last executing test programs:

1m8.554973202s ago: executing program 0 (id=1415):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYBLOB="996e06004d4c0700540012800800010068737200480002"], 0x90}}, 0x0)

56.063910333s ago: executing program 0 (id=1415):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYBLOB="996e06004d4c0700540012800800010068737200480002"], 0x90}}, 0x0)

45.664343583s ago: executing program 0 (id=1415):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYBLOB="996e06004d4c0700540012800800010068737200480002"], 0x90}}, 0x0)

30.477822319s ago: executing program 0 (id=1415):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYBLOB="996e06004d4c0700540012800800010068737200480002"], 0x90}}, 0x0)

17.84873542s ago: executing program 0 (id=1415):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYBLOB="996e06004d4c0700540012800800010068737200480002"], 0x90}}, 0x0)

8.762339481s ago: executing program 1 (id=2149):
r0 = socket(0x2b, 0x1, 0x1)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f000000b800)=ANY=[@ANYBLOB="00020201"], 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000069000010000000000100000018010000696c6c2500000000002020207b1af8ff00000000bfa1000000000000070100fef7"], &(0x7f0000000040)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0x18}}], 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$netlink(r2, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000700)={0xe0, 0x10, 0x50b, 0x0, 0x0, "", [@generic="6f6d8864d22a3f2ffaa46c88bc", @typed={0xa9, 0x0, 0x0, 0x0, @binary="2b0e13e735a3184f1b3d6da2f1acfac0ee50d2b184b27db1f302de337c0004060000000000bf852c89867f6691b01b2d44e4ff2d5f28732c5fbd9423debbb86f9dba4a2dba4dbe076c02262600c446a567de243ab0d67683f7bb11c9cab3b3eed8a8bef4ff1631aa78acefca03c1a66db4424a8ba100022db228bb7b5eb5100100000000000000a0912086d9f4606d2e4cc898739222c5d3a83cb6b707f3336336ebb7d681"}, @nested={0x11, 0x0, 0x0, 0x1, [@generic="a64a6f8911da357ba323a96d75"]}]}, 0xe0}], 0x1}, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x8)
setsockopt$inet6_int(r3, 0x29, 0x4b, 0x0, 0x0)
sendmmsg$inet6(r3, &(0x7f0000004580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00\x00\x00\x00\x00)\x00\x00\x002'], 0x28}}], 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="4400000010000108fcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="fe000000000000001c00240017d7d613b0fae72cff49034379c9505aa32c8ac1d0b990c508001b0000000000"], 0x44}}, 0x14)
pselect6(0x517, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x700}, &(0x7f0000000240)={0x0, 0x989680}, &(0x7f00000002c0)={&(0x7f0000000280), 0x8})
bind$netlink(r4, &(0x7f0000000400)={0x10, 0x0, 0x25dfdbff, 0x200}, 0x31)
socket$kcm(0x11, 0x3, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r7, 0x0, 0x482, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'lblcr\x00', 0x10, 0x8, 0x11}, 0x2c)
setsockopt$IP_VS_SO_SET_ADD(r7, 0x0, 0x483, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'none\x00', 0x3a, 0x0, 0x7f}, 0x2c)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x1c0}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_SIOCBRDELBR(r1, 0x89a2, &(0x7f0000000200)='bridge0\x00')
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a3, &(0x7f0000000200)='bridge0\x00')
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)

8.235805551s ago: executing program 1 (id=2154):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x97}, [{0x8000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x3ff}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, {}, {}, {}, {}, {}, {}, {}, {}, {0x8}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xfffffc01}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffff9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x4cbf}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x10, 0x0, 0x20}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x40000000, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x10000}, {0x0, 0x0, 0x0, 0x0, 0x1}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r3, 0x6, 0x24, &(0x7f0000000000)=0x1, 0x4)
recvmmsg(r3, &(0x7f00000007c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x100, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000001c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xa9}]}, &(0x7f0000000180)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x10, 0x3}]}}]}, 0x38}}, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3e0, 0x1b0, 0xc8, 0x8, 0x1b0, 0x5803, 0x310, 0x2e8, 0x2e8, 0x310, 0x2e8, 0x3, 0x0, {[{{@ipv6={@loopback, @mcast1, [], [], 'erspan0\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1b0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e67442c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1}}, @common=@inet=@socket1={{0x28}, 0xa490f54eab606508}]}, @unspec=@TRACE={0x20}}, {{@ipv6={@remote, @mcast2, [], [], 'macvtap0\x00', 'syzkaller1\x00'}, 0x0, 0xf8, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x440)
socket$inet_tcp(0x2, 0x1, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r8, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
unshare(0x2040400)
writev(r9, &(0x7f00000000c0)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f08000000480100100000000019002b000a0001000500000000000072080003000500000000", 0x39}], 0x1)
connect$inet(r8, &(0x7f0000000200)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r8, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@private1, 0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x33}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0xb7, 0xffffffff, 0x0, 0xffffffff}}, 0xe8)
sendmmsg(r8, &(0x7f0000007fc0), 0x800001d, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000000540)={'wg2\x00'})

7.366332615s ago: executing program 1 (id=2161):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), r0)
sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000826bd7000feffffff746831000000000000000000000000000300fe8800000000000000000000000000ffff7f00000108000500e000000200"/82], 0x58}, 0x8, 0x3000000000002, 0x0, 0x800}, 0x8004)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
r3 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e25, 0xb, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x9}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r3, 0x29, 0x3b, &(0x7f0000000080)=ANY=[@ANYBLOB="000a0000000000000502000505020000c204fffffffd040130c9"], 0x60)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x1, 0x0)
setsockopt$inet6_opts(r3, 0x29, 0x36, &(0x7f0000000140)=@dstopts={0x62}, 0x8)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r2, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
writev(r2, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
recvmmsg(r2, &(0x7f0000003e40)=[{{0x0, 0x3, 0x0, 0x0, &(0x7f00000035c0)=""/241, 0x6c5621a684f1998c}}, {{&(0x7f0000000540)=@un=@abs, 0x80, &(0x7f0000003780)=[{&(0x7f0000003740)=""/4, 0x7ffff}], 0x15, &(0x7f00000037c0)=""/236, 0xec}}, {{0x0, 0x0, &(0x7f0000003bc0)=[{0x0, 0xe00000000000000}, {&(0x7f0000003a00)=""/190, 0xfffffffffffffdac}, {&(0x7f0000003ac0)=""/131, 0x83}, {0x0}], 0x4, &(0x7f0000003c00)=""/65, 0x49}}, {{&(0x7f0000003c80)=@pppol2tp={0x18, 0x1, {0x0, <r4=>0xffffffffffffffff, {0x2, 0x0, @empty}}}, 0x80, 0x0, 0x0, &(0x7f0000003e00)=""/48, 0x30}}], 0x4, 0x40000121, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.empty_time\x00', 0x275a, 0x0)
write$cgroup_type(r5, &(0x7f0000000000), 0x9)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r5, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000000640)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, <r6=>0x0})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r5, 0xc0c89425, &(0x7f0000000300)={"2e30c0b28e4ed9bc3cf09e3cc6114e39", 0x0, <r7=>0x0, {0x8, 0x3}, {0x8c8, 0x4c1fccc5}, 0x3, [0x9, 0x8, 0x8, 0x8, 0xffffffffffffffff, 0x0, 0x6, 0x2, 0x7, 0xffffffffffffff81, 0x400, 0xffffffffffffffff, 0x8, 0x1, 0x40, 0x9]})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r2, 0xc0c89425, &(0x7f0000000840)={"eced4f08d0ad40e637ca3393bd64a180", r6, r7, {0xa21, 0x1000}, {0x9, 0xfffffffb}, 0x1eba, [0xe2, 0x2, 0x6, 0x3, 0xffffffffffffc24c, 0xa, 0xffffffff, 0x5, 0x3, 0x92d8, 0xffffffff, 0x3, 0x7ff, 0x3, 0xe, 0x8]})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040))
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r8}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x5}}, &(0x7f0000000000)='GPL\x00', 0x4, 0xde, &(0x7f0000003e40)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

6.458818597s ago: executing program 0 (id=1415):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYBLOB="996e06004d4c0700540012800800010068737200480002"], 0x90}}, 0x0)

5.114680999s ago: executing program 1 (id=2166):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c9f4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75055df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b556381768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8dc0d472672286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8455029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82a6ef09d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b420e74c6bcdf1ed0b306141a83bf1268e954ad069257fbfaa1a7ea582badc1a7f2a5b0965f3535872d85c0bc3a233a3ea85df6a8ed76f0f803d54b7bef77d8ea71621f8a78dd17c3b58c5c7476ed6191acbb949e77f7cac81c543f7751e5e1000"/4545], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000001680)={@cgroup=r1, r0, 0x2f, 0x0, 0x0, @void, @value}, 0x20)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800450000280006dc222c5699556ae8849078ac1414bbac1414aa00004e2200000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5cc2000090780000"], 0x0)
bpf$LINK_DETACH(0x22, &(0x7f0000000080), 0x4e)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000500)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="2f0000002020000004000000", @ANYBLOB="671a951817"], 0x20)

4.250629622s ago: executing program 1 (id=2172):
unshare(0x40020000) (async)
mmap(&(0x7f0000498000/0x1000)=nil, 0x1000, 0xb, 0x8031, 0xffffffffffffffff, 0x0) (async)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'lo\x00', &(0x7f0000000080)=@ethtool_ringparam={0x11, 0x9, 0x7, 0x8, 0x9, 0x5, 0x8, 0x2, 0x1ff}})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x8604}, 0x10) (async)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), r1)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r1, &(0x7f0000000380)={&(0x7f00000001c0), 0xc, &(0x7f00000003c0)={&(0x7f0000001b80)={0x10d8, r2, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x20, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xfffffffe}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xc}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3c266c9b}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xa1}]}, @TIPC_NLA_NODE={0x48, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "834c9a5eccbf838d859d1444ec4bae932b7d6c2c"}}]}, @TIPC_NLA_NODE={0xf5c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0xef4, 0x3, "c0f5ca2a9ef13a94f0fe15d59d6a363d8eade4715ca8a2daa94d8e79a3925adc7df9f4e297a3accaabc679cbfe3c51c3e215373a46cbb64e08859fdebb62e8336aaa343711b17ac7049a08d008f37de5deb221f77be6bceea5645e94fc341b8ce5c9b9269175800b2f25a9bd342e2a391fa4b2c6adcf3672f4232327ba1b12341d9e8e361fcd26dcfa4c63f2c3a3ef2f6337d9ec6341596686f5a7d9eb72fb69d4519ed9974d6407036ca1d7f61621c95dcab83358093d3d4ac143ed717876c587211b0ca629d92ca4efcbaa70799dfa49d2fb0fecb5a0bb31935100bad42574e047de76703753a94eee4bd4fb54b02c8466ff1cef0e5942b464c18e30af55248b27af90b86affd81eae47dfa78625db470230b1d2d541197bcdc05c0cfec77f5fdef4d432ae8a70baff1a3d1c808eadecbd372e29cedfd0b2bb5535188c3fb0b5c3e6fd2a27d802ddcf6afb39e3474b5384d9c89af90022ac6f2e8d2f9b4c08cce29965d0c4c203e62c2194b0f38aeb1e01188bf1c99abd886d486fc647a1272547a4e82730e28439dd06f02d0649b8974c223c47d13e7ee53cb6655802eb9a82afe7c9f3de523b6ec40f98a99ca4fe92687ff3ff165d6759f68258754d7f9c2bfa879843b31e433f61d6ef449d06f51278ad88e3f7d8b4af581a9e35d61a0b3b0de8d6c3a9a07ed773f9fe47dab9121207cca40090bca554fb313c9d1f3a028dec586d933fe8a9b89f3602077fa6198411327d2d4af7f996e2270abce72f18bf7676d6ef0e823baaf7c376e2647a6b481f6bad2eb6fb25cf86be9dcaa21ea2f2d809e6c2544c4bfce16d02eef47cb6663a516d914de70ea4111b6087152c08411eaf78b9d58df020c145cbf766d9dab5b153f50d739f6b5174a6c4270bd007e513e4b02e9d944683023946ab180b843c5c82ebb3de7feb0ad9bcc253153ab362cb8434eec2994219ed0cbf59d6e8c94da4a663afb0cdf8a0cd580cccc52889c74c8f11697f218d8d02b4b6869f869f41dec134687a2513666288900b57d12394a1afcd5509d4d301134add4125057e4215f94b181d0f27747f4ce47042448d63b1e164f16497bf12f6d32852bfe898cd461fb177d17d326bfb8ca87b7e452e3b9f1ed9a606779be8618c97845ae279eabb86638c8fcab3cefbf87d4a07d85bb32795dbe4815f49131a5abaf27bcfa309f2f5f8f41c9600afbe709eb1431807dd16ca09d8902605bcebf0c2e6acf1740a72cf824dfbee08bee11e51cabfe539b9a98586a497e4596b6bb2c245b5b8bcc41c420d7e0e6e4601d93751d2ebc8c047225aac138be05dba74d4f6a59b618e383c941f2deee445b1477b3c5aa6deb5ace609772772b3b324c26209ff57b0478be0d780da033caafad5727bfd28c6ace7e5c6e9654bfe5ef16c53b697540f686fb7ddf69f9388b90fb779a3e02dbf882d29deed2a6a587eeb8317f6811440d6f5e3a4e07a4fcbf1b5944e4875d25b149354de63649615bc9441ebd145817458a6e92702d07fbb27f403ffc26d9e651e87d391490c2d0da127c8f93f580319ea627fcb966ba027b4454556f8d92c7d5d8f615f8938dcc54e9fe6c0771d585d9c191093f854cf8abce7e3f6adaa16c4b1ea8148bf90d03799ff815700b5442b2d582557b33c9fbdb4df29097d656358ab95cd020561ca596a276edb25454ea12ffb9990ebf9fa9a856ed6d55b0cd1a3a3ace7b54ef4badf0507f71372a234819466ffdc16eac6de0428ca868a14d05e955b6f90061e6e4ac0ac331c1d9308ac030969d17ac7e5360937ad2ea6ccd1087234f4ebcbb838d6a1a71c77d379c8f70c2cd38d8d9df762f94c448fe4bbaa9e072284f50e609cdd59f3694bd5e8fc719df3548847dd8aa97b1e1cd2f72817a509f956b67d0ca453bc3b3ee041e7731ca833811faa671c54812173ad6a819c907d9c44e4bdfa035f3aaa196da9b8c2c54aa3af13d65ab60f314a2c8f3cf66386983c37e93afecc6b721e747b7a088c90af6c71e5d54e5a840594f7ffa2078da0de55ed003b359be9d0cf3ae4fbf83406619d8ac6f721f7ca0929970d8d695e567f45c6a3687c1f0057715f98bc08fd46ae157c6a0349e3c39de62548de31876d3a3eeb8681aecf204970da8dcc3fcd8c23b29d7c0f148cb54b9ae485ee095cc9f4256315e406a842f17e0ca4d4412d5f41afc81318ba9d7e87e92258d279587ea3f3354ab40051aa87bbae4d8f3b6cf22ae8f905d0129d47d72f65e448fdafa85882ba3ded92dce89ae872d2694b378015c0d64c5511945d6374b4e2c16fa7fc4ad2116e4914c09a4004396a2e7ec272866140245f0dc6f415cff861e27c14d6589e8112776c6f73a47336fdd5be6abb2d82643ab9bab9f45f751e36e9196eaa1782febbf1025cfcabcd8e3757a52178025e20836cdc5c502f152633bd28769195c3fd13ffd4e7466af0e90f2be6c6fb6f8fd8bef73706dce83a670d43d2ccae31305e3bfad3807cc31f3e26fe225db5c55f959fc2216b8300737958f32f987921f1b5a2deda6ef7dcba760acb3dab8bc58db54e0fdfa02db1c75367b0a6e5d10c29641707d399a2857efd94fb06faede4a3d04c357bdf56d3524238625f9a024d997800243f5c5ef30b4b837851a9b2b1c2543405d3c8e5204717189f3b54a9b509aca2058ee736047feb885c8a67b3281d5f9f0c4077b9e784941d25d91dca950a564f85fbea20e77f1acd4adeeeb1c9ac27c9ef0116eb92c0452d25ec6373b48438e1465e0d762f9e565f1d5d3616de98a1a8220e56dd1e1f7bf9b9f4359e144742de7e703c96fa4883cfec7fedc13544d6d36db5e41891967f26068e6d5f37a77913bdc4a278fa5cb6e215cf637c1aa215338a55578611bb1ee02d8cc23b0ab360d1d45e0b3b523a5875502735f916abb8acc4d6a5772074c703732a932bd08b301ecb2fe0f79e10600f6fadec93e689936760ea963789abc7dbc68374352cd02952fa049b29c6ade00e782febbdb5eb168814b1f4a8f8d791398dd41b9dd814d7393bad15b9642ceceb5acd9a95587d1cc55ca30c6f2026d8bd01b5080aa75e6814a05debff7595d1235992cb47b28f1026612342c24f4d6363caf987473484ea155bcceab0d40493af785d6d79338bd08ef2dabb71eae48017cfc55980e8ef07eabde2a897e25789a9787c66bcff556ca1eb45645165f2aa664c00564560b7564e40dd28888bc79355e470499be19be133cd77b802ee18939ffb837a7bfe195d0735e65102549ff276854f04c5992b37cdae30af3b51786e159dc7b9cbbc13bfb781ab1d0f680a84f2ea3a2502bba94a2856d10bc832061da3e23c5c1dc345c58e3ae1665957c7d1c5fe23393a95c16fec7465889b9d3f06d33e10a80daf6a8ef56282a8d1626ee25d773860e02b8e63e719dbdbc681b7949c923f9ea7bfbd942498f64592ed1ebbd4c4fca2edae78aa9d907fb3be52b7ce3483f39518e12b8f3466bd8136cd9ad1dcb474ac380988b8efe823b20bf8eb1c32eacd062282e02dd61dda11c0f1d56ddda23679819d488f132b359c901b7775af839546fcc656a5f19cd6654cd080c0f5453ab220f28780465056c8ba49d1f4b94148e3fe1f1a7d2791dbede8a04578b1fc319a5914a0c180158cc47021cf99ab6abbed190ddb0ab63deac7a984d5485a958a88ee1092e72d6c65c4aea5e8318a8158995daa34bc08ecf94a0625e8e8337346b877bfd9784fe39168781475a8ff51c15e44eef693444b7fa1dbd6f5b456fb740abfb9671752cb07fac9452a7255870a63306c5bac2e16f9d379d7e1c7044a7ed285305224f50e2f2ecf3eb5fa81573831cebdd8caa4a22ca97a6c32c647636fb14a03f8b4a3e55a657a0e5fd45fb1cf12844de0c2f49dfedd1638e4d7760085635fa09fa58a792a4932e7c9936e92ab4120e0055c2f7116341125ed9ace414edcf98bd77d0614df98b49a34e38beecc81e6a4dc9ddb123a079dbedc806d16afc11789f0a970024d4dd7cd215d477656b182481c8b7e62be23a7c7aa791127d177ed6f797cf6fba13b2d9c2f3b945aebd0e8a566e0280a95ee4f76393d15facaf37bf98b678a80a5fb381eb888e3b7edc1b7901de0ae363593bc1807ec2e4e5687f86f26c34175fabbf353440b521db43fc6d2781e99fee81662d4ca1d5d8fad0d1fd9b783020021c10580f484a941a69b96caf5e05ed775888597107af9a59173c7902cc53f0a2ac746ba720604570c7c60b591ed16258e2bc8e9f0bc4b9711af3d13b1c8dbcf78c45fcdcd8169b59e2d221c35c43d81bfbc3750a29e576b3498ef998aa2edaf25d486c9f4211ec2d767bd251a0be3c49616664f6b1197ff9b058a6f5dcb85ffc446ff88db0f6b3a1dd144f7b7c6c64a130e3ead3afeff7eefd84fcbd82fb6b3fe4e3f1e3d5afca66ecd3e43146a19cc60ed0cad5c2480ce0c0cc26f25ad307fd35037206af37f5edec9129676b3f9666d8e9c7d976a85155147d657519df53bfba5b58cb1b256e93c7094d47adc012b3ca43fc89c9fa0dda5a24f59baa68bffc297bc4a05549eb5290bb85396bf70fb4a27e7ee6828f8effa1d5b6f4345c4f03fed9dfb3f0fcbbb04d561bd237110beac059e3b6fc9017861cb35c8cce4b81d1f5871f35b464456fb421c99bfe0ded4a3f29b4095d1cbe888245d74412ad26caf8efaec4b23f6909d0355c8642e4519589f40b98f3b858d74216ab5d9bef13d2a1024c523cac267111f536b31516883ddda7ee460520ff19e7c72e49c4140f09346f50840a990aabf10b8542807a1cce810742cb90c9c4a83675915c11b7ff96415884090e8134c50f3b09e0c01bf6b86700f14a1d8092e1ff652033fe6b547b3455bbddadfe0dbc7d48ff2e3d000b45ea26d6005c2da28612adf0d5070d8a2676a406f0331f98cad8e48b63ae2b021ed110df6881b4f69a8a50443bb213f16f78246a0774cdfe6b1b2ae794ff17cf984fc05a4e76d5e2242fc45878065e60b7a9f59e346c1e6b5b8289eaee665e2a134822c3b10b9d5f2641a1cd31cc2e00096a97290c53e1372841fee53559f0248f535260a6644c987046493828da3396fe19e59b3bf94929109d5d7fca3efe37f69f3fa15826f62d4174f3204330c21e1483ca84b65ca08ae1ec099a7a8dac3ffadca9797a69814c542afa942f715b7c6a16fd9684dd7ce73b1408c7321a4e01610cb64f35128e7ae52da620d6a920084b186f9ea240d13270063ee0ac90630c955f2f396bcda5dcfb3169f68229984ff029ec1aaba026849f5a06df4786a3c389073179d938300069870fd6e636b618471253278ea07792e33bb3b7bf6b587ada49300dd0afc62302d8709ff16452c779f3989b6573d579b92d7d0bf64829122b0b967f682e79e8c58078158"}, @TIPC_NLA_NODE_ID={0x48, 0x3, "e8554de01917a5026029d3d3a3b5ad6e1e0f2798a3dfbf3e59df231513143f3c3717d3795442caa1eda21cd9aadc84ce62218a6377c51cfcee8409c3fd42860416f70f31"}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x6}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_SOCK={0x20, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfffffff1}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3}]}, @TIPC_NLA_MEDIA={0x7c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xafc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x101}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_SOCK={0x4}, @TIPC_NLA_NET={0x30, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x9}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x4}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x80000007c16}]}]}, 0x10d8}, 0x1, 0x0, 0x0, 0x4000010}, 0x4010) (async)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (async)
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) (async)
write$tun(r3, &(0x7f0000000240)=ANY=[@ANYBLOB="034886dd090030000300300012006000000001002f0081e949b93897bc3b0000000000007d01ff020000000000000000000000000001120022eb"], 0xfdef) (async)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1b0000001a0069ae00000000000000001c"], 0x1c}}, 0x0) (async)
ioctl$SIOCX25CALLACCPTAPPRV(r1, 0x89e8)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) (async)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
socket$packet(0x11, 0x3, 0x300)
close(r5) (async)
syz_emit_ethernet(0x2a, &(0x7f0000000180)=ANY=[@ANYBLOB="0000000000000000000600000000060000000180c2000000aaaaaaaaaabb"], 0x0) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = socket(0x10, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000005c0)=0x14)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16, @ANYBLOB="410000000000000001000603000014000300060a0004090300f006e8ffffffffffff070007003a3a0909140002"], 0x44}, 0x1, 0x1000000}, 0x0) (async)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="a000000010003b0e2a1a86eb2636037f00000000", @ANYRES32=r9, @ANYBLOB="020000000000800080001200080001007674693674000200"], 0xa0}}, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)

