 1(bridge_slave_0) entered forwarding state
[  287.595221][ T1006] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.602419][ T1006] bridge0: port 2(bridge_slave_1) entered forwarding state
[  287.835882][T12248] netlink: 'syz.0.1900': attribute type 20 has an invalid length.
[  287.902107][T12251] SET target dimension over the limit!
[  287.921558][T12251] netlink: 'syz.1.1902': attribute type 1 has an invalid length.
[  287.929541][T12251] netlink: 244 bytes leftover after parsing attributes in process `syz.1.1902'.
[  287.946233][T12251] netlink: 'syz.1.1902': attribute type 2 has an invalid length.
[  287.957322][T12251] netlink: 188 bytes leftover after parsing attributes in process `syz.1.1902'.
[  288.043376][ T5853] Bluetooth: hci4: command tx timeout
[  288.067874][T11980] 8021q: adding VLAN 0 to HW filter on device batadv0
[  288.492287][T12268] veth13: entered promiscuous mode
[  288.504702][T12268] bridge6: port 1(veth13) entered blocking state
[  288.531711][T12268] bridge6: port 1(veth13) entered disabled state
[  288.547298][T12268] veth13: entered allmulticast mode
[  288.654453][   T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.724741][T11980] veth0_vlan: entered promiscuous mode
[  288.744062][T11980] veth1_vlan: entered promiscuous mode
[  288.777773][   T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.815463][T11980] veth0_macvtap: entered promiscuous mode
[  288.826350][T11980] veth1_macvtap: entered promiscuous mode
[  288.843085][    C0] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[  288.844237][T11980] batman_adv: batadv0: Interface activated: batadv_slave_0
[  288.868420][T11980] batman_adv: batadv0: Interface activated: batadv_slave_1
[  288.879016][T11980] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  288.889359][T11980] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  288.898571][T11980] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  288.907580][T11980] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  288.977839][ T4576] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  288.990750][ T4576] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  289.012707][   T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.049483][ T4576] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  289.058495][ T4576] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  289.196037][   T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.356899][   T13] bridge_slave_1: left allmulticast mode
[  289.362591][   T13] bridge_slave_1: left promiscuous mode
[  289.369152][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.379200][   T13] bridge_slave_0: left allmulticast mode
[  289.385323][   T13] bridge_slave_0: left promiscuous mode
[  289.391003][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.652540][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  289.664527][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  289.674936][   T13] bond0 (unregistering): Released all slaves
[  289.975468][T12277] tipc: Enabled bearer <eth:ip6gre0>, priority 10
[  290.359735][ T5856] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  290.376691][ T5856] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  290.385110][ T5856] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  290.393827][   T13] hsr_slave_0: left promiscuous mode
[  290.395690][ T5856] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  290.406341][   T13] hsr_slave_1: left promiscuous mode
[  290.407624][ T5856] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  290.412330][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  290.437532][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  290.447732][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  290.455262][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  290.472910][   T13] veth1_macvtap: left promiscuous mode
[  290.478756][   T13] veth0_macvtap: left promiscuous mode
[  290.484554][   T13] veth1_vlan: left promiscuous mode
[  290.489848][   T13] veth0_vlan: left promiscuous mode
[  290.821821][   T13] team0 (unregistering): Port device team_slave_1 removed
[  290.857828][   T13] team0 (unregistering): Port device team_slave_0 removed
[  291.464843][T12282] chnl_net:caif_netlink_parms(): no params data found
[  291.510667][   T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.584500][   T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.598884][T12282] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.607248][T12282] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.614900][T12282] bridge_slave_0: entered allmulticast mode
[  291.621853][T12282] bridge_slave_0: entered promiscuous mode
[  291.630863][T12282] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.638571][T12282] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.646069][T12282] bridge_slave_1: entered allmulticast mode
[  291.656244][T12282] bridge_slave_1: entered promiscuous mode
[  291.738326][   T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.895111][   T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.077765][T12282] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  292.106094][T12282] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  292.192446][ T5853] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  292.202429][ T5853] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  292.218266][ T5853] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  292.227097][ T5853] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  292.236247][ T5853] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  292.257066][T12282] team0: Port device team_slave_0 added
[  292.267177][T12320] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1920'.
[  292.285227][T12282] team0: Port device team_slave_1 added
[  292.378246][T12282] batman_adv: batadv0: Adding interface: batadv_slave_0
[  292.397285][T12282] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  292.440791][T12282] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  292.451428][ T5853] Bluetooth: hci2: command tx timeout
[  292.532032][T12282] batman_adv: batadv0: Adding interface: batadv_slave_1
[  292.551894][T12282] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  292.587544][T12282] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  292.810164][T12282] hsr_slave_0: entered promiscuous mode
[  292.824049][T12282] hsr_slave_1: entered promiscuous mode
[  292.830916][   T13] bridge_slave_1: left allmulticast mode
[  292.843812][   T13] bridge_slave_1: left promiscuous mode
[  292.849618][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  292.907215][   T13] bridge_slave_0: left allmulticast mode
[  292.913108][   T13] bridge_slave_0: left promiscuous mode
[  292.918879][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  292.971848][T12340] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  292.973029][T12339] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  293.269945][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  293.282432][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  293.292805][   T13] bond0 (unregistering): Released all slaves
[  293.307251][T12337] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1926'.
[  293.875259][T12366] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1936'.
[  294.079843][   T13] hsr_slave_0: left promiscuous mode
[  294.089027][   T13] hsr_slave_1: left promiscuous mode
[  294.099936][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  294.107980][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  294.117128][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  294.126252][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  294.145670][   T13] veth1_macvtap: left promiscuous mode
[  294.151227][   T13] veth0_macvtap: left promiscuous mode
[  294.157009][   T13] veth1_vlan: left promiscuous mode
[  294.162287][   T13] veth0_vlan: left promiscuous mode
[  294.287032][ T5853] Bluetooth: hci4: command tx timeout
[  294.523344][ T5853] Bluetooth: hci2: command tx timeout
[  294.591472][   T13] team0 (unregistering): Port device team_slave_1 removed
[  294.632618][   T13] team0 (unregistering): Port device team_slave_0 removed
[  294.986720][T12384] FAULT_INJECTION: forcing a failure.
[  294.986720][T12384] name failslab, interval 1, probability 0, space 0, times 0
[  294.999961][T12384] CPU: 0 UID: 0 PID: 12384 Comm: syz.3.1941 Not tainted 6.16.0-rc4-syzkaller-00121-g80852774ba0a #0 PREEMPT(full) 
[  294.999985][T12384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  294.999995][T12384] Call Trace:
[  295.000003][T12384]  <TASK>
[  295.000010][T12384]  dump_stack_lvl+0x189/0x250
[  295.000035][T12384]  ? __pfx____ratelimit+0x10/0x10
[  295.000060][T12384]  ? __pfx_dump_stack_lvl+0x10/0x10
[  295.000079][T12384]  ? __pfx__printk+0x10/0x10
[  295.000114][T12384]  ? __pfx___might_resched+0x10/0x10
[  295.000132][T12384]  ? fs_reclaim_acquire+0x7d/0x100
[  295.000159][T12384]  should_fail_ex+0x414/0x560
[  295.000188][T12384]  should_failslab+0xa8/0x100
[  295.000211][T12384]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  295.000231][T12384]  ? __pfx_nf_tables_abort+0x10/0x10
[  295.000250][T12384]  ? __alloc_skb+0x112/0x2d0
[  295.000274][T12384]  __alloc_skb+0x112/0x2d0
[  295.000297][T12384]  netlink_ack+0x146/0xa50
[  295.000322][T12384]  ? __kasan_kmalloc+0x93/0xb0
[  295.000352][T12384]  nfnetlink_rcv+0x2290/0x2520
[  295.000410][T12384]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  295.000446][T12384]  ? __lock_acquire+0xab9/0xd20
[  295.000512][T12384]  ? netlink_deliver_tap+0x2e/0x1b0
[  295.000531][T12384]  ? netlink_deliver_tap+0x2e/0x1b0
[  295.000557][T12384]  netlink_unicast+0x759/0x8e0
[  295.000586][T12384]  netlink_sendmsg+0x805/0xb30
[  295.000615][T12384]  ? __pfx_netlink_sendmsg+0x10/0x10
[  295.000639][T12384]  ? aa_sock_msg_perm+0x94/0x160
[  295.000663][T12384]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  295.000678][T12384]  ? __pfx_netlink_sendmsg+0x10/0x10
