last executing test programs:

56.267138317s ago: executing program 1 (id=1210):
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000005c0)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="02"], 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="180000000000000000000000000000009500160000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r4}, 0x10)
r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r5}, 0x8)
close(r6)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)=ANY=[@ANYRES32=r8, @ANYRES32=r7, @ANYBLOB="020000000300000000000000", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x10)
sendmsg$nl_route(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="44000000200001002cbd7000000000000a108000000000070200000014000200fc02000000000000000040dfffffffff130001"], 0x44}}, 0x40000)
r9 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000200), 0x8)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x12, 0x4, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r9], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000500)={r0, 0x20, &(0x7f00000004c0)={&(0x7f0000000400)=""/71, 0x47, <r11=>0x0, &(0x7f0000000480)=""/40, 0x28}}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={r10, <r12=>0xffffffffffffffff}, 0x4)
r13 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x2, 0x4, 0x1, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r14 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48)
r15 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x3, 0x7, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018100000", @ANYRES32=r13, @ANYBLOB="000000000000000018100000", @ANYRES32=r14, @ANYBLOB="000000000000000095"], &(0x7f0000000a00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r16 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x9, 0x42, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000040)={r15, r16}, 0xc)
r17 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000001980), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000001a40)={&(0x7f0000001940)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001a00)={&(0x7f00000019c0)={0x34, r17, 0x200, 0x70bd27, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x18}]}, 0x34}, 0x1, 0x0, 0x0, 0x40800}, 0x4000)
getsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f0000000300)=0x2, &(0x7f0000000340)=0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x12, 0x15, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000010000000000000000000000181100007a3955ec98299be1c3063cc2a6f040b068f2755c74ffc3da61d2b194573bec4fd0e360e1fdedde5cf4d599be6e7d864457b7072653f69c358d860e9fcb6a9944e5eecebde53246497bae0dea", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000852000000400000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000bf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0x10000, 0x1000, &(0x7f0000000940)=""/4096, 0x40f00, 0x3c, '\x00', 0x0, @fallback=0x26, r0, 0x8, &(0x7f0000000180)={0x9, 0x1}, 0x8, 0x10, &(0x7f00000003c0)={0x1, 0x8, 0x1, 0x9}, 0x10, r11, r0, 0x2, &(0x7f0000000580)=[r0, 0x1, r12, r0, r0], &(0x7f00000005c0)=[{0x5, 0x3, 0xb, 0xa}, {0x1, 0x5, 0x0, 0x5}], 0x10, 0x3, @void, @value}, 0x94)
socket$inet6_sctp(0xa, 0x1, 0x84)
accept4$x25(r0, 0x0, &(0x7f0000001a80), 0x800)

56.037395197s ago: executing program 1 (id=1213):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_ext={0x1c, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1622, 0x0, 0x0, 0x0, 0x2b}}, &(0x7f00000003c0)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x102bf, r2, 0x0, 0x0, 0x0, 0x10, 0x4d, @void, @value}, 0x94)
socket$kcm(0x29, 0x5, 0x0)

55.864673579s ago: executing program 1 (id=1215):
r0 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x84, &(0x7f0000000000), 0x90)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000000240)={'syztnl2\x00', 0x0, 0x2f00, 0x0, 0x4, 0x0, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x0, 0x8, 0x4, 0x2f, 0x0, @empty, @multicast1, {[@timestamp_addr={0x44, 0x4, 0xd1, 0x1, 0x2}]}}}}})
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_ADDRFORM(r2, 0x3a, 0x1, 0x0, 0x15)

43.910585354s ago: executing program 1 (id=1215):
r0 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x84, &(0x7f0000000000), 0x90)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000000240)={'syztnl2\x00', 0x0, 0x2f00, 0x0, 0x4, 0x0, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x0, 0x8, 0x4, 0x2f, 0x0, @empty, @multicast1, {[@timestamp_addr={0x44, 0x4, 0xd1, 0x1, 0x2}]}}}}})
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_ADDRFORM(r2, 0x3a, 0x1, 0x0, 0x15)

30.218442238s ago: executing program 1 (id=1215):
r0 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x84, &(0x7f0000000000), 0x90)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000000240)={'syztnl2\x00', 0x0, 0x2f00, 0x0, 0x4, 0x0, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x0, 0x8, 0x4, 0x2f, 0x0, @empty, @multicast1, {[@timestamp_addr={0x44, 0x4, 0xd1, 0x1, 0x2}]}}}}})
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_ADDRFORM(r2, 0x3a, 0x1, 0x0, 0x15)

18.029231938s ago: executing program 0 (id=1547):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@typedef={0x4, 0x0, 0x0, 0x12}]}, {0x0, [0x0, 0x0, 0x0, 0x5f]}}, 0x0, 0x2a, 0x0, 0x1, 0x0, 0x0, @void, @value=0x2000000}, 0x28)

17.852493917s ago: executing program 0 (id=1549):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="10000000040000000400000002"], 0x48)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x9521, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r0, &(0x7f00000000c0), &(0x7f0000000000)=""/10, 0x2}, 0x20)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmsg$TCPDIAG_GETSOCK(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c00000012003b77"], 0x4c}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r2)
sendmsg$nl_generic(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000b40)={0x20, 0x52, 0x1, 0x0, 0x0, {0x2}, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x6}]}, 0x20}}, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r3, 0x107, 0x16, &(0x7f0000001c00)={0x2, &(0x7f0000000180)=[{0x84}, {0x6}]}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b18, &(0x7f0000000000)={'wlan0\x00'})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_ABORT_SCAN(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x1c, r5, 0xd9b2794f6a139537, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000040000000030a01020000000000000000010000000900030073797a320000000014000480080002400000080008000140000000050900010073797a310000000030000000050a01020000000000000000010020000c00024000000000000000010900010073797a31000000000400048020000000000a01040000000000000000070000020900010073797a3000000000140000001100010000000000000000000000000a"], 0xd8}}, 0x200000d4)
sendmsg$IPCTNL_MSG_EXP_GET(r7, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000003c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="d40100000102010800000000000000000100000209000600736e6d70000000000f000600746674702d323030303000000800084000000000080004400bf80000c00003800c00028005000100840000002c00018014000300fc02000000000000000000000000000114000400fc00000000000000000000000000000006000340000300002c00018014000300fc02000000000000000000000000000114000400ff0200000000000000000000000000012c000174140003002001000000000000000000000000000214000400ff0100000000000000000000000000010600034000029a0b000003400000000006000340000100000c0002800500010006000000cc000a8008000140000000010800014000000001100002800cdf3a72514b9cdbacb0fd01c6928c32320002800500010084000000a000028006000340000200001400018008000100ac1e0001080002007f0000012c0001801400030000000000000000000000ffffac1e010114000400ff010000000000000000000000000001060003fafef5aed6d99504801400030000000000000001000000ffffe000000114000400fe8000000000000000000000000000aa0c00028005000100210000001400018008000100e000000108000200ffffffff"], 0x1d4}, 0x1, 0x0, 0x0, 0x20044040}, 0x0)

17.677748491s ago: executing program 0 (id=1552):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r3=>0x0]}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000200)={r3, 0x3, 0x8000}, &(0x7f0000000300)=0x8)
shutdown(r0, 0x1)
r4 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x2}}}, 0x24}}, 0x0)
getsockname$packet(r4, &(0x7f0000000700)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000500)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0xe}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000009500"/24], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r6, 0x0, 0xffffffffffffffa0, 0x0, &(0x7f0000000640)="0cffffdf71c8afefeba000dee560", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000600)=ANY=[@ANYBLOB="61125200000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000fff07006706000020000000170200000ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffbd35010000000000840400000000000014000000100000009500000000000000db13d5d8b741f2cdaabc8383c8f56b8c2b848b00ea6553f304000000815dcf00c3ee7b042d1937ba52037fdedb2150e1918c30b6301f0212feb0cff9fc56357d81b2cc1a9e37d7b75c020b070000003eb22062bafaca036d9cc7db6671573e202e0a92ee4ba12b064981cc32d1ac0b9ecc8f604dcac2563e1c1e7624cc3b88b330ad416c4c1d8c60589b6045a4ffff50df4d34bc5847bebb943a84cb56956931ba9cc39c4a9deea5d77aa843a40000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000740)=@newtfilter={0x4c, 0x2c, 0xd2f, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {}, {0x2}}, [@filter_kind_options=@f_route={{0xa}, {0x1c, 0x2, [@TCA_ROUTE4_FROM={0x8, 0x3, 0xae}, @TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_TO={0x8, 0x2, 0x8f}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000005}, 0x40)
recvfrom$llc(r4, &(0x7f0000000040)=""/77, 0x4d, 0x2000, &(0x7f0000000140)={0x1a, 0x100, 0x80, 0x3, 0x0, 0x5, @local}, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

17.597828411s ago: executing program 1 (id=1215):
r0 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x84, &(0x7f0000000000), 0x90)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000000240)={'syztnl2\x00', 0x0, 0x2f00, 0x0, 0x4, 0x0, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x0, 0x8, 0x4, 0x2f, 0x0, @empty, @multicast1, {[@timestamp_addr={0x44, 0x4, 0xd1, 0x1, 0x2}]}}}}})
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_ADDRFORM(r2, 0x3a, 0x1, 0x0, 0x15)

16.799620246s ago: executing program 0 (id=1554):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r1, &(0x7f0000000040)="0d000000010001", 0x7)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f0, 0x128, 0x111, 0x4b4, 0x128, 0xd4feffff, 0x220, 0x20a, 0x278, 0x220, 0x278, 0x3, 0x0, {[{{@ipv6={@private2, @loopback, [], [], 'bond_slave_1\x00', 'team_slave_0\x00', {}, {}, 0x6}, 0x0, 0x100, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@tcp={{0x30}}]}, @common=@inet=@TCPMSS={0x28}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@SYNPROXY={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x350)
r2 = socket$unix(0x1, 0x5, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000005c0)=ANY=[@ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="02"], 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="180000000000000000000000000000009500160000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r5}, 0x10)
r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r6}, 0x8)
close(r7)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@cgroup=r9, r8, 0x2, 0x6, 0x4000, @void, @value}, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f00000000c0)=@ethtool_regs={0x4, 0x0, 0x1c, "f42a97b96d025891dd3f75fdda624457ad3d5c36389c308570204262"}})

16.43330484s ago: executing program 0 (id=1560):
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000180)={<r0=>0xffffffffffffffff})
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x28, r1, 0x400, 0x70bd25, 0x25dfdbf4, {{}, {}, {0x38, 0x14, 'syz1\x00'}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x8880}, 0x48000)
r2 = accept$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @multicast1}, &(0x7f00000000c0)=0x10)
getsockopt$inet_sctp_SCTP_RECVRCVINFO(r2, 0x84, 0x20, &(0x7f0000000100), &(0x7f0000000140)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="180200"/24], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x45057bf4ccb05c67, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc9b, @void, @value}, 0x94)

16.01761332s ago: executing program 0 (id=1565):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000000000000200000f8e92d17a4cdbe7623788af3ee300e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008"], 0x110) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x1c, 0x1, 0x4, 0x5, 0x0, 0x0, {0x3}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x80) (async)
sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c0000000104010100000000000000000000000006000640000700"], 0x1c}}, 0x0)

11.446882298s ago: executing program 2 (id=1586):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x86e, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa2786dd603000bb08382b00fc020000000000000000000000000000fe8000000000000000000000000000aa3c05000000000000c910ff0100000000000000ff1a3f13aba64a00000000000001040110070800000001000406001407d6104212567aa3978a2c3cd1a4d868b66b717801cff409c490c9239d568b596d332b33ef4d3b9484b97b74f478fc6605ffb98a2f78c3b8e195e6a7c9d9f730b14b0afcfcf8c7cf46a521815b770cda83c34236b2901a5b02d6eec7932d2c75fd6ed644a987fe46a7262e4f49488394453cee05a8a173cc9219476fe4f21a5a1006c852e6d2549c18714b8b15dbec6bb4629b29a479e1272326ab7fcda0e8c49e3e37c398a115ff759804323de8a4176e7f18592b5afcf15e08d907f9195b48f0e503dddf228826d21265401c7774616d10c9b4377ae5d180aee75ccd0e811e8f145f3ee93d0c9803561565efddc9b5bf8b736c2a4da4f539ddc53237edb1a442c65a2fc67e726a28a9c4736209f24882d72245a2f92e1ee6e618cdf9137f92101c468beef0f5f3d8e43e4729ac127967b64e79ac00d0563d78333a74d5e266b2c2460dfe3b6ca60a206d7428f79b7ce1f5bbfc1c93fbf544afdb2f480edf3bf866b9a8502e7b4a465c8f15459c04ac9c7c8cd576835652460740a7cfe1143637c9eef4330fd6b247321ae9e3b75319a5f5bd6371682f89bb8eea2e112526475ac9741ea1c312927f80aee53eb19b548e65f07b717fd375bedb7bc0d6971cd4b2baf52fb22c0cffed68ab78333b4b67183f3ebcab6d2f76195d92d2eb10a9c311ba370e600c2859b436cac9ad9a97cd10761b85e5ab7d34c4df0626e07f6538a3d6a41a766b31e4e56eba04fa8a8f439da9358e75aced905a372834010803dbe691ed620eeb47b7b45d5ef58210a06580607c91a04352afe8f1c96eaf974860b7c3baaf08e3464db09574d11793d73e174014ee224c6e5d3f8c8581d868f6ee52f137ce539737937f71ecacd3217796a769dfba7745383fda4f7f2d6bd1f671e0c7b07b23b217db0bc17b341fcc481a35f0531e6cf7c7b7472ddae3c2dbe70464aff2b95c3937762edc1046a51e00a90b9d001e15696e4842136a2798c265aa9a0270c57b9ced2bc509592b6211a1c09ed026f99e1835d78f6a4e955c6de192248f000a47e865e9a7aed77c5e26ace3dc8842344b7f5fb5986a955e350b473ab326fbaaf3cdc812430f8597d4b7bc30cf75735c90ecbf75b31d56d37f28a18715b1fed3c0a3c07744ab766971ebb04525dcf4bcc7659cba2c04032f2f7adf9e65ceaddb5505fe57b94c784d07eb2a2fe4fcacd9802a75c8acbec9381a04726fda6c95b6960703ffe78bcbb079c67437dac882b51d79983ee6c052b487b2edf4ceaa6c3811241897a8da7e4a5d282f415d7bf30855533ffbef090233fbdc7cfd5259d99dd1d8b4a203da5d57c9fa20ac0f4d572e7c260a0c5955855af810c44550552a066572f9838dde1717c3144f3b211d58c20c82dc94fba71d8f622bff96f3ada6d840d1321ebb47bd683a512a44048dbe8ac6d6d293facdd51fd6279aca849f9bd4b3cc2e45f44905eaed9bfcc3ab33f97069cf4889e8da2b594a8eadebe3fc81724af89737a9ef69bdecbf675d3282e074ed1d3593635545397a2c23bfa531054d71fe306667c69bd03fa6956483104ce1a0350b243719b94e2ba991428e83836cd945d139b2b1f0de8f44a6502e91beeee579c3374d0cd5c43900e587592610ce303801f08fa6970ab3d745c50f396a7bd88ec1f761b834e72f7f9511fd1c2102ed87473f23de0121e2df4941c241b8ebc8101383e1404a3bf06a209ec836dd5d5e367a6bd14caabb31efffa684eaaded13b7df7bcc1c0162f07ebd968d6ae0b4f127ef5ed589f88ac5ca5ed33534cdcefd10b4c7ef37c5537e1d02ea745e206dac16e0962fc2ccea44e4a03dc535b9a2e7183919cd7e2a7327c17940beb13e221470585f709dac534696c51bf8740d56fa0e9241068d6aec4e4cbc09f51f8b7fd027a1f884c52acd518cec328d275c5207dd413ad1b35f2710ff47e76551ccd0b4c9d0fd25d1dc87e0498b7ebb40af68474e33bdd08668ad0f5fb919acbf7d7d649997190acd35774b4eb1e35a1ac9d14675e377590192474fd9b43a82d79f06350492c42691321485944e42ec53221f59a7d3bf8c2bc92b50c7dcf61a426c2eb474cfdcbbfb44bdaacbd7b5555f3de05c45c1461c4a121ff20bb7815ca164462cf977312f53ceef57be2929cf9e8ef94c9a016ea933b127cb224652db8a870dcaec19b6faeb144150d177db884637d50faff03deef8bced965332f86b415bc3af406dbe73c68fefb97816a446232337a6a24f707633b2fb8e67b31ede05f6e9ebf6b5afd168b86a8242f963e235f1be9d8b6f5f60bf1755115519abbd53fe2ee602aa165aa8dbfaf1949fe2bc191dfa16a812d5e7136dd94a8c7c84ef240ff8f130295f161b151699f25c3b8bf7b715b40e8800d7f68c9cd57ed192584738ff64a9ca39b1d42db506f50aba87f4d6d06c9ccb2d956637c87909a59a248c892d4491e086707d095970f7172e0cf82c0a87d83051a777ab1ce991bf7ebe905231db662d6d185e3651edb455c6f738d1c7bbc71c3cd4edf0d9ea643afe6eecd02746f0a07c8193da254cab549306156308949476501ddd70fbf7452604ac716f401265a3950c8a1bc28a99b3eedc96fab70002000000000000da7529806d760fa40f27d8155e950124f96ebe77c6ed3ae952acd3f4fa9fbda4e796bc3788852c6ec203a39dd47d229f222daa5b3ab293dee076f6e5471f1b7895841c03bb6bd55e94fb3b326a6f0783739466b36f10a875f9fc7b0a0684712fec8108646255fb515b1776873d56060dc601c3de28c2b15ebab49a3fdda5e49ced10fb3db44edd700b53c58a993c99f1ff72ed1811048860dbd4f5d17c784eb10cd92b18b92a10c3c9055694ea3e91b6ea1e090bcd7073ad4ba53773e2fcd68f527ffca49fab72549e5bcd524167b2166a1d79c092bc2fbc7b680f000000005a46dea7c4002c67d4be6eb10335897ef910a48cc47c7693dca281ae9ccaf98e5ad965a4d98577ac061168132f79e25e18cffd3b9431af2c1f834b7d2aeef0bd9d38e9b0a0cd9da12202ddcf24daa8c2d85c4834338e000a176dd4f68322dd0f20fc2878b8d8040bb7b60a1af0d68400730dc2786d6c0efa0a71a15edbdb2a5ca7fabe1fd122fdeb2a7b6d4ef50b16f25cacc3f1ed57dbeb768f22421d4beba5b784ab038b356aff56df6d41bb8967136eb77f5cf6775c099324"], 0x0) (async, rerun: 32)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a74000000060a09040000000000000000020000000900010073797a30000000000900020073797a320000000048000480440001800c0001007061796c6f6164003400028008000440000000000800084008000000080002400000000008000540000000000800034000000000080007"], 0x9c}}, 0x0) (async, rerun: 32)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff})
shutdown(r1, 0x0)
recvmsg$unix(r1, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)=[@cred={{0x1c, 0x1, 0x2, {<r2=>0x0}}}], 0x20}, 0x0)
syz_open_procfs$namespace(r2, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000300)={r2, 0xffffffffffffffff, 0x0, 0x88, &(0x7f0000000200)='cgroup\x00\x8d\f\xf3\xcd\xc6X$\x01n-Hg\x144-.\xe2\x053\xe2\xf4\xbf[\xe9\xdddU\x91\x9d,\t\x8d\xc3@\x86,\x7f\xe2Z\xe8L\x80\xdbe\x7fx\x01\x9b\xcf\x9b\x1cH\x95\xf3'}, 0x30) (async, rerun: 32)
close(0xffffffffffffffff) (async, rerun: 32)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r3, r4, 0x2, 0x2, 0x0, @void, @value}, 0x10) (async, rerun: 32)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (rerun: 32)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)={@cgroup=r5, 0xffffffffffffffff, 0x2, 0x0, 0x4000, @void, @value}, 0x20)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a300000000088000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d44001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c000280080001400000e41f080003400000012014"], 0xd0}}, 0x20050800) (async)
sendmsg$sock(r0, &(0x7f0000000180)={&(0x7f0000000000)=@ax25={{0x3, @bcast, 0x8}, [@bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null]}, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000140)=[@txtime={{0x18, 0x1, 0x3d, 0x200000000}}], 0x18}, 0x801)

10.516768967s ago: executing program 2 (id=1587):
r0 = socket(0x10, 0x3, 0x0)
syz_emit_ethernet(0x6f, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa340800450000610000000001889078000000000000000000000001004d907848dbea7a3b5317093db165629db9eb33eba9b0897cc754888d08f97964d142c7b3d8cdf66cd1296dc213487249a04811bbfa7c89bc31cc89097b2bddb70c5722b40255912fdf9f0dca6115c15b037e923690f8e2ad60a3113b13def6"], 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x1000, 0x4, 0x10000000, 0xc}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', 0xffffffffffffffff, 0x0, 0x200000d}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', 0xffffffffffffffff, 0x0, 0x200000d}, 0x18)
r1 = socket(0x2, 0x80805, 0x0)
ioctl$sock_x25_SIOCDELRT(r1, 0x890c, &(0x7f00000003c0)={@null, 0xa, 'veth1_to_batadv\x00'}) (async)
ioctl$sock_x25_SIOCDELRT(r1, 0x890c, &(0x7f00000003c0)={@null, 0xa, 'veth1_to_batadv\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="200000001600156f000000cc000000000a4115cd7586378ec8c069bef5e6beebda9cf970ac893d3fa195b7111849", @ANYRES32=0x0, @ANYBLOB='\b\x00\b\x00\b\x00\x00\x00'], 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="200000001600156f000000cc000000000a4115cd7586378ec8c069bef5e6beebda9cf970ac893d3fa195b7111849", @ANYRES32=0x0, @ANYBLOB='\b\x00\b\x00\b\x00\x00\x00'], 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r3, 0x1, 0x4c, &(0x7f0000000000), 0x4)
recvmsg$unix(r3, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x2000)
ioctl$TUNSETNOCSUM(r4, 0xc040ff0b, 0x1) (async)
ioctl$TUNSETNOCSUM(r4, 0xc040ff0b, 0x1)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000100)={'veth0_macvtap\x00', 0x10})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000040)=0x200000, 0x4) (async)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000040)=0x200000, 0x4)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=@newqdisc={0x44, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_OVERHEAD={0x8}, @TCA_CAKE_ATM={0x8}]}}]}, 0x44}}, 0x0)