4.000145128s ago: executing program 3 (id=2175):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x2a, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet6(0x10, 0x2, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="4400000010000304016100"/20, @ANYRES32=0x0, @ANYBLOB="d3ddd1de00000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x44}}, 0x7000000)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, 0x0, 0x0)

3.688309587s ago: executing program 3 (id=2179):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @private0}, 0x1c)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f00000001c0), 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c00000010004b0422000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c0002800800040000000000080015"], 0x4c}, 0x1, 0x0, 0x0, 0x200400a0}, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
sendto$inet6(r0, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @private0}, 0x1c) (async)
shutdown(r0, 0x1) (async)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f00000001c0), 0x4) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c00000010004b0422000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c0002800800040000000000080015"], 0x4c}, 0x1, 0x0, 0x0, 0x200400a0}, 0x0) (async)

3.228378285s ago: executing program 3 (id=2182):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0500000004000000080000000a"], 0x48)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000080)={<r2=>0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4e22, 0x3, @remote, 0x5}]}, &(0x7f0000000440)=0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010004000000000000000b0000000c00058007000200"], 0x20}, 0x1, 0x0, 0x0, 0xc011}, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000000000bb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r6}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

3.090345185s ago: executing program 2 (id=2184):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)={0x50, r2, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_FRAME={0x29, 0x33, @auth={{{0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x3}, @broadcast, @device_a, @random="5187bed2e296", {0x7, 0xf95}, @value=@ver_80211n={0x0, 0x59cf, 0x0, 0x1, 0x0, 0x3, 0x1}}, 0x1, 0x3, 0x5c, @val={0x10, 0x1, 0xe6}}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x8, 0xcd, [0x1, 0x0]}]}, 0x50}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

2.972340857s ago: executing program 3 (id=2185):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bond={{0x9}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_ACTOR_SYSTEM={0x8, 0x1a, @broadcast}, @IFLA_BOND_AD_USER_PORT_KEY={0x6, 0x19, 0x7}, @IFLA_BOND_ARP_VALIDATE={0x8, 0x9, 0x1}]}}}]}, 0x4c}, 0x1, 0xba01}, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x87f}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8080}, 0x40020)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001300)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd25, 0x5, {0x0, 0x0, 0x0, r4, {0xfff2, 0x1}, {}, {0x4, 0xfff2}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0x26}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc004880}, 0x0)

2.834999144s ago: executing program 2 (id=2186):
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newtaction={0xec, 0x30, 0xffff, 0x0, 0x0, {}, [{0xd8, 0x1, [@m_ife={0xd4, 0x1, 0x0, 0x0, {{0x8}, {0xac, 0x2, 0x0, 0x1, [@TCA_IFE_DMAC={0xa, 0x3, @local}, @TCA_IFE_METALST={0x28, 0x6, [@IFE_META_SKBMARK={0x8, 0x1, @val=0x1}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x7fff}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x9}, @IFE_META_PRIO={0x8, 0x3, @val=0x200}]}, @TCA_IFE_PARMS={0x1c, 0x1, {{0xa, 0x80, 0x3, 0x0, 0x10}}}, @TCA_IFE_TYPE={0x6, 0x5, 0x3}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x1, 0x9, 0x4, 0x5, 0x1}, 0x1}}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_TCINDEX={0x6, 0x5, @val=0x6}]}, @TCA_IFE_SMAC={0xa, 0x4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x9, 0xff, 0x2000000e, 0x8, 0x2}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xec}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001640)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x0, 0x0, 0xe4ffffff}, 0x9}, [{}, {0x0, 0x0, 0x8000}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xe4ffffff}, {0x9}, {0xfffffffd}, {}, {0x0, 0x9, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {0x2000000}, {0x0, 0x0, 0x2000000}, {0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {0xfffffffa}, {}, {}, {}, {0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x400000}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x8}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfff}, {}, {0xffffffff}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x1000000}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x8000000}, {}, {}, {0x0, 0x2}, {}, {0x3}, {}, {}, {}, {}, {}, {0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0xfffffffe}, {0x0, 0x400000}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x7fffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {0x0, 0x1}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xe68}}, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb88a80000810000000806000101000604000100"/40], 0x0)
r3 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r3, 0x29, 0x37, &(0x7f00000001c0)={0x67}, 0x8)
sendto$l2tp6(r3, 0x0, 0x28, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f288476d2610054c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

2.301638289s ago: executing program 4 (id=2187):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="1709000000000000000001000000080009000200000414001f00fe8000000000000000000000000000aa140020000000e4ffffff00000000ffffac1414bb0500070000000000060002000100000008000a"], 0x5c}}, 0x0)

2.219159076s ago: executing program 4 (id=2188):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000001e00010002000000", @ANYRES32=0x0, @ANYBLOB="000002"], 0x20}}, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), r2)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000220000000a0001007770616e3000000005002000000004000500200000000000050020000000000009001f"], 0x44}}, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280))
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @random="e5db029ea53c"})
write$cgroup_devices(r5, &(0x7f0000000140)=ANY=[@ANYBLOB="1e000300008c71ef28ff4b"], 0xffdd)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x30, 0x2e, 0x400, 0x70bd28, 0x5, {0xe}, [@generic="2c26feb8c96d2628a2c6214bf9f1bc6c3fe7a242b4fa9dff9e44"]}, 0x30}, 0x1, 0x0, 0x0, 0x8894}, 0x4000000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000079100e000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.251334754s ago: executing program 2 (id=2189):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x2a, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet6(0x10, 0x2, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="4400000010000304016100"/20, @ANYRES32=0x0, @ANYBLOB="d3ddd1de00000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x44}}, 0x8000000)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, 0x0, 0x0)

1.177164722s ago: executing program 3 (id=2190):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}) (async)
r2 = socket$netlink(0x10, 0x3, 0x15)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), r2)
syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r2) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), r2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000e80)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x48, 0x2, [@TCA_CAKE_ATM={0x8, 0x4, 0x1}, @TCA_CAKE_SPLIT_GSO={0x8, 0x11, 0x1}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x3}, @TCA_CAKE_FLOW_MODE={0x8, 0x5, 0x6}, @TCA_CAKE_INGRESS={0x8, 0xf, 0x1}, @TCA_CAKE_INGRESS={0x8, 0xf, 0x1}, @TCA_CAKE_MEMORY={0x8, 0xa, 0x66aa}, @TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x8000000000000000}]}}]}, 0x78}}, 0x0)

1.173732979s ago: executing program 4 (id=2191):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), r0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000000)={'ipvlan1\x00', &(0x7f00000002c0)=@ethtool_channels={0x3c, 0x6, 0x0, 0xe, 0xfffffffa, 0xa9c, 0x7, 0x4, 0x2}})
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000200004114000200626f6e643000000000000000000000000900010073797a0900"], 0x40}}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="1c0000003d00070100007c0037b7bbd9db000800d6000000", @ANYRES32=r5, @ANYBLOB], 0x1c}}, 0x4040000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r4}, 0x10)
socket(0x10, 0x803, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000007110b2000000000095"], &(0x7f0000001580)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0x40c}}, 0x0)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(r8, 0x8983, &(0x7f0000000180)={0x9, 'vlan1\x00', {0x671b}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r7, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

903.330533ms ago: executing program 2 (id=2192):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={r0, <r1=>0xffffffffffffffff}, 0x4)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x13, r1, 0xad1f2000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000040)=ANY=[@ANYBLOB="1805000000000500000000000000000018010000646c6c2500000000002020207b1af8ff00000000bfa100000008000007010000f8ffff88e3698b86bc5d86550b6220cca2c4ffb702000008000000b70300000000000085000000060000001801000020696c2500000000002020207b0af8ff00000000bd510000000000000701000000feffffb702000008000000b70300000000000085000000190000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x8, 0xde, &(0x7f0000003e40)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_udp_int(r2, 0x11, 0x67, &(0x7f0000000140), &(0x7f0000000180)=0x4)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_inet_SIOCSIFPFLAGS(r3, 0x8934, &(0x7f0000000100)={'xfrm0\x00', 0x4c})

903.056583ms ago: executing program 3 (id=2193):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000b00000000000000", @ANYRES32, @ANYBLOB="0100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000eaffffff0000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="000000000000f8ff00000000bfa200000000000007020000b704000000000000850000000300000085000000230000009500000000000000000000000000000000000000594ef797b02e233d174e95c4e86dd5b1c2ada658a50981edcbd451b1d5cbdb5339b55d55c3ca26c904d7062f4f7155e3d6a4d7635f3a304455"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x2a, 0x80000, 0x10000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r0}, &(0x7f00000000c0), &(0x7f0000000100)=r1}, 0x20)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
recvmmsg$unix(r2, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
getsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x89, &(0x7f0000000100), &(0x7f0000000140)=0x4)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r4, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r4], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
bind$packet(r2, &(0x7f0000000180)={0x11, 0x3, r4, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000100)=ANY=[], 0x32600)
r7 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000180)={{{@in=@broadcast, @in6=@dev={0xfe, 0x80, '\x00', 0x20}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x3b}, {0x0, 0xfffffffffffffffd, 0x80000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, {0x0, 0x0, 0x10000, 0x8}, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3}, {{@in6=@ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x0, 0x6c}, 0x0, @in6=@mcast2, 0x3500, 0x3, 0x3, 0x4}}, 0xe8)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x13, r6, 0x0)
r8 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$MRT(r8, 0x0, 0xce, 0x0, &(0x7f0000000040))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

899.914523ms ago: executing program 1 (id=2194):
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000180), 0xffffffffffffffff)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@local, @random="f2c4a6a27b6e", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x25}, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2f, 0x0, @empty, @rand_addr=0x64010101}, "0400655800000200"}}}}}, 0x0)
sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r2, 0x420, 0x70bd26, 0x25dfdbfc, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x183}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x134b}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async)
sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r2, 0x420, 0x70bd26, 0x25dfdbfc, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x183}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x134b}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x44, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x7fffffff, 0x6, 0x9}}}}]}, 0x44}}, 0x44080)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r3, 0x0, 0x4000000)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x40000, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000000)={'rose0\x00', 0x112})
ioctl$TUNATTACHFILTER(r6, 0x401054d5, &(0x7f0000000240)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff008}, {0x6, 0x0, 0x0, 0xfffffffd}]})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=@newqdisc={0x38, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r8, {0x0, 0x3}, {0x0, 0xa}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0xc}}]}, 0x38}}, 0x4000)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz0\x00', 0x200002, 0x0)
openat$cgroup(r10, &(0x7f00000002c0)='syz1\x00', 0x200002, 0x0) (async)
openat$cgroup(r10, &(0x7f00000002c0)='syz1\x00', 0x200002, 0x0)
ioctl$TUNATTACHFILTER(r9, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x9}]})

666.152223ms ago: executing program 2 (id=2195):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl(r0, 0x8b29, &(0x7f0000000040))
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f0000000140)={0x10, 0x0, 0xfffffffd, 0x1}, 0xc)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000003c0)={{{@in=@broadcast, @in=@multicast2, 0x4e20, 0x0, 0x800, 0x0, 0x2}, {0x7, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, {}, 0x0, 0x0, 0x1, 0x0, 0x3, 0x3}, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x2b}, 0x0, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x200000}}, 0xe8)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
sendmsg$nl_xfrm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001c0093"], 0x14}}, 0x4080)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'wg0\x00'})
sendmsg$nl_route(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv6_newrule={0x44, 0x20, 0x1, 0x70bd27, 0x0, {0xa, 0x20, 0x10, 0x0, 0x1, 0x0, 0x0, 0x8, 0x4}, [@FRA_SRC={0x14, 0x2, @private2}, @FRA_DST={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x40000)

319.812113ms ago: executing program 2 (id=2196):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
close(r1)
connect$unix(r1, &(0x7f0000000940)=@file={0x0, './file0\x00'}, 0x6e)
sendmsg$OSF_MSG_REMOVE(r1, &(0x7f00000005c0)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000580)={&(0x7f0000003d80)=ANY=[@ANYBLOB="b80b0000010501020000000000000000050000015402010003000000ffff00006cfc01000200030073797a3000000000000000000000000000000000000000000000000000000000172f0f1b8e781d1b90fe36c5ac0bbba0e1f61de53fe555dbc15375a662be288c768451b93ec844e39b4ca32942f17bb8d4de1c4df3b5b015babd69804aceb3640104030001000000090000000800090003000000050000000900070003000000090000000600df0002000000aa08000089df030003000000080000000800050003000000070000000000050001000000020000008000ff0302000000060000000000010000000000b5d20000010040000200000002000000f500f20000000000010000000800ff0002000000000000007fff020000000000fb4800000e00010003000000a130f3690010020000000000040000000e00fdff02000000070000007f0007000300000006000000001000100100000009000000fbfff00b01000000090000000400070000000000880586644000840002000000b30000000700100000000000060000000500ee0002000000010000000600050000000000090000000800070001000068ba8b812ae557ba00020000000200000003003f000200000000000000b80a1d0701000000020000000400000003000000020000000500b4000a5c5b1c0c00000040004b0001000000040000000700090003000000090000000180d00b0200000009000000050000000000000005000000050002000100000043000000100005000300000000010000020005000000000000000080f4ff080002000000ff7f000000000300000000004b00000001000100030000000000008054020100030000000e000000ff090200ff0f240073797a3100000000000000000000000000000000e9ff00000000000000000000ef848dacf61b62430042b8c7d57e5e92585ebed058de30b8996c2eaab9c7406ca3895dabc35d945a61ad5358caa0d609ac0104e244c364d65ce263e9564ec94f000802000300000000c000000a000d0000000000d700000001000800020000009b0000008e7381000200000005000000f7ff040002000000000000000020000803000000090000000700f9000000000007000000010007000000000009000000f1ff00080200000002000000ed00ab11000000000e0000000300060000000000100000000008060002000000020000000800010003000000010000000700060003000000070000000000010001000000010000000400070001000000000400008100050000000000090000004a3d080003000000050000008000050003000000020000000100ff0f03000000010000000d000b000200000000000000ff037f0002000000ff0300000001090001000000f3947508d606060000000000050000000700f8f5030000004445ffff0600ffff0300000004000000ff03300a030000000300000005000000000000000900000001040c00000000004ff9ffff090006000100000006000000070001000300000000000078958e0800020000000600000042f6c80601000000e10000000800600603000000010000000800040000000000010000000800ff0f02000000040000000400da06000000000600000003000002030000009b0700000000ca0002000000010000000e0001000300000000000000540201000100000000800000035801000700150073797a30008c22a14f0000000000000000000000000000000000000000000000da1aff9b641674ca3207ed06c6a7271cd3918dec8e9bda180e18394e9d48ba47f30ed8ace1e09c4853aad3c2cb3f2d0f3c93d44f66be13f97b13d2548cedc9ff0e00030051e510be07000000bf08ffff03000000000400000600030001000000040000000900aa020200000004000000070008000000000008000000000007000100000005000000ffff000000000000060000000200010401000000ff0f00000000e67803000000b39b492a05000d0000000000a5e5ffffff030500030000000c0000000500010001000000cd0000000900ffff02000000f7ffffffd90f17e0020000000010000001fc040001000000050000000400020003000000000400000800ac0f0100000007000000a062040000000000010000000001090000000000332a0000dd000d00010000000000000000000800000000000c000000008000100200000000000000920001000100000005000000e4578c060200000008000000f7ff0000030000000f000000816102000000000003000000090008000100000000040000050002000000000001000000060008000300000007000000faff01000100000008000000080007000000000007000000860905000100000006000000db2f0104030000000c0000008100030001000000ff07000000000700030000000200000008000900020000000800000002002b0001000000f9ffffff0800ff000000000007fcffff0400ff0f020000005cffffff0600f9ff0100000044d90000540201000000000001000000800a03000500260073797a31000000000000000000000000000000000000000000000000000000007d004a7e3ac0a695ee60cdb768c30ca78ad10ab89cf5504416a3611bb571906162742227c9e5a2504a5bc5116aaac74b726c4269701b73ce318779af89bb5131ca7f33da01000000000000009600070003000000247b0000070095b503000000ff0700000600240003000000010000800800030001000000d30e0000e0d3000e02000000f03f00000300060003000000030000000900f7000300000001000100030003000200000001000100ade2030003000000040000009c00070003000000000000800900a4dc0100000006000000f2ff060000000000050000000500060000000000010001000900060002000000020000001501af5e010000000500000041000200010000000600000005000100030000000100000006008e000300000038df0000aec55c007cb3f6b30200000000000100020000000700000004000f0002000000010000000500020001000000030000000100030003000000051fea380600010000000000010000000080050000000000f39700000200090002000000090000000300030000000000030000000900070000000000010000000400060003000000e93a000000800a000300000007000000000400000300000009000000ff01020001000000373000000700070000000000030000000600040001000000450f00000400040003000000feffffff030000000200000001feffff0600b70e000000000600000005000600010000000100010002000600020000000000000054020100000000002d0d00000100040002000a0073797a31000000000000000000000000000000000000000000000000000000008c075ccd80cecb28e5882bd6cbba785d4f6ebb9852ea028a4488f4257b7d0a6f390fb86b28ce7662506ff602d97aadcdf184ec564dcea7ab00b6063c176c69fe0000ff0101000000070000006a00e06e02000000090000000001cff302000000ff030000c9ff97300000000000000000080000000300000006000000030000010000000009000000010007000000000001010000c1de050001000000070000000600030000000000000000000000000001000000070000000800740002000000060000000001000000000000060000000300f50002000000536f0000030000040300000003000000000080ff000000000002000001000700010000005a00000001000200010000000040000000000600000000000600000003000d00010000004000000000000500030000000700000080ff060001000000ff0f000001000800000000000000000075000004020000000800000007000900000000000700000006000600000000000f00000001000001000000000e0000007f00080002000000ffffffff38a1060003000000030000000700018000000000090000008c0000100200000000000000f9ffff030300000009000000ffff100003000000010000800400ff00000000005b0e00000000090002000000000000507f001a8c0000000009000000c2cd7800020000000300000006009e0000000000f9ffffff06109a010300000002000000070009000000000008000000d70000000200000010000000"], 0xbb8}, 0x1, 0x0, 0x0, 0x800}, 0x8000)
openat$cgroup_ro(r1, &(0x7f0000000140)='cpuset.effective_mems\x00', 0x275a, 0x0)
r2 = socket(0x15, 0x5, 0x0)
setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000040)=0x3, 0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r3, 0x0, 0x6}, 0x18)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f0000000400)={0x20002007})
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$inet_dccp(0x2, 0x6, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4400000010000304fcffffff3f00000000000000", @ANYRES32=0x0, @ANYBLOB="a5fdad8800000000140012800b0001006970766c616e00000348028008000500", @ANYRES32=r7, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r7, @ANYBLOB="b61b0b9b18e26a26b200029706fe87de20f30ace8c2a489f7d9ad9612ff9128853474d1ada0d95eba2cd1d14e289e42e36293618c3203f6ce14176b92984"], 0x44}, 0x1, 0x300000000000000, 0x0, 0x4004}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000240)=[@mss, @sack_perm, @sack_perm, @window={0x3, 0x7, 0x1}, @sack_perm, @mss={0x2, 0x2}, @timestamp, @timestamp], 0x8)
socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)