[  295.000700][T12384]  __sock_sendmsg+0x219/0x270
[  295.000719][T12384]  ____sys_sendmsg+0x505/0x830
[  295.000746][T12384]  ? __pfx_____sys_sendmsg+0x10/0x10
[  295.000777][T12384]  ? import_iovec+0x74/0xa0
[  295.000801][T12384]  ___sys_sendmsg+0x21f/0x2a0
[  295.000824][T12384]  ? __pfx____sys_sendmsg+0x10/0x10
[  295.000881][T12384]  ? __fget_files+0x2a/0x420
[  295.000902][T12384]  ? __fget_files+0x3a0/0x420
[  295.000935][T12384]  __x64_sys_sendmsg+0x19b/0x260
[  295.000959][T12384]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  295.000990][T12384]  ? __pfx_ksys_write+0x10/0x10
[  295.001008][T12384]  ? rcu_is_watching+0x15/0xb0
[  295.001032][T12384]  ? do_syscall_64+0xbe/0x3b0
[  295.001053][T12384]  do_syscall_64+0xfa/0x3b0
[  295.001068][T12384]  ? lockdep_hardirqs_on+0x9c/0x150
[  295.001099][T12384]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.001116][T12384]  ? clear_bhb_loop+0x60/0xb0
[  295.001137][T12384]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.001152][T12384] RIP: 0033:0x7f96d4f8e929
[  295.001169][T12384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  295.001183][T12384] RSP: 002b:00007f96d5e04038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  295.001202][T12384] RAX: ffffffffffffffda RBX: 00007f96d51b5fa0 RCX: 00007f96d4f8e929
[  295.001215][T12384] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  295.001226][T12384] RBP: 00007f96d5e04090 R08: 0000000000000000 R09: 0000000000000000
[  295.001236][T12384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  295.001246][T12384] R13: 0000000000000000 R14: 00007f96d51b5fa0 R15: 00007ffdf193a248
[  295.001275][T12384]  </TASK>
[  295.369955][T12317] chnl_net:caif_netlink_parms(): no params data found
[  295.387113][T12375] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  295.569775][T12393] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  295.657445][T12317] bridge0: port 1(bridge_slave_0) entered blocking state
[  295.674558][T12317] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.681851][T12317] bridge_slave_0: entered allmulticast mode
[  295.696097][T12317] bridge_slave_0: entered promiscuous mode
[  295.706838][T12317] bridge0: port 2(bridge_slave_1) entered blocking state
[  295.718168][T12317] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.725776][T12317] bridge_slave_1: entered allmulticast mode
[  295.735176][T12317] bridge_slave_1: entered promiscuous mode
[  295.836792][T12317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  295.866025][T12317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  295.937379][T12317] team0: Port device team_slave_0 added
[  295.975386][T12317] team0: Port device team_slave_1 added
[  296.041923][T12317] batman_adv: batadv0: Adding interface: batadv_slave_0
[  296.049937][T12317] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.099596][T12317] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  296.179477][T12282] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  296.190445][T12282] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  296.216803][T12317] batman_adv: batadv0: Adding interface: batadv_slave_1
[  296.233313][T12317] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.261422][T12317] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  296.273137][T12282] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  296.314308][T12282] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  296.363127][ T5853] Bluetooth: hci4: command tx timeout
[  296.391735][T12317] hsr_slave_0: entered promiscuous mode
[  296.398966][T12317] hsr_slave_1: entered promiscuous mode
[  296.405398][T12317] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  296.413080][T12317] Cannot create hsr debugfs directory
[  296.448839][T12426] netlink: 'syz.3.1953': attribute type 21 has an invalid length.
[  296.471704][T12426] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1953'.
[  296.500960][T12426] netlink: 'syz.3.1953': attribute type 4 has an invalid length.
[  296.501133][T12429] netlink: 'syz.3.1953': attribute type 21 has an invalid length.
[  296.519726][T12426] netlink: 'syz.3.1953': attribute type 5 has an invalid length.
[  296.529642][T12429] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1953'.
[  296.543143][T12426] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1953'.
[  296.575504][T12429] netlink: 'syz.3.1953': attribute type 4 has an invalid length.
[  296.583596][T12429] netlink: 'syz.3.1953': attribute type 5 has an invalid length.
[  296.591333][T12429] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1953'.
[  296.613634][ T5853] Bluetooth: hci2: command tx timeout
[  296.622496][T12432] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1953'.
[  296.632092][T12426] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1953'.
[  296.965810][T12282] 8021q: adding VLAN 0 to HW filter on device bond0
[  297.016618][T12282] 8021q: adding VLAN 0 to HW filter on device team0
[  297.031923][   T74] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.039198][   T74] bridge0: port 1(bridge_slave_0) entered forwarding state
[  297.062072][ T4576] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.069276][ T4576] bridge0: port 2(bridge_slave_1) entered forwarding state
[  297.083811][T12438] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1958'.
[  297.243115][    C0] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[  297.297989][T12317] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  297.337444][T12317] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  297.361349][T12317] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  297.409128][T12317] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  297.419746][T12449] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1963'.
[  297.429762][T12449] netlink: 176 bytes leftover after parsing attributes in process `syz.3.1963'.
[  297.463561][T12449] netlink: 'syz.3.1963': attribute type 5 has an invalid length.
[  297.486957][T12450] bond5: entered promiscuous mode
[  297.492035][T12450] bond5: entered allmulticast mode
[  297.499475][T12450] 8021q: adding VLAN 0 to HW filter on device bond5
[  297.633111][T12450] bond5 (unregistering): Released all slaves
[  297.784250][T12282] 8021q: adding VLAN 0 to HW filter on device batadv0
[  297.997106][T12282] veth0_vlan: entered promiscuous mode
[  298.036248][T12317] 8021q: adding VLAN 0 to HW filter on device bond0
[  298.064688][T12282] veth1_vlan: entered promiscuous mode
[  298.083713][T12485] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1970'.
[  298.141083][T12317] 8021q: adding VLAN 0 to HW filter on device team0
[  298.169909][T12485] netlink: 'syz.0.1970': attribute type 2 has an invalid length.
[  298.199288][ T1006] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.206517][ T1006] bridge0: port 1(bridge_slave_0) entered forwarding state
[  298.221597][ T1006] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.228827][ T1006] bridge0: port 2(bridge_slave_1) entered forwarding state
[  298.272752][T12282] veth0_macvtap: entered promiscuous mode
[  298.341444][T12491] FAULT_INJECTION: forcing a failure.
[  298.341444][T12491] name failslab, interval 1, probability 0, space 0, times 0
[  298.344559][T12282] veth1_macvtap: entered promiscuous mode
[  298.382491][T12491] CPU: 1 UID: 0 PID: 12491 Comm: syz.3.1975 Not tainted 6.16.0-rc4-syzkaller-00121-g80852774ba0a #0 PREEMPT(full) 
[  298.382518][T12491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  298.382528][T12491] Call Trace:
[  298.382535][T12491]  <TASK>
[  298.382541][T12491]  dump_stack_lvl+0x189/0x250
[  298.382566][T12491]  ? __pfx____ratelimit+0x10/0x10
[  298.382590][T12491]  ? __pfx_dump_stack_lvl+0x10/0x10
[  298.382609][T12491]  ? __pfx__printk+0x10/0x10
[  298.382636][T12491]  ? __pfx___might_resched+0x10/0x10
[  298.382653][T12491]  ? fs_reclaim_acquire+0x7d/0x100
[  298.382680][T12491]  should_fail_ex+0x414/0x560
[  298.382707][T12491]  should_failslab+0xa8/0x100
[  298.382730][T12491]  __kmalloc_noprof+0xcb/0x4f0
[  298.382748][T12491]  ? kfree+0x4d/0x440
[  298.382764][T12491]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  298.382786][T12491]  tomoyo_realpath_from_path+0xe3/0x5d0
[  298.382805][T12491]  ? tomoyo_domain+0xd9/0x130
[  298.382825][T12491]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  298.382847][T12491]  tomoyo_path_number_perm+0x1e8/0x5a0
[  298.382872][T12491]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  298.382909][T12491]  ? __lock_acquire+0xab9/0xd20
[  298.382945][T12491]  ? __fget_files+0x2a/0x420
[  298.382968][T12491]  ? __fget_files+0x2a/0x420
[  298.382986][T12491]  ? __fget_files+0x3a0/0x420
[  298.383004][T12491]  ? __fget_files+0x2a/0x420
[  298.383029][T12491]  security_file_ioctl+0xcb/0x2d0
[  298.383052][T12491]  __se_sys_ioctl+0x47/0x170
[  298.383073][T12491]  do_syscall_64+0xfa/0x3b0
[  298.383087][T12491]  ? lockdep_hardirqs_on+0x9c/0x150
[  298.383108][T12491]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.383124][T12491]  ? clear_bhb_loop+0x60/0xb0
[  298.383142][T12491]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.383158][T12491] RIP: 0033:0x7f96d4f8e929
[  298.383174][T12491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  298.383188][T12491] RSP: 002b:00007f96d5e04038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  298.383204][T12491] RAX: ffffffffffffffda RBX: 00007f96d51b5fa0 RCX: 00007f96d4f8e929
[  298.383215][T12491] RDX: 0000200000000440 RSI: 0000000000008b07 RDI: 0000000000000004
[  298.383225][T12491] RBP: 00007f96d5e04090 R08: 0000000000000000 R09: 0000000000000000
[  298.383235][T12491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  298.383243][T12491] R13: 0000000000000000 R14: 00007f96d51b5fa0 R15: 00007ffdf193a248
[  298.383270][T12491]  </TASK>
[  298.410636][T12282] batman_adv: batadv0: Interface activated: batadv_slave_0
[  298.472987][ T5853] Bluetooth: hci4: command tx timeout
[  298.507555][T12491] ERROR: Out of memory at tomoyo_realpath_from_path.