9.112490858s ago: executing program 2 (id=1588):
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYRESHEX=0x0], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xad, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0)
recvmsg$unix(r1, &(0x7f0000000200)={&(0x7f0000000080)=@abs, 0x6e, &(0x7f0000000180)=[{&(0x7f0000000380)=""/212, 0xd4}, {&(0x7f0000000480)=""/192, 0xc0}, {&(0x7f0000000540)=""/209, 0xd1}, {&(0x7f0000000140)=""/26, 0x1a}], 0x4}, 0x60)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_RESET_STATS(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000980)=ANY=[@ANYBLOB="18000000", @ANYRES16=r5, @ANYBLOB="010000000000000000000a000000040004804bcf3168ce6837676adf217b6713eb2183b1ba559f6a47f31d372e67a3cade57dc3244bb3553c4c1caf07a0aa704990a1bfe60e96cd8ba0ad4d99eb3878d3869c4e23eed124b3698dad7918634065a6f062052032d4ddb170bf24bc989a55bc9f8d133a78c7a665c0b8d9b604f6b8bb2f6635b9830518e088e6ba0fc00008595a89c089c1086724cfba802b7693f4543d12e21f4bedabf973b844c4072023c30"], 0x18}}, 0x0)
r6 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r6, 0x10f, 0x81, &(0x7f0000000280)=0x2, 0x4)
connect$tipc(r6, &(0x7f0000000140)=@id, 0x10)
connect$tipc(r6, &(0x7f0000000040)=@id={0x1e, 0x3, 0x0, {0x4e20}}, 0x10)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000240)={'ip_vti0\x00', &(0x7f0000000640)=@ethtool_per_queue_op={0x4b, 0x12, [0x2, 0x9, 0x10001, 0x1, 0x0, 0x8, 0x81, 0xfffffffe, 0x2a, 0x7, 0x1, 0x69d2, 0x2, 0x4, 0x6, 0x5b3, 0x7, 0x7fffffff, 0x5, 0x10000, 0x3, 0x93, 0x48, 0x7, 0x3, 0x40000, 0x5, 0x200, 0x7, 0xb, 0x1, 0x8, 0x5, 0x826, 0x9, 0x40000000, 0x7, 0x71b, 0x7, 0x80000001, 0x1, 0x0, 0x8, 0x1, 0x5, 0xffff, 0x81, 0x6, 0x5, 0xa2, 0x80, 0x4, 0x557319b5, 0x3ff, 0x7, 0xcc1, 0x515, 0x8001, 0x2, 0xb, 0x40, 0x4, 0x1, 0x0, 0x4, 0x5, 0x5, 0x8, 0x0, 0x7ff, 0x0, 0x0, 0x6, 0x1000, 0x80, 0x7fff, 0x4, 0x0, 0xffffffff, 0x6, 0x3ff, 0x8, 0x3, 0x6, 0x800, 0x7, 0x3, 0x17, 0x81, 0x7, 0xdd3, 0x9, 0x7, 0x1fe, 0x5, 0x7, 0x0, 0x6, 0x3, 0x9, 0x1, 0xc2, 0x100, 0x10000, 0xc, 0x2, 0x800, 0x4, 0x10, 0x3, 0x8c, 0x81, 0x8e, 0x1, 0x81, 0x98ed, 0x3, 0x0, 0x188b000, 0x0, 0x0, 0x7, 0x1, 0x80000000, 0x80000001, 0x101, 0x80000001, 0x5], "f491af91a581465069cb6c018edb5b0bf3af460bacd94e244c5f1485b69f60a13d343a44494d9bb3e1f723e30c51fdb87844bc899051ef18a8ed5688a64ca0d82dd4cd7f0603c29d0b42d9f300d3e69b4e9c6e651a65e0cff15952"}})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000002, 0x11, r3, 0x15e62000)
clock_gettime(0x0, 0x0)
r7 = openat$cgroup_subtree(r3, &(0x7f00000008c0), 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000900)={[{0x0, 'rlimit'}, {0x2b, 'hugetlb'}, {0x2b, 'net_cls'}, {0x2d, 'memory'}, {0x2d, 'freezer'}, {0x0, 'cpuacct'}, {0x2d, 'hugetlb'}, {0x6, 'perf_event'}, {0x2d, 'cpuset'}]}, 0x51)

8.928966878s ago: executing program 2 (id=1590):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095", @ANYRES16], &(0x7f0000000640)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000003c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha12\x00'}, 0x58)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newlink={0x3c, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, 0x0, 0x1840}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5, 0x16, 0x3}]}}}]}, 0x3c}}, 0x0)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x4000)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x88}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
unshare(0x6a040000)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0xf, 0x9, &(0x7f00000000c0)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x5}, @call={0x85, 0x0, 0x0, 0xba}, @call={0x85, 0x0, 0x0, 0x2c}, @initr0={0x18, 0x0, 0x0, 0x0, 0x90}, @exit]}, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x34, @void, @value}, 0x94)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x4000)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
recvmsg(r7, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r8, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x12, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r9}}, {}, [@map_fd={0x18, 0x1, 0x1, 0x0, r9}, @call={0x85, 0x0, 0x0, 0x75}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getsockopt$EBT_SO_GET_ENTRIES(r6, 0x0, 0x81, 0x0, &(0x7f00000002c0))

6.502085554s ago: executing program 4 (id=1603):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
r2 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r2, 0x29, 0x21, &(0x7f0000000340), 0x4)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x54, 0x10, 0xffffff1f, 0xfffffffc, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x2}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x7}, @IFLA_GRE_REMOTE={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x28}}]}}}, @IFLA_MASTER={0x1b, 0xa, r4}]}, 0x54}, 0x1, 0x0, 0x0, 0x24040000}, 0x0)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000040)={'ipvlan0\x00', &(0x7f0000000140)=@ethtool_pauseparam={0x8}})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

6.276434537s ago: executing program 4 (id=1604):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SAVE(r1, &(0x7f0000001b40)={0x0, 0x0, &(0x7f0000001b00)={0x0}, 0x1, 0x0, 0x0, 0x20048040}, 0x4000) (async, rerun: 32)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) (async, rerun: 32)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff) (async)
socket$packet(0x11, 0x3, 0x300)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2) (async)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000ec0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x5, 0xc6, &(0x7f0000000540)=""/198, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) (async, rerun: 64)
ppoll(&(0x7f0000000500)=[{r4}], 0x1, 0x0, 0x0, 0x0) (async, rerun: 64)
pselect6(0x40, &(0x7f00000001c0)={0x1, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x1, 0x7fffffff}, 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r6, &(0x7f0000000340)=@name={0x1e, 0x2, 0x1, {{0x0, 0x1}}}, 0x10) (async)
ioctl$TUNSETSNDBUF(r2, 0x400454d4, &(0x7f0000000340)=0x1) (async)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r7, 0x84, 0x2, &(0x7f00000000c0)={0xfffc}, 0x8) (async, rerun: 64)
sendto$inet6(r7, &(0x7f00000004c0)='W', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback, 0x8}, 0x1c) (async, rerun: 64)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r7, 0x84, 0x23, 0x0, 0x0) (async)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close(r8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

4.549854835s ago: executing program 4 (id=1608):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x75)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='cpu.stat\x00', 0x275a, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x1c}}, 0x0)
preadv(r1, &(0x7f0000000100), 0x2b, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000f80), 0xffffffffffffffff)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305829, &(0x7f0000000540)={0x1100, 0x0, 0x52, 0x10000})
getpid()
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000100)=@nameseq={0x1e, 0x1, 0x2, {0x43, 0x3, 0x3}}, 0x10)
bind$tipc(r5, &(0x7f0000000140)=@name={0x1e, 0x2, 0xfffffffffffffffe, {{0x42, 0x2}}}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095", @ANYRES64=r5, @ANYRES8=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1d, 0x4, 0x8, 0x8008, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
r8 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000800)={'lo\x00'})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bcc98c418a809816", @ANYRES32=r7, @ANYRES32=r8, @ANYBLOB="132c93413a3b98e9b30a07e254b3ad1dd0024711bb47fecd950ec5441eb64660e231b98e9ca222205067e312f9a53d6515d109d04255", @ANYRES16=r4, @ANYRES16=r3], &(0x7f0000000180)='GPL\x00', 0x0, 0x10, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x5, 0x3100, 0x0, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r6, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r10, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0xffff, 0x0, 'lblc\x00', 0x1d, 0x1000, 0x4a}, 0x2c)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r11, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}}, 0x0)

4.280600126s ago: executing program 2 (id=1610):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000021c0)=0x1, 0x4) (async)
setsockopt(r0, 0x1, 0x10000000000009, &(0x7f0000000100)="0100ddff", 0x507b420f2d51f971)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r2) (async, rerun: 32)
syz_emit_ethernet(0x6a, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600c0a3500340600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="d00200009078000052"], 0x0) (async, rerun: 32)
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'hsr0\x00', @broadcast})
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r5=>0x0})
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) (async)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, 0x0, 0x0) (async)
r6 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNDEL(r6, 0x400442c9, &(0x7f0000000040)={0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2a}}) (async)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, 0x0, 0x0) (async)
bind$alg(0xffffffffffffffff, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-generic\x00'}, 0x58) (async, rerun: 32)
r8 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) (async, rerun: 32)
r9 = socket(0x10, 0x2, 0x0)
write(r9, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) (async)
recvmmsg(r9, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) (async, rerun: 32)
recvmmsg$unix(r8, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0) (async, rerun: 32)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB="98030000", @ANYRES16=r3, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r5, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001"], 0x398}}, 0x0)
r10 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r10, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c) (async)
setsockopt$SO_BINDTODEVICE(r10, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet6_udp_int(r10, 0x11, 0xb, &(0x7f0000001380)=0x6, 0x4) (async)
setsockopt$inet_sctp6_SCTP_INITMSG(r10, 0x84, 0x2, &(0x7f0000000080)={0xfff0, 0x5, 0x4, 0x4b6}, 0x8)

4.061910547s ago: executing program 2 (id=1611):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="010002000e0000000000000004"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000500)=ANY=[@ANYBLOB="18020000fcffffff0000000000000000850000003600000085000000d000000095"], &(0x7f0000000100)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000001580)="e0856497ba6cf0f21a00000000101d59b73609e68bab107a6afc9aee9dcb023abd85146967c135bc34b2070993e2d1585aea30384c2e6f861ac74f94f9904e64df5bfad104cc941486d8bd2f170415128623a5c9786bb6ae70ae2273f28bb6b92ce16d17e1cb6267fad52fb60698f12b3a25c226e5223418a1471847f90bae34d7dc127356d168745b176d26d5cac699a38f9d7f179c9f44f5e556f17adf8376d056803d1cdf81368a5edf3eabd401508f58590b68d877f4f7bf0a0542946c7e9ba46eb79b9c2f08638088e3cbb90f2c28bb2b677df90792ea8791d77a2279fa664ab2267c93a9e844553b340ad398b302a0e7ef8ebc33d5cb7c19922c3883a334b43ba6dac35ba63935afbd47b8609933493a41832bac37c9ebd0d59ffdfd5e19a9ed7e8c993b1815b7d0edfcfd95de", 0x0, 0x20000700, 0x0, 0xffffffffffffff51, 0x0, 0x0, 0x0, 0x5}, 0x1d)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
close(0x3)
r1 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r1, &(0x7f0000001080)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000008c0)="db", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000480)="06", 0x1}], 0x1}}], 0x2, 0x4000005)
close(r1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB], 0x7c}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000f80)=ANY=[@ANYBLOB="b70200000b000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f7a80d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001e8c76bbe7ff988a28ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f757036303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4522bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b9fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabfd50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd1389a0963de85dd2b189774450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f326df86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c39b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa525235da0000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc32a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2a434b9048ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b4783d66661a92f174f8293cf83bceaf6c9eda1f83166aa1e2093d626870510e6cd176d501fe01e4a752fc30134073188e3f826f695e4e14fca6596943467c7df154493023f77c107b3db20ea75b493b4b38dc43986d94748cbfab954edae20982b6d212a44f4b40387876bc9eb73900"/3112], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000100)="b9ff0b076859268cb89e14f088a847", 0x0, 0xf00, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0xfffe, @multicast2}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa000806000186dd0610000000000000000000000000bbaaaaaaaaaabbfe80000000000000000000000000151301b6e31275360ddc89a681111200"/79], 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000040))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x24, 0x24, 0xf0b, 0x13, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x5}, {0xffff, 0xffff}, {0xffff}}}, 0x24}}, 0x8000)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x44804)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000140)=[@in6={0xa, 0x4e22, 0xb, @private0, 0x6}, @in6={0xa, 0x4e23, 0x8, @remote, 0x1}, @in={0x2, 0x4e22, @empty}, @in6={0xa, 0x4e23, 0x5, @mcast1, 0x3}], 0x64)
unshare(0x68060200)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x8031, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x14d, &(0x7f0000000680)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaabb8100000086dd6d4f0245011300fffc020000000000000000000000000001fc010000000000000000000000000001062100000000000004f9b55cd0c9d1cdebccff4d23e8cd050e32d9568e97fc744f63bccad46eccd89229d530bd1100d408ea65cb1ab270490064480e9df6314f70ae36f03850f82480bf367eec2442c07838f8f12d2c3e69fd273c6a95aeb711c3e4635d2cc9633a29362ea531381b87b520a148d86f541b0535fd6b34493127cb95bd6e6682fa273edb7e19418020330d67963ab1264c9942b4ca77af863fa61033b90e73b95b10abb07fc23117c0c532d0925bdbaf9ca10bc7623d8fee61cb55725a5730a739a0d24ca1024e0332426aa34c76c07a4aef592af87eba40b757b3d502232e0000000048f07f4f5a10218af89de23b22af32eb776c114771d01ec796ac05020000000100c20400000007a51a8dab5d32912580d147c2deff0fb31251ecb137bbaec6c9c8b813b170dd8529d107e9e9db1d0b2336f47e"], 0x0)

3.812218235s ago: executing program 4 (id=1613):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmmsg$unix(r0, &(0x7f00000018c0)=[{{0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000000040)}, {&(0x7f0000000080)=""/138, 0x8a}, {&(0x7f0000000140)=""/4096, 0x1000}, {&(0x7f0000001140)=""/18, 0x12}, {&(0x7f0000001180)=""/160, 0xa0}, {&(0x7f0000001240)=""/38, 0x26}], 0x6}}, {{&(0x7f0000001300)=@abs, 0x6e, &(0x7f0000001780)=[{&(0x7f0000001380)=""/67, 0x43}, {&(0x7f0000001400)=""/35, 0x23}, {&(0x7f0000001440)=""/246, 0xf6}, {&(0x7f0000001540)=""/199, 0xc7}, {&(0x7f0000001640)=""/37, 0x25}, {&(0x7f0000001680)=""/61, 0x3d}, {&(0x7f00000016c0)=""/133, 0x85}], 0x7, &(0x7f0000001800)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [<r2=>0xffffffffffffffff, 0xffffffffffffffff, <r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff]}}, @cred={{0x1c}}], 0xb0}}], 0x2, 0x1, &(0x7f0000001940))
sendmsg$nl_xfrm(r7, &(0x7f0000001a40)={&(0x7f0000001980)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001a00)={&(0x7f00000019c0)=@getsa={0x3c, 0x12, 0x75ad7a534bc91b57, 0x70bd25, 0x25dfdbfc, {@in6=@dev={0xfe, 0x80, '\x00', 0xb}, 0x4d2, 0xa, 0xff}, [@policy_type={0xa, 0x10, {0x1}}, @XFRMA_SET_MARK_MASK={0x8}]}, 0x3c}}, 0x4)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000001a80), &(0x7f0000001ac0)=0x4)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000001b40)={'pim6reg1\x00', &(0x7f0000001b00)=@ethtool_rxfh_indir={0x39, 0x7, [0xa6, 0x91f, 0x9, 0xc2b6, 0x1, 0x7, 0x4]}})
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f0000001bc0), r4)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x34, r9, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x7}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000000}, 0x40000)
syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r8, 0x84, 0x13, &(0x7f0000001cc0)=0x8, 0x4)
r10 = syz_genetlink_get_family_id$SEG6(&(0x7f0000001d40), r7)
sendmsg$SEG6_CMD_SET_TUNSRC(r8, &(0x7f0000001e00)={&(0x7f0000001d00)={0x10, 0x0, 0x0, 0x180000}, 0xc, &(0x7f0000001dc0)={&(0x7f0000001d80)={0x1c, r10, 0x2, 0x70bd27, 0x25dfdbfb, {}, [@SEG6_ATTR_ALGID={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8810}, 0x20004000)
sendmsg$NFNL_MSG_CTHELPER_GET(r2, &(0x7f0000002040)={&(0x7f0000001e40)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000002000)={&(0x7f0000001e80)={0x148, 0x1, 0x9, 0x201, 0x0, 0x0, {0x2, 0x0, 0x9}, [@NFCTH_TUPLE={0xb0, 0x2, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @empty}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010101}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @private=0xa010102}}}]}, @NFCTH_TUPLE={0x4c, 0x2, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x722}, @NFCTH_STATUS={0x8}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x8}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}]}, 0x148}, 0x1, 0x0, 0x0, 0x8003}, 0x4004044)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
r12 = openat$ppp(0xffffffffffffff9c, &(0x7f0000002080), 0x8900, 0x0)
ioctl$PPPIOCNEWUNIT(r12, 0xc004743e, &(0x7f00000020c0)=0x2)
write$bt_hci(r3, &(0x7f0000002100)={0x1, @le_set_ext_scan_enable={{0x2042, 0x6}, {0x6, 0xb, 0x7fff, 0x2}}}, 0xa)
getsockname$packet(0xffffffffffffffff, &(0x7f0000002140)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000002180)=0x14)
r14 = accept4(r1, &(0x7f00000021c0)=@nfc_llcp, &(0x7f0000002240)=0x80, 0x80000)
r15 = syz_genetlink_get_family_id$devlink(&(0x7f00000022c0), r3)
sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r14, &(0x7f0000002400)={&(0x7f0000002280)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000023c0)={&(0x7f0000002300)={0x84, r15, 0x100, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x25}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x4}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xfff}}]}, 0x84}, 0x1, 0x0, 0x0, 0x4004}, 0x8000)
r16 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002480), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000024c0)={'wlan1\x00', <r17=>0x0})
sendmsg$NL80211_CMD_GET_STATION(r3, &(0x7f00000025c0)={&(0x7f0000002440)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000002580)={&(0x7f0000002500)={0x4c, r16, 0x20, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x3, r17}, @void}}, [@NL80211_ATTR_STA_PLINK_STATE={0x5}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0x18}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x1f, 0x13, [{0x0, 0x1}, {0x36, 0x1}, {0x4, 0x1}, {}, {0x60, 0x1}, {0x24}, {0x6c, 0x1}, {0x6c}, {0x5, 0x1}, {0x6}, {0x18, 0x1}, {0xa}, {0x30, 0x1}, {0x6}, {0x30, 0x1}, {0xc}, {0x48, 0x1}, {0x4}, {0x48}, {0x12, 0x1}, {0x60}, {0x48}, {0x6c, 0x1}, {0x12}, {0x2, 0x1}, {0xb}, {0x1b, 0x1}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20008044}, 0x800)
r18 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000002600)={0xffffffffffffffff, 0x3}, 0xc)
ioctl$F2FS_IOC_MOVE_RANGE(r11, 0xc020f509, &(0x7f00000026c0)={<r19=>r0, 0xd, 0x6, 0x6})
bpf$MAP_CREATE(0x0, &(0x7f0000002640)=@bloom_filter={0x1e, 0x2, 0xfffffe96, 0xd, 0x48004, r18, 0x2, '\x00', r13, r7, 0x3, 0x4, 0x1, 0xd, @value=r19, @void, @void, @value}, 0x50)
sendmsg$NL80211_CMD_ASSOCIATE(r19, &(0x7f0000002840)={&(0x7f0000002700)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000002800)={&(0x7f0000002740)={0x84, r16, 0x20, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r17}, @val={0xc, 0x99, {0x2334, 0x17}}}}, [@NL80211_ATTR_PREV_BSSID={0xa, 0x4f, @from_mac=@broadcast}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_USE_RRM={0x4}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, {0x2, 0x1, 0x0, 0x0, {0x134, 0x7, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1}, 0x1, 0x5, 0x10}}, @NL80211_ATTR_VHT_CAPABILITY={0x10, 0x9d, {0x8, {0x8, 0x6, 0x3}}}, @NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, {0x200, {0x5, 0xc, 0x3, 0xc}}}]}, 0x84}, 0x1, 0x0, 0x0, 0x400d4}, 0x818)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000002940)={&(0x7f0000002880)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000002900)={&(0x7f00000028c0)={0x2c, 0x1, 0x4, 0x201, 0x0, 0x0, {0x5}, [@NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0x10000}, @NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x8}, @NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0x9029}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4810}, 0x20000080)

