last executing test programs:

1m4.747761371s ago: executing program 1 (id=509):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='bbr\x00', 0x3)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)

52.236501448s ago: executing program 1 (id=509):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='bbr\x00', 0x3)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)

42.241501298s ago: executing program 1 (id=509):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='bbr\x00', 0x3)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)

35.754321554s ago: executing program 4 (id=912):
pipe(&(0x7f0000000600)={<r0=>0xffffffffffffffff})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r1}, 0x10)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r2, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10)
ioctl$int_in(r2, 0x5452, &(0x7f0000000080)=0x3)
r3 = socket$alg(0x26, 0x5, 0x0)
getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f0000000340)=""/108, &(0x7f00000001c0)=0x6c)
bind$alg(r3, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(cast6)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292", 0xc)
r4 = accept4(r3, 0x0, 0x0, 0x0)
recvmsg(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000000c0)=""/134, 0x86}], 0x1}, 0x2)
recvmmsg(r2, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)=""/17, 0x11}], 0x1}}], 0x1, 0x2, 0x0)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000400)={r5, 0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r7, &(0x7f0000000440)={0x28, 0x0, 0x2711, @my=0x1}, 0x10)
setsockopt$sock_attach_bpf(r6, 0x1, 0x2, 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r8, 0x84, 0x18, 0x0, &(0x7f0000000400))
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r8, 0x84, 0x70, &(0x7f0000000000)={0x0, @in={{0x2, 0x4e21, @remote}}, [0x5, 0x0, 0xccdd, 0x3f17, 0x10, 0x9b0, 0x8, 0x3, 0x8358, 0x5f36, 0x8, 0x0, 0x3, 0x5, 0x8]}, &(0x7f0000000140)=0x100)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x1b, 0x16, &(0x7f0000001900)=ANY=[@ANYBLOB="61104e00000000006113740000000000bfa00000000000000700000008ffffffd503010017740040950000000000000069163a0000000000bf67000000000000350607000fff07201706000020190000160300000ee60060bf050000000000007b650000000000006507f9ff01000000070700004d83dde4c375000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f17540faf80250aa20c669a5e12814cb1cea5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369226066812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000400c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20ceddf4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10fd7ed6735154beb4000000000000000000000000004000bc00f6746a9709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c1d926a0f6a5480a55c22fe3a5ac00000000000000000000000500002000000000fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e14d90deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b06ff7f0000000000007f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a1f37302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089e0b1c23c0f3cdad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a1a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631d22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0af1cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4c6ea9604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c29984864961a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a09d8be0fc5beecf153236c19740be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000000000000000000000000000000000000000000000001386866b311bd144bc32e059658c9f8342c90c1ade31b78072841b8b5a943d62a44cea6b050c42e3c205fad6a23fb43c93da0f49d911877265e6ee443e37397ecf89021e7f579e8d3a74c12b52938d91e9de07fc8eeeb9505f4a9c26266bf5449484ccc1317c7476"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

34.822585021s ago: executing program 4 (id=928):
socket$inet(0x2, 0x2, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x46, 0x0, &(0x7f00000000c0))
r1 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="480000001000010027bd7000fbdbdfa500000000", @ANYRES32=r3, @ANYBLOB="104e06000162010028001280110001006272696467655f736c6176650000000010000580050000000000000004001800584f"], 0x48}, 0x1, 0x0, 0x0, 0x2400c004}, 0x2)
socket$inet(0x2, 0x2, 0x0) (async)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0x0) (async)
getsockopt$inet6_int(r0, 0x29, 0x46, 0x0, &(0x7f00000000c0)) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) (async)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'}) (async)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="480000001000010027bd7000fbdbdfa500000000", @ANYRES32=r3, @ANYBLOB="104e06000162010028001280110001006272696467655f736c6176650000000010000580050000000000000004001800584f"], 0x48}, 0x1, 0x0, 0x0, 0x2400c004}, 0x2) (async)