[  298.514542][T12282] batman_adv: batadv0: Interface activated: batadv_slave_1
[  298.536696][T12494] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1976'.
[  298.573882][T12282] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  298.689014][ T5853] Bluetooth: hci2: command tx timeout
[  298.694690][T12282] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  298.703480][T12282] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  298.712188][T12282] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  298.731903][T12499] tipc: Enabled bearer <eth:ip6gre0>, priority 10
[  298.846398][T12502] veth17: entered promiscuous mode
[  298.852005][T12502] bridge12: port 1(veth17) entered blocking state
[  298.859339][T12502] bridge12: port 1(veth17) entered disabled state
[  298.866544][T12502] veth17: entered allmulticast mode
[  299.007768][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  299.023542][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  299.037873][T12317] 8021q: adding VLAN 0 to HW filter on device batadv0
[  299.079658][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  299.096624][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  299.211230][T12513] netlink: 'syz.0.1981': attribute type 10 has an invalid length.
[  299.219658][T12513] netdevsim netdevsim0 netdevsim0: left promiscuous mode
[  299.238537][T12513] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  299.252456][T12513] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  299.425611][T12524] FAULT_INJECTION: forcing a failure.
[  299.425611][T12524] name failslab, interval 1, probability 0, space 0, times 0
[  299.447533][T12524] CPU: 0 UID: 0 PID: 12524 Comm: syz.3.1984 Not tainted 6.16.0-rc4-syzkaller-00121-g80852774ba0a #0 PREEMPT(full) 
[  299.447560][T12524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  299.447571][T12524] Call Trace:
[  299.447578][T12524]  <TASK>
[  299.447585][T12524]  dump_stack_lvl+0x189/0x250
[  299.447612][T12524]  ? __pfx____ratelimit+0x10/0x10
[  299.447636][T12524]  ? __pfx_dump_stack_lvl+0x10/0x10
[  299.447655][T12524]  ? __pfx__printk+0x10/0x10
[  299.447683][T12524]  ? __pfx___might_resched+0x10/0x10
[  299.447707][T12524]  should_fail_ex+0x414/0x560
[  299.447736][T12524]  should_failslab+0xa8/0x100
[  299.447760][T12524]  kmem_cache_alloc_noprof+0x73/0x3c0
[  299.447779][T12524]  ? can_rx_register+0x16d/0x790
[  299.447803][T12524]  can_rx_register+0x16d/0x790
[  299.447820][T12524]  ? dev_get_by_index+0x22/0x2e0
[  299.447833][T12524]  ? dev_get_by_index+0x22/0x2e0
[  299.447845][T12524]  ? __pfx_bcm_rx_handler+0x10/0x10
[  299.447869][T12524]  bcm_rx_setup+0xfb7/0x1970
[  299.447906][T12524]  bcm_sendmsg+0x255/0x6a0
[  299.447932][T12524]  ? __pfx_bcm_sendmsg+0x10/0x10
[  299.447960][T12524]  ? __lock_acquire+0xab9/0xd20
[  299.447973][T12524]  ? aa_sock_msg_perm+0x94/0x160
[  299.447996][T12524]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  299.448011][T12524]  ? __pfx_bcm_sendmsg+0x10/0x10
[  299.448032][T12524]  __sock_sendmsg+0x219/0x270
[  299.448051][T12524]  ____sys_sendmsg+0x505/0x830
[  299.448076][T12524]  ? __pfx_____sys_sendmsg+0x10/0x10
[  299.448106][T12524]  ? import_iovec+0x74/0xa0
[  299.448129][T12524]  ___sys_sendmsg+0x21f/0x2a0
[  299.448151][T12524]  ? __pfx____sys_sendmsg+0x10/0x10
[  299.448212][T12524]  ? __fget_files+0x2a/0x420
[  299.448232][T12524]  ? __fget_files+0x3a0/0x420
[  299.448265][T12524]  __x64_sys_sendmsg+0x19b/0x260
[  299.448288][T12524]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  299.448318][T12524]  ? __pfx_ksys_write+0x10/0x10
[  299.448343][T12524]  ? do_syscall_64+0xbe/0x3b0
[  299.448364][T12524]  do_syscall_64+0xfa/0x3b0
[  299.448386][T12524]  ? lockdep_hardirqs_on+0x9c/0x150
[  299.448409][T12524]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.448425][T12524]  ? clear_bhb_loop+0x60/0xb0
[  299.448446][T12524]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.448462][T12524] RIP: 0033:0x7f96d4f8e929
[  299.448477][T12524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.448491][T12524] RSP: 002b:00007f96d5e04038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  299.448508][T12524] RAX: ffffffffffffffda RBX: 00007f96d51b5fa0 RCX: 00007f96d4f8e929
[  299.448520][T12524] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000005
[  299.448531][T12524] RBP: 00007f96d5e04090 R08: 0000000000000000 R09: 0000000000000000
[  299.448541][T12524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.448550][T12524] R13: 0000000000000000 R14: 00007f96d51b5fa0 R15: 00007ffdf193a248
[  299.448580][T12524]  </TASK>
[  299.785851][T12017] tipc: Node number set to 3039807931
[  299.868353][T12317] veth0_vlan: entered promiscuous mode
[  299.885177][T12317] veth1_vlan: entered promiscuous mode
[  299.920056][T12317] veth0_macvtap: entered promiscuous mode
[  299.939448][T12317] veth1_macvtap: entered promiscuous mode
[  299.968545][T12317] batman_adv: batadv0: Interface activated: batadv_slave_0
[  299.995247][T12317] batman_adv: batadv0: Interface activated: batadv_slave_1
[  300.006642][T12317] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  300.015423][T12317] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  300.024823][T12317] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  300.034478][T12317] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  300.249560][   T36] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.282714][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  300.298511][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  300.347104][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  300.358029][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  300.496365][   T36] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.698729][   T36] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.756488][   T36] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.876463][   T36] bridge_slave_1: left allmulticast mode
[  300.882424][   T36] bridge_slave_1: left promiscuous mode
[  300.889211][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.899033][   T36] bridge_slave_0: left allmulticast mode
[  300.906916][   T36] bridge_slave_0: left promiscuous mode
[  300.912597][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.185835][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  301.197007][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  301.207243][   T36] bond0 (unregistering): Released all slaves
[  301.503001][   T36] hsr_slave_0: left promiscuous mode
[  301.508875][   T36] hsr_slave_1: left promiscuous mode
[  301.516539][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  301.526476][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  301.535599][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  301.545383][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  301.571458][   T36] veth1_macvtap: left promiscuous mode
[  301.577379][   T36] veth0_macvtap: left promiscuous mode
[  301.583355][   T36] veth1_vlan: left promiscuous mode
[  301.588698][   T36] veth0_vlan: left promiscuous mode
[  301.923753][T12547] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  302.172750][ T5856] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  302.181114][   T36] team0 (unregistering): Port device team_slave_1 removed
[  302.191558][ T5856] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  302.205252][ T5856] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  302.217803][ T5856] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  302.226108][ T5856] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  302.249340][   T36] team0 (unregistering): Port device team_slave_0 removed
[  302.909625][T12548] chnl_net:caif_netlink_parms(): no params data found
[  302.951039][   T36] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.010550][T12548] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.017935][T12548] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.025317][T12548] bridge_slave_0: entered allmulticast mode
[  303.032319][T12548] bridge_slave_0: entered promiscuous mode
[  303.040321][T12548] bridge0: port 2(bridge_slave_1) entered blocking state
[  303.048024][T12548] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.055383][T12548] bridge_slave_1: entered allmulticast mode
[  303.062365][T12548] bridge_slave_1: entered promiscuous mode
[  303.082245][   T36] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.122775][T12548] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  303.135880][T12548] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  303.176692][   T36] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.204219][T12548] team0: Port device team_slave_0 added
[  303.211819][T12548] team0: Port device team_slave_1 added
[  303.251651][   T36] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.268054][T12548] batman_adv: batadv0: Adding interface: batadv_slave_0
[  303.275864][T12548] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  303.303138][T12548] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  303.317832][T12548] batman_adv: batadv0: Adding interface: batadv_slave_1
[  303.325433][T12548] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  303.351605][T12548] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  303.407219][T12548] hsr_slave_0: entered promiscuous mode
[  303.414618][T12548] hsr_slave_1: entered promiscuous mode
[  303.525812][   T36] bridge_slave_1: left allmulticast mode
[  303.531495][   T36] bridge_slave_1: left promiscuous mode
[  303.539290][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.548614][   T36] bridge_slave_0: left allmulticast mode
[  303.554862][   T36] bridge_slave_0: left promiscuous mode
[  303.560560][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.675859][T12562] SET target dimension over the limit!