243.33712ms ago: executing program 4 (id=2197):
r0 = socket$packet(0x11, 0x3, 0x300) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x1, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000e90018010000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008010000b703000000000001850000007000000095000000000000000500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000080)=ANY=[@ANYRESOCT=r0], &(0x7f00000002c0)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2689064c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

135.28035ms ago: executing program 4 (id=2198):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x24, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x8}]}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x120}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xb0}}, 0x20050800)
r1 = socket$inet(0xa, 0x801, 0x84)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r2, &(0x7f0000000040), 0x0, 0x20000004) (async)
sendmmsg$inet(r2, &(0x7f0000000040), 0x0, 0x20000004)
r3 = socket$kcm(0x10, 0x4, 0x0)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, 0x0, &(0x7f00000000c0)=0x28)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="500000001000ed0300003fa10fbf000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028005000800010000001400030067656e65766531000000000000000000"], 0x50}}, 0x2000000)
syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000040))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pipe(&(0x7f0000000240)) (async)
pipe(&(0x7f0000000240))
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r5, 0x8914, &(0x7f0000000000))
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r1, 0xfffffffe) (async)
listen(r1, 0xfffffffe)
r6 = accept4(r1, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r6, 0x84, 0x6, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e23, @empty}}}, &(0x7f0000000080)=0x84)

0s ago: executing program 4 (id=2199):
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newtaction={0xec, 0x30, 0xffff, 0x0, 0x0, {}, [{0xd8, 0x1, [@m_ife={0xd4, 0x1, 0x0, 0x0, {{0x8}, {0xac, 0x2, 0x0, 0x1, [@TCA_IFE_DMAC={0xa, 0x3, @local}, @TCA_IFE_METALST={0x28, 0x6, [@IFE_META_SKBMARK={0x8, 0x1, @val=0x1}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x7fff}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x9}, @IFE_META_PRIO={0x8, 0x3, @val=0x200}]}, @TCA_IFE_PARMS={0x1c, 0x1, {{0xa, 0x80, 0x3, 0x0, 0x10}}}, @TCA_IFE_TYPE={0x6, 0x5, 0x3}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x1, 0x9, 0x4, 0x5, 0x1}, 0x1}}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_TCINDEX={0x6, 0x5, @val=0x6}]}, @TCA_IFE_SMAC={0xa, 0x4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x9, 0xff, 0x2000000e, 0x8, 0x2}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xec}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001640)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x0, 0x0, 0xe4ffffff}, 0x9}, [{}, {0x0, 0x0, 0x8000}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xffffffe4}, {0x9}, {0xfffffffd}, {}, {0x0, 0x9, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {0x2000000}, {0x0, 0x0, 0x2000000}, {0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {0xfffffffa}, {}, {}, {}, {0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x400000}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x8}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfff}, {}, {0xffffffff}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x1000000}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x8000000}, {}, {}, {0x0, 0x2}, {}, {0x3}, {}, {}, {}, {}, {}, {0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0xfffffffe}, {0x0, 0x400000}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x7fffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {0x0, 0x1}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xe68}}, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb88a80000810000000806000101000604000100"/40], 0x0)
r3 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r3, 0x29, 0x37, &(0x7f00000001c0)={0x67}, 0x8)
sendto$l2tp6(r3, 0x0, 0x28, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f288476d2610054c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

kernel console output (not intermixed with test programs):