3.321607676s ago: executing program 4 (id=1614):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r0}, 0x8)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000080)="580000001500add427323b472545b45602117fffffff81000e224e217f000001925aa80020007b00090080007f000001e809000000ff0000f03ac7108bfaffffffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
sendmsg$nl_route(r1, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@ipmr_delroute={0x3c, 0x19, 0x8, 0x70bd28, 0x25dfdbff, {0x80, 0x20, 0x10, 0x7f, 0xb17e4f4d4e17a95, 0x2, 0xc8, 0x2, 0x2900}, [@RTA_METRICS={0x20, 0x8, 0x0, 0x1, "bfd6630b64210e3eb1de56db65f6d8f7223c111d2741fc0f0bd59c22"}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000c0c0}, 0x8004)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000300)='GPL\x00', 0xfc, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r2}, 0x10)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000100)="520003000100b8", 0x7)

3.244776941s ago: executing program 4 (id=1615):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x18)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x4000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
unshare(0x6a040000)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000600)={&(0x7f0000000740)=ANY=[@ANYBLOB="400000003d32fa730112b761d913970fec105926c455c038365326721d3aac103594e3acc7da9da60a1343db5e75e6194948094588ad966d86bd80f7b2ba50b21dd86432d882b8a8c41f0e6c4dff9a47c0054d7a525cfd4ecd44450cc09fee4de8eb47e4abe8b9fe4436d87a1380f0bc07e71a000000000000000008000000000000", @ANYRES16=r5, @ANYBLOB="100026bd7000fddbdf256b00000008000300", @ANYRES32=0x0, @ANYBLOB="0c00990005000000070000000a00060008021100000100000a0006000802110000000000"], 0x40}}, 0x40074)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r3, @ANYBLOB, @ANYRES32=r4, @ANYBLOB='8\x00/'], 0x54}, 0x1, 0x0, 0x0, 0x5396ebcfacd993b0}, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000280)={'wpan0\x00'})
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r7)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wpan0\x00', <r9=>0x0})
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r10, &(0x7f0000000040)={0x0, 0x33, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000006197e05ec745aec03c38368b560bdc20c2d2f014adec6ae900392cac5684aa3f93a98bed4cd04ba4530dca56f7f67dd84dfbcf0ab5f91575523a266e01a29ae2", @ANYRES16=r8, @ANYBLOB="0b06000000000000000030000000050036000000000008000200", @ANYRES32=r9, @ANYBLOB="050035000000000005003300030000000500340000000000"], 0x3c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000002c0)={'wpan4\x00'})
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x4000)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000700)={{0x1}, 0x0, &(0x7f0000000380)='%-5lx  \x00'}, 0x20)
r11 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000080)={'veth0_to_bridge\x00', <r12=>0x0})
setsockopt$packet_add_memb(r11, 0x107, 0x1, &(0x7f0000000000)={r12, 0x1, 0x6, @link_local}, 0x10)
setsockopt$packet_add_memb(r11, 0x107, 0x2, &(0x7f00000003c0)={r12, 0x1, 0x4, @remote}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)

712.489795ms ago: executing program 3 (id=1626):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendmsg$inet6(r0, &(0x7f0000000040)={&(0x7f0000000000)={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00', 0x7f}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=[@rthdr_2292={{0x28, 0x29, 0x39, {0x3b, 0x2, 0x2, 0x1, 0x0, [@local]}}}, @rthdrdstopts={{0x18, 0x29, 0x37, {0x2e}}}], 0x40}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000640)=ANY=[@ANYBLOB="700000001400010000000000fbdbdf25e00000010000000000000000000000000000000000000000000000000000000100000000000700"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\f\x00\b'], 0x70}}, 0x4004040)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000000)={@broadcast, @empty, <r3=>0x0}, &(0x7f0000000040)=0xc)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=@ipv4_newroute={0x24, 0x18, 0x100, 0x70bd26, 0x25dfdbfb, {0x2, 0x0, 0x20, 0x9, 0x0, 0x2, 0x0, 0x0, 0x1900}, [@RTA_IIF={0x8, 0x3, r3}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x40000)

684.824295ms ago: executing program 3 (id=1627):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000100)=@newtaction={0x18, 0x32, 0x12f, 0x0, 0x25dfdbfb, {}, [{0x4}]}, 0x18}}, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000b5ffffffffffffffff2e2be82db1af00000000", 0x18) (async)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x40, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3e}, 0x1c) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 32)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) (rerun: 32)
sendmmsg$inet6(r0, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0)

523.815813ms ago: executing program 3 (id=1628):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@typedef={0x4, 0x0, 0x0, 0x12}]}, {0x0, [0x0, 0x0, 0x0, 0x5f]}}, 0x0, 0x2a, 0x0, 0x1, 0x0, 0x0, @void, @value=0x12000000}, 0x28)

388.471021ms ago: executing program 3 (id=1629):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000380)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)={0xffffffffffffffff, <r1=>0xffffffffffffffff}) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r3 = socket$alg(0x26, 0x5, 0x0) (rerun: 64)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) (async, rerun: 64)
r4 = accept4(r3, 0x0, 0x0, 0x800) (rerun: 64)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) (async)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYRES16=r0, @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
r7 = socket$inet6(0x10, 0x3, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001000)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x2, 0x0, 0x0, 0x0, 0xd5e93709d453f02a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdbd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r9}, 0x10) (async)
sendto$inet6(r7, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

197.036719ms ago: executing program 3 (id=1630):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r1=>0x0}) (async, rerun: 32)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) (rerun: 32)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54", 0xe)
accept4(r4, 0x0, 0x0, 0x800)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00'}) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000100)={'wlan1\x00'}) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, 0x0, 0x0) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000003a00000008000300", @ANYBLOB="8b7a29", @ANYBLOB="05ff5bdd348d9bf73510bc8e0249422c53049ea585f7c5f47f7d74676b3b51ac99e8574c8dc3c3deef56d9746be71caa0024ead4dfd77a902906496f9e467d642e55378801000000000000003cc628edce4fc545861d196d3290a95924676487e4274fb3f4a95a7277ac1c2f65898ae6b2111b4599c546729e70671260d252949c897cfb32c503543e64feeb0200000000000000000000000000000000000000000000000000000000000000000000b61a707e162588a36b53baa0072413f29f9d9a21eb4534294d5a52cffa40c7390f14854c475ac1ef227fe4ee1a1587a0eaecfb66a4f7bf318e49d2cd6d2007e1c16b2984472df781aca4b1079e9a471d3b5900e1f85d804031312733cc4f8cbc8b7086e00bfe8d447ce685fc11fa0e274c13952e3fa740ec094077015ab1dbd18fbaaef346280053c739cb135d57e50660bd1cb8bb85def3b13157679bca838ae877b7b7fdce962e"], 0x24}}, 0x0) (async)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001440)={0x1c, r2, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r1}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

0s ago: executing program 3 (id=1631):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x7, 0x6, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000500000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000840)='virtio_transport_alloc_pkt\x00', r3}, 0x18)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r1, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000140)={0xa, 0xe22, 0x3, @loopback={0xff00000000000000}}, 0x1c)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000000000000020000008500000023000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000ff030000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f00000005c0)={'wg0\x00'})
sendto(r5, &(0x7f0000000480)="39d885606ad14ea863d63842d9687655bc94e6dc7bff7d5b69bd0ae647b28a64dadb3f3a7406ed1fde33171c0fa10f71c79c4f0d0c61907e59d3466e17b53a4557e136323a6540f8356eabb079b120316b1deed100866b8a41c0bcf836bf691408dcfe20cb73f3b8c216e2376fe66402fefae1f07baa41da2826934e9200fb62fdd71f24fd6397798e6a53406cb6911b7e862bc320198703953451e579ba13912972dbe4f575f51bdf354b8a598b82171058a60d45af3007c22b7b8ca65eaf5e", 0xc0, 0x24000080, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x50)
socket$inet_mptcp(0x2, 0x1, 0x106)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000600)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000740)={0x4c, r10, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r11}, @void}}, [@NL80211_ATTR_SCAN_SSIDS={0x30, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ibss_ssid}, {0xa, 0x0, @default_ibss_ssid}, {0x4}, {0x4}, {0xa, 0x0, @default_ibss_ssid}]}]}, 0x4c}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r12, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
r13 = socket(0x10, 0x3, 0x0)
r14 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r14, 0x8933, &(0x7f00000000c0)={'tunl0\x00', <r15=>0x0})
sendmsg$nl_route(r13, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r15}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5, 0x9, 0x89}]}}}]}, 0x3c}}, 0x0)
bind$802154_raw(r7, &(0x7f0000000040)={0x24, @short={0x2, 0x2, 0xaaa3}}, 0x14)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000b40)=ANY=[], 0x54}}, 0x0)

kernel console output (not intermixed with test programs):