[  303.766169][T12565] netlink: 'syz.0.1996': attribute type 5 has an invalid length.
[  303.862206][T12570] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1997'.
[  304.062812][ T5853] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  304.072566][ T5853] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  304.082083][ T5853] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  304.100319][ T5853] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  304.109565][ T5853] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  304.210914][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  304.222367][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  304.233173][   T36] bond0 (unregistering): Released all slaves
[  304.289498][ T5853] Bluetooth: hci2: command tx timeout
[  304.449697][T12585] FAULT_INJECTION: forcing a failure.
[  304.449697][T12585] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  304.463256][T12585] CPU: 1 UID: 0 PID: 12585 Comm: syz.0.2004 Not tainted 6.16.0-rc4-syzkaller-00121-g80852774ba0a #0 PREEMPT(full) 
[  304.463279][T12585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  304.463294][T12585] Call Trace:
[  304.463301][T12585]  <TASK>
[  304.463309][T12585]  dump_stack_lvl+0x189/0x250
[  304.463329][T12585]  ? __pfx____ratelimit+0x10/0x10
[  304.463352][T12585]  ? __pfx_dump_stack_lvl+0x10/0x10
[  304.463371][T12585]  ? __pfx__printk+0x10/0x10
[  304.463403][T12585]  should_fail_ex+0x414/0x560
[  304.463430][T12585]  _copy_to_user+0x31/0xb0
[  304.463451][T12585]  simple_read_from_buffer+0xe1/0x170
[  304.463477][T12585]  proc_fail_nth_read+0x1df/0x250
[  304.463504][T12585]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  304.463531][T12585]  ? rw_verify_area+0x258/0x650
[  304.463550][T12585]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  304.463575][T12585]  vfs_read+0x200/0x980
[  304.463599][T12585]  ? __pfx___mutex_lock+0x10/0x10
[  304.463618][T12585]  ? __pfx_vfs_read+0x10/0x10
[  304.463639][T12585]  ? __fget_files+0x2a/0x420
[  304.463665][T12585]  ? __fget_files+0x3a0/0x420
[  304.463684][T12585]  ? __fget_files+0x2a/0x420
[  304.463711][T12585]  ksys_read+0x145/0x250
[  304.463727][T12585]  ? __fget_files+0x3a0/0x420
[  304.463748][T12585]  ? __pfx_ksys_read+0x10/0x10
[  304.463769][T12585]  ? do_syscall_64+0xbe/0x3b0
[  304.463789][T12585]  do_syscall_64+0xfa/0x3b0
[  304.463805][T12585]  ? lockdep_hardirqs_on+0x9c/0x150
[  304.463827][T12585]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.463843][T12585]  ? clear_bhb_loop+0x60/0xb0
[  304.463863][T12585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.463885][T12585] RIP: 0033:0x7efcd798d33c
[  304.463902][T12585] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  304.463917][T12585] RSP: 002b:00007efcd87b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  304.463936][T12585] RAX: ffffffffffffffda RBX: 00007efcd7bb5fa0 RCX: 00007efcd798d33c
[  304.463948][T12585] RDX: 000000000000000f RSI: 00007efcd87b70a0 RDI: 0000000000000005
[  304.463960][T12585] RBP: 00007efcd87b7090 R08: 0000000000000000 R09: 0000000000000000
[  304.463971][T12585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  304.463981][T12585] R13: 0000000000000000 R14: 00007efcd7bb5fa0 R15: 00007fff491fcc58
[  304.464012][T12585]  </TASK>
[  304.768482][T12591] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2006'.
[  304.777472][T12591] openvswitch: netlink: Flow actions attr not present in new flow.
[  304.791278][T12592] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  304.986868][T12599] netlink: 'syz.0.2008': attribute type 1 has an invalid length.
[  305.079469][T12599] 8021q: adding VLAN 0 to HW filter on device bond2
[  305.427253][T12612] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  305.552197][   T36] hsr_slave_0: left promiscuous mode
[  305.560225][   T36] hsr_slave_1: left promiscuous mode
[  305.567678][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  305.576449][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  305.579153][T12622] FAULT_INJECTION: forcing a failure.
[  305.579153][T12622] name failslab, interval 1, probability 0, space 0, times 0
[  305.600332][T12622] CPU: 0 UID: 0 PID: 12622 Comm: syz.3.2015 Not tainted 6.16.0-rc4-syzkaller-00121-g80852774ba0a #0 PREEMPT(full) 
[  305.600356][T12622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  305.600364][T12622] Call Trace:
[  305.600370][T12622]  <TASK>
[  305.600385][T12622]  dump_stack_lvl+0x189/0x250
[  305.600410][T12622]  ? __pfx____ratelimit+0x10/0x10
[  305.600434][T12622]  ? __pfx_dump_stack_lvl+0x10/0x10
[  305.600451][T12622]  ? __pfx__printk+0x10/0x10
[  305.600485][T12622]  ? __pfx___might_resched+0x10/0x10
[  305.600504][T12622]  ? fs_reclaim_acquire+0x7d/0x100
[  305.600531][T12622]  should_fail_ex+0x414/0x560
[  305.600559][T12622]  should_failslab+0xa8/0x100
[  305.600582][T12622]  __kmalloc_noprof+0xcb/0x4f0
[  305.600600][T12622]  ? kfree+0x4d/0x440
[  305.600616][T12622]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  305.600636][T12622]  tomoyo_realpath_from_path+0xe3/0x5d0
[  305.600652][T12622]  ? tomoyo_domain+0xd9/0x130
[  305.600671][T12622]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  305.600688][T12622]  tomoyo_path_number_perm+0x1e8/0x5a0
[  305.600709][T12622]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  305.600753][T12622]  ? __lock_acquire+0xab9/0xd20
[  305.600799][T12622]  ? __fget_files+0x2a/0x420
[  305.600824][T12622]  ? __fget_files+0x2a/0x420
[  305.600843][T12622]  ? __fget_files+0x3a0/0x420
[  305.600863][T12622]  ? __fget_files+0x2a/0x420
[  305.600889][T12622]  security_file_ioctl+0xcb/0x2d0
[  305.600911][T12622]  __se_sys_ioctl+0x47/0x170
[  305.600933][T12622]  do_syscall_64+0xfa/0x3b0
[  305.600948][T12622]  ? lockdep_hardirqs_on+0x9c/0x150
[  305.600975][T12622]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.600992][T12622]  ? clear_bhb_loop+0x60/0xb0
[  305.601013][T12622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.601029][T12622] RIP: 0033:0x7f96d4f8e929
[  305.601045][T12622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  305.601059][T12622] RSP: 002b:00007f96d5e04038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  305.601077][T12622] RAX: ffffffffffffffda RBX: 00007f96d51b5fa0 RCX: 00007f96d4f8e929
[  305.601088][T12622] RDX: 0000200000000080 RSI: 0000000000008b2b RDI: 0000000000000003
[  305.601099][T12622] RBP: 00007f96d5e04090 R08: 0000000000000000 R09: 0000000000000000
[  305.601109][T12622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  305.601118][T12622] R13: 0000000000000000 R14: 00007f96d51b5fa0 R15: 00007ffdf193a248
[  305.601145][T12622]  </TASK>
[  305.601153][T12622] ERROR: Out of memory at tomoyo_realpath_from_path.
[  305.601762][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  305.640225][T12621] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2014'.
[  305.645022][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  305.902940][   T36] veth1_macvtap: left promiscuous mode
[  305.908604][   T36] veth0_macvtap: left promiscuous mode
[  305.914921][   T36] veth1_vlan: left promiscuous mode
[  305.920294][   T36] veth0_vlan: left promiscuous mode
[  306.209121][ T5853] Bluetooth: hci4: command tx timeout
[  306.295022][   T36] team0 (unregistering): Port device team_slave_1 removed
[  306.337309][   T36] team0 (unregistering): Port device team_slave_0 removed
[  306.367315][ T5853] Bluetooth: hci2: command tx timeout
[  306.778577][T12632] tipc: Enabling of bearer <eth:ip6gre0> rejected, already enabled
[  306.802176][T12632] FAULT_INJECTION: forcing a failure.
[  306.802176][T12632] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  306.817607][T12548] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  306.861419][T12548] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  306.867017][T12638] netlink: 'syz.3.2021': attribute type 1 has an invalid length.