0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  183.028699][ T7760] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  183.037479][ T9732] netlink: 'syz.4.1079': attribute type 1 has an invalid length.
[  183.137906][ T9723] bond4: left promiscuous mode
[  183.159744][ T9723] bond4: left allmulticast mode
[  183.164681][ T9723] batadv1: left allmulticast mode
[  183.186877][ T9723] batadv1: left promiscuous mode
[  183.254731][ T9732] 8021q: adding VLAN 0 to HW filter on device bond1
[  183.328409][ T9299] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  183.356748][ T9736] bond1: (slave veth7): Enslaving as an active interface with a down link
[  183.540794][ T9299] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  183.618491][ T9299] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  183.681092][ T9752] netlink: 'syz.2.1083': attribute type 29 has an invalid length.
[  183.713525][ T9752] netlink: 'syz.2.1083': attribute type 29 has an invalid length.
[  183.859002][ T9771] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1089'.
[  184.881392][ T9807] pimreg0: tun_chr_ioctl cmd 1074025677
[  184.887206][ T9807] pimreg0: linktype set to 65534
[  184.909311][ T9805] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1100'.
[  184.962217][ T9799] gtp0: left promiscuous mode
[  184.966975][ T9799] gtp0: left allmulticast mode
[  184.996572][ T9805] netlink: 276 bytes leftover after parsing attributes in process `syz.3.1100'.
[  185.215096][ T9819] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1102'.
[  185.445673][ T9831] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1106'.
[  185.471881][ T9833] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  185.554293][ T9838] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1108'.
[  185.938030][ T9851] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on
[  186.120053][ T9863] macvlan2: entered promiscuous mode
[  186.126643][ T9870] openvswitch: netlink: Message has 8 unknown bytes.
[  186.129865][ T9871] netlink: 'syz.0.1116': attribute type 27 has an invalid length.
[  186.142983][ T9863] macvlan2: entered allmulticast mode
[  186.194385][ T9867] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.226351][ T9875] syzkaller1: entered promiscuous mode
[  186.236876][ T9875] syzkaller1: entered allmulticast mode
[  186.383644][ T9867] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.450130][ T9880] netlink: 'syz.0.1121': attribute type 1 has an invalid length.
[  186.487999][ T9867] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.582397][ T9880] 8021q: adding VLAN 0 to HW filter on device bond2
[  186.601431][ T9886] (unnamed net_device) (uninitialized): up delay (1024) is not a multiple of miimon (100), value rounded to 1000 ms
[  186.640291][ T9886] (unnamed net_device) (uninitialized): down delay (4) is not a multiple of miimon (100), value rounded to 0 ms
[  186.743958][ T9867] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.772428][ T9885] ip6erspan0: entered promiscuous mode
[  186.783135][ T9885] bond2: (slave ip6erspan0): making interface the new active one
[  186.793868][ T9885] bond2: (slave ip6erspan0): Enslaving as an active interface with an up link
[  186.938832][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  186.967708][ T9896] bridge0: port 5(ipvlan3) entered blocking state
[  186.983357][ T9896] bridge0: port 5(ipvlan3) entered disabled state
[  187.040747][ T9896] ipvlan3: entered allmulticast mode
[  187.046120][ T9896] bridge0: entered allmulticast mode
[  187.074048][ T9896] ipvlan3: left allmulticast mode
[  187.080106][ T9896] bridge0: left allmulticast mode
[  187.184588][ T9899] bond3: entered promiscuous mode
[  187.190575][ T9899] 8021q: adding VLAN 0 to HW filter on device bond3
[  187.213894][ T9867] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  187.249925][ T9867] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  187.267098][ T9867] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  187.289126][ T9867] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  187.472394][ T9919] __nla_validate_parse: 8 callbacks suppressed
[  187.472415][ T9919] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1128'.
[  187.514484][ T9919] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1128'.
[  187.755701][ T9912] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1129'.
[  188.525731][ T9954] sch_tbf: burst 1127 is lower than device lo mtu (65550) !
[  188.805953][ T9963] netlink: 'syz.4.1146': attribute type 21 has an invalid length.
[  188.920726][ T9970] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1148'.
[  189.464460][ T9990] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1153'.
[  189.576777][ T9993] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1154'.
[  189.589688][ T9993] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1154'.
[  189.603017][ T9993] 8021q: VLANs not supported on nlmon0
[  190.120121][ T7757] tipc: Subscription rejected, illegal request
[  190.153871][T10013] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1162'.
[  190.327346][T10028] batadv_slave_0: entered promiscuous mode
[  190.573890][T10037] vlan0: entered allmulticast mode
[  190.817776][T10049] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1170'.
[  191.101074][T10057] netlink: 'syz.3.1171': attribute type 1 has an invalid length.
[  191.517802][T10072] batadv_slave_0: entered promiscuous mode
[  192.302333][T10105] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1185'.
[  192.521619][T10115] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1189'.
[  192.880985][T10126] netlink: 872 bytes leftover after parsing attributes in process `syz.0.1191'.
[  192.916172][T10126] batadv_slave_1: entered promiscuous mode
[  192.923129][T10126] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1191'.
[  192.932681][T10125] batadv_slave_1: left promiscuous mode
[  193.329945][T10145] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1198'.
[  193.349477][T10146] netlink: 'syz.1.1195': attribute type 3 has an invalid length.
[  193.427151][T10148] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1199'.
[  193.520579][T10150] netlink: 'syz.4.1201': attribute type 1 has an invalid length.
[  193.610219][T10158] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1201'.
[  193.620585][T10158] 8021q: adding VLAN 0 to HW filter on device bond3
[  193.890394][T10169] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1204'.
[  194.321121][T10176] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1208'.
[  194.409658][T10176] gretap0: left allmulticast mode
[  194.478257][T10176] gretap0: left promiscuous mode
[  194.495203][T10176] bridge0: port 1(gretap0) entered disabled state
[  194.530813][T10185] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1211'.
[  194.613555][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  195.250827][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  195.306640][T10224] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1222'.
[  195.338114][T10219] bridge0: port 1(gretap0) entered disabled state
[  195.467733][T10219] batadv_slave_0: left promiscuous mode
[  195.534219][T10219] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  195.542918][T10219] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  195.551447][T10219] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  195.560374][T10219] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  196.102583][T10261] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  196.125845][T10261] xt_bpf: check failed: parse error
[  196.236462][T10263] sctp: [Deprecated]: syz.1.1231 (pid 10263) Use of int in max_burst socket option.
[  196.236462][T10263] Use struct sctp_assoc_value instead
[  196.271118][T10267] netlink: 'syz.4.1234': attribute type 9 has an invalid length.
[  196.730270][T10280] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  196.886884][T10288] trusted_key: syz.2.1240 sent an empty control message without MSG_MORE.
[  196.895656][T10253] tipc: Started in network mode
[  196.920712][T10253] tipc: Node identity ac1414aa, cluster identity 4711
[  196.930850][T10253] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  196.938552][T10253] tipc: Enabled bearer <udp:s>, priority 10
[  197.070404][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  197.137343][T10297] batadv_slave_0: entered promiscuous mode
[  197.208200][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  197.348258][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  197.488218][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  197.628189][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  197.752120][T10329] lo speed is unknown, defaulting to 1000
[  197.758506][T10330] siw: device registration error -23
[  197.764660][T10329] lo speed is unknown, defaulting to 1000
[  197.769662][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  197.773772][T10329] lo speed is unknown, defaulting to 1000
[  197.793120][T10329] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  197.808051][T10329] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  197.839733][T10329] lo speed is unknown, defaulting to 1000
[  197.846999][T10329] lo speed is unknown, defaulting to 1000
[  197.854516][T10329] lo speed is unknown, defaulting to 1000
[  197.861557][T10329] lo speed is unknown, defaulting to 1000
[  197.869080][T10329] lo speed is unknown, defaulting to 1000
[  197.908280][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  197.999085][T10338] __nla_validate_parse: 5 callbacks suppressed
[  197.999110][T10338] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1257'.
[  198.049740][  T976] tipc: Node number set to 2886997162
[  198.099761][T10343] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  198.188241][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  198.277954][T10350] netlink: 'syz.4.1262': attribute type 9 has an invalid length.
[  198.611833][T10362] netlink: 'syz.4.1268': attribute type 4 has an invalid length.
[  198.636164][  T976] lo speed is unknown, defaulting to 1000
[  198.646952][T10360] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1265'.
[  198.657735][T10362] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1268'.
[  199.010773][T10384] netlink: 'syz.4.1274': attribute type 9 has an invalid length.
[  199.076325][T10386] tipc: Failed to remove unknown binding: 66,1,1/0:4083436884/4083436886
[  199.155513][T10389] nft_compat: unsupported protocol 0
[  199.164663][T10352] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1261'.
[  199.164817][T10386] netlink: 296 bytes leftover after parsing attributes in process `syz.2.1273'.
[  199.326053][T10398] vlan0: entered promiscuous mode
[  199.333847][T10398] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1277'.
[  199.359431][T10398] vlan0 (unregistering): left promiscuous mode
[  199.488496][T10401] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1278'.
[  199.671715][T10410] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1283'.
[  199.702173][T10412] netlink: 'syz.3.1281': attribute type 3 has an invalid length.
[  199.710071][T10412] netlink: 666 bytes leftover after parsing attributes in process `syz.3.1281'.
[  199.892193][T10418] ip6tnl1: entered promiscuous mode
[  199.929987][T10419] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1284'.
[  200.264849][T10411] lo speed is unknown, defaulting to 1000
[  200.282711][T10432] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  200.319921][T10415] lo speed is unknown, defaulting to 1000
[  200.498932][T10443] raw_sendmsg: syz.4.1291 forgot to set AF_INET. Fix it!
[  201.143828][T10458] lo speed is unknown, defaulting to 1000
[  201.816868][ T5847] Bluetooth: hci2: command 0x0406 tx timeout
[  201.824630][ T5848] Bluetooth: hci1: command 0x0406 tx timeout
[  201.824648][ T5843] Bluetooth: hci3: command 0x0406 tx timeout
[  202.128189][    C1] net_ratelimit: 7 callbacks suppressed
[  202.128213][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  202.520269][T10512] C: renamed from team_slave_0
[  202.550278][T10512] netlink: 'syz.2.1314': attribute type 1 has an invalid length.
[  202.558048][T10512] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  202.776726][   T30] audit: type=1800 audit(1742278594.959:2): pid=10534 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1322" name="memory.events" dev="tmpfs" ino=1807 res=0 errno=0
[  202.898459][   T30] audit: type=1804 audit(1742278594.989:3): pid=10534 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1322" name="/newroot/350/memory.events" dev="tmpfs" ino=1807 res=1 errno=0
[  203.044199][T10549] __nla_validate_parse: 11 callbacks suppressed
[  203.044221][T10549] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1326'.
[  203.133697][T10561] netlink: 'syz.4.1329': attribute type 10 has an invalid length.
[  203.143794][T10561] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1329'.
[  203.168191][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  203.344419][T10569] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1331'.
[  203.418652][T10564] netlink: 'syz.0.1325': attribute type 16 has an invalid length.
[  203.427616][T10584] sctp: [Deprecated]: syz.4.1333 (pid 10584) Use of int in max_burst socket option deprecated.
[  203.427616][T10584] Use struct sctp_assoc_value instead
[  203.473748][T10564] netlink: 'syz.0.1325': attribute type 17 has an invalid length.
[  203.651390][T10596] netlink: 'syz.4.1336': attribute type 10 has an invalid length.
[  203.655658][T10564] syz_tun: left promiscuous mode
[  203.686601][T10594] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1335'.
[  203.701680][T10564] bridge0: port 4(gretap0) entered blocking state
[  203.708333][T10564] bridge0: port 4(gretap0) entered forwarding state
[  203.722023][T10599] openvswitch: netlink: IP tunnel dst address not specified
[  203.726616][T10564] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.738719][T10564] 8021q: adding VLAN 0 to HW filter on device team0
[  203.746193][T10564] dummy0: entered promiscuous mode
[  203.754727][T10564] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  203.772704][T10600] x_tables: duplicate underflow at hook 1
[  203.816657][ T7753] bridge0: port 3(team0) entered blocking state
[  203.823048][ T7753] bridge0: port 3(team0) entered forwarding state
[  203.842404][T10602] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1337'.
[  203.918934][T10600] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1335'.
[  203.938573][T10602] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1337'.
[  204.091232][T10606] batadv_slave_0: entered promiscuous mode
[  204.170996][T10609] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  204.208290][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  204.210799][T10612] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1340'.
[  204.233096][T10613] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1342'.
[  204.427554][T10620] openvswitch: netlink: IP tunnel dst address not specified
[  204.478917][T10620] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1344'.
[  204.503555][T10620] vlan2: entered allmulticast mode
[  204.695680][T10632] syzkaller0: entered allmulticast mode
[  204.722479][T10634] syzkaller1: entered promiscuous mode
[  204.728059][T10634] syzkaller1: entered allmulticast mode
[  204.805865][T10632] syzkaller0: entered promiscuous mode
[  204.846936][T10632] syzkaller0 (unregistering): left promiscuous mode
[  204.874019][T10632] syzkaller0 (unregistering): left allmulticast mode
[  204.953006][T10643] batadv_slave_0: entered promiscuous mode
[  204.959735][T10643] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  205.248180][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  205.659274][T10678] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  206.116559][T10694] batadv_slave_0: left promiscuous mode
[  206.288172][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  206.341034][T10715] x_tables: duplicate underflow at hook 1
[  206.688179][    C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  207.328196][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  207.348897][T10723] batadv_slave_0: entered promiscuous mode
[  207.716690][T10755] bridge_slave_0: invalid flags given to default FDB implementation
[  207.824389][T10762] netlink: 'syz.3.1390': attribute type 1 has an invalid length.
[  207.828482][T10760] netlink: 'syz.1.1391': attribute type 1 has an invalid length.
[  207.886964][T10765] pim6reg1: entered allmulticast mode
[  208.104396][T10775] tipc: Can't bind to reserved service type 2
[  208.172317][T10779] __nla_validate_parse: 8 callbacks suppressed
[  208.172338][T10779] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1399'.
[  208.372769][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  208.493488][T10790] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1404'.
[  209.408394][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  209.664726][ T7778] gretap0: left allmulticast mode
[  209.685592][ T7778] gretap0: left promiscuous mode
[  209.713852][ T7778] bridge0: port 4(gretap0) entered disabled state
[  209.821610][ T7778] team0: left allmulticast mode
[  209.826685][ T7778] team_slave_0: left allmulticast mode
[  209.835640][ T7778] team_slave_1: left allmulticast mode
[  209.848411][T10834] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1423'.
[  209.857548][T10834] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1423'.
[  209.866636][T10834] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1423'.
[  209.875854][T10834] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1423'.
[  209.885404][ T7778] bond0: left allmulticast mode
[  209.890522][ T7778] bond_slave_0: left allmulticast mode
[  209.896035][ T7778] bond_slave_1: left allmulticast mode
[  209.902082][ T7778] team0: left promiscuous mode
[  209.906896][ T7778] team_slave_0: left promiscuous mode
[  209.914278][ T7778] team_slave_1: left promiscuous mode
[  209.919883][ T7778] bond0: left promiscuous mode
[  209.924823][ T7778] bond_slave_0: left promiscuous mode
[  209.930586][ T7778] bond_slave_1: left promiscuous mode
[  209.936644][ T7778] bridge0: port 3(team0) entered disabled state
[  209.979145][ T7778] bridge_slave_1: left allmulticast mode
[  209.984921][ T7778] bridge_slave_1: left promiscuous mode
[  209.994275][ T7778] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.025159][ T7778] bridge_slave_0: left allmulticast mode
[  210.031526][ T7778] bridge_slave_0: left promiscuous mode
[  210.038724][ T7778] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.048743][   T56] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  210.060060][   T56] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  210.069184][   T56] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  210.081049][   T56] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  210.089013][   T56] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  210.096751][   T56] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  210.262649][ T7778] bond2 (unregistering): (slave ip6erspan0): Releasing active interface
[  210.448314][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  210.893564][T10847] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1428'.
[  211.211053][ T7778] team0: Port device bond0 removed
[  211.219441][ T7778] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  211.231577][ T7778] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  211.244131][ T7778] bond0 (unregistering): Released all slaves
[  211.370894][ T7778] bond1 (unregistering): Released all slaves
[  211.484809][ T7778] bond2 (unregistering): Released all slaves
[  211.491079][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  211.757746][ T7778] tipc: Disabling bearer <udp:s>
[  211.774221][ T7778] tipc: Left network mode
[  211.774335][T10854] tipc: Started in network mode
[  211.784015][T10854] tipc: Node identity 66bd47e94ecb, cluster identity 4711
[  211.791580][T10854] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  211.837731][T10853] tipc: Resetting bearer <eth:syzkaller0>
[  211.976819][T10862] netlink: 'syz.2.1434': attribute type 1 has an invalid length.
[  212.223100][ T5840] Bluetooth: hci2: command tx timeout
[  212.823030][ T5889] tipc: Node number set to 678840297
[  213.940149][T10853] tipc: Disabling bearer <eth:syzkaller0>
[  214.091357][T10866] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1436'.
[  214.210285][T10872] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input7
[  214.289234][ T5840] Bluetooth: hci2: command tx timeout
[  214.715320][T10836] chnl_net:caif_netlink_parms(): no params data found
[  214.937536][ T7778] hsr_slave_0: left promiscuous mode
[  214.949111][ T7778] hsr_slave_1: left promiscuous mode
[  214.955151][ T7778] batman_adv: batadv0: Removing interface: batadv_slave_0
[  214.968318][ T7778] batman_adv: batadv0: Removing interface: batadv_slave_1
[  215.373604][ T7778] team0 (unregistering): Port device team_slave_1 removed
[  215.551397][ T7778] team0 (unregistering): Port device team_slave_0 removed
[  216.016995][T10933] netlink: 'syz.1.1462': attribute type 1 has an invalid length.
[  216.035533][ T7778] vxcan1 (unregistering): left allmulticast mode
[  216.137461][T10836] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.148461][T10836] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.156091][T10836] bridge_slave_0: entered allmulticast mode
[  216.163818][T10836] bridge_slave_0: entered promiscuous mode
[  216.208963][T10836] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.216219][T10836] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.266525][T10836] bridge_slave_1: entered allmulticast mode
[  216.284639][T10836] bridge_slave_1: entered promiscuous mode
[  216.362161][T10933] 8021q: adding VLAN 0 to HW filter on device bond5
[  216.371405][ T5840] Bluetooth: hci2: command tx timeout
[  216.407559][T10934] 8021q: adding VLAN 0 to HW filter on device bond5
[  216.415138][T10934] bond5: (slave wireguard0): The slave device specified does not support setting the MAC address
[  216.428861][T10934] bond5: (slave wireguard0): Error -95 calling set_mac_address
[  216.472312][T10836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  216.518744][T10836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  216.683230][T10836] team0: Port device team_slave_0 added
[  216.692500][T10836] team0: Port device team_slave_1 added
[  216.749715][T10836] batman_adv: batadv0: Adding interface: batadv_slave_0
[  216.763790][T10836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  216.797580][T10836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  216.821075][ T7778] IPVS: stop unused estimator thread 0...
[  216.829128][T10836] batman_adv: batadv0: Adding interface: batadv_slave_1
[  216.839428][T10836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  216.868971][T10836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  216.983432][T10836] hsr_slave_0: entered promiscuous mode
[  216.995788][T10836] hsr_slave_1: entered promiscuous mode
[  217.009113][T10836] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  217.016807][T10836] Cannot create hsr debugfs directory
[  217.444916][T10972] netlink: 'syz.2.1474': attribute type 10 has an invalid length.
[  217.496149][T10974] netlink: 'syz.4.1476': attribute type 4 has an invalid length.
[  217.504573][T10974] netlink: 'syz.4.1476': attribute type 2 has an invalid length.
[  218.087793][T10998] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1489'.
[  218.184580][T11002] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  218.193130][T11002] tipc: Enabled bearer <udp:s>, priority 10
[  218.318805][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  218.327212][T10836] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  218.361321][T10836] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  218.390568][T10836] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  218.410310][T10836] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  218.459090][ T5840] Bluetooth: hci2: command tx timeout
[  218.540873][T11011] xt_CT: No such helper "syz0"
[  218.588330][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  218.630766][T11019] batadv_slave_0: left promiscuous mode
[  218.637910][T11019] ip6tnl1: left promiscuous mode
[  218.806991][T10836] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.022737][T10836] 8021q: adding VLAN 0 to HW filter on device team0
[  219.103045][ T7760] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.110252][ T7760] bridge0: port 1(bridge_slave_0) entered forwarding state
[  219.118375][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  219.213240][ T7753] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.220469][ T7753] bridge0: port 2(bridge_slave_1) entered forwarding state
[  219.767470][T10836] 8021q: adding VLAN 0 to HW filter on device batadv0
[  219.896309][T10836] veth0_vlan: entered promiscuous mode
[  219.937395][T10836] veth1_vlan: entered promiscuous mode
[  220.001041][T10836] veth0_macvtap: entered promiscuous mode
[  220.017311][T10836] veth1_macvtap: entered promiscuous mode
[  220.042083][T10836] batman_adv: batadv0: Interface activated: batadv_slave_0
[  220.086109][T10836] batman_adv: batadv0: Interface activated: batadv_slave_1