0] team0: entered promiscuous mode
[  140.200681][ T7328] netlink: 'syz.4.349': attribute type 1 has an invalid length.
[  140.229725][ T7327] netlink: 'syz.4.349': attribute type 1 has an invalid length.
[  140.284123][ T7327] netlink: 32 bytes leftover after parsing attributes in process `syz.4.349'.
[  140.555005][ T7336] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.640265][ T7334] bond1: entered allmulticast mode
[  140.645710][ T7225] vxcan1 speed is unknown, defaulting to 1000
[  140.971440][ T7351] syzkaller0: entered promiscuous mode
[  140.977205][ T7351] syzkaller0: entered allmulticast mode
[  141.100874][ T7356] netlink: 28 bytes leftover after parsing attributes in process `syz.3.357'.
[  141.111077][ T7356] netlink: 52 bytes leftover after parsing attributes in process `syz.3.357'.
[  141.144645][ T7225] vxcan1 speed is unknown, defaulting to 1000
[  142.843724][ T7336] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.037878][ T7336] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.055666][ T7374] sch_tbf: burst 1 is lower than device ip6tnl0 mtu (1452) !
[  143.150184][ T7336] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.385551][ T7388] xt_CT: No such helper "pptp"
[  143.407776][ T7388] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  143.445377][ T7398] netlink: 40 bytes leftover after parsing attributes in process `syz.2.367'.
[  143.456838][ T7392] 8021q: adding VLAN 0 to HW filter on device bond2
[  143.466115][ T7392] team0: Port device bond2 added
[  143.507815][ T7336] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  143.520944][ T7388] netlink: 'syz.0.365': attribute type 2 has an invalid length.
[  143.540003][ T7399] netlink: 12 bytes leftover after parsing attributes in process `syz.2.367'.
[  143.550757][ T7398] netlink: 12 bytes leftover after parsing attributes in process `syz.2.367'.
[  143.648947][ T7336] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  143.770501][ T7412] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  143.789459][ T7336] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  143.790955][ T7412] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  143.833524][ T7415] netlink: 4 bytes leftover after parsing attributes in process `syz.3.370'.
[  143.848663][ T7336] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  143.878887][ T7415] nbd: must specify a device to reconfigure
[  143.976256][ T7412] vxcan1 speed is unknown, defaulting to 1000
[  144.325720][ T7435] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  144.337797][ T7435] netlink: 'syz.2.378': attribute type 33 has an invalid length.
[  144.345755][ T7435] netlink: 152 bytes leftover after parsing attributes in process `syz.2.378'.
[  144.378226][ T7439] trusted_key: syz.1.377 sent an empty control message without MSG_MORE.
[  144.904688][ T7449] netlink: 20 bytes leftover after parsing attributes in process `syz.2.382'.
[  145.273093][ T7472] netlink: 264 bytes leftover after parsing attributes in process `syz.1.386'.
[  145.336888][ T7477] netlink: 264 bytes leftover after parsing attributes in process `syz.1.386'.
[  145.586712][ T7489] netlink: 40 bytes leftover after parsing attributes in process `syz.4.390'.
[  145.962211][ T7501] mac80211_hwsim hwsim7 wlan0 (unregistering): left allmulticast mode
[  146.348365][ T7513] can: request_module (can-proto-0) failed.
[  146.525142][ T7522] netlink: 8 bytes leftover after parsing attributes in process `syz.2.396'.
[  146.605609][ T7489] infiniband syz!: set down
[  146.611478][ T7489] infiniband syz!: added team_slave_0
[  146.631671][ T7489] syz!: rxe_create_cq: returned err = -12
[  146.642422][ T7489] infiniband syz!: Couldn't create ib_mad CQ
[  146.657410][ T7489] infiniband syz!: Couldn't open port 1
[  146.728190][ T7489] RDS/IB: syz!: added
[  146.732522][ T7489] smc: adding ib device syz! with port count 1
[  146.740454][ T7489] smc:    ib device syz! port 1 has pnetid 
[  146.832503][ T7535] syz.1.399: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  146.869523][ T7535] CPU: 1 UID: 0 PID: 7535 Comm: syz.1.399 Not tainted 6.15.0-rc5-syzkaller-01021-g0b28182c73a3 #0 PREEMPT(full) 
[  146.869551][ T7535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  146.869563][ T7535] Call Trace:
[  146.869571][ T7535]  <TASK>
[  146.869580][ T7535]  dump_stack_lvl+0x189/0x250
[  146.869630][ T7535]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.869658][ T7535]  ? __pfx__printk+0x10/0x10
[  146.869679][ T7535]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  146.869700][ T7535]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  146.869722][ T7535]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  146.869745][ T7535]  warn_alloc+0x214/0x310
[  146.869782][ T7535]  ? __pfx_warn_alloc+0x10/0x10
[  146.869809][ T7535]  ? kasan_save_track+0x4f/0x80
[  146.869830][ T7535]  ? __kmalloc_cache_noprof+0x230/0x3d0
[  146.869853][ T7535]  ? xskq_create+0x56/0x170
[  146.869892][ T7535]  ? __x64_sys_setsockopt+0x18b/0x220
[  146.869917][ T7535]  ? do_syscall_64+0xf6/0x210
[  146.869935][ T7535]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.869967][ T7535]  __vmalloc_node_range_noprof+0x125/0x12c0
[  146.870029][ T7535]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  146.870061][ T7535]  ? __kasan_kmalloc+0x93/0xb0
[  146.870090][ T7535]  vmalloc_user_noprof+0x74/0x80
[  146.870119][ T7535]  ? xskq_create+0xbf/0x170
[  146.870149][ T7535]  xskq_create+0xbf/0x170
[  146.870183][ T7535]  xsk_init_queue+0xb0/0x110
[  146.870215][ T7535]  xsk_setsockopt+0x43f/0x710
[  146.870247][ T7535]  ? __pfx_xsk_setsockopt+0x10/0x10
[  146.870288][ T7535]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  146.870310][ T7535]  ? __pfx_xsk_setsockopt+0x10/0x10
[  146.870340][ T7535]  do_sock_setsockopt+0x257/0x3e0
[  146.870371][ T7535]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  146.870395][ T7535]  ? __fget_files+0x2a/0x420
[  146.870426][ T7535]  ? __fget_files+0x3a0/0x420
[  146.870450][ T7535]  ? __fget_files+0x2a/0x420
[  146.870484][ T7535]  __x64_sys_setsockopt+0x18b/0x220
[  146.870518][ T7535]  do_syscall_64+0xf6/0x210
[  146.870539][ T7535]  ? clear_bhb_loop+0x45/0xa0
[  146.870564][ T7535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.870582][ T7535] RIP: 0033:0x7f00e6b8e969
[  146.870610][ T7535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.870627][ T7535] RSP: 002b:00007f00e79c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  146.870648][ T7535] RAX: ffffffffffffffda RBX: 00007f00e6db6080 RCX: 00007f00e6b8e969
[  146.870662][ T7535] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000005
[  146.870673][ T7535] RBP: 00007f00e6c10ab1 R08: 0000000000000004 R09: 0000000000000000
[  146.870685][ T7535] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  146.870697][ T7535] R13: 0000000000000000 R14: 00007f00e6db6080 R15: 00007ffd132a6bb8
[  146.870729][ T7535]  </TASK>
[  146.870748][ T7535] Mem-Info:
[  147.164674][ T7535] active_anon:5341 inactive_anon:0 isolated_anon:0
[  147.164674][ T7535]  active_file:1363 inactive_file:39845 isolated_file:0
[  147.164674][ T7535]  unevictable:768 dirty:133 writeback:0
[  147.164674][ T7535]  slab_reclaimable:10420 slab_unreclaimable:101073
[  147.164674][ T7535]  mapped:32441 shmem:1367 pagetables:987
[  147.164674][ T7535]  sec_pagetables:0 bounce:0
[  147.164674][ T7535]  kernel_misc_reclaimable:0
[  147.164674][ T7535]  free:1343763 free_pcp:505 free_cma:0
[  147.268161][ T7535] Node 0 active_anon:21264kB inactive_anon:0kB active_file:5452kB inactive_file:159180kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:129764kB dirty:532kB writeback:0kB shmem:3932kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11356kB pagetables:3848kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  147.320586][ T7535] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  147.373082][ T7535] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  147.378498][ T7546] vxcan1 speed is unknown, defaulting to 1000
[  147.441500][ T7535] lowmem_reserve[]: 0 2503 2504 2504 2504
[  147.460046][ T7535] Node 0 DMA32 free:1447520kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB active_anon:22156kB inactive_anon:0kB active_file:5452kB inactive_file:159080kB unevictable:1536kB writepending:532kB present:3129332kB managed:2564056kB mlocked:0kB bounce:0kB free_pcp:2492kB local_pcp:1672kB free_cma:0kB
[  147.511195][ T7535] lowmem_reserve[]: 0 0 0 0 0
[  147.527766][ T7535] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:100kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  147.568031][ T7535] lowmem_reserve[]: 0 0 0 0 0
[  147.587747][ T7535] Node 1 Normal free:3909916kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  147.622117][ T7535] lowmem_reserve[]: 0 0 0 0 0
[  147.630795][ T7535] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  147.652094][ T7535] Node 0 DMA32: 1*4kB (E) 2*8kB (UE) 1*16kB (M) 128*32kB (UM) 233*64kB (UM) 92*128kB (UME) 54*256kB (UM) 53*512kB (UME) 29*1024kB (UM) 12*2048kB (UE) 322*4096kB (UM) = 1444964kB
[  147.674590][ T7535] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  147.693116][ T7535] Node 1 Normal: 221*4kB (UE) 57*8kB (UME) 46*16kB (UME) 212*32kB (UME) 108*64kB (UME) 29*128kB (UME) 11*256kB (UME) 11*512kB (UME) 7*1024kB (UME) 4*2048kB (UE) 944*4096kB (M) = 3909916kB
[  147.716370][ T7535] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  147.743844][ T7535] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  147.759444][ T7535] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  147.770299][ T7535] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  147.783095][ T7535] 43746 total pagecache pages
[  147.801912][ T7535] 0 pages in swap cache
[  147.815255][ T7535] Free swap  = 124996kB
[  147.840193][ T7535] Total swap = 124996kB
[  147.844422][ T7535] 2097051 pages RAM
[  147.857289][ T7535] 0 pages HighMem/MovableOnly
[  147.864494][ T7535] 424379 pages reserved
[  147.877370][ T7535] 0 pages cma reserved
[  148.068748][ T7560] bond3: entered allmulticast mode
[  148.105829][ T7560] 8021q: adding VLAN 0 to HW filter on device bond3
[  148.120438][ T7561] bond3: option mode: unable to set because the bond device is up
[  148.214693][ T7567] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  148.250084][ T7570] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-xor(2)
[  148.590381][ T7578] vxcan3: entered allmulticast mode
[  148.934942][   T30] audit: type=1800 audit(1747001038.174:5): pid=7566 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.402" name="memory.events" dev="tmpfs" ino=433 res=0 errno=0
[  149.135327][ T7583] __nla_validate_parse: 8 callbacks suppressed
[  149.135348][ T7583] netlink: 16 bytes leftover after parsing attributes in process `syz.0.411'.
[  149.155839][ T7583] netlink: 64 bytes leftover after parsing attributes in process `syz.0.411'.
[  149.172492][ T7583] tipc: Invalid UDP bearer configuration
[  149.172556][ T7583] tipc: Enabling of bearer <udp:sy{±> rejected, failed to enable media
[  149.586851][ T7616] netlink: 28 bytes leftover after parsing attributes in process `syz.3.417'.
[  150.715143][ T7641] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  150.911181][ T7649] netlink: 8 bytes leftover after parsing attributes in process `syz.0.421'.
[  151.103255][ T7641] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  151.159494][ T7652] bridge: RTM_NEWNEIGH with unconfigured vlan 4 on bridge0
[  151.465720][ T7670] netlink: 16 bytes leftover after parsing attributes in process `syz.0.428'.
[  151.793286][ T7684] netlink: 8 bytes leftover after parsing attributes in process `syz.0.432'.
[  151.946757][ T7689] bridge: RTM_NEWNEIGH with unconfigured vlan 4 on bridge0
[  152.277251][ T7707] x_tables: duplicate underflow at hook 1
[  152.409940][ T7712] netlink: 28 bytes leftover after parsing attributes in process `syz.3.441'.
[  152.497636][ T7712] netlink: 12 bytes leftover after parsing attributes in process `syz.3.441'.
[  152.545421][ T7722] netlink: 'syz.1.439': attribute type 1 has an invalid length.
[  153.542646][ T7762] vxcan1 speed is unknown, defaulting to 1000
[  153.779453][ T7782] netlink: 20 bytes leftover after parsing attributes in process `syz.4.459'.
[  154.343312][ T7796] !
: renamed from dummy0 (while UP)
[  154.721236][ T7806] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  154.728224][ T7806] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  154.809874][ T7806] netlink: 8 bytes leftover after parsing attributes in process `syz.2.465'.
[  154.816772][ T7809] netlink: 48 bytes leftover after parsing attributes in process `syz.3.466'.
[  156.661536][ T7867] netlink: 16 bytes leftover after parsing attributes in process `syz.1.482'.
[  156.708111][ T7867] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  156.758600][ T7869] netlink: 44 bytes leftover after parsing attributes in process `syz.0.483'.
[  156.855869][ T7867] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  156.910980][ T7882] netlink: 8 bytes leftover after parsing attributes in process `syz.0.486'.
[  156.930056][ T7883] netlink: 4 bytes leftover after parsing attributes in process `syz.2.484'.
[  158.504829][ T7879] tc_dump_action: action bad kind
[  158.690401][ T7902] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.713520][ T7904] RDS: rds_bind could not find a transport for fc00::1, load rds_tcp or rds_rdma?
[  158.828689][ T7902] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.866972][ T7912] netlink: 'syz.2.493': attribute type 4 has an invalid length.
[  158.918630][ T7902] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.954985][ T7921] netlink: 'syz.4.495': attribute type 4 has an invalid length.
[  158.992329][ T7902] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.175551][ T7936] netlink: 40 bytes leftover after parsing attributes in process `syz.4.499'.
[  159.220263][ T7902] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  159.290979][ T7902] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  159.324720][ T7938] netlink: 8 bytes leftover after parsing attributes in process `syz.2.500'.
[  159.356861][ T7902] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  159.399209][ T7902] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  160.094441][ T7972] netlink: 8 bytes leftover after parsing attributes in process `syz.3.510'.
[  160.135244][ T7973] netlink: 'syz.2.509': attribute type 10 has an invalid length.
[  160.321667][ T7979] sctp: [Deprecated]: syz.0.512 (pid 7979) Use of struct sctp_assoc_value in delayed_ack socket option.
[  160.321667][ T7979] Use struct sctp_sack_info instead
[  160.420881][ T7985] netlink: 52 bytes leftover after parsing attributes in process `syz.4.515'.
[  160.444398][ T7985] netlink: 4 bytes leftover after parsing attributes in process `syz.4.515'.
[  160.466559][ T7987] netlink: 16 bytes leftover after parsing attributes in process `syz.2.514'.
[  160.476059][ T7985] netlink: 5 bytes leftover after parsing attributes in process `syz.4.515'.
[  160.511692][ T7985] netlink: 4 bytes leftover after parsing attributes in process `syz.4.515'.
[  160.530583][ T7988] netlink: 12 bytes leftover after parsing attributes in process `syz.2.514'.
[  160.530600][ T7985] netlink: 5 bytes leftover after parsing attributes in process `syz.4.515'.
[  160.540230][ T7985] netlink: 13 bytes leftover after parsing attributes in process `syz.4.515'.
[  160.560250][ T7985] netlink: 5 bytes leftover after parsing attributes in process `syz.4.515'.
[  160.569680][ T7995] lo: entered allmulticast mode
[  160.936006][ T8016] netlink: 'syz.1.522': attribute type 12 has an invalid length.
[  161.258061][ T8025] block nbd0: shutting down sockets
[  161.504134][ T8041] vlan0: entered promiscuous mode
[  161.559590][ T8044] netlink: 'syz.0.533': attribute type 4 has an invalid length.
[  161.706894][ T8046] tipc: Started in network mode
[  161.713299][ T8046] tipc: Node identity ac14140f, cluster identity 4711
[  161.724409][ T8046] tipc: New replicast peer: 255.255.255.255
[  161.733631][ T8046] tipc: Enabled bearer <udp:syz2>, priority 10
[  161.800581][ T8050] vxcan1 speed is unknown, defaulting to 1000
[  162.187899][ T8069] netlink: 'syz.4.538': attribute type 1 has an invalid length.
[  162.287292][ T8074] x_tables: duplicate underflow at hook 1
[  162.340025][ T8069] 8021q: adding VLAN 0 to HW filter on device bond2
[  162.453271][ T8074] macsec1: entered promiscuous mode
[  162.477236][ T8074] macsec1: entered allmulticast mode
[  162.841944][ T8086] syzkaller0: entered promiscuous mode
[  162.846382][ T1207] tipc: Node number set to 2886997007
[  162.868084][ T8086] syzkaller0: entered allmulticast mode
[  162.924011][ T8097] IPv6: sit1: Disabled Multicast RS
[  164.561494][ T8050] tipc: can't start tipc receive workqueue
[  164.588934][ T8109] netlink: 'syz.2.549': attribute type 2 has an invalid length.
[  164.852917][ T8122] 8021q: adding VLAN 0 to HW filter on device bond0
[  164.869004][ T8122] 8021q: adding VLAN 0 to HW filter on device team0
[  164.901023][ T8122] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  165.071315][ T8133] A link change request failed with some changes committed already. Interface veth0_macvtap may have been left with an inconsistent configuration, please check.
[  165.257067][ T8140] __nla_validate_parse: 13 callbacks suppressed
[  165.257089][ T8140] netlink: 20 bytes leftover after parsing attributes in process `syz.3.555'.
[  165.291329][ T8133] sch_tbf: burst 1 is lower than device ip6tnl0 mtu (1452) !
[  165.599117][   T30] audit: type=1800 audit(1747001054.834:6): pid=8155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.560" name="memory.events" dev="tmpfs" ino=619 res=0 errno=0
[  165.654391][   T30] audit: type=1804 audit(1747001054.874:7): pid=8155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.560" name="memory.events" dev="tmpfs" ino=619 res=1 errno=0
[  165.784595][ T8155] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.890856][ T8164] netlink: 'syz.4.563': attribute type 29 has an invalid length.
[  165.945649][ T8155] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.131337][ T8155] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.225069][ T8155] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.404642][ T8155] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  166.597068][ T8155] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  166.616840][ T8191] netlink: 3 bytes leftover after parsing attributes in process `syz.4.570'.
[  166.637717][ T8191] 0ªX¹¦À: renamed from caif0
[  166.703764][ T8191] 0ªX¹¦À: entered allmulticast mode
[  166.709406][ T8191] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  166.766593][ T8155] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  166.821024][ T8155] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  166.951469][ T8206] netlink: 24 bytes leftover after parsing attributes in process `syz.3.572'.
[  167.100647][ T8215] netlink: 10 bytes leftover after parsing attributes in process `syz.0.575'.
[  167.315378][ T8223] netlink: 8 bytes leftover after parsing attributes in process `syz.2.579'.