[  306.871809][T12632] CPU: 0 UID: 0 PID: 12632 Comm: syz.0.2018 Not tainted 6.16.0-rc4-syzkaller-00121-g80852774ba0a #0 PREEMPT(full) 
[  306.871834][T12632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  306.871845][T12632] Call Trace:
[  306.871853][T12632]  <TASK>
[  306.871861][T12632]  dump_stack_lvl+0x189/0x250
[  306.871887][T12632]  ? __pfx____ratelimit+0x10/0x10
[  306.871912][T12632]  ? __pfx_dump_stack_lvl+0x10/0x10
[  306.871931][T12632]  ? __pfx__printk+0x10/0x10
[  306.871964][T12632]  should_fail_ex+0x414/0x560
[  306.871993][T12632]  _copy_to_user+0x31/0xb0
[  306.872016][T12632]  simple_read_from_buffer+0xe1/0x170
[  306.872042][T12632]  proc_fail_nth_read+0x1df/0x250
[  306.872069][T12632]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  306.872095][T12632]  ? rw_verify_area+0x258/0x650
[  306.872113][T12632]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  306.872136][T12632]  vfs_read+0x200/0x980
[  306.872161][T12632]  ? __pfx___mutex_lock+0x10/0x10
[  306.872179][T12632]  ? __pfx_vfs_read+0x10/0x10
[  306.872199][T12632]  ? __fget_files+0x2a/0x420
[  306.872225][T12632]  ? __fget_files+0x3a0/0x420
[  306.872244][T12632]  ? __fget_files+0x2a/0x420
[  306.872274][T12632]  ksys_read+0x145/0x250
[  306.872296][T12632]  ? __pfx_ksys_read+0x10/0x10
[  306.872312][T12632]  ? rcu_is_watching+0x15/0xb0
[  306.872336][T12632]  ? do_syscall_64+0xbe/0x3b0
[  306.872358][T12632]  do_syscall_64+0xfa/0x3b0
[  306.872373][T12632]  ? lockdep_hardirqs_on+0x9c/0x150
[  306.872396][T12632]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.872413][T12632]  ? clear_bhb_loop+0x60/0xb0
[  306.872432][T12632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.872448][T12632] RIP: 0033:0x7efcd798d33c
[  306.872465][T12632] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  306.872479][T12632] RSP: 002b:00007efcd87b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  306.872497][T12632] RAX: ffffffffffffffda RBX: 00007efcd7bb5fa0 RCX: 00007efcd798d33c
[  306.872509][T12632] RDX: 000000000000000f RSI: 00007efcd87b70a0 RDI: 0000000000000004
[  306.872519][T12632] RBP: 00007efcd87b7090 R08: 0000000000000000 R09: 0000000000000000
[  306.872529][T12632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  306.872539][T12632] R13: 0000000000000000 R14: 00007efcd7bb5fa0 R15: 00007fff491fcc58
[  306.872568][T12632]  </TASK>
[  306.948944][T12641] FAULT_INJECTION: forcing a failure.
[  306.948944][T12641] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  307.130622][T12641] CPU: 0 UID: 0 PID: 12641 Comm: syz.0.2022 Not tainted 6.16.0-rc4-syzkaller-00121-g80852774ba0a #0 PREEMPT(full) 
[  307.130646][T12641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  307.130658][T12641] Call Trace:
[  307.130665][T12641]  <TASK>
[  307.130673][T12641]  dump_stack_lvl+0x189/0x250
[  307.130698][T12641]  ? __pfx____ratelimit+0x10/0x10
[  307.130723][T12641]  ? __pfx_dump_stack_lvl+0x10/0x10
[  307.130743][T12641]  ? __pfx__printk+0x10/0x10
[  307.130765][T12641]  ? __might_fault+0xb0/0x130
[  307.130790][T12641]  should_fail_ex+0x414/0x560
[  307.130819][T12641]  _copy_from_user+0x2d/0xb0
[  307.130840][T12641]  ___sys_sendmsg+0x158/0x2a0
[  307.130863][T12641]  ? __pfx____sys_sendmsg+0x10/0x10
[  307.130918][T12641]  ? __fget_files+0x2a/0x420
[  307.130938][T12641]  ? __fget_files+0x3a0/0x420
[  307.130971][T12641]  __x64_sys_sendmsg+0x19b/0x260
[  307.130995][T12641]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  307.131025][T12641]  ? __pfx_ksys_write+0x10/0x10
[  307.131042][T12641]  ? rcu_is_watching+0x15/0xb0
[  307.131065][T12641]  ? do_syscall_64+0xbe/0x3b0
[  307.131084][T12641]  do_syscall_64+0xfa/0x3b0
[  307.131098][T12641]  ? lockdep_hardirqs_on+0x9c/0x150
[  307.131121][T12641]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.131136][T12641]  ? clear_bhb_loop+0x60/0xb0
[  307.131156][T12641]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.131172][T12641] RIP: 0033:0x7efcd798e929
[  307.131188][T12641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.131203][T12641] RSP: 002b:00007efcd87b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  307.131221][T12641] RAX: ffffffffffffffda RBX: 00007efcd7bb5fa0 RCX: 00007efcd798e929
[  307.131232][T12641] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  307.131243][T12641] RBP: 00007efcd87b7090 R08: 0000000000000000 R09: 0000000000000000
[  307.131253][T12641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.131263][T12641] R13: 0000000000000000 R14: 00007efcd7bb5fa0 R15: 00007fff491fcc58
[  307.131288][T12641]  </TASK>
[  307.374659][T12548] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  307.405386][T12548] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  307.478873][T12647] netlink: 'syz.0.2024': attribute type 13 has an invalid length.
[  307.516550][T12647] macvtap0: entered allmulticast mode
[  307.523846][T12647] macvtap0: refused to change device tx_queue_len
[  307.558465][T12658] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2026'.
[  307.571367][T12658] openvswitch: netlink: Flow actions attr not present in new flow.
[  307.596407][T12577] chnl_net:caif_netlink_parms(): no params data found
[  307.805248][T12671] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2028'.
[  307.908810][T12577] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.925127][T12577] bridge0: port 1(bridge_slave_0) entered disabled state
[  307.937083][T12577] bridge_slave_0: entered allmulticast mode
[  307.945193][T12577] bridge_slave_0: entered promiscuous mode
[  307.968823][T12577] bridge0: port 2(bridge_slave_1) entered blocking state
[  307.976721][T12577] bridge0: port 2(bridge_slave_1) entered disabled state
[  307.984537][T12577] bridge_slave_1: entered allmulticast mode
[  307.992343][T12577] bridge_slave_1: entered promiscuous mode
[  308.092213][T12577] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  308.118988][T12577] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  308.191394][T12693] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2037'.
[  308.205748][T12577] team0: Port device team_slave_0 added
[  308.228684][T12577] team0: Port device team_slave_1 added
[  308.253592][T12548] 8021q: adding VLAN 0 to HW filter on device bond0
[  308.283729][ T5853] Bluetooth: hci4: command tx timeout
[  308.353674][T12699] netlink: 'syz.3.2039': attribute type 11 has an invalid length.
[  308.361734][T12699] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2039'.
[  308.377707][T12699] netlink: 'syz.3.2039': attribute type 83 has an invalid length.
[  308.385055][T12548] 8021q: adding VLAN 0 to HW filter on device team0
[  308.399845][T12702] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5
[  308.429180][T12577] batman_adv: batadv0: Adding interface: batadv_slave_0
[  308.444140][ T5853] Bluetooth: hci2: command tx timeout
[  308.462993][T12577] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  308.508999][T12706] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2042'.
[  308.518826][T12577] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  308.530199][T12706] openvswitch: netlink: Flow actions attr not present in new flow.
[  308.554314][T12577] batman_adv: batadv0: Adding interface: batadv_slave_1
[  308.561305][T12577] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  308.588322][T12577] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  308.688902][ T4576] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.696046][ T4576] bridge0: port 1(bridge_slave_0) entered forwarding state
[  308.707292][ T4576] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.714410][ T4576] bridge0: port 2(bridge_slave_1) entered forwarding state
[  308.757409][T12577] hsr_slave_0: entered promiscuous mode
[  308.774183][T12577] hsr_slave_1: entered promiscuous mode
[  308.782822][T12577] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  308.798003][T12577] Cannot create hsr debugfs directory
[  308.828404][T12717] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2046'.
[  308.840253][T12717] netlink: 'syz.1.2046': attribute type 8 has an invalid length.
[  309.195837][T12732] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2049'.
[  309.341333][T12548] 8021q: adding VLAN 0 to HW filter on device batadv0
[  309.410715][T12577] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  309.420428][T12577] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  309.431158][T12577] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  309.446275][T12577] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  309.489664][T12548] veth0_vlan: entered promiscuous mode
[  309.510169][T12548] veth1_vlan: entered promiscuous mode
[  309.571754][T12548] veth0_macvtap: entered promiscuous mode
[  309.585990][T12577] 8021q: adding VLAN 0 to HW filter on device bond0
[  309.598941][T12548] veth1_macvtap: entered promiscuous mode
[  309.626548][T12577] 8021q: adding VLAN 0 to HW filter on device team0
[  309.642233][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.649453][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  309.666743][T12548] batman_adv: batadv0: Interface activated: batadv_slave_0
[  309.681096][ T4576] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.688299][ T4576] bridge0: port 2(bridge_slave_1) entered forwarding state
[  309.704828][T12548] batman_adv: batadv0: Interface activated: batadv_slave_1
[  309.722122][T12548] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  309.731336][T12548] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  309.740621][T12548] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  309.754202][T12548] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  309.959533][ T1006] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  309.977794][ T1006] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  310.037212][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  310.049509][T12751] FAULT_INJECTION: forcing a failure.