[  220.116084][T10836] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  220.128201][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  220.161773][T10836] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  220.182345][T10836] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  220.221910][T10836] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  220.395585][T11078] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1519'.
[  220.410847][T11078] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1519'.
[  220.560267][T11081] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1520'.
[  220.650593][ T7778] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.688454][ T7778] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.756892][ T7756] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.786936][ T7756] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.168205][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  221.407737][ T7760] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.519818][ T7760] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.957972][ T7760] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.090602][   T56] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  222.102982][   T56] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  222.118550][   T56] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  222.127181][   T56] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  222.136896][   T56] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  222.144705][   T56] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  222.208259][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  222.366813][ T7760] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.437190][T11149] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1548'.
[  222.456821][T11149] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1548'.
[  222.769239][ T7760] bridge_slave_1: left allmulticast mode
[  222.776442][ T7760] bridge_slave_1: left promiscuous mode
[  222.786420][ T7760] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.812351][ T7760] bridge_slave_0: left allmulticast mode
[  222.823632][ T7760] bridge_slave_0: left promiscuous mode
[  222.831320][ T7760] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.245187][T11183] ieee802154 phy0 wpan0: encryption failed: -22
[  223.251703][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  223.580309][ T7760] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  223.594727][ T7760] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  223.606904][ T7760] bond0 (unregistering): Released all slaves
[  223.620682][T11133] chnl_net:caif_netlink_parms(): no params data found
[  223.640620][T11175] ip6tnl2: entered promiscuous mode
[  223.645874][T11175] ip6tnl2: entered allmulticast mode
[  223.688694][T11191] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1563'.
[  223.885921][T11201] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1567'.
[  223.916770][T11201] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1567'.
[  224.117971][T11133] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.125287][T11133] bridge0: port 1(bridge_slave_0) entered disabled state
[  224.151476][T11133] bridge_slave_0: entered allmulticast mode
[  224.159947][T11133] bridge_slave_0: entered promiscuous mode
[  224.182394][T11133] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.198258][T11133] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.205546][T11133] bridge_slave_1: entered allmulticast mode
[  224.212692][ T5840] Bluetooth: hci2: command tx timeout
[  224.219164][T11211] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1569'.
[  224.229415][T11133] bridge_slave_1: entered promiscuous mode
[  224.289825][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  224.442420][T11133] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  224.484205][T11133] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  224.623048][ T7760] hsr_slave_0: left promiscuous mode
[  224.629694][ T7760] hsr_slave_1: left promiscuous mode
[  224.635859][ T7760] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  224.643735][ T7760] batman_adv: batadv0: Removing interface: batadv_slave_0
[  224.655373][ T7760] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  224.664310][ T7760] batman_adv: batadv0: Removing interface: batadv_slave_1
[  224.751802][ T7760] veth1_macvtap: left promiscuous mode
[  224.758618][ T7760] veth0_macvtap: left promiscuous mode
[  224.764356][ T7760] veth1_vlan: left promiscuous mode
[  224.771000][ T7760] veth0_vlan: left promiscuous mode
[  224.940820][T11226] netlink: 'syz.2.1573': attribute type 1 has an invalid length.
[  224.955903][T11226] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1573'.
[  225.334594][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  225.347629][ T7760] team0 (unregistering): Port device team_slave_1 removed
[  225.397562][ T7760] team0 (unregistering): Port device team_slave_0 removed
[  225.912385][T11232] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1575'.
[  226.000686][T11229] pim6reg: entered allmulticast mode
[  226.007411][T11230] pim6reg: left allmulticast mode
[  226.064225][T11133] team0: Port device team_slave_0 added
[  226.074733][T11133] team0: Port device team_slave_1 added
[  226.258681][T11133] batman_adv: batadv0: Adding interface: batadv_slave_0
[  226.265784][T11133] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  226.296335][   T56] Bluetooth: hci2: command tx timeout
[  226.312584][T11242] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1578'.
[  226.342902][T11242] netlink: 'syz.1.1578': attribute type 3 has an invalid length.
[  226.368240][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  226.370145][T11133] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  226.408707][T11133] batman_adv: batadv0: Adding interface: batadv_slave_1
[  226.415707][T11133] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  226.473738][T11133] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  226.501198][T11248] openvswitch: netlink: Flow actions attr not present in new flow.
[  226.665946][T11133] hsr_slave_0: entered promiscuous mode
[  226.707677][T11133] hsr_slave_1: entered promiscuous mode
[  226.729419][T11133] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  226.744436][T11260] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input8
[  226.755260][T11133] Cannot create hsr debugfs directory
[  227.110204][T11273] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  227.409673][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  227.559803][T11288] tipc: Failed to remove unknown binding: 66,1,1/0:823402514/823402516
[  227.585959][T11288] tipc: Failed to remove unknown binding: 66,1,1/0:823402514/823402516
[  227.601462][T11288] tipc: Failed to remove unknown binding: 66,1,1/0:823402514/823402516
[  227.634444][T11133] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  227.666534][T11133] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  227.699183][T11292] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  227.704032][T11133] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  227.731255][T11133] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  227.880290][T11133] 8021q: adding VLAN 0 to HW filter on device bond0
[  227.919834][T11133] 8021q: adding VLAN 0 to HW filter on device team0
[  227.941048][T11297] veth0_to_batadv: entered promiscuous mode
[  227.949359][T11297] bond0: (slave macvlan2): Enslaving as an active interface with a down link
[  227.988502][ T7760] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.995764][ T7760] bridge0: port 1(bridge_slave_0) entered forwarding state
[  228.030183][ T7760] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.037382][ T7760] bridge0: port 2(bridge_slave_1) entered forwarding state
[  228.342582][T11309] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  228.386593][   T56] Bluetooth: hci2: command 0x040f tx timeout
[  228.448249][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  228.561209][T11133] 8021q: adding VLAN 0 to HW filter on device batadv0
[  228.599370][T11319] netlink: 'syz.4.1610': attribute type 10 has an invalid length.
[  228.665898][T11322] netlink: 'syz.4.1612': attribute type 10 has an invalid length.
[  228.754266][T11327] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  228.774569][T11133] veth0_vlan: entered promiscuous mode
[  228.787365][T11133] veth1_vlan: entered promiscuous mode
[  228.866663][T11133] veth0_macvtap: entered promiscuous mode
[  228.876251][T11133] veth1_macvtap: entered promiscuous mode
[  228.893571][T11133] batman_adv: batadv0: Interface activated: batadv_slave_0
[  228.927334][T11133] batman_adv: batadv0: Interface activated: batadv_slave_1
[  228.953905][T11133] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  228.967442][T11133] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  228.984226][T11133] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  228.993221][T11133] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  229.116483][ T7777] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  229.140196][ T7777] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  229.197710][ T7777] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  229.214496][ T7777] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  229.488242][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  229.794044][T11360] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1629'.
[  229.943889][T11368] tipc: Failed to remove unknown binding: 66,1,1/678840297:3068111342/3068111344
[  230.528178][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  230.675893][ T7777] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.976723][T11411] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1652'.
[  230.986214][T11411] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1652'.
[  230.999151][T11411] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1652'.
[  231.008611][T11411] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1652'.
[  231.359009][ T7777] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.430577][T11423] tipc: Started in network mode
[  231.455968][T11423] tipc: Node identity 326b00000000000008, cluster identity 4711
[  231.568365][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  231.969822][ T5845] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  231.988232][ T5845] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  231.996625][ T5845] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  232.006244][ T5845] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  232.014114][ T5845] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  232.022765][ T5845] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  232.077620][ T7777] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.370140][T11443] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  232.414733][ T7777] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.481188][T11449] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1666'.
[  232.499545][T11438] vlan2: entered promiscuous mode
[  232.512282][T11438] vlan2: entered allmulticast mode
[  232.538025][T11447] vxcan1: entered allmulticast mode
[  232.553650][T11450] ip6tnl2: left promiscuous mode
[  232.559218][T11450] ip6tnl2: left allmulticast mode
[  232.570838][T11450] veth0_to_batadv: left promiscuous mode
[  232.608274][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  232.758400][T11454] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1668'.
[  232.874723][T11454] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1668'.
[  232.986125][ T7777] bridge_slave_1: left allmulticast mode
[  232.994177][ T7777] bridge_slave_1: left promiscuous mode
[  233.006130][ T7777] bridge0: port 2(bridge_slave_1) entered disabled state
[  233.020321][ T7777] bridge_slave_0: left allmulticast mode
[  233.026069][ T7777] bridge_slave_0: left promiscuous mode
[  233.041941][ T7777] bridge0: port 1(bridge_slave_0) entered disabled state
[  233.168690][ T5845] Bluetooth: hci4: command 0x0405 tx timeout
[  233.282033][T11472] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  233.384380][T11483] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1675'.
[  233.613230][ T7777] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  233.625066][ T7777] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  233.635447][ T7777] bond0 (unregistering): Released all slaves
[  233.648262][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  233.972359][T11432] chnl_net:caif_netlink_parms(): no params data found
[  233.991723][T11499] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1683'.
[  234.009302][T11499] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1683'.
[  234.133485][   T56] Bluetooth: hci2: command tx timeout
[  234.180696][T11501] batadv_slave_0: left promiscuous mode
[  234.237771][T11501] macvlan2: left promiscuous mode
[  234.245309][T11515] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  234.257174][T11501] macvlan2: left allmulticast mode
[  234.278862][T11501] hsr0: left allmulticast mode
[  234.283694][T11501] hsr_slave_0: left allmulticast mode
[  234.291058][T11501] hsr0: left promiscuous mode
[  234.304025][T11501] macvlan3: left promiscuous mode
[  234.316006][T11501] macvlan3: left allmulticast mode
[  234.337013][T11496] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  234.455713][T11521] geneve3: entered promiscuous mode
[  234.462959][T11521] geneve3: entered allmulticast mode
[  234.518413][T11530] netlink: 'syz.1.1687': attribute type 9 has an invalid length.
[  234.688207][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  234.862499][T11432] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.877663][T11432] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.885228][T11432] bridge_slave_0: entered allmulticast mode
[  234.894029][T11432] bridge_slave_0: entered promiscuous mode
[  234.902705][T11432] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.910054][T11432] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.960212][T11432] bridge_slave_1: entered allmulticast mode
[  234.976602][T11432] bridge_slave_1: entered promiscuous mode
[  235.029166][ T7777] hsr_slave_0: left promiscuous mode
[  235.063358][ T7777] hsr_slave_1: left promiscuous mode
[  235.115867][ T7777] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  235.153195][ T7777] batman_adv: batadv0: Removing interface: batadv_slave_0
[  235.179574][ T7777] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  235.192952][ T7777] batman_adv: batadv0: Removing interface: batadv_slave_1
[  235.227820][ T7777] veth1_macvtap: left promiscuous mode
[  235.233602][ T7777] veth0_macvtap: left promiscuous mode
[  235.239784][ T7777] veth1_vlan: left promiscuous mode
[  235.245243][ T7777] veth0_vlan: left promiscuous mode
[  235.250850][   T56] Bluetooth: hci4: command 0x0405 tx timeout
[  235.330269][ T5845] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  235.728702][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  235.766993][ T7777] team0 (unregistering): Port device team_slave_1 removed
[  235.814671][ T7777] team0 (unregistering): Port device team_slave_0 removed
[  236.208763][ T5845] Bluetooth: hci2: command tx timeout
[  236.246502][T11554] batadv_slave_0: entered promiscuous mode
[  236.307715][T11432] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  236.352046][T11432] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  236.608946][T11573] batadv_slave_0: left promiscuous mode
[  236.645991][T11573] bond3: left promiscuous mode
[  236.669618][T11432] team0: Port device team_slave_0 added
[  236.690702][T11432] team0: Port device team_slave_1 added
[  236.739132][T11582] netlink: 'syz.3.1703': attribute type 9 has an invalid length.
[  236.768187][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  236.931807][T11432] batman_adv: batadv0: Adding interface: batadv_slave_0
[  236.948125][T11432] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.008638][T11432] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  237.046595][T11592] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  237.102011][T11432] batman_adv: batadv0: Adding interface: batadv_slave_1
[  237.127048][T11432] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.176059][T11432] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  237.217816][T11599] __nla_validate_parse: 3 callbacks suppressed
[  237.217837][T11599] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1706'.
[  237.243814][T11600] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1708'.
[  237.360567][T11606] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1712'.
[  237.373435][T11606] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1712'.
[  237.398213][T11432] hsr_slave_0: entered promiscuous mode
[  237.434151][T11432] hsr_slave_1: entered promiscuous mode
[  237.446863][T11432] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  237.461273][T11610] netlink: 1284 bytes leftover after parsing attributes in process `syz.3.1711'.
[  237.471395][T11610] openvswitch: netlink: Message has 8 unknown bytes.
[  237.483087][T11432] Cannot create hsr debugfs directory
[  237.808235][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  237.822126][T11621] x_tables: duplicate underflow at hook 1
[  237.842665][T11616] batadv_slave_0: left promiscuous mode
[  237.974339][T11624] batadv_slave_0: entered promiscuous mode
[  238.179124][T11633] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1723'.
[  238.191573][T11633] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1723'.
[  238.245531][T11635] netlink: 'syz.1.1722': attribute type 9 has an invalid length.
[  238.288367][ T5845] Bluetooth: hci2: command tx timeout
[  238.376028][T11641] syz.2.1726: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  238.392180][T11641] CPU: 0 UID: 0 PID: 11641 Comm: syz.2.1726 Not tainted 6.14.0-rc6-syzkaller-01241-g702e3fa16cd4 #0
[  238.392209][T11641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  238.392220][T11641] Call Trace:
[  238.392227][T11641]  <TASK>
[  238.392234][T11641]  dump_stack_lvl+0x241/0x360
[  238.392269][T11641]  ? __pfx_dump_stack_lvl+0x10/0x10
[  238.392289][T11641]  ? __pfx__printk+0x10/0x10
[  238.392312][T11641]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  238.392337][T11641]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  238.392363][T11641]  warn_alloc+0x278/0x410
[  238.392385][T11641]  ? __vmalloc_node_range_noprof+0x106/0x1380
[  238.392404][T11641]  ? __pfx_warn_alloc+0x10/0x10
[  238.392426][T11641]  ? kasan_save_track+0x3f/0x80
[  238.392445][T11641]  ? __kasan_kmalloc+0x98/0xb0
[  238.392467][T11641]  ? xsk_setsockopt+0x4aa/0x810
[  238.392494][T11641]  ? do_sock_setsockopt+0x3af/0x720
[  238.392513][T11641]  ? __x64_sys_setsockopt+0x1ee/0x280
[  238.392532][T11641]  ? do_syscall_64+0xf3/0x230
[  238.392554][T11641]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.392587][T11641]  __vmalloc_node_range_noprof+0x126/0x1380
[  238.392634][T11641]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  238.392658][T11641]  ? __kasan_kmalloc+0x98/0xb0
[  238.392693][T11641]  vmalloc_user_noprof+0x74/0x80
[  238.392713][T11641]  ? xskq_create+0xb6/0x170
[  238.392729][T11641]  xskq_create+0xb6/0x170
[  238.392750][T11641]  xsk_init_queue+0xa1/0x100
[  238.392771][T11641]  xsk_setsockopt+0x4aa/0x810
[  238.392804][T11641]  ? __pfx_xsk_setsockopt+0x10/0x10
[  238.392835][T11641]  ? __pfx_aa_sk_perm+0x10/0x10
[  238.392868][T11641]  ? aa_sock_opt_perm+0x79/0x120
[  238.392906][T11641]  ? __pfx_xsk_setsockopt+0x10/0x10
[  238.392933][T11641]  do_sock_setsockopt+0x3af/0x720
[  238.392962][T11641]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  238.392988][T11641]  ? __fget_files+0x395/0x410
[  238.393015][T11641]  ? __fget_files+0x2a/0x410
[  238.393055][T11641]  __x64_sys_setsockopt+0x1ee/0x280
[  238.393086][T11641]  do_syscall_64+0xf3/0x230
[  238.393112][T11641]  ? clear_bhb_loop+0x35/0x90
[  238.393143][T11641]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.393171][T11641] RIP: 0033:0x7f9bf8f8d169
[  238.393191][T11641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.393210][T11641] RSP: 002b:00007f9bf9d5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  238.393233][T11641] RAX: ffffffffffffffda RBX: 00007f9bf91a5fa0 RCX: 00007f9bf8f8d169
[  238.393249][T11641] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  238.393262][T11641] RBP: 00007f9bf900e2a0 R08: 0000000000000004 R09: 0000000000000000
[  238.393275][T11641] R10: 0000400000000000 R11: 0000000000000246 R12: 0000000000000000
[  238.393289][T11641] R13: 0000000000000000 R14: 00007f9bf91a5fa0 R15: 00007ffcd4379de8
[  238.393322][T11641]  </TASK>
[  238.393416][T11641] Mem-Info:
[  238.739065][T11432] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  238.743929][T11641] active_anon:7098 inactive_anon:0 isolated_anon:0
[  238.743929][T11641]  active_file:1601 inactive_file:38374 isolated_file:0
[  238.743929][T11641]  unevictable:768 dirty:86 writeback:0
[  238.743929][T11641]  slab_reclaimable:11354 slab_unreclaimable:99789
[  238.743929][T11641]  mapped:28613 shmem:1408 pagetables:760
[  238.743929][T11641]  sec_pagetables:0 bounce:0
[  238.743929][T11641]  kernel_misc_reclaimable:0
[  238.743929][T11641]  free:1338502 free_pcp:770 free_cma:0
[  238.795791][T11432] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  238.813029][T11432] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  238.829114][T11432] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  238.829843][T11646] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  238.848172][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  238.851820][T11641] Node 0 active_anon:28492kB inactive_anon:0kB active_file:6404kB inactive_file:153416kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:114452kB dirty:344kB writeback:0kB shmem:4096kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12492kB pagetables:3040kB sec_pagetables:0kB all_unreclaimable? no
[  238.898301][T11641] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  238.940108][T11641] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  238.976456][T11650] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1728'.
[  239.000786][T11641] lowmem_reserve[]: 0 2489 2490 2490 2490
[  239.014460][T11641] Node 0 DMA32 free:1433700kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:28552kB inactive_anon:0kB active_file:6404kB inactive_file:153092kB unevictable:1536kB writepending:340kB present:3129332kB managed:2549716kB mlocked:0kB bounce:0kB free_pcp:2576kB local_pcp:684kB free_cma:0kB
[  239.082635][T11641] lowmem_reserve[]: 0 0 0 0 0
[  239.088641][T11641] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:324kB unevictable:0kB writepending:4kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  239.137534][T11641] lowmem_reserve[]: 0 0 0 0 0
[  239.146553][T11641] Node 1 Normal free:3901600kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  239.181209][T11641] lowmem_reserve[]: 0 0 0 0 0
[  239.186110][T11641] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  239.288520][T11641] Node 0 DMA32: 1*4kB (U) 134*8kB (UME) 183*16kB (UME) 117*32kB (UME) 80*64kB (UME) 46*128kB (UME) 56*256kB (UM) 43*512kB (UME) 24*1024kB (UM) 13*2048kB (UME) 321*4096kB (UM) = 1421124kB
[  239.320122][T11641] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  239.335331][T11641] Node 1 Normal: 200*4kB (UE) 52*8kB (UME) 38*16kB (UME) 236*32kB (UME) 110*64kB (UME) 29*128kB (UME) 14*256kB (UME) 8*512kB (UME) 7*1024kB (UME) 4*2048kB (UE) 942*4096kB (M) = 3901600kB
[  239.357989][T11641] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  239.367885][T11641] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  239.377619][T11641] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  239.398567][T11641] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  239.407998][T11641] 41383 total pagecache pages
[  239.413273][T11641] 0 pages in swap cache
[  239.417481][T11641] Free swap  = 124996kB
[  239.421289][T11432] 8021q: adding VLAN 0 to HW filter on device bond0
[  239.421715][T11641] Total swap = 124996kB
[  239.433468][T11641] 2097051 pages RAM
[  239.437319][T11641] 0 pages HighMem/MovableOnly
[  239.442555][T11641] 427900 pages reserved
[  239.446823][T11641] 0 pages cma reserved
[  239.548510][T11669] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1735'.
[  239.554546][T11432] 8021q: adding VLAN 0 to HW filter on device team0
[  239.565496][T11669] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1735'.
[  239.644871][ T7778] bridge0: port 1(bridge_slave_0) entered blocking state
[  239.652099][ T7778] bridge0: port 1(bridge_slave_0) entered forwarding state
[  239.700534][ T7778] bridge0: port 2(bridge_slave_1) entered blocking state
[  239.707746][ T7778] bridge0: port 2(bridge_slave_1) entered forwarding state
[  239.888215][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  239.945413][T11686] batadv_slave_0: entered promiscuous mode
[  239.975599][T11693] netlink: 'syz.2.1741': attribute type 9 has an invalid length.
[  240.385619][ T5845] Bluetooth: hci2: command tx timeout
[  240.928182][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  241.148592][T11432] 8021q: adding VLAN 0 to HW filter on device batadv0
[  241.297026][T11721] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input9
[  241.316015][T11432] veth0_vlan: entered promiscuous mode
[  241.324209][T11724] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  241.362680][T11432] veth1_vlan: entered promiscuous mode