[  167.484374][ T8230] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  168.012571][ T8258] netlink: 32 bytes leftover after parsing attributes in process `syz.2.590'.
[  168.044555][ T8258] netem: unknown loss type 13
[  168.082414][ T8258] netem: change failed
[  168.129525][ T8263] sctp: [Deprecated]: syz.3.591 (pid 8263) Use of struct sctp_assoc_value in delayed_ack socket option.
[  168.129525][ T8263] Use struct sctp_sack_info instead
[  168.223316][ T8271] vxcan1 speed is unknown, defaulting to 1000
[  169.393201][ T8324] FAULT_INJECTION: forcing a failure.
[  169.393201][ T8324] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  169.423726][ T8295] netlink: 'syz.4.594': attribute type 9 has an invalid length.
[  169.441091][ T8324] CPU: 1 UID: 0 PID: 8324 Comm: syz.2.601 Not tainted 6.15.0-rc5-syzkaller-01021-g0b28182c73a3 #0 PREEMPT(full) 
[  169.441121][ T8324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  169.441133][ T8324] Call Trace:
[  169.441141][ T8324]  <TASK>
[  169.441150][ T8324]  dump_stack_lvl+0x189/0x250
[  169.441182][ T8324]  ? __lock_acquire+0xaac/0xd20
[  169.441214][ T8324]  ? __pfx_dump_stack_lvl+0x10/0x10
[  169.441242][ T8324]  ? __pfx__printk+0x10/0x10
[  169.441262][ T8324]  ? __might_fault+0xb0/0x130
[  169.441299][ T8324]  should_fail_ex+0x414/0x560
[  169.441325][ T8324]  _copy_from_user+0x2d/0xb0
[  169.441354][ T8324]  ___sys_sendmsg+0x158/0x2a0
[  169.441385][ T8324]  ? __pfx____sys_sendmsg+0x10/0x10
[  169.441451][ T8324]  ? __fget_files+0x2a/0x420
[  169.441476][ T8324]  ? __fget_files+0x3a0/0x420
[  169.441512][ T8324]  __x64_sys_sendmsg+0x19b/0x260
[  169.441543][ T8324]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  169.441589][ T8324]  ? do_syscall_64+0xba/0x210
[  169.441614][ T8324]  do_syscall_64+0xf6/0x210
[  169.441634][ T8324]  ? clear_bhb_loop+0x45/0xa0
[  169.441658][ T8324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.441677][ T8324] RIP: 0033:0x7fb07cb8e969
[  169.441694][ T8324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.441710][ T8324] RSP: 002b:00007fb07d9fb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  169.441731][ T8324] RAX: ffffffffffffffda RBX: 00007fb07cdb5fa0 RCX: 00007fb07cb8e969
[  169.441745][ T8324] RDX: 0000000000000010 RSI: 0000200000000200 RDI: 0000000000000003
[  169.441757][ T8324] RBP: 00007fb07d9fb090 R08: 0000000000000000 R09: 0000000000000000
[  169.441769][ T8324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.441780][ T8324] R13: 0000000000000000 R14: 00007fb07cdb5fa0 R15: 00007ffcf89d5d68
[  169.441811][ T8324]  </TASK>
[  169.442006][ T8295] netlink: 'syz.4.594': attribute type 6 has an invalid length.
[  169.447004][ T8318] vxcan1 speed is unknown, defaulting to 1000
[  170.066832][ T8339] netlink: 'syz.2.604': attribute type 7 has an invalid length.
[  170.159763][ T8339] : entered promiscuous mode
[  170.567089][ T8357] sch_fq: defrate 2048 ignored.
[  170.717824][ T8362] FAULT_INJECTION: forcing a failure.
[  170.717824][ T8362] name failslab, interval 1, probability 0, space 0, times 0
[  170.740823][ T8362] CPU: 1 UID: 0 PID: 8362 Comm: syz.0.613 Not tainted 6.15.0-rc5-syzkaller-01021-g0b28182c73a3 #0 PREEMPT(full) 
[  170.740852][ T8362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  170.740863][ T8362] Call Trace:
[  170.740870][ T8362]  <TASK>
[  170.740879][ T8362]  dump_stack_lvl+0x189/0x250
[  170.740916][ T8362]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.740945][ T8362]  ? __pfx__printk+0x10/0x10
[  170.740971][ T8362]  ? __pfx___might_resched+0x10/0x10
[  170.740995][ T8362]  should_fail_ex+0x414/0x560
[  170.741021][ T8362]  should_failslab+0xa8/0x100
[  170.741050][ T8362]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  170.741076][ T8362]  ? __alloc_skb+0x112/0x2d0
[  170.741106][ T8362]  __alloc_skb+0x112/0x2d0
[  170.741135][ T8362]  netlink_sendmsg+0x5c6/0xb30
[  170.741171][ T8362]  ? __pfx_netlink_sendmsg+0x10/0x10
[  170.741200][ T8362]  ? aa_sock_msg_perm+0x94/0x160
[  170.741224][ T8362]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  170.741247][ T8362]  ? __pfx_netlink_sendmsg+0x10/0x10
[  170.741272][ T8362]  __sock_sendmsg+0x219/0x270
[  170.741296][ T8362]  ____sys_sendmsg+0x505/0x830
[  170.741330][ T8362]  ? __pfx_____sys_sendmsg+0x10/0x10
[  170.741367][ T8362]  ? import_iovec+0x74/0xa0
[  170.741399][ T8362]  ___sys_sendmsg+0x21f/0x2a0
[  170.741430][ T8362]  ? __pfx____sys_sendmsg+0x10/0x10
[  170.741495][ T8362]  ? __fget_files+0x2a/0x420
[  170.741520][ T8362]  ? __fget_files+0x3a0/0x420
[  170.741557][ T8362]  __x64_sys_sendmsg+0x19b/0x260
[  170.741588][ T8362]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  170.741633][ T8362]  ? do_syscall_64+0xba/0x210
[  170.741658][ T8362]  do_syscall_64+0xf6/0x210
[  170.741679][ T8362]  ? clear_bhb_loop+0x45/0xa0
[  170.741703][ T8362]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.741738][ T8362] RIP: 0033:0x7f48b678e969
[  170.741756][ T8362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.741772][ T8362] RSP: 002b:00007f48b760b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  170.741793][ T8362] RAX: ffffffffffffffda RBX: 00007f48b69b5fa0 RCX: 00007f48b678e969
[  170.741807][ T8362] RDX: 0000000000000010 RSI: 0000200000000200 RDI: 0000000000000003
[  170.741837][ T8362] RBP: 00007f48b760b090 R08: 0000000000000000 R09: 0000000000000000
[  170.741848][ T8362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.741859][ T8362] R13: 0000000000000000 R14: 00007f48b69b5fa0 R15: 00007fff5193c768
[  170.741890][ T8362]  </TASK>
[  172.058430][ T5839] Bluetooth: hci4: command tx timeout
[  172.391155][ T8429] netlink: 8 bytes leftover after parsing attributes in process `syz.2.627'.
[  172.586697][ T8435] netlink: 16 bytes leftover after parsing attributes in process `syz.4.628'.
[  172.643023][ T8437] netlink: 4 bytes leftover after parsing attributes in process `syz.4.628'.
[  172.881346][ T8432] netlink: 4 bytes leftover after parsing attributes in process `syz.4.628'.
[  173.727240][ T8460] netlink: 36 bytes leftover after parsing attributes in process `syz.1.633'.
[  173.795284][ T8462] netlink: 3 bytes leftover after parsing attributes in process `syz.4.635'.
[  173.830381][ T8462] netlink: 4 bytes leftover after parsing attributes in process `syz.4.635'.
[  173.854605][ T8462] netlink: 3 bytes leftover after parsing attributes in process `syz.4.635'.
[  173.892943][ T8462] netlink: 4 bytes leftover after parsing attributes in process `syz.4.635'.
[  173.908718][ T8462] netlink: 3 bytes leftover after parsing attributes in process `syz.4.635'.
[  173.971570][ T8465] netlink: 'syz.2.636': attribute type 2 has an invalid length.
[  173.994507][ T8465] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[  174.287390][ T8477] vlan0: entered allmulticast mode
[  174.303799][ T8477] veth0_vlan: entered allmulticast mode
[  174.737401][ T8494] xt_CT: You must specify a L4 protocol and not use inversions on it
[  175.015152][ T8507] smc: removing ib device syz2
[  175.051740][ T8513] netlink: 'syz.4.646': attribute type 28 has an invalid length.
[  175.070440][ T8513] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  176.802846][ T8586] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  176.832554][ T8582] Bluetooth: MGMT ver 1.23
[  176.965747][ T8582] Driver unsupported XDP return value 0 on prog  (id 496) dev N/A, expect packet loss!
[  177.802877][ T8614] netlink: 'syz.0.668': attribute type 10 has an invalid length.
[  177.870303][ T8614] 8021q: adding VLAN 0 to HW filter on device team0
[  177.902713][ T8614] bond0: (slave team0): Enslaving as an active interface with an up link
[  178.102585][ T8627] xfrm1: entered promiscuous mode
[  178.108068][ T8627] xfrm1: entered allmulticast mode
[  178.284187][ T8640] __nla_validate_parse: 4 callbacks suppressed
[  178.284208][ T8640] netlink: 6 bytes leftover after parsing attributes in process `syz.3.676'.
[  178.328658][ T8640] netlink: 'syz.3.676': attribute type 10 has an invalid length.
[  178.352467][ T8640] netlink: 40 bytes leftover after parsing attributes in process `syz.3.676'.
[  178.378299][ T8640] veth0_vlan: entered allmulticast mode
[  178.398043][ T8640] bridge0: port 3(veth0_vlan) entered blocking state
[  178.421254][ T8640] bridge0: port 3(veth0_vlan) entered disabled state
[  178.487304][ T8640] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  178.576148][ T8648] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  178.794412][ T8652] netlink: 12 bytes leftover after parsing attributes in process `syz.3.680'.
[  178.828505][ T8652] netlink: 'syz.3.680': attribute type 4 has an invalid length.
[  178.961947][ T8662] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  179.037081][ T8665] netlink: 8 bytes leftover after parsing attributes in process `syz.2.684'.
[  179.113670][ T8665] (unnamed net_device) (uninitialized): option lacp_active: invalid value (5)
[  179.162189][ T8669] netlink: 'syz.4.685': attribute type 2 has an invalid length.
[  179.334960][ T8674] netlink: 8 bytes leftover after parsing attributes in process `syz.3.688'.
[  179.345629][ T8675] FAULT_INJECTION: forcing a failure.
[  179.345629][ T8675] name failslab, interval 1, probability 0, space 0, times 0
[  179.377804][ T8677] netlink: 'syz.4.689': attribute type 1 has an invalid length.
[  179.385847][ T8675] CPU: 0 UID: 0 PID: 8675 Comm: syz.2.687 Not tainted 6.15.0-rc5-syzkaller-01021-g0b28182c73a3 #0 PREEMPT(full) 
[  179.385874][ T8675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  179.385886][ T8675] Call Trace:
[  179.385894][ T8675]  <TASK>
[  179.385902][ T8675]  dump_stack_lvl+0x189/0x250
[  179.385939][ T8675]  ? __pfx_dump_stack_lvl+0x10/0x10
[  179.385968][ T8675]  ? __pfx__printk+0x10/0x10
[  179.386003][ T8675]  should_fail_ex+0x414/0x560
[  179.386029][ T8675]  should_failslab+0xa8/0x100
[  179.386058][ T8675]  kmem_cache_alloc_noprof+0x73/0x3c0
[  179.386082][ T8675]  ? skb_clone+0x212/0x3a0
[  179.386116][ T8675]  skb_clone+0x212/0x3a0
[  179.386154][ T8675]  __netlink_deliver_tap+0x404/0x850
[  179.386196][ T8675]  ? netlink_deliver_tap+0x2e/0x1b0
[  179.386222][ T8675]  netlink_deliver_tap+0x19c/0x1b0
[  179.386247][ T8675]  netlink_dump+0x929/0xe70
[  179.386282][ T8675]  ? __pfx_netlink_dump+0x10/0x10
[  179.386324][ T8675]  ? netlink_lookup+0x30/0x200
[  179.386345][ T8675]  ? netlink_lookup+0x30/0x200
[  179.386365][ T8675]  ? netlink_lookup+0x30/0x200
[  179.386393][ T8675]  __netlink_dump_start+0x5cb/0x7e0
[  179.386424][ T8675]  ip_set_dump+0x13e/0x1c0
[  179.386442][ T8675]  ? __pfx_ip_set_dump+0x10/0x10
[  179.386474][ T8675]  ? __pfx_ip_set_dump_start+0x10/0x10
[  179.386491][ T8675]  ? __pfx_ip_set_dump_do+0x10/0x10
[  179.386507][ T8675]  ? __pfx_ip_set_dump_done+0x10/0x10
[  179.386543][ T8675]  nfnetlink_rcv_msg+0xb4a/0x1130
[  179.386560][ T8675]  ? unwind_get_return_address+0x4d/0x90
[  179.386585][ T8675]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  179.386605][ T8675]  ? nfnetlink_rcv_msg+0x20d/0x1130
[  179.386644][ T8675]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  179.386660][ T8675]  ? stack_depot_save_flags+0x40/0x910
[  179.386738][ T8675]  netlink_rcv_skb+0x219/0x490
[  179.386763][ T8675]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  179.386784][ T8675]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  179.386805][ T8675]  ? kasan_quarantine_put+0xdd/0x220
[  179.386842][ T8675]  ? apparmor_capable+0x137/0x1b0
[  179.386872][ T8675]  ? bpf_lsm_capable+0x9/0x20
[  179.386900][ T8675]  ? security_capable+0x7e/0x2e0
[  179.386930][ T8675]  nfnetlink_rcv+0x273/0x2530
[  179.386965][ T8675]  ? __dev_queue_xmit+0x27e/0x3a70
[  179.386995][ T8675]  ? __dev_queue_xmit+0x27e/0x3a70
[  179.387023][ T8675]  ? __dev_queue_xmit+0x27e/0x3a70
[  179.387053][ T8675]  ? __dev_queue_xmit+0x1cd7/0x3a70
[  179.387094][ T8675]  ? __dev_queue_xmit+0x27e/0x3a70
[  179.387124][ T8675]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.387148][ T8675]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  179.387193][ T8675]  ? __pfx___dev_queue_xmit+0x10/0x10
[  179.387239][ T8675]  ? ref_tracker_free+0x63a/0x7d0
[  179.387259][ T8675]  ? __copy_skb_header+0xa7/0x550
[  179.387289][ T8675]  ? __pfx_ref_tracker_free+0x10/0x10
[  179.387310][ T8675]  ? __skb_clone+0x63/0x7a0
[  179.387343][ T8675]  ? __skb_clone+0x483/0x7a0
[  179.387380][ T8675]  ? skb_clone+0x246/0x3a0
[  179.387412][ T8675]  ? __netlink_deliver_tap+0x807/0x850
[  179.387436][ T8675]  ? netlink_deliver_tap+0x2e/0x1b0
[  179.387467][ T8675]  ? netlink_deliver_tap+0x2e/0x1b0
[  179.387490][ T8675]  ? netlink_deliver_tap+0x2e/0x1b0
[  179.387521][ T8675]  netlink_unicast+0x758/0x8d0
[  179.387556][ T8675]  netlink_sendmsg+0x805/0xb30
[  179.387592][ T8675]  ? __pfx_netlink_sendmsg+0x10/0x10
[  179.387621][ T8675]  ? aa_sock_msg_perm+0x94/0x160
[  179.387645][ T8675]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  179.387666][ T8675]  ? __pfx_netlink_sendmsg+0x10/0x10
[  179.387692][ T8675]  __sock_sendmsg+0x219/0x270
[  179.387716][ T8675]  ____sys_sendmsg+0x505/0x830
[  179.387751][ T8675]  ? __pfx_____sys_sendmsg+0x10/0x10
[  179.387790][ T8675]  ? import_iovec+0x74/0xa0
[  179.387822][ T8675]  ___sys_sendmsg+0x21f/0x2a0
[  179.387852][ T8675]  ? __pfx____sys_sendmsg+0x10/0x10
[  179.387923][ T8675]  ? __fget_files+0x2a/0x420
[  179.387948][ T8675]  ? __fget_files+0x3a0/0x420
[  179.387986][ T8675]  __x64_sys_sendmsg+0x19b/0x260
[  179.388017][ T8675]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  179.388065][ T8675]  ? do_syscall_64+0xba/0x210
[  179.388089][ T8675]  do_syscall_64+0xf6/0x210
[  179.388110][ T8675]  ? clear_bhb_loop+0x45/0xa0
[  179.388135][ T8675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.388154][ T8675] RIP: 0033:0x7fb07cb8e969
[  179.388173][ T8675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  179.388197][ T8675] RSP: 002b:00007fb07d9fb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  179.388218][ T8675] RAX: ffffffffffffffda RBX: 00007fb07cdb5fa0 RCX: 00007fb07cb8e969
[  179.388232][ T8675] RDX: 0000000000000010 RSI: 0000200000000200 RDI: 0000000000000003
[  179.388244][ T8675] RBP: 00007fb07d9fb090 R08: 0000000000000000 R09: 0000000000000000
[  179.388256][ T8675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  179.388267][ T8675] R13: 0000000000000000 R14: 00007fb07cdb5fa0 R15: 00007ffcf89d5d68
[  179.388300][ T8675]  </TASK>
[  180.050539][ T8677] 8021q: adding VLAN 0 to HW filter on device bond3
[  180.050655][ T8692] netlink: 8 bytes leftover after parsing attributes in process `syz.3.694'.
[  180.214163][ T8699] xt_ipcomp: unknown flags F7
[  180.526591][ T8710] pim6reg: left allmulticast mode
[  180.531814][ T8710] lo: left allmulticast mode
[  181.011008][ T8715] netlink: 48 bytes leftover after parsing attributes in process `syz.4.699'.
[  181.232264][ T8718] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[  182.177156][ T8727] FAULT_INJECTION: forcing a failure.
[  182.177156][ T8727] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  182.197714][ T8727] CPU: 1 UID: 0 PID: 8727 Comm: syz.1.704 Not tainted 6.15.0-rc5-syzkaller-01021-g0b28182c73a3 #0 PREEMPT(full) 
[  182.197744][ T8727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  182.197756][ T8727] Call Trace:
[  182.197764][ T8727]  <TASK>
[  182.197773][ T8727]  dump_stack_lvl+0x189/0x250
[  182.197811][ T8727]  ? __pfx_dump_stack_lvl+0x10/0x10
[  182.197839][ T8727]  ? __pfx__printk+0x10/0x10
[  182.197872][ T8727]  should_fail_ex+0x414/0x560
[  182.197898][ T8727]  _copy_to_user+0x31/0xb0
[  182.197929][ T8727]  simple_read_from_buffer+0xe1/0x170
[  182.197966][ T8727]  proc_fail_nth_read+0x1df/0x250
[  182.197998][ T8727]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  182.198030][ T8727]  ? rw_verify_area+0x258/0x650
[  182.198050][ T8727]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  182.198080][ T8727]  vfs_read+0x1fd/0x980
[  182.198107][ T8727]  ? __pfx___mutex_lock+0x10/0x10
[  182.198128][ T8727]  ? __pfx_vfs_read+0x10/0x10
[  182.198151][ T8727]  ? __fget_files+0x2a/0x420
[  182.198182][ T8727]  ? __fget_files+0x3a0/0x420
[  182.198206][ T8727]  ? __fget_files+0x2a/0x420
[  182.198241][ T8727]  ksys_read+0x145/0x250
[  182.198261][ T8727]  ? rcu_is_watching+0x15/0xb0
[  182.198293][ T8727]  ? __pfx_ksys_read+0x10/0x10
[  182.198319][ T8727]  ? do_syscall_64+0xba/0x210
[  182.198343][ T8727]  do_syscall_64+0xf6/0x210
[  182.198364][ T8727]  ? clear_bhb_loop+0x45/0xa0
[  182.198388][ T8727]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.198407][ T8727] RIP: 0033:0x7f00e6b8d37c
[  182.198425][ T8727] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  182.198441][ T8727] RSP: 002b:00007f00e79e4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  182.198461][ T8727] RAX: ffffffffffffffda RBX: 00007f00e6db5fa0 RCX: 00007f00e6b8d37c
[  182.198474][ T8727] RDX: 000000000000000f RSI: 00007f00e79e40a0 RDI: 0000000000000004
[  182.198485][ T8727] RBP: 00007f00e79e4090 R08: 0000000000000000 R09: 0000000000000000
[  182.198497][ T8727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.198507][ T8727] R13: 0000000000000000 R14: 00007f00e6db5fa0 R15: 00007ffd132a6bb8
[  182.198535][ T8727]  </TASK>
[  183.562746][ T8777] batadv0: entered allmulticast mode
[  183.604650][ T8777] 8021q: adding VLAN 0 to HW filter on device batadv0
[  183.894710][ T8797] netlink: 56 bytes leftover after parsing attributes in process `syz.3.725'.
[  184.123002][ T8801] netlink: 8 bytes leftover after parsing attributes in process `syz.1.726'.
[  184.154626][ T8801] netlink: 12 bytes leftover after parsing attributes in process `syz.1.726'.
[  184.335600][ T8813] netlink: 48 bytes leftover after parsing attributes in process `syz.0.729'.
[  184.380882][ T8813] netlink: 8 bytes leftover after parsing attributes in process `syz.0.729'.
[  184.866555][ T8835] netlink: 8 bytes leftover after parsing attributes in process `syz.1.736'.
[  184.934090][ T8843] netlink: 16 bytes leftover after parsing attributes in process `syz.0.740'.
[  184.959303][ T8845] netlink: 8 bytes leftover after parsing attributes in process `syz.3.739'.
[  185.669514][ T8861] 0ªX¹¦À: left allmulticast mode
[  185.683531][ T8861] bond1: left allmulticast mode
[  185.920160][ T8877] netlink: 36 bytes leftover after parsing attributes in process `syz.0.750'.
[  185.959206][ T8877] netlink: 196 bytes leftover after parsing attributes in process `syz.0.750'.
[  185.982373][ T8877] vlan0: entered promiscuous mode
[  185.992639][ T8877] vlan0: left allmulticast mode
[  186.003324][ T8877] veth0_vlan: left allmulticast mode
[  186.447583][ T8899] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5
[  187.186860][ T8951] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  187.217392][ T8951] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[  187.354660][ T8940] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.362356][ T8940] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.402497][ T8940] batman_adv: batadv0: Interface deactivated: 
0!