[  310.049509][T12751] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  310.076262][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  310.091944][T12751] CPU: 1 UID: 0 PID: 12751 Comm: syz.1.2053 Not tainted 6.16.0-rc4-syzkaller-00121-g80852774ba0a #0 PREEMPT(full) 
[  310.091970][T12751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  310.091981][T12751] Call Trace:
[  310.091989][T12751]  <TASK>
[  310.091998][T12751]  dump_stack_lvl+0x189/0x250
[  310.092022][T12751]  ? __pfx____ratelimit+0x10/0x10
[  310.092049][T12751]  ? __pfx_dump_stack_lvl+0x10/0x10
[  310.092067][T12751]  ? __pfx__printk+0x10/0x10
[  310.092090][T12751]  ? __might_fault+0xb0/0x130
[  310.092122][T12751]  should_fail_ex+0x414/0x560
[  310.092152][T12751]  _copy_from_iter+0x1db/0x16f0
[  310.092175][T12751]  ? rcu_is_watching+0x15/0xb0
[  310.092197][T12751]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  310.092220][T12751]  ? __pfx__copy_from_iter+0x10/0x10
[  310.092241][T12751]  ? __build_skb_around+0x257/0x3e0
[  310.092265][T12751]  ? netlink_sendmsg+0x642/0xb30
[  310.092292][T12751]  ? skb_put+0x11b/0x210
[  310.092316][T12751]  netlink_sendmsg+0x6b2/0xb30
[  310.092346][T12751]  ? __pfx_netlink_sendmsg+0x10/0x10
[  310.092371][T12751]  ? aa_sock_msg_perm+0x94/0x160
[  310.092397][T12751]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  310.092414][T12751]  ? __pfx_netlink_sendmsg+0x10/0x10
[  310.092436][T12751]  __sock_sendmsg+0x219/0x270
[  310.092457][T12751]  ____sys_sendmsg+0x505/0x830
[  310.092485][T12751]  ? __pfx_____sys_sendmsg+0x10/0x10
[  310.092517][T12751]  ? import_iovec+0x74/0xa0
[  310.092540][T12751]  ___sys_sendmsg+0x21f/0x2a0
[  310.092565][T12751]  ? __pfx____sys_sendmsg+0x10/0x10
[  310.092622][T12751]  ? __fget_files+0x2a/0x420
[  310.092641][T12751]  ? __fget_files+0x3a0/0x420
[  310.092671][T12751]  __x64_sys_sendmsg+0x19b/0x260
[  310.092692][T12751]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  310.092719][T12751]  ? __pfx_ksys_write+0x10/0x10
[  310.092733][T12751]  ? rcu_is_watching+0x15/0xb0
[  310.092757][T12751]  ? do_syscall_64+0xbe/0x3b0
[  310.092778][T12751]  do_syscall_64+0xfa/0x3b0
[  310.092792][T12751]  ? lockdep_hardirqs_on+0x9c/0x150
[  310.092815][T12751]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.092832][T12751]  ? clear_bhb_loop+0x60/0xb0
[  310.092856][T12751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.092870][T12751] RIP: 0033:0x7f09e8d8e929
[  310.092885][T12751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.092898][T12751] RSP: 002b:00007f09e9c47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  310.092915][T12751] RAX: ffffffffffffffda RBX: 00007f09e8fb5fa0 RCX: 00007f09e8d8e929
[  310.092926][T12751] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000003
[  310.092936][T12751] RBP: 00007f09e9c47090 R08: 0000000000000000 R09: 0000000000000000
[  310.092945][T12751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  310.092954][T12751] R13: 0000000000000000 R14: 00007f09e8fb5fa0 R15: 00007ffceaba08a8
[  310.092977][T12751]  </TASK>
[  310.383746][ T5853] Bluetooth: hci4: command tx timeout
[  310.573440][T12577] 8021q: adding VLAN 0 to HW filter on device batadv0
[  310.587236][T12758] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2055'.
[  310.596373][T12758] openvswitch: netlink: Flow actions attr not present in new flow.
[  310.998817][   T74] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.187829][T12783] veth17: entered promiscuous mode
[  311.195265][T12783] bridge7: port 1(veth17) entered blocking state
[  311.201867][T12783] bridge7: port 1(veth17) entered disabled state
[  311.208550][T12783] veth17: entered allmulticast mode
[  311.279841][T12577] veth0_vlan: entered promiscuous mode
[  311.292509][T12577] veth1_vlan: entered promiscuous mode
[  311.318173][T12577] veth0_macvtap: entered promiscuous mode
[  311.328799][T12577] veth1_macvtap: entered promiscuous mode
[  311.347788][T12577] batman_adv: batadv0: Interface activated: batadv_slave_0
[  311.360916][T12577] batman_adv: batadv0: Interface activated: batadv_slave_1
[  311.375762][T12577] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  311.385630][T12577] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  311.394917][T12577] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  311.406249][T12577] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  311.470888][ T1006] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  311.488789][ T1006] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  311.512612][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  311.520778][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  311.576940][   T74] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.887633][   T74] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.205518][   T74] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.304637][   T74] bridge_slave_1: left allmulticast mode
[  312.310361][   T74] bridge_slave_1: left promiscuous mode
[  312.317043][   T74] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.326076][   T74] bridge_slave_0: left allmulticast mode
[  312.331710][   T74] bridge_slave_0: left promiscuous mode
[  312.337735][   T74] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.631205][   T74] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  312.642455][   T74] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  312.653485][   T74] bond0 (unregistering): Released all slaves
[  313.080414][ T5856] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  313.091274][ T5856] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  313.099798][ T5856] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  313.108067][ T5856] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  313.116612][ T5856] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  313.440464][   T74] hsr_slave_0: left promiscuous mode
[  313.452916][   T74] hsr_slave_1: left promiscuous mode
[  313.467816][   T74] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  313.475474][   T74] batman_adv: batadv0: Removing interface: batadv_slave_0
[  313.483991][   T74] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  313.492066][   T74] batman_adv: batadv0: Removing interface: batadv_slave_1
[  313.510381][   T74] veth1_macvtap: left promiscuous mode
[  313.515986][   T74] veth0_macvtap: left promiscuous mode
[  313.521547][   T74] veth1_vlan: left promiscuous mode
[  313.527799][   T74] veth0_vlan: left promiscuous mode
[  313.863735][   T74] team0 (unregistering): Port device team_slave_1 removed
[  313.883158][    C0] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!
[  313.909277][   T74] team0 (unregistering): Port device team_slave_0 removed
[  314.324074][T12794] chnl_net:caif_netlink_parms(): no params data found
[  314.420477][T12794] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.427720][T12794] bridge0: port 1(bridge_slave_0) entered disabled state
[  314.435452][T12794] bridge_slave_0: entered allmulticast mode
[  314.442573][T12794] bridge_slave_0: entered promiscuous mode
[  314.450613][T12794] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.457910][T12794] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.467704][T12794] bridge_slave_1: entered allmulticast mode
[  314.476541][T12794] bridge_slave_1: entered promiscuous mode
[  314.505660][T12794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  314.518294][T12794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  314.556257][T12794] team0: Port device team_slave_0 added
[  314.566671][T12794] team0: Port device team_slave_1 added
[  314.600576][T12794] batman_adv: batadv0: Adding interface: batadv_slave_0
[  314.607809][T12794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.635218][T12794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  314.647867][T12794] batman_adv: batadv0: Adding interface: batadv_slave_1
[  314.656248][T12794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.726787][T12806] SET target dimension over the limit!
[  314.732684][T12794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  314.895487][ T2912] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  314.968479][T12818] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2070'.
[  315.002253][T12818] openvswitch: netlink: Flow actions attr not present in new flow.
[  315.032220][ T2912] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.090822][T12794] hsr_slave_0: entered promiscuous mode
[  315.121491][T12794] hsr_slave_1: entered promiscuous mode
[  315.163847][ T5856] Bluetooth: hci2: command tx timeout
[  315.173818][   T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  315.187711][ T5856] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  315.199617][ T5856] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  315.219022][ T5856] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  315.227364][ T5856] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  315.237891][ T2912] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.412289][ T2912] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.946032][ T2912] bridge_slave_1: left allmulticast mode
[  315.951715][ T2912] bridge_slave_1: left promiscuous mode
[  315.973174][ T2912] bridge0: port 2(bridge_slave_1) entered disabled state
[  316.000997][T12845] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2079'.