34.678267882s ago: executing program 4 (id=929):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8b30, &(0x7f0000000040)={'wlan0\x00'})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r3, {}, {0x2, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3c0, 0x1e8, 0x1e8, 0xe8, 0x1e8, 0x2d8, 0x2d8, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1e8}}, {{@uncond, 0xc0, 0x100, 0x0, {0x0, 0x1e03}}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "2c3bb27d9d5b379b853c7744b526e29755ec721db80fdb00f95f8a608b8d"}}, {{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x410)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r0)

33.99680379s ago: executing program 4 (id=942):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000180)={0x80000020}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="300000001a00010000000000000000001c000000000000000000000014"], 0x30}}, 0x0)
r2 = getpid()
sendmsg$nl_netfilter(r1, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0x210, 0x10, 0x7, 0x101, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x5}, [@typed={0x8, 0xe9, 0x0, 0x0, @pid=r2}, @typed={0x8, 0x8d, 0x0, 0x0, @str='\xa3!.\x00'}, @nested={0x8, 0x88, 0x0, 0x1, [@nested={0x4, 0x100}]}, @generic="6fefc735cc220c8d33a536cd9c25611835b1e69509", @typed={0xc, 0x45, 0x0, 0x0, @str='}@&fV,-\x00'}, @nested={0x1bf, 0xb1, 0x0, 0x1, [@typed={0x4, 0xb}, @generic="0af466af9228b1bb7367f467a099a9e42a8237434508c6be660a10b9a6c55653e3031b09d2f716605bb37c4853acdc2e98fb52bea1d27ccf53493b65a6da013dd7f45cc0cd63aa167fbb0c6da684c39f1e35ab811f426aea422adb1dff1f9fa392a3f60423d21009bce4175fd60a988d9a127ddfd4466ebe20c14fd4b961216125d767fd2bfbbb43f5599119414869685da171add932d00509e9f794b012adecc607508954ffae0f62a401fd9f54b6582b82843e5bc0c52264f5bc486f76df136057105c7cb370c85ae086bc62abfa7a889191a3403690", @nested={0x4, 0x105}, @nested={0x4, 0xe0}, @nested={0x4, 0x13e}, @typed={0x8, 0x135, 0x0, 0x0, @ipv4=@local}, @typed={0xb6, 0xcc, 0x0, 0x0, @binary="8663c35eec6caafb137be8142001582811488bdf8cf83180049e316d9ac922af1bf7872189e0c59c5149a08b6d7e955f922d792dbffbb014ba6bce16ca04c24db03cf03485dc478cffa13c43295079fd7cc70d42a9666a28949f1bc528c7b0e8a9f44f7860d2c1040216562bc402847b19f364e059f13c2b4d5c9b250e0952579bed6f727d8d200a159e6fb52f9d4e8a3f7239a0135374fa458aaf3457d786ddc6440a0e5956d7f84ceaa49ae096e7f03909"}, @generic, @typed={0x14, 0xff, 0x0, 0x0, @ipv6=@local}]}]}, 0x210}, 0x1, 0x0, 0x0, 0x4000000}, 0x8040)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)={{0x14, 0x10, 0xc00e}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x4000000, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x7, 0x1, "ac3381"}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xc4}}, 0x0)

33.830357827s ago: executing program 4 (id=943):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="400100001000130427bd7000fbdbdf25fe800000000000000000000000000000ac1414bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414aa0000000000000000000000000000000032000000fe80000000000000000000000000bb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000b00000000000000000000000000000000800000400000000000000000000000fdffffff00000000003500000a000000000000000000000050001200726663343130362867636d286165732929000000000000000000000000000000000000000000005d000000000000000000080000000000000000000000000000200000006000000025cac521"], 0x140}}, 0x4000080)