[  187.781272][ T8940] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  187.827673][ T8940] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  188.157966][ T8940] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  188.172376][ T8940] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  188.181686][ T8940] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  188.195898][ T8940] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  188.291286][ T8940] ip6erspan0: left promiscuous mode
[  188.305575][ T8940] macsec1: left promiscuous mode
[  189.087266][ T8994] __nla_validate_parse: 7 callbacks suppressed
[  189.087285][ T8994] netlink: 20 bytes leftover after parsing attributes in process `syz.2.771'.
[  189.630060][ T9009] netlink: 4 bytes leftover after parsing attributes in process `syz.4.773'.
[  189.640786][ T9009] netlink: 4 bytes leftover after parsing attributes in process `syz.4.773'.
[  189.655977][ T9009] bridge0: port 3(syz_tun) entered blocking state
[  189.662653][ T9009] bridge0: port 3(syz_tun) entered disabled state
[  189.674043][ T9009] syz_tun: entered allmulticast mode
[  189.717027][ T9009] syz_tun: entered promiscuous mode
[  189.857733][ T9014] netlink: 'syz.2.774': attribute type 1 has an invalid length.
[  190.049031][ T9014] bond3: entered promiscuous mode
[  190.061897][ T9014] 8021q: adding VLAN 0 to HW filter on device bond3
[  190.213723][ T9025] xt_socket: unknown flags 0x8
[  190.372630][ T9029] netlink: 8 bytes leftover after parsing attributes in process `syz.1.778'.
[  190.398064][ T9029] netlink: 36 bytes leftover after parsing attributes in process `syz.1.778'.
[  190.672174][ T9048] netlink: 'syz.0.784': attribute type 9 has an invalid length.
[  190.690870][ T9048] netlink: 211988 bytes leftover after parsing attributes in process `syz.0.784'.
[  190.742530][ T9048] netlink: 'syz.0.784': attribute type 1 has an invalid length.
[  190.775930][ T9052] netlink: 8 bytes leftover after parsing attributes in process `syz.1.786'.
[  190.804337][ T9048] netlink: 'syz.0.784': attribute type 9 has an invalid length.
[  190.900986][ T9063] netlink: 'syz.1.786': attribute type 10 has an invalid length.
[  191.102766][ T9063] syz_tun: entered promiscuous mode
[  191.128271][ T9077] netlink: 'syz.0.790': attribute type 2 has an invalid length.
[  191.143079][ T9063] syz_tun: entered allmulticast mode
[  191.144004][ T9077] netlink: 164 bytes leftover after parsing attributes in process `syz.0.790'.
[  191.168761][ T9063] team0: Port device syz_tun added
[  191.191293][ T8925] bridge0: port 1(team0) entered blocking state
[  191.198639][ T8925] bridge0: port 1(team0) entered forwarding state
[  191.360777][ T9088] syz_tun: entered allmulticast mode
[  191.373470][ T9087] netlink: 12 bytes leftover after parsing attributes in process `syz.1.793'.
[  191.399139][ T9083] dvmrp8: entered allmulticast mode
[  191.449258][ T9087] 8021q: adding VLAN 0 to HW filter on device bond1
[  191.460970][ T9087] netlink: 'syz.1.793': attribute type 10 has an invalid length.
[  191.461053][ T9082] syz_tun: left allmulticast mode
[  191.476496][ T9087] netlink: 40 bytes leftover after parsing attributes in process `syz.1.793'.
[  191.509503][ T9082] dvmrp8: left allmulticast mode
[  191.597665][ T9087] veth0_vlan: entered allmulticast mode
[  191.619823][ T9087] bridge0: port 2(veth0_vlan) entered blocking state
[  191.638874][ T9087] bridge0: port 2(veth0_vlan) entered disabled state
[  191.653515][ T9087] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  191.847600][ T9102] netlink: 'syz.4.797': attribute type 4 has an invalid length.
[  191.945627][ T9111] netlink: 'syz.1.800': attribute type 1 has an invalid length.
[  192.293020][ T9111] 8021q: adding VLAN 0 to HW filter on device bond3
[  192.308969][ T9111] bond2: (slave bond3): making interface the new active one
[  192.327407][ T9111] bond2: (slave bond3): Enslaving as an active interface with an up link
[  192.429020][ T5888] IPVS: starting estimator thread 0...
[  192.536318][ T9130] IPVS: using max 28 ests per chain, 67200 per kthread
[  192.678776][ T9138] erspan0: left allmulticast mode
[  192.802935][ T9138] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.810750][ T9138] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.984304][ T9151] netlink: 'syz.1.808': attribute type 39 has an invalid length.
[  193.304382][ T9138] veth0_vlan: left allmulticast mode
[  193.380634][ T9138] vlan0: left promiscuous mode
[  193.486230][ T9138] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  193.511826][ T9138] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  193.521717][ T9138] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  193.533426][ T9138] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  193.574049][ T9138] veth1: left promiscuous mode
[  193.591925][ T9138] xfrm1: left promiscuous mode
[  193.599717][ T9138] xfrm1: left allmulticast mode
[  193.608986][ T9138] batadv0: left allmulticast mode
[  194.157425][ T9175] bond0: entered promiscuous mode
[  194.181947][ T9175] bond_slave_0: entered promiscuous mode
[  194.215244][ T9175] bond_slave_1: entered promiscuous mode
[  194.241911][ T9175] bond0: left promiscuous mode
[  194.280723][ T9175] bond_slave_0: left promiscuous mode
[  194.287493][ T9175] bond_slave_1: left promiscuous mode
[  194.330753][ T9178] __nla_validate_parse: 4 callbacks suppressed
[  194.330772][ T9178] netlink: 4 bytes leftover after parsing attributes in process `syz.2.815'.
[  194.372570][ T9184] macvtap1: entered promiscuous mode
[  194.373345][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  194.390939][ T9184] vlan0: entered promiscuous mode
[  194.397040][ T9184] macvtap1: entered allmulticast mode
[  194.411488][ T9184] vlan0: entered allmulticast mode
[  194.417703][ T9184] veth0_vlan: entered allmulticast mode
[  194.449857][ T9184] vlan0: left allmulticast mode
[  194.455181][ T9184] veth0_vlan: left allmulticast mode
[  194.467894][ T9184] vlan0: left promiscuous mode
[  194.736494][ T9213] netlink: 4 bytes leftover after parsing attributes in process `syz.1.826'.
[  194.908273][ T9208] 8021q: adding VLAN 0 to HW filter on device bond0
[  194.939047][ T9208] 8021q: adding VLAN 0 to HW filter on device team0
[  194.953049][ T9208] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  194.958957][ T9224] openvswitch: netlink: Missing key (keys=40, expected=100)
[  195.454162][ T9225] netlink: 388 bytes leftover after parsing attributes in process `syz.0.828'.
[  195.508221][ T9230] netlink: 180 bytes leftover after parsing attributes in process `syz.0.828'.
[  195.619348][ T9225] validate_nla: 2 callbacks suppressed
[  195.619368][ T9225] netlink: 'syz.0.828': attribute type 1 has an invalid length.
[  195.705154][ T9232] bridge0: port 2(macsec1) entered blocking state
[  195.717942][ T9232] bridge0: port 2(macsec1) entered disabled state
[  195.724657][ T9232] macsec1: entered allmulticast mode
[  195.733415][ T9225] netlink: 244 bytes leftover after parsing attributes in process `syz.0.828'.
[  195.744328][ T9232] bridge1: entered allmulticast mode
[  195.757854][ T9232] macsec1: entered promiscuous mode
[  195.763287][ T9232] bridge1: entered promiscuous mode
[  195.766500][ T9243] netlink: 12 bytes leftover after parsing attributes in process `syz.4.833'.
[  195.773727][ T9232] bridge0: port 2(macsec1) entered blocking state
[  195.785134][ T9232] bridge0: port 2(macsec1) entered forwarding state
[  196.002476][ T9248] netlink: 8 bytes leftover after parsing attributes in process `syz.1.836'.
[  196.013475][ T9249] netlink: 4 bytes leftover after parsing attributes in process `syz.4.835'.
[  196.034145][ T9249] batman_adv: batadv0: Removing interface: batadv_slave_0
[  196.058639][ T9249] batman_adv: batadv0: Removing interface: batadv_slave_1
[  196.254539][ T9259] syzkaller0: entered allmulticast mode
[  196.322036][ T9262] x_tables: duplicate underflow at hook 1
[  196.328656][ T9259] syzkaller0: entered promiscuous mode
[  196.334355][ T9259] syzkaller0: left allmulticast mode
[  196.336421][ T9262] netlink: 8 bytes leftover after parsing attributes in process `syz.3.838'.
[  196.376438][ T9262] netlink: 24 bytes leftover after parsing attributes in process `syz.3.838'.
[  196.746426][ T9271] ip_vti0: entered promiscuous mode
[  197.034595][ T9285] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  197.048249][ T9285] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.059835][ T9285] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.072987][ T9285] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  197.094965][ T9285] 8021q: VLANs not supported on nlmon0
[  197.264236][ T9296] netlink: 'syz.4.849': attribute type 1 has an invalid length.
[  197.906029][ T9325] nbd: socks must be embedded in a SOCK_ITEM attr
[  198.034721][ T9335] netlink: 'syz.2.862': attribute type 10 has an invalid length.
[  198.217159][ T9339] netlink: 'syz.4.863': attribute type 10 has an invalid length.
[  198.293526][ T9339] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  198.498878][ T9351] vlan2: entered promiscuous mode
[  198.512834][ T9351] bridge0: entered promiscuous mode
[  199.023708][ T9379] delete_channel: no stack
[  199.210819][ T9382] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input6
[  199.322948][ T9387] gre0: entered promiscuous mode
[  199.358901][ T9387] gre0: entered allmulticast mode
[  199.412937][ T9388] netlink: 'syz.0.875': attribute type 7 has an invalid length.
[  199.548691][ T9388] : entered promiscuous mode
[  199.900356][ T9402] __nla_validate_parse: 45 callbacks suppressed
[  199.900378][ T9402] netlink: 4 bytes leftover after parsing attributes in process `syz.0.880'.
[  199.918900][ T9402] netlink: 8 bytes leftover after parsing attributes in process `syz.0.880'.
[  199.935598][ T9402] netlink: 'syz.0.880': attribute type 1 has an invalid length.
[  199.944878][ T9403] netlink: 'syz.0.880': attribute type 1 has an invalid length.
[  200.500501][ T9422] x_tables: duplicate underflow at hook 2
[  200.587871][ T9429] syz_tun: entered promiscuous mode
[  200.977685][ T9443] tun0: tun_chr_ioctl cmd 1074025677
[  200.986922][ T9443] tun0: linktype set to 773
[  201.157776][ T9452] netlink: 68 bytes leftover after parsing attributes in process `syz.4.896'.
[  201.283987][ T9458] netlink: 'syz.1.897': attribute type 15 has an invalid length.
[  201.295711][ T9459] netlink: 64 bytes leftover after parsing attributes in process `syz.0.898'.
[  201.308134][ T9459] netlink: 8 bytes leftover after parsing attributes in process `syz.0.898'.
[  201.412505][ T9461] netlink: 84 bytes leftover after parsing attributes in process `syz.0.898'.
[  201.426508][ T9459] netlink: 64 bytes leftover after parsing attributes in process `syz.0.898'.
[  201.623593][ T9464] netlink: 'syz.3.899': attribute type 4 has an invalid length.
[  201.807851][ T9473] netlink: 80 bytes leftover after parsing attributes in process `syz.4.901'.
[  201.830753][ T9471] netlink: 'syz.3.899': attribute type 4 has an invalid length.
[  202.381431][ T9499] netlink: 24 bytes leftover after parsing attributes in process `syz.4.908'.
[  202.746707][ T9516] netlink: 4 bytes leftover after parsing attributes in process `syz.1.912'.
[  202.990850][ T9523] xt_hashlimit: size too large, truncated to 1048576
[  203.259583][ T9529] netlink: 'syz.0.916': attribute type 3 has an invalid length.
[  203.755233][ T9547] netlink: 'syz.2.922': attribute type 4 has an invalid length.
[  204.455911][ T9579] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.511895][ T9580] netlink: 'syz.1.932': attribute type 1 has an invalid length.
[  204.558963][ T9589] batadv_slave_0: entered promiscuous mode
[  204.583108][ T9579] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.691808][ T9579] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.840233][ T9579] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.864841][ T9610] netlink: 'syz.0.939': attribute type 1 has an invalid length.
[  204.932260][ T9610] 8021q: adding VLAN 0 to HW filter on device bond4
[  205.030067][ T9579] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  205.073482][ T9579] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  205.134919][ T9579] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  205.164424][ T9579] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  205.179019][ T9610] __nla_validate_parse: 4 callbacks suppressed
[  205.179039][ T9610] netlink: 4 bytes leftover after parsing attributes in process `syz.0.939'.
[  205.300393][ T9612] erspan0: entered allmulticast mode
[  205.516727][ T9628] netlink: 104 bytes leftover after parsing attributes in process `syz.3.942'.
[  205.565690][ T9638] netlink: 'syz.0.945': attribute type 6 has an invalid length.
[  205.565806][ T9620] syzkaller0: entered promiscuous mode
[  205.595915][ T9638] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.945'.
[  205.608156][ T9640] netlink: 56 bytes leftover after parsing attributes in process `syz.1.946'.
[  205.639257][ T9620] syzkaller0: entered allmulticast mode
[  206.349831][ T9671] netlink: 60 bytes leftover after parsing attributes in process `syz.0.953'.
[  207.713145][ T9658] netlink: 'syz.2.950': attribute type 5 has an invalid length.
[  207.730603][ T9665] tun0: tun_chr_ioctl cmd 1074025677
[  207.756746][ T9665] tun0: linktype set to 776
[  207.962661][ T9676] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 0
[  208.084249][ T9676] netlink: 8 bytes leftover after parsing attributes in process `syz.0.956'.
[  208.104243][ T9676] netlink: 12 bytes leftover after parsing attributes in process `syz.0.956'.
[  208.271761][ T9679] netlink: 132 bytes leftover after parsing attributes in process `syz.1.957'.
[  208.298361][ T9694] x_tables: duplicate underflow at hook 3
[  208.384271][ T9697] netlink: 'syz.0.961': attribute type 2 has an invalid length.
[  208.403236][ T9590] batadv_slave_0: left promiscuous mode
[  208.572219][ T9703] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input7
[  209.178898][ T9736] netlink: 28 bytes leftover after parsing attributes in process `syz.3.972'.
[  209.234218][ T9742] xt_CT: You must specify a L4 protocol and not use inversions on it
[  209.355399][ T9746] sctp: [Deprecated]: syz.0.975 (pid 9746) Use of struct sctp_assoc_value in delayed_ack socket option.
[  209.355399][ T9746] Use struct sctp_sack_info instead
[  209.518965][ T9753] netlink: 'syz.1.978': attribute type 8 has an invalid length.
[  209.555598][ T9756] netlink: 'syz.4.979': attribute type 1 has an invalid length.
[  209.595466][ T9760] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  209.662222][ T9756] 8021q: adding VLAN 0 to HW filter on device bond4
[  209.695635][ T9761] netlink: 28 bytes leftover after parsing attributes in process `syz.0.980'.
[  209.775566][ T9756] xt_CT: No such helper "snmp"
[  209.815013][ T9764] xt_CT: No such helper "snmp"
[  209.955547][ T9757] 8021q: adding VLAN 0 to HW filter on device bond4
[  209.999210][ T9757] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address
[  210.048045][ T9757] bond4: (slave vxcan3): Error -95 calling set_mac_address
[  210.217947][ T9757] syz.4.979 (9757) used greatest stack depth: 20096 bytes left
[  210.424196][ T9781] netlink: 156 bytes leftover after parsing attributes in process `syz.4.983'.
[  210.444101][ T9781] netlink: 'syz.4.983': attribute type 3 has an invalid length.
[  210.472121][ T9783] netlink: 8 bytes leftover after parsing attributes in process `syz.3.984'.
[  210.482719][ T9783] netlink: 16 bytes leftover after parsing attributes in process `syz.3.984'.
[  210.553955][ T9784] RDS: rds_bind could not find a transport for ::ffff:172.30.1.4, load rds_tcp or rds_rdma?
[  211.271345][ T9790] netlink: 240 bytes leftover after parsing attributes in process `syz.1.987'.
[  211.298851][ T9792] netlink: 48 bytes leftover after parsing attributes in process `syz.2.988'.
[  211.367990][ T9795] netlink: 44 bytes leftover after parsing attributes in process `syz.1.987'.
[  211.952817][ T9822] !
: renamed from dummy0 (while UP)
[  212.065697][ T9827] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  212.286983][ T9838] netlink: 4 bytes leftover after parsing attributes in process `syz.3.998'.
[  212.488944][ T9838] bridge_slave_1: left allmulticast mode
[  212.494676][ T9838] bridge_slave_1: left promiscuous mode
[  212.529522][ T9838] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.558913][ T9838] bridge_slave_0: left allmulticast mode
[  212.564628][ T9838] bridge_slave_0: left promiscuous mode
[  212.581644][ T9838] bridge0: port 1(bridge_slave_0) entered disabled state
[  213.883662][   T30] audit: type=1107 audit(1747001103.114:8): pid=9900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='1'
[  213.894370][ T9903] netlink: 'syz.1.1012': attribute type 13 has an invalid length.
[  213.921780][ T9903] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1012'.
[  213.947045][ T9903] (unnamed net_device) (uninitialized): option fail_over_mac: invalid value (6)
[  214.095376][ T9904] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1005'.
[  214.350181][ T9904] 8021q: adding VLAN 0 to HW filter on device bond5
[  214.823802][ T9929] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1018'.
[  214.966563][ T9929] netlink: 'syz.3.1018': attribute type 21 has an invalid length.
[  216.611721][ T9976] Bluetooth: MGMT ver 1.23
[  216.712607][ T9978] __nla_validate_parse: 4 callbacks suppressed
[  216.712627][ T9978] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1032'.
[  216.758155][ T9978] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1032'.
[  216.917876][ T9988] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1034'.
[  216.929485][ T5844] Bluetooth: hci3: command 0x0406 tx timeout
[  216.936714][ T5844] Bluetooth: hci1: command 0x0406 tx timeout
[  216.937330][ T5854] Bluetooth: hci2: command 0x0406 tx timeout
[  217.080276][ T9988] syzkaller0: entered promiscuous mode
[  217.085824][ T9988] syzkaller0: entered allmulticast mode
[  217.473636][T10009] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1039'.
[  217.604466][T10009] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1039'.
[  217.617765][T10007] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1038'.
[  217.648344][T10007] x_tables: ip_tables: osf match: only valid for protocol 6
[  218.002966][T10028] netlink: 'syz.4.1043': attribute type 1 has an invalid length.
[  218.078395][T10028] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1043'.
[  218.217375][T10036] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1046'.
[  218.227373][T10037] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1046'.
[  218.508008][T10048] netlink: 'syz.4.1048': attribute type 1 has an invalid length.
[  218.556010][T10048] bond5: entered promiscuous mode
[  218.562375][T10048] 8021q: adding VLAN 0 to HW filter on device bond5
[  218.862271][T10063] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1052'.
[  219.526426][T10078] macsec1: left allmulticast mode
[  219.531542][T10078] bridge1: left allmulticast mode
[  219.547282][T10078] macsec1: left promiscuous mode
[  219.560151][T10078] bridge1: left promiscuous mode
[  219.570208][T10078] bridge0: port 2(macsec1) entered disabled state
[  219.624928][T10078] team0: left allmulticast mode
[  219.649628][T10078] syz_tun: left allmulticast mode
[  219.655483][T10078] team0: left promiscuous mode
[  219.675485][T10078] syz_tun: left promiscuous mode
[  219.696204][T10078] bridge0: port 1(team0) entered disabled state
[  220.548323][T10094] infiniband syz0: set down
[  220.554109][T10094] infiniband syz0: added ipvlan0
[  220.641734][T10094] RDS/IB: syz0: added
[  220.645805][T10094] smc: adding ib device syz0 with port count 1
[  220.656439][T10094] smc:    ib device syz0 port 1 has pnetid 
[  221.100197][T10112] netlink: 'syz.1.1063': attribute type 15 has an invalid length.
[  221.115847][T10112] netlink: 'syz.1.1063': attribute type 3 has an invalid length.
[  221.841591][T10140] __nla_validate_parse: 3 callbacks suppressed
[  221.841609][T10140] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1070'.
[  223.153782][T10169] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1077'.
[  223.197004][T10169] 8021q: adding VLAN 0 to HW filter on device bond6
[  223.252888][T10173] bond6: (slave veth1): Enslaving as an active interface with an up link
[  223.553386][T10179] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.663037][T10189] netlink: 'syz.1.1083': attribute type 10 has an invalid length.
[  223.687731][T10190] netlink: 'syz.3.1084': attribute type 1 has an invalid length.
[  223.702488][T10190] netlink: 'syz.3.1084': attribute type 2 has an invalid length.
[  223.744931][T10192] netlink: 'syz.3.1084': attribute type 1 has an invalid length.
[  223.766265][T10192] netlink: 'syz.3.1084': attribute type 2 has an invalid length.
[  223.844880][T10189] bond0 (unregistering): Released all slaves
[  223.892596][T10179] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.001526][T10179] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.116104][T10201] xt_bpf: check failed: parse error
[  224.170773][T10201] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input8
[  224.227865][T10179] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.398454][T10179] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  224.442395][T10179] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  224.452690][T10206] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1087'.
[  224.475853][T10179] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  224.515124][T10179] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  224.721911][T10212] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1088'.
[  225.320926][T10225] netlink: 'syz.4.1093': attribute type 29 has an invalid length.
[  225.335686][T10224] netlink: 'syz.4.1093': attribute type 29 has an invalid length.
[  225.345028][T10225] netlink: 'syz.4.1093': attribute type 29 has an invalid length.
[  225.356449][T10227] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1094'.
[  225.644597][T10234] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1096'.
[  225.829914][T10237] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1097'.
[  226.196634][T10242] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1099'.
[  226.223432][T10242] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1099'.
[  226.323113][T10250] syz_tun: entered allmulticast mode
[  226.423365][T10250] dvmrp1: entered allmulticast mode
[  226.516737][T10250] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1101'.
[  226.631731][T10250] syz_tun (unregistering): left allmulticast mode
[  226.695370][T10250] team0: Port device syz_tun removed
[  227.037717][T10262] delete_channel: no stack
[  227.511375][T10280] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1108'.
[  227.537313][T10280] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1108'.
[  227.561453][T10284] sctp: [Deprecated]: syz.2.1109 (pid 10284) Use of int in max_burst socket option deprecated.
[  227.561453][T10284] Use struct sctp_assoc_value instead
[  227.665824][T10287] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1110'.
[  227.748001][T10292] validate_nla: 1 callbacks suppressed
[  227.748021][T10292] netlink: 'syz.4.1112': attribute type 23 has an invalid length.
[  227.819590][T10294] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1112'.
[  228.035940][T10301] ipip0: entered promiscuous mode
[  228.227862][T10306] netlink: 'syz.1.1114': attribute type 10 has an invalid length.
[  228.444825][T10311] 
@ÿ: renamed from veth0_vlan
[  228.558333][T10316] netlink: 'syz.1.1116': attribute type 4 has an invalid length.
[  228.987968][T10337] vxcan3: entered allmulticast mode
[  229.012403][T10341] netlink: 165 bytes leftover after parsing attributes in process `syz.1.1125'.
[  229.096494][T10352] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1126'.
[  229.358293][T10361] netlink: 'syz.0.1131': attribute type 13 has an invalid length.
[  229.401419][T10361] macvtap0: entered promiscuous mode
[  229.477942][T10361] macvtap0: refused to change device tx_queue_len
[  229.507840][T10365] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1132'.
[  229.508493][T10366] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1132'.
[  229.531194][T10364] bond0: option ad_select: unable to set because the bond device is up
[  229.654992][T10375] netlink: 'syz.3.1136': attribute type 41 has an invalid length.
[  229.779312][T10380] !
: entered promiscuous mode
[  229.787831][T10380] vlan3: entered promiscuous mode
[  229.898884][T10375] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1136'.
[  230.047690][T10387] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  230.080803][T10387] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1138'.
[  230.178721][T10393] sctp: [Deprecated]: syz.0.1140 (pid 10393) Use of int in maxseg socket option.
[  230.178721][T10393] Use struct sctp_assoc_value instead
[  230.583900][T10421] netlink: 'syz.2.1145': attribute type 309 has an invalid length.
[  230.601199][T10422] netlink: 'syz.2.1145': attribute type 16 has an invalid length.
[  230.649751][T10422] netlink: 'syz.2.1145': attribute type 17 has an invalid length.
[  231.084280][T10442] x_tables: duplicate underflow at hook 2
[  231.153729][T10448] netlink: 'syz.4.1154': attribute type 23 has an invalid length.
[  231.269367][T10452] 8021q: adding VLAN 0 to HW filter on device bond0
[  231.282033][T10452] 8021q: adding VLAN 0 to HW filter on device team0
[  231.319505][T10452] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  231.358974][ T8926] bond0: (slave bond_slave_0): link status definitely down, disabling slave
[  231.386457][ T8926] bond0: (slave bond_slave_1): link status definitely down, disabling slave
[  231.459152][T10467] netem: incorrect gi model size
[  231.474823][T10467] netem: change failed
[  231.910104][T10494] sctp: [Deprecated]: syz.2.1167 (pid 10494) Use of struct sctp_assoc_value in delayed_ack socket option.
[  231.910104][T10494] Use struct sctp_sack_info instead
[  232.770992][T10536] netlink: 'syz.4.1181': attribute type 1 has an invalid length.
[  232.942610][T10536] 8021q: adding VLAN 0 to HW filter on device bond7
[  233.064080][T10545] veth3: entered promiscuous mode
[  233.097459][T10536] erspan0: entered allmulticast mode
[  233.292499][T10565] __nla_validate_parse: 6 callbacks suppressed
[  233.292521][T10565] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1188'.
[  233.309266][T10571] ieee802154 phy1 wpan1: encryption failed: -22
[  233.318665][T10571] ieee802154 phy1 wpan1: encryption failed: -22
[  233.336484][T10565] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1188'.
[  233.555536][T10588] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1193'.
[  233.700131][T10594] xt_time: invalid argument - start or stop time greater than 23:59:59
[  233.736024][T10594] netlink: 'syz.1.1195': attribute type 16 has an invalid length.
[  233.765585][T10594] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.1195'.
[  234.374085][T10615] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1199'.
[  234.528696][T10626] netlink: 'syz.0.1200': attribute type 1 has an invalid length.
[  234.727221][T10626] bond5: entered promiscuous mode
[  234.735978][T10626] 8021q: adding VLAN 0 to HW filter on device bond5
[  234.809550][T10629] 8021q: adding VLAN 0 to HW filter on device bond5
[  234.818079][T10629] bond5: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  234.829602][T10629] bond5: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  234.844035][T10629] bond5: (slave ip6gre1): making interface the new active one
[  234.859945][T10629] ip6gre1: entered promiscuous mode
[  234.882982][T10629] bond5: (slave ip6gre1): Enslaving as an active interface with an up link
[  234.957375][T10628] syzkaller0: entered promiscuous mode
[  234.963168][T10628] syzkaller0: entered allmulticast mode
[  237.977972][T10688] netlink: 208 bytes leftover after parsing attributes in process `syz.0.1216'.
[  238.029471][T10685] (unnamed net_device) (uninitialized): peer notification delay (9) is not a multiple of miimon (100), value rounded to 0 ms
[  238.053071][T10685] (unnamed net_device) (uninitialized): option use_carrier: invalid value (5)
[  238.600200][ T5849] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  238.618333][ T5849] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  238.631545][T10709] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1222'.
[  238.651152][ T5849] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  238.662093][ T5849] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  238.670967][ T5849] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  238.924985][T10700] netlink: 264 bytes leftover after parsing attributes in process `syz.0.1220'.
[  238.966671][T10700] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1220'.
[  239.173985][T10721] netlink: 'syz.2.1226': attribute type 39 has an invalid length.
[  239.226374][T10723] netlink: 'syz.2.1226': attribute type 39 has an invalid length.
[  239.394117][T10727] macsec2: entered promiscuous mode
[  239.399614][T10727] veth0_to_bridge: entered promiscuous mode
[  239.405895][T10727] macsec2: entered allmulticast mode
[  239.415584][T10727] veth0_to_bridge: entered allmulticast mode
[  239.430307][T10727] veth0_to_bridge: left allmulticast mode
[  239.437781][T10727] veth0_to_bridge: left promiscuous mode
[  239.443773][T10729] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1229'.
[  239.651874][T10729] syz.4.1229 (10729) used greatest stack depth: 18168 bytes left
[  239.712687][T10735] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1230'.
[  239.737607][T10735] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1230'.
[  239.846952][T10739] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1232'.
[  239.856483][T10739] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1232'.
[  239.881324][T10738] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1231'.
[  239.965819][T10741] netlink: 'syz.4.1233': attribute type 4 has an invalid length.
[  240.087304][T10743] syzkaller1: entered promiscuous mode
[  240.092859][T10743] syzkaller1: entered allmulticast mode
[  240.220640][T10750] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1236'.
[  240.766974][ T5139] Bluetooth: hci0: command tx timeout
[  241.708877][T10779] block nbd0: not configured, cannot reconfigure
[  241.948513][T10787] ip6tnl1: entered promiscuous mode
[  241.953894][T10787] ip6tnl1: entered allmulticast mode
[  242.033411][T10786] tipc: Enabling of bearer <ib:pimreg> rejected, failed to enable media
[  242.107284][T10791] netlink: 'syz.2.1247': attribute type 16 has an invalid length.
[  242.129859][T10791] netlink: 'syz.2.1247': attribute type 17 has an invalid length.
[  242.592823][T10705] chnl_net:caif_netlink_parms(): no params data found
[  242.617439][T10825] raw_sendmsg: syz.2.1257 forgot to set AF_INET. Fix it!
[  242.834552][T10836] netlink: 'syz.2.1261': attribute type 8 has an invalid length.
[  242.849228][ T5139] Bluetooth: hci0: command tx timeout
[  243.098280][T10705] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.122230][T10705] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.136426][T10705] bridge_slave_0: entered allmulticast mode
[  243.152709][T10705] bridge_slave_0: entered promiscuous mode
[  243.200930][T10705] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.221576][T10705] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.240572][T10705] bridge_slave_1: entered allmulticast mode
[  243.261515][T10705] bridge_slave_1: entered promiscuous mode
[  243.342955][T10705] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  243.401746][T10866] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input9
[  243.433900][T10705] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  243.720161][T10705] team0: Port device team_slave_0 added
[  243.735910][T10705] team0: Port device team_slave_1 added
[  243.880969][T10705] batman_adv: batadv0: Adding interface: batadv_slave_0
[  243.901270][T10705] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.948427][T10705] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  244.105067][T10705] batman_adv: batadv0: Adding interface: batadv_slave_1
[  244.130263][T10705] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.248953][T10705] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  244.389590][T10705] hsr_slave_0: entered promiscuous mode
[  244.406709][T10705] hsr_slave_1: entered promiscuous mode
[  244.418757][T10705] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  244.436797][T10705] Cannot create hsr debugfs directory
[  244.522446][T10903] __nla_validate_parse: 5 callbacks suppressed
[  244.522467][T10903] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1279'.
[  244.935105][ T5139] Bluetooth: hci0: command tx timeout
[  245.001587][T10927] erspan0: left allmulticast mode
[  245.022038][T10930] netlink: 232 bytes leftover after parsing attributes in process `syz.2.1287'.
[  245.073826][T10927] bridge0: port 3(syz_tun) entered disabled state
[  245.129215][T10927] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  245.172548][T10930] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1287'.
[  245.231501][T10937] IPv6: NLM_F_REPLACE set, but no existing node found!
[  245.314895][T10937] : entered promiscuous mode
[  245.397466][T10705] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.411781][T10943] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1290'.
[  245.427424][T10943] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  245.464707][T10943] netlink: 232 bytes leftover after parsing attributes in process `syz.4.1290'.
[  245.514803][T10944] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1289'.
[  245.529166][T10705] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.614272][T10944] bridge3: entered promiscuous mode
[  245.637528][T10944] bridge3: entered allmulticast mode
[  245.657891][T10705] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.760885][T10705] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.170949][T10705] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  246.187276][T10705] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  246.205608][T10705] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  246.228123][T10705] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  246.392673][T10705] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.439870][T10705] 8021q: adding VLAN 0 to HW filter on device team0
[  246.461451][ T8924] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.468703][ T8924] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.491558][ T8924] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.498807][ T8924] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.694541][T10997] xt_TCPMSS: Only works on TCP SYN packets
[  246.730232][T10997] xt_connbytes: Forcing CT accounting to be enabled
[  246.749934][T10997] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  247.007115][ T5139] Bluetooth: hci0: command tx timeout
[  247.218951][T11026] sock: sock_set_timeout: `syz.0.1310' (pid 11026) tries to set negative timeout
[  247.222095][T10705] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.303938][T11029] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1309'.
[  247.327569][T11029] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1309'.
[  247.331559][T11026] tun0: tun_chr_ioctl cmd 1074025675
[  247.349480][T11026] tun0: persist enabled
[  247.364379][T10705] veth0_vlan: entered promiscuous mode
[  247.386093][T11026] tun0: tun_chr_ioctl cmd 1074025675
[  247.393912][T11026] tun0: persist disabled
[  247.494820][T10705] veth1_vlan: entered promiscuous mode
[  247.511276][T11037] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1314'.
[  247.641511][T10705] veth0_macvtap: entered promiscuous mode
[  247.672959][T10705] veth1_macvtap: entered promiscuous mode
[  247.707177][T10705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.724045][T10705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.738994][T10705] batman_adv: batadv0: Interface activated: batadv_slave_0
[  247.748534][T11050] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  247.763060][T10705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  247.767572][T11050] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  247.774696][T10705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.787558][T11050] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  247.800620][T10705] batman_adv: batadv0: Interface activated: batadv_slave_1
[  247.802925][T11050] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  247.821828][T11050] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  247.833164][T11050] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  247.851053][T11050] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  247.859350][T10705] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  247.869749][T10705] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  247.881255][T10705] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  247.893671][T10705] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  248.048735][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  248.071333][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  248.117541][ T8924] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  248.131772][ T8924] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  248.283978][T11064] mac80211_hwsim hwsim10 syzkaller0: entered promiscuous mode
[  248.350852][T11064] mac80211_hwsim hwsim10 syzkaller0: entered allmulticast mode
[  248.871337][T11091] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1328'.
[  248.992834][T11093] syzkaller1: entered promiscuous mode
[  249.003242][T11093] syzkaller1: entered allmulticast mode
[  249.538990][T11128] __nla_validate_parse: 65 callbacks suppressed
[  249.539011][T11128] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1339'.
[  249.581213][ T8930] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.841874][T11135] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1342'.
[  249.853567][T11136] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1342'.
[  249.929693][T11141] batman_adv: batadv0: Removing interface: 
0!