[  316.013468][ T2912] bridge_slave_0: left allmulticast mode
[  316.019188][ T2912] bridge_slave_0: left promiscuous mode
[  316.034289][ T2912] bridge0: port 1(bridge_slave_0) entered disabled state
[  316.366995][ T2912] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  316.377775][ T2912] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  316.389502][ T2912] bond0 (unregistering): Released all slaves
[  316.427920][T12850] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2080'.
[  316.580850][T12858] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2083'.
[  316.590501][T12858] openvswitch: netlink: Flow actions attr not present in new flow.
[  316.874451][T12879] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  316.921101][T12881] netlink: 'syz.3.2089': attribute type 21 has an invalid length.
[  316.949434][T12881] netlink: 'syz.3.2089': attribute type 22 has an invalid length.
[  316.987962][T12881] netlink: 'syz.3.2089': attribute type 23 has an invalid length.
[  317.003287][T12881] netlink: 'syz.3.2089': attribute type 25 has an invalid length.
[  317.011153][T12881] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2089'.
[  317.089736][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  317.112056][T12794] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  317.144579][T12794] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  317.193867][T12794] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  317.243226][ T5853] Bluetooth: hci2: command tx timeout
[  317.291627][T12794] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  317.323204][ T5853] Bluetooth: hci4: command tx timeout
[  317.407550][T12826] chnl_net:caif_netlink_parms(): no params data found
[  317.435580][ T2912] hsr_slave_0: left promiscuous mode
[  317.458359][ T2912] hsr_slave_1: left promiscuous mode
[  317.466433][ T2912] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  317.477455][ T2912] batman_adv: batadv0: Removing interface: batadv_slave_0
[  317.503980][ T2912] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  317.511426][ T2912] batman_adv: batadv0: Removing interface: batadv_slave_1
[  317.554032][ T2912] veth1_macvtap: left promiscuous mode
[  317.559552][ T2912] veth0_macvtap: left promiscuous mode
[  317.565815][ T2912] veth1_vlan: left promiscuous mode
[  317.571092][ T2912] veth0_vlan: left promiscuous mode
[  317.936809][ T2912] team0 (unregistering): Port device team_slave_1 removed
[  317.972702][ T2912] team0 (unregistering): Port device team_slave_0 removed
[  318.311496][T12903] netlink: 284 bytes leftover after parsing attributes in process `syz.1.2096'.
[  318.549631][T12826] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.559442][T12826] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.567836][T12826] bridge_slave_0: entered allmulticast mode
[  318.578695][T12826] bridge_slave_0: entered promiscuous mode
[  318.589531][T12826] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.597370][T12826] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.608413][T12826] bridge_slave_1: entered allmulticast mode
[  318.619888][T12826] bridge_slave_1: entered promiscuous mode
[  318.767007][T12826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  318.796824][T12826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  318.870783][T12935] openvswitch: netlink: ERSPAN option length err (len 256, max 255).
[  318.936865][T12826] team0: Port device team_slave_0 added
[  318.964786][T12826] team0: Port device team_slave_1 added
[  319.045348][T12826] batman_adv: batadv0: Adding interface: batadv_slave_0
[  319.055741][T12826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  319.088092][T12826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  319.108031][T12826] batman_adv: batadv0: Adding interface: batadv_slave_1
[  319.115710][T12826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  319.145964][T12826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  319.195541][T12953] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2112'.
[  319.255025][T12826] hsr_slave_0: entered promiscuous mode
[  319.267062][T12952] delete_channel: no stack
[  319.272779][T12826] hsr_slave_1: entered promiscuous mode
[  319.282646][T12826] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  319.290494][T12826] Cannot create hsr debugfs directory
[  319.323165][ T5853] Bluetooth: hci2: command tx timeout
[  319.403288][ T5853] Bluetooth: hci4: command tx timeout
[  319.489831][T12794] 8021q: adding VLAN 0 to HW filter on device bond0
[  319.645602][T12975] mac80211_hwsim hwsim4 syzkaller0: entered promiscuous mode
[  319.657822][T12975] mac80211_hwsim hwsim4 syzkaller0: entered allmulticast mode
[  319.670074][T12977] FAULT_INJECTION: forcing a failure.
[  319.670074][T12977] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  319.689976][T12977] CPU: 1 UID: 0 PID: 12977 Comm: syz.0.2121 Not tainted 6.16.0-rc4-syzkaller-00121-g80852774ba0a #0 PREEMPT(full) 
[  319.690001][T12977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  319.690012][T12977] Call Trace:
[  319.690020][T12977]  <TASK>
[  319.690028][T12977]  dump_stack_lvl+0x189/0x250
[  319.690054][T12977]  ? __pfx____ratelimit+0x10/0x10
[  319.690079][T12977]  ? __pfx_dump_stack_lvl+0x10/0x10
[  319.690099][T12977]  ? __pfx__printk+0x10/0x10
[  319.690120][T12977]  ? __might_fault+0xb0/0x130
[  319.690148][T12977]  should_fail_ex+0x414/0x560
[  319.690171][T12977]  _copy_from_iter+0x1db/0x16f0
[  319.690190][T12977]  ? rcu_is_watching+0x15/0xb0
[  319.690207][T12977]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  319.690225][T12977]  ? __pfx__copy_from_iter+0x10/0x10
[  319.690242][T12977]  ? __build_skb_around+0x257/0x3e0
[  319.690261][T12977]  ? netlink_sendmsg+0x642/0xb30
[  319.690278][T12977]  ? skb_put+0x11b/0x210
[  319.690298][T12977]  netlink_sendmsg+0x6b2/0xb30
[  319.690325][T12977]  ? __pfx_netlink_sendmsg+0x10/0x10
[  319.690346][T12977]  ? aa_sock_msg_perm+0x94/0x160
[  319.690370][T12977]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  319.690384][T12977]  ? __pfx_netlink_sendmsg+0x10/0x10
[  319.690400][T12977]  __sock_sendmsg+0x219/0x270
[  319.690417][T12977]  ____sys_sendmsg+0x505/0x830
[  319.690440][T12977]  ? __pfx_____sys_sendmsg+0x10/0x10
[  319.690467][T12977]  ? import_iovec+0x74/0xa0
[  319.690489][T12977]  ___sys_sendmsg+0x21f/0x2a0
[  319.690520][T12977]  ? __pfx____sys_sendmsg+0x10/0x10
[  319.690573][T12977]  ? __fget_files+0x2a/0x420
[  319.690592][T12977]  ? __fget_files+0x3a0/0x420
[  319.690622][T12977]  __x64_sys_sendmsg+0x19b/0x260
[  319.690642][T12977]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  319.690667][T12977]  ? __pfx_ksys_write+0x10/0x10
[  319.690683][T12977]  ? rcu_is_watching+0x15/0xb0
[  319.690703][T12977]  ? do_syscall_64+0xbe/0x3b0
[  319.690723][T12977]  do_syscall_64+0xfa/0x3b0
[  319.690737][T12977]  ? lockdep_hardirqs_on+0x9c/0x150
[  319.690759][T12977]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.690774][T12977]  ? clear_bhb_loop+0x60/0xb0
[  319.690792][T12977]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.690807][T12977] RIP: 0033:0x7efcd798e929
[  319.690822][T12977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.690833][T12977] RSP: 002b:00007efcd87b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  319.690850][T12977] RAX: ffffffffffffffda RBX: 00007efcd7bb5fa0 RCX: 00007efcd798e929
[  319.690862][T12977] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000005
[  319.690871][T12977] RBP: 00007efcd87b7090 R08: 0000000000000000 R09: 0000000000000000
[  319.690879][T12977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  319.690888][T12977] R13: 0000000000000000 R14: 00007efcd7bb5fa0 R15: 00007fff491fcc58
[  319.690916][T12977]  </TASK>
[  320.017652][T12794] 8021q: adding VLAN 0 to HW filter on device team0
[  320.042393][ T2912] bridge0: port 1(bridge_slave_0) entered blocking state
[  320.049586][ T2912] bridge0: port 1(bridge_slave_0) entered forwarding state
[  320.121148][ T2912] bridge0: port 2(bridge_slave_1) entered blocking state
[  320.128418][ T2912] bridge0: port 2(bridge_slave_1) entered forwarding state
[  320.497158][T13004] syz1: rxe_newlink: already configured on syz_tun
[  320.617899][T13008] 
: renamed from bridge_slave_0
[  320.670982][T12826] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  320.700263][T12826] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  320.712406][T12826] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  320.739569][T12826] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  320.837264][T12794] 8021q: adding VLAN 0 to HW filter on device batadv0
[  320.959165][T12826] 8021q: adding VLAN 0 to HW filter on device bond0
[  320.981207][T12794] veth0_vlan: entered promiscuous mode
[  321.006076][T12794] veth1_vlan: entered promiscuous mode
[  321.039924][T12826] 8021q: adding VLAN 0 to HW filter on device team0
[  321.074306][ T2912] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.081428][ T2912] bridge0: port 1(bridge_slave_0) entered forwarding state
[  321.106373][ T2912] bridge0: port 2(bridge_slave_1) entered blocking state
[  321.113591][ T2912] bridge0: port 2(bridge_slave_1) entered forwarding state
[  321.128172][T13033] syzkaller0: entered promiscuous mode
[  321.134359][T13033] syzkaller0: entered allmulticast mode
[  321.190832][T13038] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  321.204843][T12794] veth0_macvtap: entered promiscuous mode
[  321.234196][T12794] veth1_macvtap: entered promiscuous mode
[  321.275393][T12794] batman_adv: batadv0: Interface activated: batadv_slave_0
[  321.299915][T12794] batman_adv: batadv0: Interface activated: batadv_slave_1
[  321.325167][T12794] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  321.337611][T12794] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  321.349496][T12794] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  321.360941][T12794] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  321.410799][ T5853] Bluetooth: hci2: command tx timeout
[  321.488018][ T5853] Bluetooth: hci4: command tx timeout
[  321.505846][T13050] netlink: 'syz.1.2141': attribute type 20 has an invalid length.