[  241.574965][T11432] veth0_macvtap: entered promiscuous mode
[  241.633020][T11432] veth1_macvtap: entered promiscuous mode
[  241.745236][T11432] batman_adv: batadv0: Interface activated: batadv_slave_0
[  241.816790][T11432] batman_adv: batadv0: Interface activated: batadv_slave_1
[  241.865825][T11432] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  241.884587][T11432] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  241.897025][T11432] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  241.912101][T11432] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  241.925229][T11753] gretap0: left allmulticast mode
[  241.932199][T11753] gretap0: left promiscuous mode
[  241.937375][T11753] bridge0: port 1(gretap0) entered disabled state
[  241.960727][T11753] bond1: (slave veth7): Releasing active interface
[  241.968213][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  241.978510][T11753] bond0: (slave macvlan2): Releasing active interface
[  242.208436][ T7760] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  242.216410][ T7760] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  242.305829][ T7755] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  242.337823][ T7755] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  242.522729][T11776] __nla_validate_parse: 7 callbacks suppressed
[  242.522751][T11776] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1772'.
[  242.579361][T11781] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1772'.
[  242.902793][T11807] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  242.977084][ T7753] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.008232][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  243.034951][T11810] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1779'.
[  243.204047][ T7753] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.317093][ T7753] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.478920][ T7753] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.580284][ T7753] bridge_slave_1: left allmulticast mode
[  243.586021][ T7753] bridge_slave_1: left promiscuous mode
[  243.594264][ T7753] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.603744][ T7753] bridge_slave_0: left allmulticast mode
[  243.610346][ T7753] bridge_slave_0: left promiscuous mode
[  243.616080][ T7753] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.797515][T11818] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1782'.
[  244.048158][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  244.190414][T11834] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1784'.
[  244.416283][ T5840] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  244.427050][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  244.447280][ T5840] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  244.469529][ T5840] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  244.493618][ T5840] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  244.502347][ T5840] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  244.579782][ T7753] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  244.593718][ T7753] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  244.606850][ T7753] bond0 (unregistering): Released all slaves
[  244.629206][T11830] batadv_slave_0: entered promiscuous mode
[  245.088161][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  245.119307][T11856] netlink: 'syz.3.1792': attribute type 1 has an invalid length.
[  245.337744][T11856] 8021q: adding VLAN 0 to HW filter on device bond4
[  245.379832][T11857] bond4: (slave veth5): Enslaving as an active interface with a down link
[  245.458083][T11860] dummy0: entered promiscuous mode
[  245.480318][T11860] bond4: (slave dummy0): making interface the new active one
[  245.504767][T11860] bond4: (slave dummy0): Enslaving as an active interface with an up link
[  245.864045][T11873] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1797'.
[  245.868764][T11871] lo: entered allmulticast mode
[  245.881741][T11873] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1797'.
[  245.892126][T11871] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  246.128235][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  246.152024][T11858] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1789'.
[  246.312227][T11839] chnl_net:caif_netlink_parms(): no params data found
[  246.346264][T11888] FAULT_INJECTION: forcing a failure.
[  246.346264][T11888] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  246.369506][T11888] CPU: 0 UID: 0 PID: 11888 Comm: syz.1.1802 Not tainted 6.14.0-rc6-syzkaller-01241-g702e3fa16cd4 #0
[  246.369540][T11888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  246.369553][T11888] Call Trace:
[  246.369561][T11888]  <TASK>
[  246.369570][T11888]  dump_stack_lvl+0x241/0x360
[  246.369609][T11888]  ? __pfx_dump_stack_lvl+0x10/0x10
[  246.369633][T11888]  ? __pfx__printk+0x10/0x10
[  246.369657][T11888]  ? __pfx_lock_release+0x10/0x10
[  246.369699][T11888]  should_fail_ex+0x40a/0x550
[  246.369749][T11888]  _copy_from_user+0x2d/0xb0
[  246.369779][T11888]  copy_msghdr_from_user+0xae/0x680
[  246.369816][T11888]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  246.369844][T11888]  ? __fget_files+0x2a/0x410
[  246.369879][T11888]  ? __fget_files+0x2a/0x410
[  246.369918][T11888]  __sys_sendmsg+0x209/0x350
[  246.369947][T11888]  ? __pfx___sys_sendmsg+0x10/0x10
[  246.369984][T11888]  ? do_sys_openat2+0x17a/0x1d0
[  246.370043][T11888]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  246.370075][T11888]  ? do_syscall_64+0x100/0x230
[  246.370106][T11888]  ? do_syscall_64+0xb6/0x230
[  246.370135][T11888]  do_syscall_64+0xf3/0x230
[  246.370161][T11888]  ? clear_bhb_loop+0x35/0x90
[  246.370194][T11888]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.370221][T11888] RIP: 0033:0x7f52a6f8d169
[  246.370239][T11888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.370256][T11888] RSP: 002b:00007f52a7ed6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  246.370278][T11888] RAX: ffffffffffffffda RBX: 00007f52a71a5fa0 RCX: 00007f52a6f8d169
[  246.370293][T11888] RDX: 0000000000000000 RSI: 0000400000000080 RDI: 0000000000000004
[  246.370306][T11888] RBP: 00007f52a7ed6090 R08: 0000000000000000 R09: 0000000000000000
[  246.370319][T11888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.370331][T11888] R13: 0000000000000000 R14: 00007f52a71a5fa0 R15: 00007ffdaca3dd58
[  246.370362][T11888]  </TASK>
[  246.623745][ T5845] Bluetooth: hci2: command tx timeout
[  246.628746][ T7753] hsr_slave_0: left promiscuous mode
[  246.635764][ T7753] hsr_slave_1: left promiscuous mode
[  246.642002][T11891] netlink: 'syz.3.1803': attribute type 3 has an invalid length.
[  246.649732][ T7753] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  246.649773][ T7753] batman_adv: batadv0: Removing interface: batadv_slave_0
[  246.665734][ T7753] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  246.676045][ T7753] batman_adv: batadv0: Removing interface: batadv_slave_1
[  246.727374][ T7753] veth1_macvtap: left promiscuous mode
[  246.740839][ T7753] veth0_macvtap: left promiscuous mode
[  246.746451][ T7753] veth1_vlan: left promiscuous mode
[  246.758978][ T7753] veth0_vlan: left promiscuous mode
[  247.169416][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  247.315564][ T7753] team0 (unregistering): Port device team_slave_1 removed
[  247.361562][ T7753] team0 (unregistering): Port device team_slave_0 removed
[  247.837741][T11901] lo: left allmulticast mode
[  247.880016][T11882] Bluetooth: hci0: Opcode 0x080f failed: -4
[  247.897889][T11897] bridge0: port 1(gretap0) entered blocking state
[  247.928430][T11897] bridge0: port 1(gretap0) entered disabled state
[  247.935140][T11897] gretap0: entered allmulticast mode
[  247.965386][T11906] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  247.986067][T11897] gretap0: entered promiscuous mode
[  248.057758][T11908] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1808'.
[  248.197338][T11914] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1809'.
[  248.208236][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  248.220984][T11914] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1809'.
[  248.282932][T11839] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.303887][T11839] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.316879][T11839] bridge_slave_0: entered allmulticast mode
[  248.332454][T11839] bridge_slave_0: entered promiscuous mode
[  248.353621][T11839] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.374952][T11839] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.392472][T11839] bridge_slave_1: entered allmulticast mode
[  248.401075][T11839] bridge_slave_1: entered promiscuous mode
[  248.455536][T11839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  248.480394][T11839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  248.550326][T11839] team0: Port device team_slave_0 added
[  248.569343][T11839] team0: Port device team_slave_1 added
[  248.589581][T11919] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  248.655257][T11839] batman_adv: batadv0: Adding interface: batadv_slave_0
[  248.678854][T11839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  248.709129][ T5845] Bluetooth: hci2: command tx timeout
[  248.712074][T11839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  248.742249][T11921] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1811'.
[  248.798758][T11839] batman_adv: batadv0: Adding interface: batadv_slave_1
[  248.814496][T11839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  248.941270][T11924] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1813'.
[  248.951386][T11924] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1813'.
[  248.974280][T11839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  249.210052][T11933] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1815'.
[  249.248171][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  249.307085][T11839] hsr_slave_0: entered promiscuous mode
[  249.342931][T11839] hsr_slave_1: entered promiscuous mode
[  249.353922][T11839] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  249.373156][T11839] Cannot create hsr debugfs directory
[  249.581669][T11946] batadv_slave_0: left promiscuous mode
[  249.691388][T11954] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1820'.
[  249.728886][T11954] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1820'.
[  249.880064][T11959] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  249.967089][T11962] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1823'.
[  250.132534][T11968] netlink: 'syz.2.1825': attribute type 10 has an invalid length.
[  250.146192][T11968] team0: Port device wlan1 added
[  250.236242][T11969] macsec0: entered promiscuous mode
[  250.241815][T11969] macsec0: entered allmulticast mode
[  250.288155][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  250.404080][T11839] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  250.426422][T11839] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  250.470711][T11839] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  250.497569][T11839] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  250.679341][T11839] 8021q: adding VLAN 0 to HW filter on device bond0
[  250.700081][T11839] 8021q: adding VLAN 0 to HW filter on device team0
[  250.744944][T11839] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  250.755770][T11839] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  250.778670][ T5845] Bluetooth: hci2: command tx timeout
[  250.829117][ T7753] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.836402][ T7753] bridge0: port 1(bridge_slave_0) entered forwarding state
[  250.881312][ T7753] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.888544][ T7753] bridge0: port 2(bridge_slave_1) entered forwarding state
[  251.225236][T11839] 8021q: adding VLAN 0 to HW filter on device batadv0
[  251.329031][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  251.414597][T11839] veth0_vlan: entered promiscuous mode
[  251.454340][T11839] veth1_vlan: entered promiscuous mode
[  251.519194][T11839] veth0_macvtap: entered promiscuous mode
[  251.546747][T11839] veth1_macvtap: entered promiscuous mode
[  251.591335][T11839] batman_adv: batadv0: Interface activated: batadv_slave_0
[  251.637245][T11839] batman_adv: batadv0: Interface activated: batadv_slave_1
[  251.656281][T11839] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  251.672774][T11839] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  251.683066][T11839] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  251.692057][T11839] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  251.793379][T12025] batadv_slave_0: entered promiscuous mode
[  251.810380][T12027] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  251.830792][ T7777] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  251.846997][ T7777] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  251.884341][ T7760] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  251.968782][ T7760] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  252.368332][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  252.744159][T12062] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  252.848378][    C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  253.408209][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  253.503865][T12076] netlink: 'syz.4.1860': attribute type 39 has an invalid length.
[  253.517652][ T2214] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.570477][T12074] batadv_slave_0: left promiscuous mode
[  254.421939][T12100] netlink: 'syz.4.1868': attribute type 4 has an invalid length.
[  254.431726][T12100] __nla_validate_parse: 8 callbacks suppressed
[  254.431746][T12100] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1868'.
[  254.448238][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  254.606183][T12105] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1869'.
[  254.625224][T12105] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1869'.
[  254.639311][ T2214] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.810052][ T5840] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  254.822255][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  254.831147][ T5840] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  254.841198][ T5840] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  254.850372][ T5840] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  254.857945][ T5840] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  254.952244][T12123] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  254.960097][ T2214] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.065334][T12133] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1874'.
[  255.224329][T12139] FAULT_INJECTION: forcing a failure.
[  255.224329][T12139] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  255.232969][ T2214] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.278923][T12139] CPU: 0 UID: 0 PID: 12139 Comm: syz.1.1875 Not tainted 6.14.0-rc6-syzkaller-01241-g702e3fa16cd4 #0
[  255.278957][T12139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  255.278970][T12139] Call Trace:
[  255.278978][T12139]  <TASK>
[  255.278987][T12139]  dump_stack_lvl+0x241/0x360
[  255.279025][T12139]  ? __pfx_dump_stack_lvl+0x10/0x10
[  255.279049][T12139]  ? __pfx__printk+0x10/0x10
[  255.279073][T12139]  ? __pfx_lock_release+0x10/0x10
[  255.279116][T12139]  should_fail_ex+0x40a/0x550
[  255.279153][T12139]  _copy_from_iter+0x1df/0x1c40
[  255.279179][T12139]  ? __virt_addr_valid+0x183/0x530
[  255.279200][T12139]  ? __pfx_lock_release+0x10/0x10
[  255.279239][T12139]  ? __alloc_skb+0x28f/0x440
[  255.279261][T12139]  ? __pfx__copy_from_iter+0x10/0x10
[  255.279288][T12139]  ? __virt_addr_valid+0x183/0x530
[  255.279308][T12139]  ? __virt_addr_valid+0x183/0x530
[  255.279326][T12139]  ? __virt_addr_valid+0x45f/0x530
[  255.279347][T12139]  ? __phys_addr_symbol+0x2f/0x70
[  255.279367][T12139]  ? __check_object_size+0x47a/0x730
[  255.279401][T12139]  netlink_sendmsg+0x742/0xcb0
[  255.279446][T12139]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.279483][T12139]  ? aa_sock_msg_perm+0x91/0x160
[  255.279522][T12139]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.279552][T12139]  __sock_sendmsg+0x221/0x270
[  255.279585][T12139]  ____sys_sendmsg+0x53a/0x860
[  255.279620][T12139]  ? __pfx_____sys_sendmsg+0x10/0x10
[  255.279643][T12139]  ? __fget_files+0x2a/0x410
[  255.279678][T12139]  ? __fget_files+0x2a/0x410
[  255.279718][T12139]  __sys_sendmsg+0x269/0x350
[  255.279748][T12139]  ? __pfx___sys_sendmsg+0x10/0x10
[  255.279788][T12139]  ? do_sys_openat2+0x17a/0x1d0
[  255.279847][T12139]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  255.279881][T12139]  ? do_syscall_64+0x100/0x230
[  255.279912][T12139]  ? do_syscall_64+0xb6/0x230
[  255.279942][T12139]  do_syscall_64+0xf3/0x230
[  255.279969][T12139]  ? clear_bhb_loop+0x35/0x90
[  255.280002][T12139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.280037][T12139] RIP: 0033:0x7f52a6f8d169
[  255.280055][T12139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.280073][T12139] RSP: 002b:00007f52a7eb5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  255.280095][T12139] RAX: ffffffffffffffda RBX: 00007f52a71a6080 RCX: 00007f52a6f8d169
[  255.280111][T12139] RDX: 0000000000000000 RSI: 0000400000000c00 RDI: 0000000000000003
[  255.280124][T12139] RBP: 00007f52a7eb5090 R08: 0000000000000000 R09: 0000000000000000
[  255.280137][T12139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.280149][T12139] R13: 0000000000000001 R14: 00007f52a71a6080 R15: 00007ffdaca3dd58
[  255.280180][T12139]  </TASK>
[  255.488161][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  255.940227][ T2214] bridge_slave_1: left allmulticast mode
[  255.949214][ T2214] bridge_slave_1: left promiscuous mode
[  255.956911][ T2214] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.009796][ T2214] bridge_slave_0: left allmulticast mode
[  256.015514][ T2214] bridge_slave_0: left promiscuous mode
[  256.038742][ T2214] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.165354][T12161] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1883'.
[  256.206274][T12164] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1884'.
[  256.236967][T12164] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1884'.
[  256.531999][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  256.604757][ T2214] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  256.622201][ T2214] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  256.632666][ T2214] bond0 (unregistering): Released all slaves
[  256.652356][T12171] batadv_slave_0: left promiscuous mode
[  256.681909][T12171] macsec0: left promiscuous mode
[  256.686923][T12171] macsec0: left allmulticast mode
[  256.797879][T12114] chnl_net:caif_netlink_parms(): no params data found
[  256.809887][T12175] tc_dump_action: action bad kind
[  256.933977][ T5840] Bluetooth: hci2: command tx timeout
[  257.184668][T12197] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  257.225226][T12203] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1895'.
[  257.236869][T12203] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1895'.
[  257.321495][T12204] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1892'.
[  257.378805][T12208] netlink: 'syz.4.1897': attribute type 12 has an invalid length.
[  257.419690][T12210] netlink: 'syz.2.1898': attribute type 58 has an invalid length.
[  257.538310][T12216] SET target dimension over the limit!
[  257.568217][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  257.628324][T12114] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.635516][T12114] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.657939][T12114] bridge_slave_0: entered allmulticast mode
[  257.671649][T12114] bridge_slave_0: entered promiscuous mode
[  257.690366][T12114] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.697496][T12114] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.746638][T12114] bridge_slave_1: entered allmulticast mode
[  257.747435][T12224] delete_channel: no stack
[  257.754089][T12114] bridge_slave_1: entered promiscuous mode
[  257.822295][ T2214] hsr_slave_0: left promiscuous mode
[  257.838258][ T2214] hsr_slave_1: left promiscuous mode
[  257.844464][ T2214] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  257.855015][ T2214] batman_adv: batadv0: Removing interface: batadv_slave_0
[  257.863942][ T2214] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  257.872122][ T2214] batman_adv: batadv0: Removing interface: batadv_slave_1
[  257.934411][ T2214] veth1_macvtap: left promiscuous mode
[  257.940296][ T2214] veth0_macvtap: left promiscuous mode
[  257.946241][ T2214] veth1_vlan: left promiscuous mode
[  257.952182][ T2214] veth0_vlan: left promiscuous mode
[  258.604376][ T2214] team0 (unregistering): Port device team_slave_1 removed
[  258.608223][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  258.655208][ T2214] team0 (unregistering): Port device team_slave_0 removed
[  259.012330][ T5840] Bluetooth: hci2: command tx timeout
[  259.122303][T12114] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  259.134632][T12228] batadv_slave_0: entered promiscuous mode
[  259.160273][T12236] FAULT_INJECTION: forcing a failure.
[  259.160273][T12236] name failslab, interval 1, probability 0, space 0, times 0
[  259.176473][T12236] CPU: 0 UID: 0 PID: 12236 Comm: syz.1.1902 Not tainted 6.14.0-rc6-syzkaller-01241-g702e3fa16cd4 #0
[  259.176502][T12236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  259.176514][T12236] Call Trace:
[  259.176521][T12236]  <TASK>
[  259.176530][T12236]  dump_stack_lvl+0x241/0x360
[  259.176561][T12236]  ? __pfx_dump_stack_lvl+0x10/0x10
[  259.176583][T12236]  ? __pfx__printk+0x10/0x10
[  259.176607][T12236]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  259.176640][T12236]  ? __pfx___might_resched+0x10/0x10
[  259.176673][T12236]  should_fail_ex+0x40a/0x550
[  259.176710][T12236]  should_failslab+0xac/0x100
[  259.176740][T12236]  kmem_cache_alloc_node_noprof+0x77/0x380
[  259.176768][T12236]  ? __alloc_skb+0x1c3/0x440
[  259.176794][T12236]  __alloc_skb+0x1c3/0x440
[  259.176820][T12236]  ? __pfx___alloc_skb+0x10/0x10
[  259.176848][T12236]  ? netlink_ack_tlv_len+0x6e/0x200
[  259.176880][T12236]  netlink_ack+0x145/0xa60
[  259.176908][T12236]  ? __pfx_lock_acquire+0x10/0x10
[  259.176956][T12236]  ? __pfx_nl80211_set_tid_config+0x10/0x10
[  259.176984][T12236]  ? __pfx___might_resched+0x10/0x10
[  259.177022][T12236]  netlink_rcv_skb+0x294/0x480
[  259.177054][T12236]  ? __pfx_genl_rcv_msg+0x10/0x10
[  259.177079][T12236]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  259.177144][T12236]  genl_rcv+0x28/0x40
[  259.177166][T12236]  netlink_unicast+0x7f6/0x990
[  259.177203][T12236]  ? __pfx_netlink_unicast+0x10/0x10
[  259.177229][T12236]  ? __virt_addr_valid+0x45f/0x530
[  259.177251][T12236]  ? __phys_addr_symbol+0x2f/0x70
[  259.177271][T12236]  ? __check_object_size+0x47a/0x730
[  259.177305][T12236]  netlink_sendmsg+0x8de/0xcb0
[  259.177360][T12236]  ? __pfx_netlink_sendmsg+0x10/0x10
[  259.177398][T12236]  ? aa_sock_msg_perm+0x91/0x160
[  259.177438][T12236]  ? __pfx_netlink_sendmsg+0x10/0x10
[  259.177468][T12236]  __sock_sendmsg+0x221/0x270
[  259.177503][T12236]  ____sys_sendmsg+0x53a/0x860
[  259.177537][T12236]  ? __pfx_____sys_sendmsg+0x10/0x10
[  259.177559][T12236]  ? __fget_files+0x2a/0x410
[  259.177594][T12236]  ? __fget_files+0x2a/0x410
[  259.177635][T12236]  __sys_sendmsg+0x269/0x350
[  259.177665][T12236]  ? __pfx___sys_sendmsg+0x10/0x10
[  259.177704][T12236]  ? do_sys_openat2+0x17a/0x1d0
[  259.177765][T12236]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  259.177799][T12236]  ? do_syscall_64+0x100/0x230
[  259.177830][T12236]  ? do_syscall_64+0xb6/0x230
[  259.177860][T12236]  do_syscall_64+0xf3/0x230
[  259.177886][T12236]  ? clear_bhb_loop+0x35/0x90
[  259.177920][T12236]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.177948][T12236] RIP: 0033:0x7f52a6f8d169
[  259.177967][T12236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.177985][T12236] RSP: 002b:00007f52a7eb5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  259.178007][T12236] RAX: ffffffffffffffda RBX: 00007f52a71a6080 RCX: 00007f52a6f8d169
[  259.178022][T12236] RDX: 0000000000000000 RSI: 0000400000000c00 RDI: 0000000000000003
[  259.178034][T12236] RBP: 00007f52a7eb5090 R08: 0000000000000000 R09: 0000000000000000
[  259.178051][T12236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.178063][T12236] R13: 0000000000000001 R14: 00007f52a71a6080 R15: 00007ffdaca3dd58
[  259.178095][T12236]  </TASK>
[  259.545685][T12239] __nla_validate_parse: 3 callbacks suppressed
[  259.545710][T12239] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1904'.
[  259.587244][T12239] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1904'.
[  259.644189][T12114] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  259.653448][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  259.790017][T12250] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1908'.
[  259.801663][T12250] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1908'.
[  259.872479][T12114] team0: Port device team_slave_0 added
[  260.072397][T12114] team0: Port device team_slave_1 added