[  249.938905][T11140] netlink: 'syz.0.1340': attribute type 1 has an invalid length.
[  249.959797][T11140] netlink: 228 bytes leftover after parsing attributes in process `syz.0.1340'.
[  249.982086][T11141] bridge_slave_0: left allmulticast mode
[  249.997341][T11141] bridge_slave_0: left promiscuous mode
[  250.015599][T11141] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.032319][T11146] netlink: 'syz.0.1340': attribute type 33 has an invalid length.
[  250.041246][T11146] netlink: 137744 bytes leftover after parsing attributes in process `syz.0.1340'.
[  250.100764][T11141] bridge_slave_1: left allmulticast mode
[  250.107321][T11141] bridge_slave_1: left promiscuous mode
[  250.141215][T11141] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.238298][T11141] bond0: (slave bond_slave_0): Releasing backup interface
[  250.273524][T11141] bond0: (slave bond_slave_1): Releasing backup interface
[  250.284308][T11158] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1345'.
[  250.319524][T11141] batman_adv: batadv0: Removing interface: batadv_slave_0
[  250.332728][T11141] batman_adv: batadv0: Removing interface: batadv_slave_1
[  250.343593][T11141] bond2: (slave ip6erspan0): Releasing active interface
[  250.351795][T11141] ip6erspan0: left allmulticast mode
[  250.382181][T11140] bridge3: entered promiscuous mode
[  250.426007][ T5849] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  250.439871][ T5849] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  250.449918][ T5849] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  250.462503][ T5849] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  250.471831][ T5849] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  250.480691][ T8930] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.525689][T11147] vlan3: entered allmulticast mode
[  250.551554][T11147] hsr_slave_0: entered allmulticast mode
[  250.590490][T11156] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1341'.
[  250.668785][ T8930] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.769864][T11175] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1350'.
[  250.821941][T11177] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1350'.
[  250.834331][T11175] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1350'.
[  250.932188][ T8930] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.461045][T11197] team0: Port device team_slave_1 removed
[  251.564533][ T8930] bridge_slave_1: left allmulticast mode
[  251.591300][ T8930] bridge_slave_1: left promiscuous mode
[  251.607852][ T8930] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.659023][ T8930] bridge_slave_0: left allmulticast mode
[  251.670822][ T8930] bridge_slave_0: left promiscuous mode
[  251.678159][ T8930] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.751652][T11214] netlink: 'syz.0.1361': attribute type 30 has an invalid length.
[  252.122224][ T8930] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  252.141001][ T8930] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  252.153534][ T8930] bond0 (unregistering): Released all slaves
[  252.325892][T11219] xt_recent: hitcount (33554432) is larger than allowed maximum (65535)
[  252.455601][T11219] xt_CT: No such helper "pptp"
[  252.551637][ T5139] Bluetooth: hci0: command tx timeout
[  252.665281][T11230] netlink: 'syz.0.1365': attribute type 1 has an invalid length.
[  252.828604][T11226] syzkaller1: entered promiscuous mode
[  252.856443][T11226] syzkaller1: entered allmulticast mode
[  253.515778][T11257] 8021q: adding VLAN 0 to HW filter on device team1
[  254.151624][T11159] chnl_net:caif_netlink_parms(): no params data found
[  254.208906][ T8930] hsr_slave_0: left promiscuous mode
[  254.223728][ T8930] hsr_slave_1: left promiscuous mode
[  254.237341][ T8930] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  254.256324][ T8930] batman_adv: batadv0: Removing interface: batadv_slave_0
[  254.264657][ T8930] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  254.285475][ T8930] batman_adv: batadv0: Removing interface: batadv_slave_1
[  254.355755][ T8930] veth1_macvtap: left promiscuous mode
[  254.363541][ T8930] veth0_macvtap: left promiscuous mode
[  254.378385][ T8930] veth1_vlan: left promiscuous mode
[  254.383946][ T8930] veth0_vlan: left promiscuous mode
[  254.406808][T11295] Bluetooth: MGMT ver 1.23
[  254.611038][ T5849] Bluetooth: hci0: command tx timeout
[  255.001685][ T8930] team0 (unregistering): Port device team_slave_1 removed
[  255.050841][ T8930] team0 (unregistering): Port device team_slave_0 removed
[  255.553751][T11294] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  255.583893][T11294] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  255.597925][T11294] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  255.813200][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  256.024761][T11316] xt_cluster: you have exceeded the maximum number of cluster nodes (257 > 32)
[  256.174170][T11159] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.192415][T11159] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.211103][T11159] bridge_slave_0: entered allmulticast mode
[  256.237980][T11159] bridge_slave_0: entered promiscuous mode
[  256.265804][T11325] No such timeout policy "syz0"
[  256.270879][T11159] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.270991][T11159] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.271209][T11159] bridge_slave_1: entered allmulticast mode
[  256.273207][T11159] bridge_slave_1: entered promiscuous mode
[  256.390934][T11328] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  256.446935][ T5139] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  256.500560][T11159] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  256.544108][T11328] syzkaller0: MTU too low for tipc bearer
[  256.553959][T11328] tipc: Disabling bearer <eth:syzkaller0>
[  256.604527][T11159] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  256.695275][ T5139] Bluetooth: hci0: command 0x040f tx timeout
[  256.801403][T11159] team0: Port device team_slave_0 added
[  256.830232][T11159] team0: Port device team_slave_1 added
[  256.903262][T11341] net_ratelimit: 30 callbacks suppressed
[  256.903282][T11341] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  256.975078][T11159] batman_adv: batadv0: Adding interface: batadv_slave_0
[  256.992454][T11159] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  257.055896][T11159] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  257.093681][T11159] batman_adv: batadv0: Adding interface: batadv_slave_1
[  257.103825][T11159] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  257.133194][T11159] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  257.163013][T11347] geneve0: entered promiscuous mode
[  257.173280][T11347] geneve0: entered allmulticast mode
[  257.293289][T11358] __nla_validate_parse: 6 callbacks suppressed
[  257.293313][T11358] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1401'.
[  257.390113][T11363] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1403'.
[  257.399806][T11159] hsr_slave_0: entered promiscuous mode
[  257.409203][T11360] x_tables: arp_tables: .0 target: invalid size 8 (kernel) != (user) 0
[  257.417473][T11159] hsr_slave_1: entered promiscuous mode
[  257.422065][T11159] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  257.425472][T11361] x_tables: arp_tables: .0 target: invalid size 8 (kernel) != (user) 0
[  257.444134][T11159] Cannot create hsr debugfs directory
[  257.954354][T11379] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1407'.
[  258.767956][ T5139] Bluetooth: hci0: command 0x040f tx timeout
[  258.852662][T11409] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1412'.
[  258.862525][T11409] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1412'.
[  258.930308][T11407] ip6gre0: entered promiscuous mode
[  258.987335][T11409] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1412'.
[  259.194500][T11406] ip6gre0: left promiscuous mode
[  259.298414][T11415] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1414'.
[  259.316566][T11415] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1414'.
[  259.362236][T11159] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  259.397106][T11159] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  259.529944][T11159] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  259.570262][T11159] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  259.865408][T11159] 8021q: adding VLAN 0 to HW filter on device bond0
[  259.900919][T11159] 8021q: adding VLAN 0 to HW filter on device team0
[  259.928705][T11429] xfrm1: entered promiscuous mode
[  259.940695][T11429] xfrm1: entered allmulticast mode
[  260.101487][ T8928] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.108748][ T8928] bridge0: port 1(bridge_slave_0) entered forwarding state
[  260.203445][ T8928] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.210697][ T8928] bridge0: port 2(bridge_slave_1) entered forwarding state
[  260.552130][T11439] ipt_REJECT: TCP_RESET invalid for non-tcp
[  260.848553][ T5139] Bluetooth: hci0: command 0x040f tx timeout
[  261.134346][T11451] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  261.187440][T11159] 8021q: adding VLAN 0 to HW filter on device batadv0
[  261.364228][T11159] veth0_vlan: entered promiscuous mode
[  261.480795][T11460] syzkaller1: entered promiscuous mode
[  261.493818][T11460] syzkaller1: entered allmulticast mode
[  261.515549][T11159] veth1_vlan: entered promiscuous mode
[  261.639302][T11473] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1433'.
[  261.720578][T11159] veth0_macvtap: entered promiscuous mode
[  261.751092][T11474] netlink: 'syz.4.1433': attribute type 7 has an invalid length.
[  261.779125][T11159] veth1_macvtap: entered promiscuous mode
[  261.956003][T11159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  261.994765][T11159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.014360][T11159] batman_adv: batadv0: Interface activated: batadv_slave_0
[  262.064445][T11159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  262.076373][T11491] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1437'.
[  262.095977][T11159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.113418][T11159] batman_adv: batadv0: Interface activated: batadv_slave_1
[  262.149184][T11159] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  262.167544][T11159] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  262.180199][T11159] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  262.198541][T11159] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  262.232193][T11490] netlink: 'syz.4.1438': attribute type 6 has an invalid length.
[  262.521438][T11517] __nla_validate_parse: 1 callbacks suppressed
[  262.521460][T11517] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1444'.
[  262.547622][ T8930] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  262.564797][ T8930] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  262.686725][ T8930] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  262.715254][ T8930] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  262.771753][T11526] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1445'.
[  263.264373][ T8924] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.434021][T11550] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.508830][ T8924] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.570541][T11550] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.898429][T11550] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.999656][ T8924] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.060175][T11550] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.190002][ T5849] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  264.200765][ T5849] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  264.209497][ T5849] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  264.221307][ T5849] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  264.231457][ T5849] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  264.263455][ T8924] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.493774][T11592] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  264.510724][T11550] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  264.570456][T11550] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  264.725624][T11550] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  264.790917][T11550] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  264.922513][ T8924] bridge_slave_1: left allmulticast mode
[  264.953980][ T8924] bridge_slave_1: left promiscuous mode
[  264.979211][ T8924] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.031383][ T8924] bridge_slave_0: left allmulticast mode
[  265.056394][ T8924] bridge_slave_0: left promiscuous mode
[  265.062582][ T8924] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.894787][ T8924] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  265.906621][ T8924] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  265.922054][ T8924] bond0 (unregistering): Released all slaves
[  265.949156][T11627] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1469'.
[  265.960229][T11627] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1469'.
[  266.250914][T11640] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1471'.
[  266.291194][ T5849] Bluetooth: hci0: command tx timeout
[  266.307919][T11641] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1471'.
[  267.118393][T11668] netlink: 'syz.4.1478': attribute type 4 has an invalid length.
[  267.176273][T11668] netlink: 'syz.4.1478': attribute type 5 has an invalid length.
[  267.184096][T11668] netlink: 'syz.4.1478': attribute type 4 has an invalid length.
[  267.236997][T11668] netlink: 'syz.4.1478': attribute type 4 has an invalid length.
[  267.244801][T11668] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1478'.
[  267.401616][T11579] chnl_net:caif_netlink_parms(): no params data found
[  267.574298][T11677] Cannot find map_set index 0 as target
[  267.694249][T11681] RDS: rds_bind could not find a transport for fc00::1, load rds_tcp or rds_rdma?
[  267.970019][T11579] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.986811][T11579] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.994958][T11579] bridge_slave_0: entered allmulticast mode
[  268.003220][T11579] bridge_slave_0: entered promiscuous mode
[  268.025240][T11579] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.036339][T11579] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.043653][T11579] bridge_slave_1: entered allmulticast mode
[  268.068579][T11579] bridge_slave_1: entered promiscuous mode
[  268.169079][T11702] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1487'.
[  268.366257][ T5849] Bluetooth: hci0: command tx timeout
[  268.420086][T11579] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.486636][T11579] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  268.552153][T11712] netlink: 'syz.0.1491': attribute type 21 has an invalid length.
[  268.564319][T11712] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1491'.
[  268.746505][T11712] netlink: 'syz.0.1491': attribute type 4 has an invalid length.
[  268.754679][T11712] netlink: 'syz.0.1491': attribute type 3 has an invalid length.
[  268.763762][T11712] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1491'.
[  268.872511][ T8924] hsr_slave_0: left promiscuous mode
[  268.879583][ T8924] hsr_slave_1: left promiscuous mode
[  268.885623][ T8924] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  268.894186][ T8924] batman_adv: batadv0: Removing interface: batadv_slave_0
[  268.905550][ T8924] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  268.914464][ T8924] batman_adv: batadv0: Removing interface: batadv_slave_1
[  268.945087][ T8924] veth1_macvtap: left promiscuous mode
[  268.950800][ T8924] veth0_macvtap: left promiscuous mode
[  268.957964][ T8924] veth1_vlan: left promiscuous mode
[  268.963284][ T8924] veth0_vlan: left promiscuous mode
[  268.993019][T11718] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1492'.
[  269.004945][T11718] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1492'.
[  269.462241][ T8924] team0 (unregistering): Port device team_slave_1 removed
[  269.510737][ T8924] team0 (unregistering): Port device team_slave_0 removed
[  270.057220][T11718] bridge0: port 3(syz_tun) entered blocking state
[  270.063901][T11718] bridge0: port 3(syz_tun) entered disabled state
[  270.070711][T11718] syz_tun: entered allmulticast mode
[  270.078270][T11718] syz_tun: left allmulticast mode
[  270.188565][T11579] team0: Port device team_slave_0 added
[  270.216432][T11723] netlink: 304 bytes leftover after parsing attributes in process `syz.0.1493'.
[  270.219782][T11579] team0: Port device team_slave_1 added
[  270.293382][T11721] syz_tun: left allmulticast mode
[  270.306950][T11721] syz_tun: left promiscuous mode
[  270.312195][T11721] bridge0: port 3(syz_tun) entered disabled state
[  270.430665][T11721] bond0: (slave dummy0): Releasing backup interface
[  270.449294][ T5849] Bluetooth: hci0: command tx timeout
[  270.534688][T11721] bridge_slave_0: left allmulticast mode
[  270.544378][T11721] bridge_slave_0: left promiscuous mode
[  270.550987][T11721] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.565313][T11721] bridge_slave_1: left allmulticast mode
[  270.580394][T11721] bridge_slave_1: left promiscuous mode
[  270.598563][T11721] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.620353][T11721] bond0: (slave bond_slave_0): Releasing backup interface
[  270.659151][T11721] bond0: (slave bond_slave_1): Releasing backup interface
[  270.680399][T11721] team0: Port device team_slave_0 removed
[  270.698615][T11721] bond6: (slave veth1): Releasing backup interface
[  270.791545][T11735] syz_tun: entered promiscuous mode
[  270.822828][T11579] batman_adv: batadv0: Adding interface: batadv_slave_0
[  270.844353][T11579] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  270.873019][T11579] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  270.887221][T11579] batman_adv: batadv0: Adding interface: batadv_slave_1
[  270.894458][T11579] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  270.923010][T11579] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  271.073511][T11579] hsr_slave_0: entered promiscuous mode
[  271.085060][T11579] hsr_slave_1: entered promiscuous mode
[  271.092132][T11579] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  271.102468][T11579] Cannot create hsr debugfs directory
[  271.125802][T11746] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1499'.
[  271.153008][T11748] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1500'.
[  271.164200][T11748] nbd: illegal input index 65508
[  271.208686][T11746] 8021q: adding VLAN 0 to HW filter on device bond2
[  271.305543][T11749] 8021q: adding VLAN 0 to HW filter on device bond2
[  271.318110][T11749] bond2: (slave wireguard0): The slave device specified does not support setting the MAC address
[  271.330903][T11749] bond2: (slave wireguard0): Error -95 calling set_mac_address
[  271.694241][T11764] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1504'.
[  271.705600][T11764] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1504'.
[  271.723671][T11764] bridge0: port 1(syz_tun) entered blocking state
[  271.736930][T11764] bridge0: port 1(syz_tun) entered disabled state
[  271.743811][T11764] syz_tun: entered allmulticast mode
[  271.752976][T11764] syz_tun: left allmulticast mode
[  271.997569][T11777] No such timeout policy "syz0"
[  272.456087][T11579] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  272.500939][T11579] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  272.531103][ T5849] Bluetooth: hci0: command tx timeout
[  272.568241][T11579] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  272.646004][T11579] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  272.940764][T11579] 8021q: adding VLAN 0 to HW filter on device bond0
[  272.964111][T11579] 8021q: adding VLAN 0 to HW filter on device team0
[  272.993007][ T8924] bridge0: port 1(bridge_slave_0) entered blocking state
[  273.000289][ T8924] bridge0: port 1(bridge_slave_0) entered forwarding state
[  273.053450][ T8924] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.060701][ T8924] bridge0: port 2(bridge_slave_1) entered forwarding state
[  273.186062][T11579] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  273.204077][T11579] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  273.577367][T11579] 8021q: adding VLAN 0 to HW filter on device batadv0
[  273.655175][T11579] veth0_vlan: entered promiscuous mode
[  273.682782][T11579] veth1_vlan: entered promiscuous mode
[  273.732133][T11861] netlink: 'syz.0.1529': attribute type 3 has an invalid length.
[  273.759753][T11579] veth0_macvtap: entered promiscuous mode
[  273.798277][T11579] veth1_macvtap: entered promiscuous mode
[  273.806894][T11863] __nla_validate_parse: 2 callbacks suppressed
[  273.806916][T11863] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1529'.
[  273.875038][T11579] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.909358][T11579] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.935392][T11579] batman_adv: batadv0: Interface activated: batadv_slave_0
[  273.975953][T11579] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  274.013445][T11874] netlink: 'syz.0.1532': attribute type 10 has an invalid length.
[  274.016718][T11579] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.028818][T11875] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1531'.
[  274.061558][T11579] batman_adv: batadv0: Interface activated: batadv_slave_1
[  274.107248][T11579] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  274.156378][T11579] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  274.165155][T11579] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  274.200695][T11579] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  274.634853][ T8924] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  274.653304][ T8924] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  274.768615][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  274.776824][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  274.867443][T11908] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1542'.
[  274.922159][T11909] netlink: 'syz.3.1541': attribute type 11 has an invalid length.
[  274.931335][T11909] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1541'.
[  275.099844][T11915] ipvlan0: entered promiscuous mode
[  275.191455][T11918] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1545'.
[  275.202840][T11916] IPVS: length: 78 != 8
[  275.278978][T11918] syzkaller1: entered promiscuous mode
[  275.285275][T11918] syzkaller1: entered allmulticast mode
[  275.501450][T11932] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1549'.
[  275.558643][T11932] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1549'.
[  275.702824][T11942] netlink: 'syz.2.1553': attribute type 11 has an invalid length.
[  275.727384][T11942] netlink: 'syz.2.1553': attribute type 11 has an invalid length.
[  275.735263][T11942] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1553'.
[  275.857622][   T36] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.271829][   T36] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.486080][   T36] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.596698][T11953] xt_TCPMSS: Only works on TCP SYN packets
[  276.655117][   T36] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.695984][T11953] bridge0: port 3(veth0_to_bridge) entered blocking state
[  276.715990][T11953] bridge0: port 3(veth0_to_bridge) entered disabled state
[  276.727940][T11953] veth0_to_bridge: entered allmulticast mode
[  276.740411][T11953] veth0_to_bridge: entered promiscuous mode
[  276.751498][T11953] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  276.773721][T11953] bridge0: port 3(veth0_to_bridge) entered blocking state
[  276.781069][T11953] bridge0: port 3(veth0_to_bridge) entered forwarding state
[  277.049080][T11966] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  277.082031][T11967] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  277.092237][T11970] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  277.144491][ T5139] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  277.159683][ T5139] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  277.174521][ T5139] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  277.185859][ T5139] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  277.216000][T11971] pimreg: entered allmulticast mode
[  277.224602][ T5139] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  277.274495][   T36] bridge_slave_1: left allmulticast mode
[  277.326589][   T36] bridge_slave_1: left promiscuous mode
[  277.332458][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  277.386960][   T36] bridge_slave_0: left allmulticast mode
[  277.393341][   T36] bridge_slave_0: left promiscuous mode