[  321.552648][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  321.576945][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  321.641827][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  321.668392][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  321.777295][T12826] 8021q: adding VLAN 0 to HW filter on device batadv0
[  322.012006][T13073] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2146'.
[  322.029382][T13073] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2146'.
[  322.040679][T13075] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2147'.
[  322.059505][T13075] openvswitch: netlink: Flow actions attr not present in new flow.
[  322.356398][ T2912] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.413954][T12826] veth0_vlan: entered promiscuous mode
[  322.459579][T12826] veth1_vlan: entered promiscuous mode
[  322.500426][T12826] veth0_macvtap: entered promiscuous mode
[  322.513809][T12826] veth1_macvtap: entered promiscuous mode
[  322.541665][T12826] batman_adv: batadv0: Interface activated: batadv_slave_0
[  322.566281][T12826] batman_adv: batadv0: Interface activated: batadv_slave_1
[  322.579329][T12826] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  322.588352][T12826] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  322.597711][T12826] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  322.606697][T12826] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  322.634982][ T2912] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.711217][ T1006] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  322.728616][ T1006] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  322.751775][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  322.760916][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  322.829822][T12998] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000b: 0000 [#1] SMP KASAN PTI
[  322.841738][T12998] KASAN: null-ptr-deref in range [0x0000000000000058-0x000000000000005f]
[  322.850141][T12998] CPU: 0 UID: 0 PID: 12998 Comm: kbnepd bnep0 Not tainted 6.16.0-rc4-syzkaller-00121-g80852774ba0a #0 PREEMPT(full) 
[  322.862362][T12998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  322.872402][T12998] RIP: 0010:klist_del+0x49/0x110
[  322.877327][T12998] Code: f6 49 89 dd 49 c1 ed 03 43 80 7c 25 00 00 74 08 48 89 df e8 f9 8a be f6 4c 8b 33 49 83 e6 fe 49 8d 7e 58 48 89 f8 48 c1 e8 03 <42> 80 3c 20 00 74 05 e8 db 8a be f6 4d 8b 7e 58 4c 89 f7 e8 2f 5b
[  322.897098][T12998] RSP: 0018:ffffc90003ba7708 EFLAGS: 00010202
[  322.903254][T12998] RAX: 000000000000000b RBX: ffff88805b731860 RCX: ffff888030d2da00
[  322.911228][T12998] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000058
[  322.919199][T12998] RBP: ffffc90003ba7830 R08: ffff88804ffc2b43 R09: 1ffff11009ff8568
[  322.927157][T12998] R10: dffffc0000000000 R11: ffffed1009ff8569 R12: dffffc0000000000
[  322.935118][T12998] R13: 1ffff1100b6e630c R14: 0000000000000000 R15: ffff888060e34768
[  322.943086][T12998] FS:  0000000000000000(0000) GS:ffff888125c1d000(0000) knlGS:0000000000000000
[  322.952010][T12998] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  322.958576][T12998] CR2: 00007fffa411f060 CR3: 000000000df38000 CR4: 00000000003526f0
[  322.966550][T12998] Call Trace:
[  322.969814][T12998]  <TASK>
[  322.972733][T12998]  device_del+0x280/0x8e0
[  322.977049][T12998]  ? _raw_spin_unlock_irq+0x2e/0x50
[  322.982229][T12998]  ? pm_runtime_set_memalloc_noio+0x1f4/0x260
[  322.988283][T12998]  ? __pfx_device_del+0x10/0x10
[  322.993130][T12998]  ? netdev_unregister_kobject+0x344/0x450
[  322.998919][T12998]  unregister_netdevice_many_notify+0x1d52/0x2320
[  323.005328][T12998]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  323.012070][T12998]  ? rcu_is_watching+0x15/0xb0
[  323.016820][T12998]  ? trace_contention_end+0x39/0x120
[  323.022104][T12998]  ? __mutex_lock+0x330/0xe80
[  323.026765][T12998]  ? __lock_acquire+0xab9/0xd20
[  323.031592][T12998]  ? __lock_acquire+0xab9/0xd20
[  323.036431][T12998]  unregister_netdevice_queue+0x33c/0x380
[  323.042135][T12998]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  323.048360][T12998]  ? rtnl_net_dev_lock+0x36/0x2f0
[  323.053364][T12998]  ? rtnl_net_dev_lock+0x2de/0x2f0
[  323.058454][T12998]  unregister_netdev+0x1f/0x60
[  323.063203][T12998]  bnep_session+0x294d/0x2b40
[  323.067870][T12998]  ? trace_sched_exit_tp+0x38/0x120
[  323.073069][T12998]  ? __lock_acquire+0xab9/0xd20
[  323.077905][T12998]  ? __pfx_bnep_session+0x10/0x10
[  323.082940][T12998]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  323.088837][T12998]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  323.095156][T12998]  ? __pfx_woken_wake_function+0x10/0x10
[  323.100767][T12998]  ? __kthread_parkme+0x7b/0x200
[  323.105686][T12998]  ? __kthread_parkme+0x1a1/0x200
[  323.110694][T12998]  kthread+0x70e/0x8a0
[  323.114744][T12998]  ? __pfx_bnep_session+0x10/0x10
[  323.119748][T12998]  ? __pfx_kthread+0x10/0x10
[  323.124319][T12998]  ? _raw_spin_unlock_irq+0x23/0x50
[  323.129500][T12998]  ? lockdep_hardirqs_on+0x9c/0x150
[  323.134682][T12998]  ? __pfx_kthread+0x10/0x10
[  323.139259][T12998]  ret_from_fork+0x3fc/0x770
[  323.143827][T12998]  ? __pfx_ret_from_fork+0x10/0x10
[  323.148927][T12998]  ? __switch_to_asm+0x39/0x70
[  323.153675][T12998]  ? __switch_to_asm+0x33/0x70
[  323.158421][T12998]  ? __pfx_kthread+0x10/0x10
[  323.163082][T12998]  ret_from_fork_asm+0x1a/0x30
[  323.167845][T12998]  </TASK>
[  323.170880][T12998] Modules linked in:
[  323.175842][T12998] ---[ end trace 0000000000000000 ]---
[  323.183807][T12998] RIP: 0010:klist_del+0x49/0x110
[  323.188789][T12998] Code: f6 49 89 dd 49 c1 ed 03 43 80 7c 25 00 00 74 08 48 89 df e8 f9 8a be f6 4c 8b 33 49 83 e6 fe 49 8d 7e 58 48 89 f8 48 c1 e8 03 <42> 80 3c 20 00 74 05 e8 db 8a be f6 4d 8b 7e 58 4c 89 f7 e8 2f 5b
[  323.208567][T12998] RSP: 0018:ffffc90003ba7708 EFLAGS: 00010202
[  323.214690][T12998] RAX: 000000000000000b RBX: ffff88805b731860 RCX: ffff888030d2da00
[  323.222688][T12998] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000058
[  323.231204][T12998] RBP: ffffc90003ba7830 R08: ffff88804ffc2b43 R09: 1ffff11009ff8568
[  323.239415][T12998] R10: dffffc0000000000 R11: ffffed1009ff8569 R12: dffffc0000000000
[  323.247558][T12998] R13: 1ffff1100b6e630c R14: 0000000000000000 R15: ffff888060e34768
[  323.255807][T12998] FS:  0000000000000000(0000) GS:ffff888125c1d000(0000) knlGS:0000000000000000
[  323.264960][T12998] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  323.271804][T12998] CR2: 00007fffa411f060 CR3: 0000000033668000 CR4: 00000000003526f0
[  323.279860][T12998] Kernel panic - not syncing: Fatal exception
[  323.286074][T12998] Kernel Offset: disabled
[  323.290384][T12998] Rebooting in 86400 seconds..