[  260.330804][T12264] netlink: 'syz.4.1914': attribute type 9 has an invalid length.
[  260.341440][T12114] batman_adv: batadv0: Adding interface: batadv_slave_0
[  260.361462][T12257] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1910'.
[  260.367557][T12114] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  260.405861][T12114] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  260.425066][T12114] batman_adv: batadv0: Adding interface: batadv_slave_1
[  260.442921][T12114] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  260.473876][T12114] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  260.688214][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  260.757940][T12271] syzkaller0: entered promiscuous mode
[  260.808256][T12271] syzkaller0: entered allmulticast mode
[  260.831068][T12268] tipc: Started in network mode
[  260.836175][T12268] tipc: Node identity 866a796d7eb2, cluster identity 4711
[  260.858473][T12268] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  260.886271][T12285] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1919'.
[  260.921858][T12285] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1919'.
[  260.981372][T12114] hsr_slave_0: entered promiscuous mode
[  260.993482][T12114] hsr_slave_1: entered promiscuous mode
[  261.003283][T12114] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  261.013468][T12289] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1921'.
[  261.015689][T12114] Cannot create hsr debugfs directory
[  261.098589][ T5840] Bluetooth: hci2: command tx timeout
[  261.576520][ T7753] tipc: Resetting bearer <eth:syzkaller0>
[  261.728158][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  261.969234][T12266] tipc: Resetting bearer <eth:syzkaller0>
[  262.118772][  T120] tipc: Node number set to 4174936429
[  262.769954][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  263.168401][ T5840] Bluetooth: hci2: command tx timeout
[  263.810156][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  264.250568][T12266] tipc: Disabling bearer <eth:syzkaller0>
[  264.460651][T12114] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  264.482186][T12114] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  264.510282][T12114] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  264.516679][T12324] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1931'.
[  264.547106][T12114] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  264.547312][T12324] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1931'.
[  264.793279][T12334] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  264.848176][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  264.937274][T12114] 8021q: adding VLAN 0 to HW filter on device bond0
[  264.961251][T12114] 8021q: adding VLAN 0 to HW filter on device team0
[  264.991757][ T2214] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.999047][ T2214] bridge0: port 1(bridge_slave_0) entered forwarding state
[  265.067316][ T2214] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.074543][ T2214] bridge0: port 2(bridge_slave_1) entered forwarding state
[  265.131370][T12346] netlink: 124 bytes leftover after parsing attributes in process `syz.1.1940'.
[  265.255417][T12355] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1944'.
[  265.297546][T12114] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  265.320542][T12355] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1944'.
[  265.348035][T12114] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  265.501388][T12369] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  265.578275][T12370] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1951'.
[  265.636739][T12375] netlink: 'syz.3.1952': attribute type 9 has an invalid length.
[  265.888143][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  265.906026][T12114] 8021q: adding VLAN 0 to HW filter on device batadv0
[  265.996564][T12114] veth0_vlan: entered promiscuous mode
[  266.024120][T12114] veth1_vlan: entered promiscuous mode
[  266.070938][T12114] veth0_macvtap: entered promiscuous mode
[  266.083256][T12114] veth1_macvtap: entered promiscuous mode
[  266.119332][T12114] batman_adv: batadv0: Interface activated: batadv_slave_0
[  266.127397][T12400] netlink: 'syz.3.1959': attribute type 39 has an invalid length.
[  266.144609][T12114] batman_adv: batadv0: Interface activated: batadv_slave_1
[  266.159544][T12402] netlink: 1280 bytes leftover after parsing attributes in process `syz.1.1957'.
[  266.185448][T12114] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  266.195070][T12114] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  266.204526][T12114] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  266.214763][T12114] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  266.437533][ T7777] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  266.518578][ T7777] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  266.624797][T12416] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1963'.
[  266.644761][ T7777] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  266.928273][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  267.119660][ T7777] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  267.968149][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  268.006855][T12446] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1970'.
[  268.020839][T12446] smc: net device bond0 applied user defined pnetid SYZ
[  268.049968][T12449] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  268.151309][T12451] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1971'.
[  268.300536][T12455] netlink: 'syz.2.1972': attribute type 12 has an invalid length.
[  268.329544][T12455] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1972'.
[  268.434423][T12461] netlink: 'syz.2.1972': attribute type 11 has an invalid length.
[  268.701746][ T7777] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.750299][T12468] batadv_slave_0: entered promiscuous mode
[  268.944906][ T7777] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.967736][T12479] batadv_slave_0: left promiscuous mode
[  269.008200][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  269.063454][ T7777] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.140385][ T7777] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.222636][ T7777] bridge_slave_1: left allmulticast mode
[  269.229214][ T7777] bridge_slave_1: left promiscuous mode
[  269.235984][ T7777] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.246429][ T7777] bridge_slave_0: left allmulticast mode
[  269.256521][ T7777] bridge_slave_0: left promiscuous mode
[  269.262528][ T7777] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.902077][ T5845] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  269.915724][ T5845] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  269.927894][ T5845] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  269.937809][ T5845] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  269.958837][ T5845] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  269.968826][ T5845] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  270.034416][T12512] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1984'.
[  270.055249][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  270.242532][ T7777] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  270.256029][ T7777] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  270.266712][ T7777] bond0 (unregistering): Released all slaves
[  270.538400][T12528] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  270.561042][T12531] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  270.603794][T12523] batadv_slave_0: left promiscuous mode
[  270.655169][T12536] __nla_validate_parse: 1 callbacks suppressed
[  270.655190][T12536] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1987'.
[  271.088170][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  271.488933][ T7777] hsr_slave_0: left promiscuous mode
[  271.531720][ T7777] hsr_slave_1: left promiscuous mode
[  271.543586][ T7777] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  271.551268][ T7777] batman_adv: batadv0: Removing interface: batadv_slave_0
[  271.615935][ T7777] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  271.623955][ T7777] batman_adv: batadv0: Removing interface: batadv_slave_1
[  271.725523][ T7777] veth1_macvtap: left promiscuous mode
[  271.731133][T12572] netlink: 1264 bytes leftover after parsing attributes in process `syz.3.1995'.
[  271.739167][ T7777] veth0_macvtap: left promiscuous mode
[  271.752757][ T7777] veth1_vlan: left promiscuous mode
[  271.765209][ T7777] veth0_vlan: left promiscuous mode
[  271.908474][T12581] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1997'.
[  272.057630][ T5845] Bluetooth: hci2: command tx timeout
[  272.069970][T12579] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1994'.
[  272.128169][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  272.824649][ T7777] team0 (unregistering): Port device team_slave_1 removed
[  272.870462][ T7777] team0 (unregistering): Port device team_slave_0 removed
[  273.168197][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  273.292963][T12567] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1995'.
[  273.303899][T12586] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1994'.
[  273.311010][T12575] vlan3: entered promiscuous mode
[  273.317944][T12575] hsr0: entered promiscuous mode
[  273.459537][T12600] netlink: 'syz.4.2000': attribute type 1 has an invalid length.
[  273.469014][T12600] netlink: 'syz.4.2000': attribute type 2 has an invalid length.
[  273.574730][T12505] chnl_net:caif_netlink_parms(): no params data found
[  273.601097][T12606] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1999'.
[  273.974947][T12505] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.013956][T12505] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.035474][T12630] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  274.048689][T12505] bridge_slave_0: entered allmulticast mode
[  274.055839][T12505] bridge_slave_0: entered promiscuous mode
[  274.076345][T12505] bridge0: port 2(bridge_slave_1) entered blocking state
[  274.108249][T12505] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.134384][ T5845] Bluetooth: hci2: command tx timeout
[  274.150034][T12505] bridge_slave_1: entered allmulticast mode
[  274.164609][T12505] bridge_slave_1: entered promiscuous mode
[  274.208172][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  274.241941][T12634] vxcan1: entered allmulticast mode
[  274.292718][T12505] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  274.315364][T12505] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  274.417405][T12645] batadv_slave_0: entered promiscuous mode
[  274.430907][T12505] team0: Port device team_slave_0 added
[  274.440544][T12505] team0: Port device team_slave_1 added
[  274.596171][T12505] batman_adv: batadv0: Adding interface: batadv_slave_0
[  274.605315][T12505] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  274.632047][T12505] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  274.664286][T12651] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2013'.
[  274.665027][T12505] batman_adv: batadv0: Adding interface: batadv_slave_1
[  274.697778][T12505] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  274.791356][T12505] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  274.841665][T12655] netlink: 'syz.2.2015': attribute type 1 has an invalid length.
[  274.874954][T12653] netlink: 'syz.1.2014': attribute type 10 has an invalid length.
[  274.883639][T12653] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2014'.
[  274.924988][T12655] netlink: 184 bytes leftover after parsing attributes in process `syz.2.2015'.
[  274.942295][T12655] netlink: 'syz.2.2015': attribute type 1 has an invalid length.
[  274.952834][T12505] hsr_slave_0: entered promiscuous mode
[  274.959919][T12505] hsr_slave_1: entered promiscuous mode
[  274.966108][T12505] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  274.980389][T12505] Cannot create hsr debugfs directory
[  274.989835][T12653] batman_adv: batadv0: Adding interface: virt_wifi0
[  274.996466][T12653] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  275.030121][T12653] batman_adv: batadv0: Interface activated: virt_wifi0
[  275.248410][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  275.409316][T12686] netlink: 'syz.4.2021': attribute type 12 has an invalid length.
[  275.434426][T12684] batadv_slave_0: left promiscuous mode
[  275.441109][T12684] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  275.682111][T12698] __nla_validate_parse: 3 callbacks suppressed
[  275.682132][T12698] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2022'.
[  275.850458][T12696] netlink: 1284 bytes leftover after parsing attributes in process `syz.4.2025'.
[  275.865287][T12696] openvswitch: netlink: Missing key (keys=40, expected=80)
[  275.963003][T12709] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  275.986845][T12707] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2027'.
[  275.996484][T12707] netlink: 'syz.4.2027': attribute type 2 has an invalid length.
[  276.201139][T12720] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2031'.
[  276.210591][ T5845] Bluetooth: hci2: command tx timeout
[  276.288177][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  276.414254][T12505] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  276.430707][T12505] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  276.434420][T12731] netlink: 'syz.2.2033': attribute type 1 has an invalid length.
[  276.459690][T12731] bond4: entered promiscuous mode
[  276.465077][T12731] 8021q: adding VLAN 0 to HW filter on device bond4
[  276.472457][T12505] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  276.494282][T12733] netlink: 'syz.4.2034': attribute type 29 has an invalid length.
[  276.505391][T12731] bond4: (slave veth7): Enslaving as an active interface with a down link
[  276.514624][T12505] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  276.686739][T12505] 8021q: adding VLAN 0 to HW filter on device bond0
[  276.713121][T12505] 8021q: adding VLAN 0 to HW filter on device team0
[  276.726239][ T7760] bridge0: port 1(bridge_slave_0) entered blocking state
[  276.733488][ T7760] bridge0: port 1(bridge_slave_0) entered forwarding state
[  276.760993][ T7756] bridge0: port 2(bridge_slave_1) entered blocking state
[  276.768202][ T7756] bridge0: port 2(bridge_slave_1) entered forwarding state
[  276.906998][T12744] netlink: 'syz.3.2038': attribute type 4 has an invalid length.
[  277.027731][T12747] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  277.055890][T12747] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2039'.
[  277.115704][T12754] veth0_to_bridge: entered promiscuous mode
[  277.144265][T12746] veth0_to_bridge: left promiscuous mode
[  277.212561][T12505] 8021q: adding VLAN 0 to HW filter on device batadv0
[  277.230193][T12757] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2040'.
[  277.304157][T12761] openvswitch: netlink: Missing valid actions attribute.
[  277.317175][T12761] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  277.328520][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  277.833626][T12505] veth0_vlan: entered promiscuous mode
[  277.896355][T12505] veth1_vlan: entered promiscuous mode
[  278.046832][T12505] veth0_macvtap: entered promiscuous mode
[  278.087965][T12505] veth1_macvtap: entered promiscuous mode
[  278.138942][T12786] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2045'.
[  278.217152][T12505] batman_adv: batadv0: Interface activated: batadv_slave_0
[  278.236568][T12505] batman_adv: batadv0: Interface activated: batadv_slave_1
[  278.258692][T12505] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  278.267606][T12505] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  278.279932][T12505] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  278.288283][ T5845] Bluetooth: hci2: command tx timeout
[  278.289219][T12505] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  278.368156][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  278.555306][ T7760] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  278.577301][ T7760] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  278.724734][ T7753] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  278.742424][ T7753] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  279.177795][T12821] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2057'.
[  279.207250][T12821] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2057'.
[  279.231163][T12821] nbd: socks must be embedded in a SOCK_ITEM attr
[  279.233403][T12824] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2057'.
[  279.408156][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  279.428183][T12833] openvswitch: netlink: VXLAN extension message has 2 unknown bytes.
[  279.468628][T12834] hsr0: left promiscuous mode
[  279.474197][T12834] vlan3: left promiscuous mode
[  279.509701][T12834] bond4: left promiscuous mode
[  279.915180][T12853] netlink: 'syz.2.2067': attribute type 10 has an invalid length.
[  279.932336][T12853] batman_adv: batadv0: Adding interface: virt_wifi0
[  279.958862][T12853] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  280.029583][T12853] batman_adv: batadv0: Interface activated: virt_wifi0
[  280.206684][ T7756] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.448249][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  280.502964][ T7756] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.708401][ T7756] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.791485][ T7756] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.886277][ T7756] bridge_slave_1: left allmulticast mode
[  280.892211][ T7756] bridge_slave_1: left promiscuous mode
[  280.897909][ T7756] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.907954][ T7756] bridge_slave_0: left allmulticast mode
[  280.915191][ T7756] bridge_slave_0: left promiscuous mode
[  280.921079][ T7756] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.041277][T12871] netlink: 'syz.3.2072': attribute type 8 has an invalid length.
[  281.054517][T12871] __nla_validate_parse: 5 callbacks suppressed
[  281.054538][T12871] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2072'.
[  281.112887][T12874] netlink: 'syz.2.2071': attribute type 10 has an invalid length.
[  281.167220][T12874] netlink: 140 bytes leftover after parsing attributes in process `syz.2.2071'.
[  281.488151][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  281.661411][T12905] Cannot find add_set index 3 as target
[  281.785254][ T5840] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  281.819667][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  281.845160][ T5840] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  281.856559][ T5840] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  281.871874][ T5840] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  281.882483][ T5840] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  282.134225][ T7756] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  282.146029][ T7756] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  282.156626][ T7756] bond0 (unregistering): Released all slaves
[  282.528212][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  282.733757][T12934] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2090'.
[  282.743866][T12936] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  283.003021][T12952] netlink: 'syz.3.2094': attribute type 1 has an invalid length.
[  283.095944][T12952] bond5: entered promiscuous mode
[  283.110896][T12958] netlink: 3 bytes leftover after parsing attributes in process `syz.3.2094'.
[  283.134709][T12952] 8021q: adding VLAN 0 to HW filter on device bond5
[  283.172065][T12958] batadv0: entered promiscuous mode
[  283.203543][T12958] batadv0: entered allmulticast mode
[  283.267047][T12962] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2094'.
[  283.311622][T12958] 8021q: adding VLAN 0 to HW filter on device batadv0
[  283.384056][T12958] bond5: (slave batadv0): making interface the new active one
[  283.430399][T12958] bond5: (slave batadv0): Enslaving as an active interface with an up link
[  283.525018][ T7756] hsr_slave_0: left promiscuous mode
[  283.533740][ T7756] hsr_slave_1: left promiscuous mode
[  283.540396][ T7756] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  283.548667][ T7756] batman_adv: batadv0: Removing interface: batadv_slave_0
[  283.563342][ T7756] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  283.571238][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  283.579219][T12945] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2092'.
[  283.579966][ T7756] batman_adv: batadv0: Removing interface: batadv_slave_1
[  283.617767][ T7756] veth1_macvtap: left promiscuous mode
[  283.624038][ T7756] veth0_macvtap: left promiscuous mode
[  283.630291][ T7756] veth1_vlan: left promiscuous mode
[  283.635868][ T7756] veth0_vlan: left promiscuous mode
[  283.648660][T12964] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2092'.
[  283.970274][ T5840] Bluetooth: hci2: command tx timeout
[  284.136291][ T7756] team0 (unregistering): Port device team_slave_1 removed
[  284.184393][ T7756] team0 (unregistering): Port device team_slave_0 removed
[  284.608176][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  284.659791][T12909] chnl_net:caif_netlink_parms(): no params data found
[  284.936631][ T7760] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  284.968683][ T7760] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  284.968773][ T9296] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  285.038921][T12976] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2101'.
[  285.153159][T12982] netlink: 16146 bytes leftover after parsing attributes in process `syz.4.2102'.
[  285.208475][  T976] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  285.346267][T12909] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.365909][T12909] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.388764][  T120] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  285.435971][T12909] bridge_slave_0: entered allmulticast mode
[  285.444732][T12909] bridge_slave_0: entered promiscuous mode
[  285.464182][T12909] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.500627][T12909] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.507919][T12909] bridge_slave_1: entered allmulticast mode
[  285.525217][T12909] bridge_slave_1: entered promiscuous mode
[  285.607186][T12909] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  285.648221][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  285.675114][T12909] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  285.776150][T12909] team0: Port device team_slave_0 added
[  285.798009][T12909] team0: Port device team_slave_1 added
[  285.931128][T13001] netlink: 'syz.3.2109': attribute type 1 has an invalid length.
[  285.981904][ T9296] hid-generic 0005:07C0:06E6.0001: item fetching failed at offset 0/1
[  285.992177][T12909] batman_adv: batadv0: Adding interface: batadv_slave_0
[  286.008490][T12909] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  286.036257][ T9296] hid-generic 0005:07C0:06E6.0001: probe with driver hid-generic failed with error -22
[  286.049078][ T5840] Bluetooth: hci2: command tx timeout
[  286.054811][T12909] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  286.081071][T12909] batman_adv: batadv0: Adding interface: batadv_slave_1
[  286.088448][T12909] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  286.114856][T12909] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  286.155981][T13001] bond6: entered allmulticast mode
[  286.165392][T13001] 8021q: adding VLAN 0 to HW filter on device bond6
[  286.188828][T13005] 8021q: adding VLAN 0 to HW filter on device batadv1
[  286.198749][T13005] bond6: (slave batadv1): making interface the new active one
[  286.206489][T13005] batadv1: entered allmulticast mode
[  286.214295][T13005] bond6: (slave batadv1): Enslaving as an active interface with an up link
[  286.400980][T12909] hsr_slave_0: entered promiscuous mode
[  286.407178][T12909] hsr_slave_1: entered promiscuous mode
[  286.422498][T12909] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  286.430466][T12909] Cannot create hsr debugfs directory
[  286.439863][T13013] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2112'.
[  286.672697][T13019] netlink: 'syz.3.2113': attribute type 4 has an invalid length.
[  286.688212][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  287.093190][T13036] syz.3.2118 uses old SIOCAX25GETINFO
[  287.237500][T13042] openvswitch: netlink: Flow actions attr not present in new flow.
[  287.510707][T12909] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  287.620726][T12909] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  287.707521][T12909] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  287.728246][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  287.840711][T12909] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  287.931005][T13065] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2127'.
[  287.982607][T13067] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2128'.
[  288.137260][ T5840] Bluetooth: hci2: command tx timeout
[  288.333912][T12909] 8021q: adding VLAN 0 to HW filter on device bond0