[  277.456436][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.159644][ T5849] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  278.182828][ T5849] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  278.197474][ T5849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  278.205373][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  278.217299][ T5849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  278.229488][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  278.237466][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  278.263145][   T36] bond0 (unregistering): Released all slaves
[  278.412974][T12003] netlink: 'syz.3.1567': attribute type 1 has an invalid length.
[  278.433306][T12003] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1567'.
[  278.564562][T12007] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN
[  279.021930][T12023] bond0 (unregistering): Released all slaves
[  279.045373][T12020] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1573'.
[  279.081119][T12026] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: invalid value (253)
[  279.219393][T12030] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1575'.
[  279.328203][ T5849] Bluetooth: hci0: command tx timeout
[  279.384464][T12035] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1577'.
[  279.596099][T11972] chnl_net:caif_netlink_parms(): no params data found
[  279.758968][T12050] netlink: 'syz.3.1581': attribute type 1 has an invalid length.
[  279.809356][T12050] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[  279.819142][T11972] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.849975][T11972] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.870445][T11972] bridge_slave_0: entered allmulticast mode
[  279.896017][T11972] bridge_slave_0: entered promiscuous mode
[  279.928350][T11972] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.945538][T11972] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.954741][T11972] bridge_slave_1: entered allmulticast mode
[  279.981030][T11972] bridge_slave_1: entered promiscuous mode
[  279.991576][   T30] audit: type=1800 audit(1747001169.234:9): pid=12055 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1582" name="memory.events" dev="tmpfs" ino=1707 res=0 errno=0
[  280.170317][T11972] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  280.288632][ T5849] Bluetooth: hci2: command tx timeout
[  280.746706][T11972] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  281.417177][ T5849] Bluetooth: hci0: command tx timeout
[  282.304946][   T36] hsr_slave_0: left promiscuous mode
[  282.386382][ T5849] Bluetooth: hci2: command tx timeout
[  282.418419][   T36] hsr_slave_1: left promiscuous mode
[  282.424633][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  282.434952][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  282.470017][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  282.497754][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  282.574005][   T36] veth1_macvtap: left promiscuous mode
[  282.598872][   T36] veth0_macvtap: left promiscuous mode
[  282.604623][   T36] veth1_vlan: left promiscuous mode
[  282.626312][   T36] veth0_vlan: left promiscuous mode
[  283.486286][ T5849] Bluetooth: hci0: command tx timeout
[  283.510515][   T36] team0 (unregistering): Port device team_slave_1 removed
[  283.558729][   T36] team0 (unregistering): Port device team_slave_0 removed
[  284.085707][T11972] team0: Port device team_slave_0 added
[  284.224768][T11972] team0: Port device team_slave_1 added
[  284.447870][ T5849] Bluetooth: hci2: command tx timeout
[  284.478632][T11972] batman_adv: batadv0: Adding interface: batadv_slave_0
[  284.485627][T11972] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  284.512447][T11972] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  284.544048][T12082] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1590'.
[  284.768907][T11972] batman_adv: batadv0: Adding interface: batadv_slave_1
[  284.775910][T11972] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  284.846175][T11972] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  285.000240][T11972] hsr_slave_0: entered promiscuous mode
[  285.007529][T11972] hsr_slave_1: entered promiscuous mode
[  285.014392][T11972] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  285.023009][T11972] Cannot create hsr debugfs directory
[  285.252676][ T8931] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.400157][ T8931] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.501163][T12000] chnl_net:caif_netlink_parms(): no params data found
[  285.566476][ T5849] Bluetooth: hci0: command tx timeout
[  285.568461][ T8931] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.671091][ T8931] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.702140][T12100] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1593'.
[  285.752697][T12100] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1593'.
[  285.792547][T12099] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1593'.
[  286.047856][T12000] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.062072][T12000] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.072028][T12000] bridge_slave_0: entered allmulticast mode
[  286.080805][T12000] bridge_slave_0: entered promiscuous mode
[  286.179642][T12000] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.206878][T12000] bridge0: port 2(bridge_slave_1) entered disabled state
[  286.214222][T12000] bridge_slave_1: entered allmulticast mode
[  286.237339][T12000] bridge_slave_1: entered promiscuous mode
[  286.439666][T12000] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  286.461018][T12000] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  286.529573][ T5849] Bluetooth: hci2: command tx timeout
[  286.724054][ T8931] veth0_to_bridge: left allmulticast mode
[  286.738454][ T8931] veth0_to_bridge: left promiscuous mode
[  286.745864][ T8931] bridge0: port 3(veth0_to_bridge) entered disabled state
[  286.787877][T12136] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1602'.
[  286.813491][ T8931] bridge_slave_1: left allmulticast mode
[  286.836247][ T8931] bridge_slave_1: left promiscuous mode
[  286.842086][ T8931] bridge0: port 2(bridge_slave_1) entered disabled state
[  286.865387][ T8931] bridge_slave_0: left allmulticast mode
[  286.875582][ T8931] bridge_slave_0: left promiscuous mode
[  286.896035][ T8931] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.155241][ T8931] bond1 (unregistering): (slave ip6gretap1): Releasing active interface
[  287.181150][ T8931] bond5 (unregistering): (slave ip6gre1): Releasing backup interface
[  287.189828][ T8931] ip6gre1 (unregistering): left promiscuous mode
[  287.299472][ T8931] erspan0 (unregistering): left promiscuous mode
[  287.663955][ T8931] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  287.675178][ T8931] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  287.686309][ T8931] bond0 (unregistering): (slave team0): Releasing backup interface
[  287.695087][ T8931] bond0 (unregistering): Released all slaves
[  287.791351][ T8931] bond1 (unregistering): Released all slaves
[  287.895684][ T8931] team0: Port device bond2 removed
[  287.902306][ T8931] bond2 (unregistering): Released all slaves
[  287.997837][ T8931] bond3 (unregistering): Released all slaves
[  288.095153][ T8931] bond4 (unregistering): Released all slaves
[  288.197055][ T8931] bond5 (unregistering): Released all slaves
[  288.212081][ T8931] bond6 (unregistering): Released all slaves
[  288.230596][T12000] team0: Port device team_slave_0 added
[  288.260215][T12000] team0: Port device team_slave_1 added
[  288.420641][T12150] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 44683 - 0
[  288.429710][T12150] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 44683 - 0
[  288.438333][T12150] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 44683 - 0
[  288.448619][T12150] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 44683 - 0
[  288.458262][T12150] netdevsim netdevsim3 eth0: set [1, 1] type 2 family 0 port 38599 - 0
[  288.470972][T12150] netdevsim netdevsim3 eth1: set [1, 1] type 2 family 0 port 38599 - 0
[  288.479336][T12150] netdevsim netdevsim3 eth2: set [1, 1] type 2 family 0 port 38599 - 0
[  288.488168][T12150] netdevsim netdevsim3 eth3: set [1, 1] type 2 family 0 port 38599 - 0
[  288.496668][T12150] geneve2: entered promiscuous mode
[  288.501892][T12150] geneve2: entered allmulticast mode
[  288.509289][ T8931] : left promiscuous mode
[  288.541826][T12000] batman_adv: batadv0: Adding interface: batadv_slave_0
[  288.549259][T12000] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.584150][T12000] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  288.641093][T12000] batman_adv: batadv0: Adding interface: batadv_slave_1
[  288.653019][T12000] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.682028][T12000] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  288.744104][T11972] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  288.789118][T11972] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  288.842302][T11972] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  288.889468][T11972] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  289.074719][T12000] hsr_slave_0: entered promiscuous mode
[  289.085328][T12000] hsr_slave_1: entered promiscuous mode
[  289.095266][T12000] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  289.108528][T12000] Cannot create hsr debugfs directory
[  289.116407][T12166] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  289.134818][T12166] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  289.145389][T12166] hsr0: entered promiscuous mode
[  289.151444][T12166] hsr0: entered allmulticast mode
[  289.156580][T12166] hsr_slave_0: entered allmulticast mode
[  289.162335][T12166] hsr_slave_1: entered allmulticast mode
[  289.208277][T12163] netlink: 201392 bytes leftover after parsing attributes in process `syz.3.1609'.
[  289.221430][T12163] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  289.242923][T12163] openvswitch: netlink: Message has 8454 unknown bytes.
[  289.270506][T12161] tipc: Enabled bearer <udp:s>, priority 10
[  290.190447][T12196] netlink: 'syz.3.1616': attribute type 1 has an invalid length.
[  290.241536][T12196] 8021q: adding VLAN 0 to HW filter on device bond3
[  290.587163][T11972] 8021q: adding VLAN 0 to HW filter on device bond0
[  290.610929][T12211] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  290.681590][T11972] 8021q: adding VLAN 0 to HW filter on device team0
[  290.745549][ T8925] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.752795][ T8925] bridge0: port 1(bridge_slave_0) entered forwarding state
[  290.837918][ T8926] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.845132][ T8926] bridge0: port 2(bridge_slave_1) entered forwarding state
[  291.019940][T12199] veth0_to_bridge: entered promiscuous mode
[  291.170112][T12194] veth0_to_bridge: left promiscuous mode
[  291.210751][T12000] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  291.250217][T12000] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  291.282319][T12000] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  291.333451][T12000] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  291.654165][T12000] 8021q: adding VLAN 0 to HW filter on device bond0
[  291.693838][T11972] 8021q: adding VLAN 0 to HW filter on device batadv0
[  291.731968][T12000] 8021q: adding VLAN 0 to HW filter on device team0
[  291.778174][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.785416][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  291.815876][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.823078][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  291.941010][T11972] veth0_vlan: entered promiscuous mode
[  292.030695][T11972] veth1_vlan: entered promiscuous mode
[  292.133499][T12239] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1623'.
[  292.148669][T11972] veth0_macvtap: entered promiscuous mode
[  292.161353][T11972] veth1_macvtap: entered promiscuous mode
[  292.181839][T11972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  292.195186][T11972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.238239][T11972] batman_adv: batadv0: Interface activated: batadv_slave_0
[  292.275977][T11972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  292.298894][T11972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.314421][T11972] batman_adv: batadv0: Interface activated: batadv_slave_1
[  292.364616][T11972] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  292.400152][T11972] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  292.412028][T11972] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  292.423608][T11972] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  292.590541][T12251] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1626'.
[  292.700737][T12000] 8021q: adding VLAN 0 to HW filter on device batadv0
[  292.800846][ T8926] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  292.820870][ T8926] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  293.127152][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  293.135029][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  293.198274][T12000] veth0_vlan: entered promiscuous mode
[  293.216323][ T8931] batadv_slave_1: left promiscuous mode
[  293.242315][ T8931] hsr_slave_0: left promiscuous mode
[  293.267699][ T8931] hsr_slave_1: left promiscuous mode
[  293.273893][ T8931] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  293.288756][ T8931] batman_adv: batadv0: Removing interface: batadv_slave_0
[  293.303993][ T8931] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  293.316532][ T8931] batman_adv: batadv0: Removing interface: batadv_slave_1
[  293.355799][ T8931] veth0_macvtap: left promiscuous mode
[  293.373646][ T8931] veth1_vlan: left promiscuous mode
[  293.472811][T12270] netlink: 'syz.3.1631': attribute type 1 has an invalid length.
[  293.783194][ T8926] smc: removing ib device syz0
[  294.194077][ T8931] team0 (unregistering): Port device team_slave_1 removed
[  294.242855][ T8931] team0 (unregistering): Port device team_slave_0 removed
[  294.749791][T12270] workqueue: Failed to create a rescuer kthread for wq "bond4": -EINTR
[  294.760808][ T1207] ==================================================================
[  294.777260][ T1207] BUG: KASAN: slab-use-after-free in __ethtool_get_link_ksettings+0x6e/0x190
[  294.786067][ T1207] Read of size 8 at addr ffff8880239782e8 by task kworker/1:2/1207
[  294.793971][ T1207] 
[  294.796311][ T1207] CPU: 1 UID: 0 PID: 1207 Comm: kworker/1:2 Not tainted 6.15.0-rc5-syzkaller-01021-g0b28182c73a3 #0 PREEMPT(full) 
[  294.796339][ T1207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  294.796353][ T1207] Workqueue: events smc_ib_port_event_work
[  294.796399][ T1207] Call Trace:
[  294.796408][ T1207]  <TASK>
[  294.796417][ T1207]  dump_stack_lvl+0x189/0x250
[  294.796448][ T1207]  ? __virt_addr_valid+0x18c/0x540
[  294.796474][ T1207]  ? rcu_is_watching+0x15/0xb0
[  294.796504][ T1207]  ? __pfx_dump_stack_lvl+0x10/0x10
[  294.796530][ T1207]  ? rcu_is_watching+0x15/0xb0
[  294.796560][ T1207]  ? lock_release+0x4b/0x3e0
[  294.796589][ T1207]  ? __virt_addr_valid+0x18c/0x540
[  294.796615][ T1207]  ? __virt_addr_valid+0x469/0x540
[  294.796642][ T1207]  print_report+0xb4/0x290
[  294.796665][ T1207]  ? __ethtool_get_link_ksettings+0x6e/0x190
[  294.796693][ T1207]  kasan_report+0x118/0x150
[  294.796717][ T1207]  ? __ethtool_get_link_ksettings+0x6e/0x190
[  294.796749][ T1207]  __ethtool_get_link_ksettings+0x6e/0x190
[  294.796778][ T1207]  ib_get_eth_speed+0x15e/0x7b0
[  294.796817][ T1207]  ? __pfx_ib_get_eth_speed+0x10/0x10
[  294.796852][ T1207]  ? do_raw_spin_unlock+0x122/0x240
[  294.796878][ T1207]  rxe_query_port+0x93/0x3b0
[  294.796903][ T1207]  ib_query_port+0x16d/0x830
[  294.796923][ T1207]  smc_ib_port_event_work+0x15a/0x940
[  294.796957][ T1207]  ? _raw_spin_unlock_irq+0x23/0x50
[  294.796985][ T1207]  ? process_scheduled_works+0x9ec/0x17a0
[  294.797015][ T1207]  ? process_scheduled_works+0x9ec/0x17a0
[  294.797046][ T1207]  process_scheduled_works+0xadb/0x17a0
[  294.797093][ T1207]  ? __pfx_process_scheduled_works+0x10/0x10
[  294.797133][ T1207]  worker_thread+0x8a0/0xda0
[  294.797154][ T1207]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  294.797187][ T1207]  ? __kthread_parkme+0x7b/0x200
[  294.797210][ T1207]  kthread+0x70e/0x8a0
[  294.797229][ T1207]  ? __pfx_worker_thread+0x10/0x10
[  294.797244][ T1207]  ? __pfx_kthread+0x10/0x10
[  294.797263][ T1207]  ? __pfx_kthread+0x10/0x10
[  294.797280][ T1207]  ? _raw_spin_unlock_irq+0x23/0x50
[  294.797302][ T1207]  ? lockdep_hardirqs_on+0x9c/0x150
[  294.797328][ T1207]  ? __pfx_kthread+0x10/0x10
[  294.797345][ T1207]  ret_from_fork+0x4b/0x80
[  294.797362][ T1207]  ? __pfx_kthread+0x10/0x10
[  294.797380][ T1207]  ret_from_fork_asm+0x1a/0x30
[  294.797402][ T1207]  </TASK>
[  294.797408][ T1207] 
[  295.023823][ T1207] Allocated by task 5835:
[  295.028240][ T1207]  kasan_save_track+0x3e/0x80
[  295.032949][ T1207]  __kasan_kmalloc+0x93/0xb0
[  295.037565][ T1207]  __kvmalloc_node_noprof+0x314/0x5e0
[  295.042973][ T1207]  alloc_netdev_mqs+0xa6/0x11e0
[  295.047845][ T1207]  rtnl_create_link+0x31f/0xd10
[  295.052703][ T1207]  rtnl_newlink_create+0x25c/0xb00
[  295.057825][ T1207]  rtnl_newlink+0x16d6/0x1c70
[  295.062516][ T1207]  rtnetlink_rcv_msg+0x7cc/0xb70
[  295.067459][ T1207]  netlink_rcv_skb+0x219/0x490
[  295.072226][ T1207]  netlink_unicast+0x758/0x8d0
[  295.076991][ T1207]  netlink_sendmsg+0x805/0xb30
[  295.081762][ T1207]  __sock_sendmsg+0x219/0x270
[  295.086446][ T1207]  __sys_sendto+0x3bd/0x520
[  295.090952][ T1207]  __x64_sys_sendto+0xde/0x100
[  295.095724][ T1207]  do_syscall_64+0xf6/0x210
[  295.100227][ T1207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.106128][ T1207] 
[  295.108460][ T1207] Freed by task 8931:
[  295.112459][ T1207]  kasan_save_track+0x3e/0x80
[  295.117142][ T1207]  kasan_save_free_info+0x46/0x50
[  295.122177][ T1207]  __kasan_slab_free+0x62/0x70
[  295.126945][ T1207]  kfree+0x193/0x440
[  295.130847][ T1207]  device_release+0x99/0x1c0
[  295.135453][ T1207]  kobject_put+0x228/0x480
[  295.139873][ T1207]  netdev_run_todo+0xd2e/0xea0
[  295.144671][ T1207]  default_device_exit_batch+0x81e/0x890
[  295.150311][ T1207]  ops_undo_list+0x522/0x990
[  295.154906][ T1207]  cleanup_net+0x4c5/0x8a0
[  295.159327][ T1207]  process_scheduled_works+0xadb/0x17a0
[  295.164885][ T1207]  worker_thread+0x8a0/0xda0
[  295.169478][ T1207]  kthread+0x70e/0x8a0
[  295.173554][ T1207]  ret_from_fork+0x4b/0x80
[  295.177995][ T1207]  ret_from_fork_asm+0x1a/0x30
[  295.182761][ T1207] 
[  295.185091][ T1207] The buggy address belongs to the object at ffff888023978000
[  295.185091][ T1207]  which belongs to the cache kmalloc-cg-4k of size 4096
[  295.199584][ T1207] The buggy address is located 744 bytes inside of
[  295.199584][ T1207]  freed 4096-byte region [ffff888023978000, ffff888023979000)
[  295.213474][ T1207] 
[  295.215800][ T1207] The buggy address belongs to the physical page:
[  295.222241][ T1207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x23978
[  295.231008][ T1207] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  295.239794][ T1207] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  295.247362][ T1207] page_type: f5(slab)
[  295.251377][ T1207] raw: 00fff00000000040 ffff88801a04b500 dead000000000122 0000000000000000
[  295.259981][ T1207] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  295.268583][ T1207] head: 00fff00000000040 ffff88801a04b500 dead000000000122 0000000000000000
[  295.277275][ T1207] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  295.285960][ T1207] head: 00fff00000000003 ffffea00008e5e01 00000000ffffffff 00000000ffffffff
[  295.294904][ T1207] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  295.303580][ T1207] page dumped because: kasan: bad access detected
[  295.310002][ T1207] page_owner tracks the page as allocated
[  295.315716][ T1207] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd60c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5835, tgid 5835 (syz-executor), ts 92374575992, free_ts 92062078395
[  295.338831][ T1207]  post_alloc_hook+0x1d8/0x230
[  295.343610][ T1207]  get_page_from_freelist+0x21e0/0x22c0
[  295.349182][ T1207]  __alloc_frozen_pages_noprof+0x181/0x370
[  295.355026][ T1207]  alloc_pages_mpol+0x232/0x4a0
[  295.359922][ T1207]  allocate_slab+0x8a/0x3b0
[  295.364427][ T1207]  ___slab_alloc+0xbfc/0x1480
[  295.369117][ T1207]  __kvmalloc_node_noprof+0x411/0x5e0
[  295.374496][ T1207]  alloc_netdev_mqs+0xa6/0x11e0
[  295.379372][ T1207]  rtnl_create_link+0x31f/0xd10
[  295.384249][ T1207]  rtnl_newlink_create+0x25c/0xb00
[  295.389369][ T1207]  rtnl_newlink+0x16d6/0x1c70
[  295.394052][ T1207]  rtnetlink_rcv_msg+0x7cc/0xb70
[  295.399001][ T1207]  netlink_rcv_skb+0x219/0x490
[  295.403768][ T1207]  netlink_unicast+0x758/0x8d0
[  295.408540][ T1207]  netlink_sendmsg+0x805/0xb30
[  295.413312][ T1207]  __sock_sendmsg+0x219/0x270
[  295.418008][ T1207] page last free pid 5834 tgid 5834 stack trace:
[  295.424335][ T1207]  __free_frozen_pages+0xb14/0xce0
[  295.429465][ T1207]  __slab_free+0x326/0x400
[  295.433887][ T1207]  qlist_free_all+0x9a/0x140
[  295.438484][ T1207]  kasan_quarantine_reduce+0x148/0x160
[  295.443950][ T1207]  __kasan_slab_alloc+0x22/0x80
[  295.448828][ T1207]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  295.454295][ T1207]  __kernfs_new_node+0xd7/0x7f0
[  295.459156][ T1207]  kernfs_new_node+0x102/0x210
[  295.463926][ T1207]  __kernfs_create_file+0x4b/0x2e0
[  295.469047][ T1207]  sysfs_add_file_mode_ns+0x238/0x300
[  295.474458][ T1207]  internal_create_group+0x66d/0x1110
[  295.479925][ T1207]  sysfs_create_groups+0x59/0x120
[  295.484959][ T1207]  device_add_attrs+0xe0/0x5a0
[  295.489726][ T1207]  device_add+0x496/0xb50
[  295.494064][ T1207]  netdev_register_kobject+0x156/0x2f0
[  295.499557][ T1207]  register_netdevice+0x126c/0x1ae0
[  295.504769][ T1207] 
[  295.507094][ T1207] Memory state around the buggy address:
[  295.512723][ T1207]  ffff888023978180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  295.520809][ T1207]  ffff888023978200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  295.528877][ T1207] >ffff888023978280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  295.536943][ T1207]                                                           ^
[  295.544446][ T1207]  ffff888023978300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  295.552617][ T1207]  ffff888023978380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  295.560705][ T1207] ==================================================================
[  295.589804][ T1207] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  295.597058][ T1207] CPU: 1 UID: 0 PID: 1207 Comm: kworker/1:2 Not tainted 6.15.0-rc5-syzkaller-01021-g0b28182c73a3 #0 PREEMPT(full) 
[  295.609141][ T1207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  295.619221][ T1207] Workqueue: events smc_ib_port_event_work
[  295.625047][ T1207] Call Trace:
[  295.628334][ T1207]  <TASK>
[  295.631290][ T1207]  dump_stack_lvl+0x99/0x250
[  295.635984][ T1207]  ? __asan_memcpy+0x40/0x70
[  295.640601][ T1207]  ? __pfx_dump_stack_lvl+0x10/0x10
[  295.645816][ T1207]  ? __pfx__printk+0x10/0x10
[  295.650438][ T1207]  panic+0x2db/0x790
[  295.654366][ T1207]  ? __pfx_panic+0x10/0x10
[  295.658796][ T1207]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  295.664705][ T1207]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  295.671067][ T1207]  ? print_memory_metadata+0x314/0x400
[  295.676574][ T1207]  ? __ethtool_get_link_ksettings+0x6e/0x190
[  295.682617][ T1207]  check_panic_on_warn+0x89/0xb0
[  295.687617][ T1207]  ? __ethtool_get_link_ksettings+0x6e/0x190
[  295.693610][ T1207]  end_report+0x78/0x160
[  295.697872][ T1207]  kasan_report+0x129/0x150
[  295.702576][ T1207]  ? __ethtool_get_link_ksettings+0x6e/0x190
[  295.708592][ T1207]  __ethtool_get_link_ksettings+0x6e/0x190
[  295.714423][ T1207]  ib_get_eth_speed+0x15e/0x7b0
[  295.719299][ T1207]  ? __pfx_ib_get_eth_speed+0x10/0x10
[  295.724732][ T1207]  ? do_raw_spin_unlock+0x122/0x240
[  295.729952][ T1207]  rxe_query_port+0x93/0x3b0
[  295.734553][ T1207]  ib_query_port+0x16d/0x830
[  295.739148][ T1207]  smc_ib_port_event_work+0x15a/0x940
[  295.744540][ T1207]  ? _raw_spin_unlock_irq+0x23/0x50
[  295.749756][ T1207]  ? process_scheduled_works+0x9ec/0x17a0
[  295.755503][ T1207]  ? process_scheduled_works+0x9ec/0x17a0
[  295.761237][ T1207]  process_scheduled_works+0xadb/0x17a0
[  295.766811][ T1207]  ? __pfx_process_scheduled_works+0x10/0x10
[  295.772811][ T1207]  worker_thread+0x8a0/0xda0
[  295.777519][ T1207]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  295.783884][ T1207]  ? __kthread_parkme+0x7b/0x200
[  295.788834][ T1207]  kthread+0x70e/0x8a0
[  295.792912][ T1207]  ? __pfx_worker_thread+0x10/0x10
[  295.798030][ T1207]  ? __pfx_kthread+0x10/0x10
[  295.802723][ T1207]  ? __pfx_kthread+0x10/0x10
[  295.807322][ T1207]  ? _raw_spin_unlock_irq+0x23/0x50
[  295.812532][ T1207]  ? lockdep_hardirqs_on+0x9c/0x150
[  295.817745][ T1207]  ? __pfx_kthread+0x10/0x10
[  295.822344][ T1207]  ret_from_fork+0x4b/0x80
[  295.826769][ T1207]  ? __pfx_kthread+0x10/0x10
[  295.831365][ T1207]  ret_from_fork_asm+0x1a/0x30
[  295.836250][ T1207]  </TASK>
[  295.839438][ T1207] Kernel Offset: disabled
[  295.843773][ T1207] Rebooting in 86400 seconds..