[  288.360420][T12909] 8021q: adding VLAN 0 to HW filter on device team0
[  288.427898][ T7753] bridge0: port 1(bridge_slave_0) entered blocking state
[  288.435080][ T7753] bridge0: port 1(bridge_slave_0) entered forwarding state
[  288.569476][ T7753] bridge0: port 2(bridge_slave_1) entered blocking state
[  288.576616][ T7753] bridge0: port 2(bridge_slave_1) entered forwarding state
[  288.629514][T13080] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2134'.
[  288.677273][T13078] netlink: 384 bytes leftover after parsing attributes in process `syz.2.2133'.
[  288.757918][T13089] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2136'.
[  288.768182][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  288.773976][T13088] FAULT_INJECTION: forcing a failure.
[  288.773976][T13088] name failslab, interval 1, probability 0, space 0, times 0
[  288.799025][T13088] CPU: 1 UID: 0 PID: 13088 Comm: syz.3.2135 Not tainted 6.14.0-rc6-syzkaller-01241-g702e3fa16cd4 #0
[  288.799055][T13088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  288.799068][T13088] Call Trace:
[  288.799076][T13088]  <TASK>
[  288.799085][T13088]  dump_stack_lvl+0x241/0x360
[  288.799116][T13088]  ? __pfx_dump_stack_lvl+0x10/0x10
[  288.799140][T13088]  ? __pfx__printk+0x10/0x10
[  288.799163][T13088]  ? kmem_cache_alloc_lru_noprof+0x4d/0x390
[  288.799195][T13088]  ? __pfx___might_resched+0x10/0x10
[  288.799227][T13088]  should_fail_ex+0x40a/0x550
[  288.799265][T13088]  should_failslab+0xac/0x100
[  288.799294][T13088]  ? sock_alloc_inode+0x28/0xc0
[  288.799323][T13088]  kmem_cache_alloc_lru_noprof+0x75/0x390
[  288.799360][T13088]  sock_alloc_inode+0x28/0xc0
[  288.799386][T13088]  ? __pfx_sock_alloc_inode+0x10/0x10
[  288.799413][T13088]  alloc_inode+0x65/0x1a0
[  288.799446][T13088]  __sock_create+0x127/0xa30
[  288.799496][T13088]  __sys_socket+0x150/0x3c0
[  288.799530][T13088]  ? __pfx___sys_socket+0x10/0x10
[  288.799562][T13088]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  288.799597][T13088]  ? exc_page_fault+0x590/0x8b0
[  288.799627][T13088]  __x64_sys_socket+0x7a/0x90
[  288.799665][T13088]  do_syscall_64+0xf3/0x230
[  288.799692][T13088]  ? clear_bhb_loop+0x35/0x90
[  288.799726][T13088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.799754][T13088] RIP: 0033:0x7fa36ad8f087
[  288.799773][T13088] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.799790][T13088] RSP: 002b:00007fa36bc97fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  288.799813][T13088] RAX: ffffffffffffffda RBX: 00007fa36afa5fa0 RCX: 00007fa36ad8f087
[  288.799829][T13088] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  288.799841][T13088] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  288.799854][T13088] R10: 0000400000000080 R11: 0000000000000286 R12: 0000000000000001
[  288.799868][T13088] R13: 0000000000000000 R14: 00007fa36afa5fa0 R15: 00007ffcbe5f88a8
[  288.799900][T13088]  </TASK>
[  288.799946][T13088] socket: no more sockets
[  289.073772][T12909] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  289.088309][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  289.108739][T12909] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  289.323878][T13102] netlink: 236 bytes leftover after parsing attributes in process `syz.2.2140'.
[  289.664272][T13118] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2145'.
[  289.715223][T12909] 8021q: adding VLAN 0 to HW filter on device batadv0
[  289.808222][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  289.874993][T13120] gretap0: left allmulticast mode
[  289.885308][T13120] gretap0: left promiscuous mode
[  289.893426][T13120] bridge0: port 1(gretap0) entered disabled state
[  289.903264][T13120] bond0: (slave team0): Releasing backup interface
[  289.911733][T13120] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  289.919367][T13120] batman_adv: batadv0: Removing interface: virt_wifi0
[  289.933356][T13120] team0: Port device wlan1 removed
[  289.945310][T13120] bond4: (slave veth7): Releasing active interface
[  290.071826][T12909] veth0_vlan: entered promiscuous mode
[  290.170137][T12909] veth1_vlan: entered promiscuous mode
[  290.220821][ T5840] Bluetooth: hci2: command tx timeout
[  290.252062][T13129] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2148'.
[  290.460423][T13142] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  290.503959][T12909] veth0_macvtap: entered promiscuous mode
[  290.619488][T12909] veth1_macvtap: entered promiscuous mode
[  290.848200][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  290.854394][T12909] batman_adv: batadv0: Interface activated: batadv_slave_0
[  290.867463][T12909] batman_adv: batadv0: Interface activated: batadv_slave_1
[  290.937649][T12909] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  290.947870][T12909] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  290.957333][T12909] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  290.968747][T12909] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  290.984931][T13152] xt_socket: unknown flags 0x8
[  290.991996][T13152] sit0: entered promiscuous mode
[  290.997101][T13152] netlink: 'syz.1.2154': attribute type 1 has an invalid length.
[  291.005618][T13152] netlink: 1 bytes leftover after parsing attributes in process `syz.1.2154'.
[  291.107257][T13154] netlink: 'syz.2.2155': attribute type 9 has an invalid length.
[  291.436754][ T7755] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  291.453367][ T7755] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  291.577011][ T2214] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  291.603882][T13168] netlink: 'syz.4.2160': attribute type 5 has an invalid length.
[  291.610560][ T2214] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  291.888322][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  292.634488][T13189] bridge0: port 1(gretap0) entered blocking state
[  292.668676][T13189] bridge0: port 1(gretap0) entered disabled state
[  292.698012][T13189] gretap0: entered allmulticast mode
[  292.741336][T13189] gretap0: entered promiscuous mode
[  292.928197][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  293.304417][ T7760] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.390131][ T7760] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.455278][ T7760] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.536391][ T7760] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.639094][ T7760] bridge_slave_1: left allmulticast mode
[  293.644774][ T7760] bridge_slave_1: left promiscuous mode
[  293.650737][ T7760] bridge0: port 2(bridge_slave_1) entered disabled state
[  293.661070][ T7760] bridge_slave_0: left allmulticast mode
[  293.666748][ T7760] bridge_slave_0: left promiscuous mode
[  293.672643][ T7760] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.968183][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  294.224280][T13221] netlink: 'syz.2.2170': attribute type 3 has an invalid length.
[  294.241152][T13221] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2170'.
[  294.304089][ T7760] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  294.325680][ T7760] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  294.345932][ T7760] bond0 (unregistering): Released all slaves
[  294.403026][ T5845] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  294.413380][ T5845] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  294.423657][ T5845] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  294.433247][ T5845] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  294.443548][ T5845] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  294.452493][ T5845] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  294.890936][T13237] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2174'.
[  295.008194][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  295.090338][T13239] bond0: option arp_validate: invalid value (320)
[  295.477272][T13259] sctp: [Deprecated]: syz.3.2179 (pid 13259) Use of int in maxseg socket option.
[  295.477272][T13259] Use struct sctp_assoc_value instead
[  295.521293][T13259] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2179'.
[  295.554692][T13259] sctp: [Deprecated]: syz.3.2179 (pid 13259) Use of int in maxseg socket option.
[  295.554692][T13259] Use struct sctp_assoc_value instead
[  295.581869][T13262] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2179'.
[  295.619950][T13265] 8021q: VLANs not supported on ip6tnl0
[  295.635560][T13266] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2180'.
[  296.048175][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  296.172007][ T7760] hsr_slave_0: left promiscuous mode
[  296.178400][ T7760] hsr_slave_1: left promiscuous mode
[  296.187856][ T7760] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  296.198740][ T7760] batman_adv: batadv0: Removing interface: batadv_slave_0
[  296.207579][ T7760] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  296.215605][ T7760] batman_adv: batadv0: Removing interface: batadv_slave_1
[  296.252203][ T7760] veth1_macvtap: left promiscuous mode
[  296.260632][ T7760] veth0_macvtap: left promiscuous mode
[  296.266256][ T7760] veth1_vlan: left promiscuous mode
[  296.272195][ T7760] veth0_vlan: left promiscuous mode
[  296.529194][ T5840] Bluetooth: hci2: command tx timeout
[  297.070482][ T7760] team0 (unregistering): Port device team_slave_1 removed
[  297.088191][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  297.130095][ T7760] team0 (unregistering): Port device team_slave_0 removed
[  297.649973][T13282] (unnamed net_device) (uninitialized): option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  297.862954][T13304] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2191'.
[  297.983115][T13223] chnl_net:caif_netlink_parms(): no params data found
[  298.132496][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  298.304274][T13314] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2193'.
[  298.351202][T13223] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.379065][T13223] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.391493][T13223] bridge_slave_0: entered allmulticast mode
[  298.409457][T13223] bridge_slave_0: entered promiscuous mode
[  298.442648][T13223] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.464729][T13223] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.484616][T13223] bridge_slave_1: entered allmulticast mode
[  298.504603][T13223] bridge_slave_1: entered promiscuous mode
[  298.620133][ T5840] Bluetooth: hci2: command tx timeout
[  298.706864][T13223] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  298.774356][T13223] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  298.807586][T13329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2196'.
[  298.885686][T13329] ipvlan2: entered promiscuous mode
[  298.893975][T13329] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  298.901666][T13329] team0: Device ipvlan2 is already an upper device of the team interface
[  299.168191][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  299.723632][ T7442] ==================================================================
[  299.731836][ T7442] BUG: KASAN: slab-use-after-free in device_for_each_child+0xbb/0x1b0
[  299.740000][ T7442] Read of size 8 at addr ffff888047171308 by task kbnepd bnep0/7442
[  299.747991][ T7442] 
[  299.750319][ T7442] CPU: 1 UID: 0 PID: 7442 Comm: kbnepd bnep0 Not tainted 6.14.0-rc6-syzkaller-01241-g702e3fa16cd4 #0
[  299.750339][ T7442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  299.750354][ T7442] Call Trace:
[  299.750361][ T7442]  <TASK>
[  299.750368][ T7442]  dump_stack_lvl+0x241/0x360
[  299.750391][ T7442]  ? __pfx_dump_stack_lvl+0x10/0x10
[  299.750409][ T7442]  ? __pfx__printk+0x10/0x10
[  299.750426][ T7442]  ? _printk+0xd5/0x120
[  299.750441][ T7442]  ? __virt_addr_valid+0x183/0x530
[  299.750457][ T7442]  ? __virt_addr_valid+0x183/0x530
[  299.750474][ T7442]  print_report+0x16e/0x5b0
[  299.750495][ T7442]  ? __virt_addr_valid+0x183/0x530
[  299.750509][ T7442]  ? __virt_addr_valid+0x183/0x530
[  299.750524][ T7442]  ? __virt_addr_valid+0x45f/0x530
[  299.750539][ T7442]  ? __phys_addr+0xba/0x170
[  299.750554][ T7442]  ? device_for_each_child+0xbb/0x1b0
[  299.750571][ T7442]  kasan_report+0x143/0x180
[  299.750593][ T7442]  ? device_for_each_child+0xbb/0x1b0
[  299.750615][ T7442]  ? __pfx_dev_memalloc_noio+0x10/0x10
[  299.750640][ T7442]  device_for_each_child+0xbb/0x1b0
[  299.750657][ T7442]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  299.750684][ T7442]  ? __pfx_device_for_each_child+0x10/0x10
[  299.750704][ T7442]  ? _raw_spin_unlock_irq+0x23/0x50
[  299.750722][ T7442]  ? lockdep_hardirqs_on+0x99/0x150
[  299.750743][ T7442]  pm_runtime_set_memalloc_noio+0x114/0x260
[  299.750772][ T7442]  netdev_unregister_kobject+0x178/0x250
[  299.750795][ T7442]  unregister_netdevice_many_notify+0x1f2e/0x24f0
[  299.750828][ T7442]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  299.750852][ T7442]  ? __mutex_lock+0xba3/0x1010
[  299.750874][ T7442]  ? __mutex_lock+0x602/0x1010
[  299.750897][ T7442]  ? rtnl_net_dev_lock+0x271/0x320
[  299.750924][ T7442]  ? __pfx___mutex_lock+0x10/0x10
[  299.750945][ T7442]  ? __pfx_lock_release+0x10/0x10
[  299.750971][ T7442]  unregister_netdevice_queue+0x303/0x370
[  299.750994][ T7442]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  299.751017][ T7442]  ? rtnl_net_dev_lock+0x37/0x320
[  299.751042][ T7442]  ? rtnl_net_dev_lock+0x302/0x320
[  299.751067][ T7442]  ? rtnl_net_dev_lock+0x37/0x320
[  299.751093][ T7442]  unregister_netdev+0x1f/0x60
[  299.751114][ T7442]  bnep_session+0x2e4e/0x3040
[  299.751151][ T7442]  ? __pfx_bnep_session+0x10/0x10
[  299.751173][ T7442]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  299.751191][ T7442]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  299.751211][ T7442]  ? __pfx_woken_wake_function+0x10/0x10
[  299.751240][ T7442]  ? __kthread_parkme+0x169/0x1d0
[  299.751264][ T7442]  ? __pfx_bnep_session+0x10/0x10
[  299.751285][ T7442]  kthread+0x7a9/0x920
[  299.751300][ T7442]  ? __pfx_kthread+0x10/0x10
[  299.751315][ T7442]  ? __pfx_bnep_session+0x10/0x10
[  299.751336][ T7442]  ? __pfx_kthread+0x10/0x10
[  299.751356][ T7442]  ? __pfx_kthread+0x10/0x10
[  299.751372][ T7442]  ? __pfx_kthread+0x10/0x10
[  299.751386][ T7442]  ? _raw_spin_unlock_irq+0x23/0x50
[  299.751402][ T7442]  ? lockdep_hardirqs_on+0x99/0x150
[  299.751421][ T7442]  ? __pfx_kthread+0x10/0x10
[  299.751436][ T7442]  ret_from_fork+0x4b/0x80
[  299.751459][ T7442]  ? __pfx_kthread+0x10/0x10
[  299.751473][ T7442]  ret_from_fork_asm+0x1a/0x30
[  299.751500][ T7442]  </TASK>
[  299.751506][ T7442] 
[  300.059640][ T7442] Allocated by task 5852:
[  300.063968][ T7442]  kasan_save_track+0x3f/0x80
[  300.068671][ T7442]  __kasan_kmalloc+0x98/0xb0
[  300.073264][ T7442]  __kmalloc_noprof+0x285/0x4c0
[  300.078132][ T7442]  hci_alloc_dev_priv+0x27/0x2030
[  300.083184][ T7442]  vhci_create_device+0x116/0x6b0
[  300.088228][ T7442]  vhci_write+0x3cf/0x490
[  300.092568][ T7442]  vfs_write+0xacf/0xd10
[  300.096813][ T7442]  ksys_write+0x18f/0x2b0
[  300.101151][ T7442]  do_syscall_64+0xf3/0x230
[  300.105662][ T7442]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.111565][ T7442] 
[  300.113891][ T7442] Freed by task 13341:
[  300.117955][ T7442]  kasan_save_track+0x3f/0x80
[  300.122633][ T7442]  kasan_save_free_info+0x40/0x50
[  300.127664][ T7442]  __kasan_slab_free+0x59/0x70
[  300.132431][ T7442]  kfree+0x196/0x430
[  300.136338][ T7442]  hci_release_dev+0x1525/0x16b0
[  300.141277][ T7442]  bt_host_release+0x83/0x90
[  300.145876][ T7442]  device_release+0x99/0x1c0
[  300.150472][ T7442]  kobject_put+0x22f/0x480
[  300.154894][ T7442]  vhci_release+0x88/0xd0
[  300.159234][ T7442]  __fput+0x3e9/0x9f0
[  300.163228][ T7442]  task_work_run+0x24f/0x310
[  300.167821][ T7442]  do_exit+0xa2a/0x28e0
[  300.171987][ T7442]  do_group_exit+0x207/0x2c0
[  300.176604][ T7442]  get_signal+0x168c/0x1720
[  300.181121][ T7442]  arch_do_signal_or_restart+0x96/0x860
[  300.186691][ T7442]  syscall_exit_to_user_mode+0xce/0x340
[  300.192249][ T7442]  do_syscall_64+0x100/0x230
[  300.196856][ T7442]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.202768][ T7442] 
[  300.205098][ T7442] Last potentially related work creation:
[  300.210816][ T7442]  kasan_save_stack+0x3f/0x60
[  300.215501][ T7442]  kasan_record_aux_stack+0xaa/0xc0
[  300.220708][ T7442]  insert_work+0x3e/0x330
[  300.225040][ T7442]  __queue_work+0xc62/0x1090
[  300.229637][ T7442]  queue_work_on+0x1c2/0x380
[  300.234235][ T7442]  process_scheduled_works+0xabe/0x18e0
[  300.239797][ T7442]  worker_thread+0x870/0xd30
[  300.244391][ T7442]  kthread+0x7a9/0x920
[  300.248461][ T7442]  ret_from_fork+0x4b/0x80
[  300.252884][ T7442]  ret_from_fork_asm+0x1a/0x30
[  300.257654][ T7442] 
[  300.259980][ T7442] Second to last potentially related work creation:
[  300.266565][ T7442]  kasan_save_stack+0x3f/0x60
[  300.271246][ T7442]  kasan_record_aux_stack+0xaa/0xc0
[  300.276472][ T7442]  insert_work+0x3e/0x330
[  300.280809][ T7442]  __queue_work+0xd9a/0x1090
[  300.285431][ T7442]  call_timer_fn+0x187/0x650
[  300.290035][ T7442]  __run_timer_base+0x695/0x8e0
[  300.294898][ T7442]  run_timer_softirq+0xb7/0x170
[  300.299764][ T7442]  handle_softirqs+0x2d4/0x9b0
[  300.304555][ T7442]  do_softirq+0x11b/0x1e0
[  300.308889][ T7442]  __local_bh_enable_ip+0x1bb/0x200
[  300.314089][ T7442]  dev_uc_del+0xca/0x110
[  300.318339][ T7442]  vlan_dev_stop+0x1df/0x330
[  300.322928][ T7442]  __dev_close_many+0x3a6/0x700
[  300.327783][ T7442]  dev_close_many+0x24e/0x4c0
[  300.332471][ T7442]  unregister_netdevice_many_notify+0x629/0x24f0
[  300.338823][ T7442]  default_device_exit_batch+0x7fd/0x880
[  300.344476][ T7442]  cleanup_net+0x8ad/0xd60
[  300.348906][ T7442]  process_scheduled_works+0xabe/0x18e0
[  300.354470][ T7442]  worker_thread+0x870/0xd30
[  300.359073][ T7442]  kthread+0x7a9/0x920
[  300.363148][ T7442]  ret_from_fork+0x4b/0x80
[  300.367577][ T7442]  ret_from_fork_asm+0x1a/0x30
[  300.372350][ T7442] 
[  300.374676][ T7442] The buggy address belongs to the object at ffff888047170000
[  300.374676][ T7442]  which belongs to the cache kmalloc-8k of size 8192
[  300.388741][ T7442] The buggy address is located 4872 bytes inside of
[  300.388741][ T7442]  freed 8192-byte region [ffff888047170000, ffff888047172000)
[  300.402716][ T7442] 
[  300.405039][ T7442] The buggy address belongs to the physical page:
[  300.411447][ T7442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47170
[  300.420219][ T7442] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  300.428727][ T7442] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  300.436281][ T7442] page_type: f5(slab)
[  300.440264][ T7442] raw: 00fff00000000040 ffff88801b042280 dead000000000100 dead000000000122
[  300.448848][ T7442] raw: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[  300.457453][ T7442] head: 00fff00000000040 ffff88801b042280 dead000000000100 dead000000000122
[  300.466140][ T7442] head: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[  300.474822][ T7442] head: 00fff00000000003 ffffea00011c5c01 ffffffffffffffff 0000000000000000
[  300.483499][ T7442] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  300.492168][ T7442] page dumped because: kasan: bad access detected
[  300.498597][ T7442] page_owner tracks the page as allocated
[  300.504310][ T7442] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5852, tgid 5852 (syz-executor), ts 78273989740, free_ts 26240671489
[  300.525675][ T7442]  post_alloc_hook+0x1f4/0x240
[  300.530470][ T7442]  get_page_from_freelist+0x365c/0x37a0
[  300.536031][ T7442]  __alloc_frozen_pages_noprof+0x292/0x710
[  300.541845][ T7442]  alloc_pages_mpol+0x311/0x660
[  300.546727][ T7442]  allocate_slab+0x8f/0x3a0
[  300.551239][ T7442]  ___slab_alloc+0xc27/0x14a0
[  300.555918][ T7442]  __slab_alloc+0x58/0xa0
[  300.560251][ T7442]  __kmalloc_noprof+0x2e6/0x4c0
[  300.565112][ T7442]  hci_alloc_dev_priv+0x27/0x2030
[  300.570146][ T7442]  vhci_create_device+0x116/0x6b0
[  300.575182][ T7442]  vhci_write+0x3cf/0x490
[  300.579520][ T7442]  vfs_write+0xacf/0xd10
[  300.583770][ T7442]  ksys_write+0x18f/0x2b0
[  300.588099][ T7442]  do_syscall_64+0xf3/0x230
[  300.592607][ T7442]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.598513][ T7442] page last free pid 1 tgid 1 stack trace:
[  300.604316][ T7442]  free_frozen_pages+0xe0d/0x10e0
[  300.609340][ T7442]  free_contig_range+0x14c/0x430
[  300.614280][ T7442]  destroy_args+0x94/0x4b0
[  300.618702][ T7442]  debug_vm_pgtable+0x551/0x590
[  300.623550][ T7442]  do_one_initcall+0x248/0x930
[  300.628326][ T7442]  do_initcall_level+0x157/0x210
[  300.633300][ T7442]  do_initcalls+0x71/0xd0
[  300.637632][ T7442]  kernel_init_freeable+0x435/0x5d0
[  300.642831][ T7442]  kernel_init+0x1d/0x2b0
[  300.647167][ T7442]  ret_from_fork+0x4b/0x80
[  300.651591][ T7442]  ret_from_fork_asm+0x1a/0x30
[  300.656363][ T7442] 
[  300.658687][ T7442] Memory state around the buggy address:
[  300.664312][ T7442]  ffff888047171200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  300.672377][ T7442]  ffff888047171280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  300.680437][ T7442] >ffff888047171300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  300.688506][ T7442]                       ^
[  300.692833][ T7442]  ffff888047171380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  300.700894][ T7442]  ffff888047171400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  300.708952][ T7442] ==================================================================
[  300.717709][    C1] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  300.728226][ T5840] Bluetooth: hci2: command tx timeout
[  300.733788][ T7442] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  300.741008][ T7442] CPU: 1 UID: 0 PID: 7442 Comm: kbnepd bnep0 Not tainted 6.14.0-rc6-syzkaller-01241-g702e3fa16cd4 #0
[  300.751874][ T7442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  300.761944][ T7442] Call Trace:
[  300.765226][ T7442]  <TASK>
[  300.768165][ T7442]  dump_stack_lvl+0x241/0x360
[  300.772853][ T7442]  ? __pfx_dump_stack_lvl+0x10/0x10
[  300.778060][ T7442]  ? __pfx__printk+0x10/0x10
[  300.782662][ T7442]  ? preempt_schedule+0xe1/0xf0
[  300.787528][ T7442]  ? vscnprintf+0x5d/0x90
[  300.791863][ T7442]  panic+0x349/0x880
[  300.795763][ T7442]  ? check_panic_on_warn+0x21/0xb0
[  300.800889][ T7442]  ? __pfx_panic+0x10/0x10
[  300.805303][ T7442]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  300.811289][ T7442]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  300.817646][ T7442]  ? print_report+0x519/0x5b0
[  300.822333][ T7442]  check_panic_on_warn+0x86/0xb0
[  300.827280][ T7442]  ? device_for_each_child+0xbb/0x1b0
[  300.832660][ T7442]  end_report+0x77/0x160
[  300.836911][ T7442]  kasan_report+0x154/0x180
[  300.841420][ T7442]  ? device_for_each_child+0xbb/0x1b0
[  300.846797][ T7442]  ? __pfx_dev_memalloc_noio+0x10/0x10
[  300.852266][ T7442]  device_for_each_child+0xbb/0x1b0
[  300.857469][ T7442]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  300.863817][ T7442]  ? __pfx_device_for_each_child+0x10/0x10
[  300.869629][ T7442]  ? _raw_spin_unlock_irq+0x23/0x50
[  300.874830][ T7442]  ? lockdep_hardirqs_on+0x99/0x150
[  300.880036][ T7442]  pm_runtime_set_memalloc_noio+0x114/0x260
[  300.885948][ T7442]  netdev_unregister_kobject+0x178/0x250
[  300.891589][ T7442]  unregister_netdevice_many_notify+0x1f2e/0x24f0
[  300.898028][ T7442]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  300.904807][ T7442]  ? __mutex_lock+0xba3/0x1010
[  300.909582][ T7442]  ? __mutex_lock+0x602/0x1010
[  300.914358][ T7442]  ? rtnl_net_dev_lock+0x271/0x320
[  300.919491][ T7442]  ? __pfx___mutex_lock+0x10/0x10
[  300.924524][ T7442]  ? __pfx_lock_release+0x10/0x10
[  300.929565][ T7442]  unregister_netdevice_queue+0x303/0x370
[  300.935299][ T7442]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  300.941550][ T7442]  ? rtnl_net_dev_lock+0x37/0x320
[  300.946584][ T7442]  ? rtnl_net_dev_lock+0x302/0x320
[  300.951707][ T7442]  ? rtnl_net_dev_lock+0x37/0x320
[  300.956748][ T7442]  unregister_netdev+0x1f/0x60
[  300.961522][ T7442]  bnep_session+0x2e4e/0x3040
[  300.966224][ T7442]  ? __pfx_bnep_session+0x10/0x10
[  300.971269][ T7442]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  300.977174][ T7442]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  300.983515][ T7442]  ? __pfx_woken_wake_function+0x10/0x10
[  300.989173][ T7442]  ? __kthread_parkme+0x169/0x1d0
[  300.994224][ T7442]  ? __pfx_bnep_session+0x10/0x10
[  300.999267][ T7442]  kthread+0x7a9/0x920
[  301.003342][ T7442]  ? __pfx_kthread+0x10/0x10
[  301.007937][ T7442]  ? __pfx_bnep_session+0x10/0x10
[  301.012972][ T7442]  ? __pfx_kthread+0x10/0x10
[  301.017565][ T7442]  ? __pfx_kthread+0x10/0x10
[  301.022159][ T7442]  ? __pfx_kthread+0x10/0x10
[  301.026756][ T7442]  ? _raw_spin_unlock_irq+0x23/0x50
[  301.031965][ T7442]  ? lockdep_hardirqs_on+0x99/0x150
[  301.037171][ T7442]  ? __pfx_kthread+0x10/0x10
[  301.041778][ T7442]  ret_from_fork+0x4b/0x80
[  301.046210][ T7442]  ? __pfx_kthread+0x10/0x10
[  301.050808][ T7442]  ret_from_fork_asm+0x1a/0x30
[  301.055588][ T7442]  </TASK>
[  301.058950][ T7442] Kernel Offset: disabled
[  301.063289][ T7442] Rebooting in 86400 seconds..