33.719351544s ago: executing program 4 (id=946):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000340)={0x1d, r4, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
setsockopt$SO_J1939_FILTER(r3, 0x6b, 0x1, &(0x7f00000006c0)=[{0x2, 0x3, {0x1, 0x1, 0x3}, {0x1, 0x0, 0x4}, 0xfe}, {0x0, 0x10000000000003, {0x0, 0xff, 0x4}, {0x2}, 0xfe, 0xff}], 0x40)
sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r4, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)={0x30, r1, 0xb97534d5fe9704cf, 0x0, 0xfffffffc, {{0x12}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x58a4}]}, 0x30}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$can_j1939(0x1d, 0x2, 0x7) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00'}) (async)
bind$can_j1939(r3, &(0x7f0000000340)={0x1d, r4, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18) (async)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) (async)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081) (async)
setsockopt$SO_J1939_FILTER(r3, 0x6b, 0x1, &(0x7f00000006c0)=[{0x2, 0x3, {0x1, 0x1, 0x3}, {0x1, 0x0, 0x4}, 0xfe}, {0x0, 0x10000000000003, {0x0, 0xff, 0x4}, {0x2}, 0xfe, 0xff}], 0x40) (async)
sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r4, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) (async)
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)={0x30, r1, 0xb97534d5fe9704cf, 0x0, 0xfffffffc, {{0x12}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x58a4}]}, 0x30}}, 0x0) (async)

28.989087036s ago: executing program 1 (id=509):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='bbr\x00', 0x3)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)

18.596152448s ago: executing program 1 (id=509):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='bbr\x00', 0x3)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)

18.554444501s ago: executing program 32 (id=946):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000340)={0x1d, r4, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
setsockopt$SO_J1939_FILTER(r3, 0x6b, 0x1, &(0x7f00000006c0)=[{0x2, 0x3, {0x1, 0x1, 0x3}, {0x1, 0x0, 0x4}, 0xfe}, {0x0, 0x10000000000003, {0x0, 0xff, 0x4}, {0x2}, 0xfe, 0xff}], 0x40)
sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r4, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)={0x30, r1, 0xb97534d5fe9704cf, 0x0, 0xfffffffc, {{0x12}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x58a4}]}, 0x30}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$can_j1939(0x1d, 0x2, 0x7) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00'}) (async)
bind$can_j1939(r3, &(0x7f0000000340)={0x1d, r4, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18) (async)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) (async)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081) (async)
setsockopt$SO_J1939_FILTER(r3, 0x6b, 0x1, &(0x7f00000006c0)=[{0x2, 0x3, {0x1, 0x1, 0x3}, {0x1, 0x0, 0x4}, 0xfe}, {0x0, 0x10000000000003, {0x0, 0xff, 0x4}, {0x2}, 0xfe, 0xff}], 0x40) (async)
sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r4, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) (async)
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)={0x30, r1, 0xb97534d5fe9704cf, 0x0, 0xfffffffc, {{0x12}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x58a4}]}, 0x30}}, 0x0) (async)

4.150177427s ago: executing program 5 (id=1077):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@link_local={0x3}, @multicast, @val={@void, {0x8100, 0x0, 0x0, 0x2}}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @loopback, @multicast1}, "0a186371ae9b1c03"}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x6, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x49920d862a92153b, 0x70bd28, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

4.145274778s ago: executing program 2 (id=1201):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000009c0)=ANY=[@ANYBLOB="180000002d00090026bd7000000000000400000004001d"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0x84)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000001900438596c507dcb50000000000ba57415835c2f053de307d8dae3fec6093bc2deb787e6a96a532c664881a43c9e8cbbca84da606fc30f6d8211d135369c5689e9eef5932218de4f72d22386afd7bae7bd3ae9834b56f397a34a09df4c6f587b67db9ab0022f620a16095ad497c8259597a7e413abf5c180044a00ed357fb971361f5529f6a3296e987282fa104b4fbea671d23c2bbedf6f168da51be50f9541a301e4cbf92a896c935e3f000674019c0a313d69baa72f416e1f440419dc58f39bb3c03f923b1"], 0x1c}, 0x1, 0x0, 0x0, 0x26000800}, 0x0) (async)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendto$x25(r2, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0)

4.108810146s ago: executing program 1 (id=509):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='bbr\x00', 0x3)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)

2.902208149s ago: executing program 2 (id=1203):
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000fc0)={0x14, 0x3, 0x2, 0x301}, 0x14}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=@newlink={0x40, 0x10, 0x401, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bond={{0x9}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_INTERVAL={0x8, 0x7, 0x9}, @IFLA_BOND_ARP_IP_TARGET={0x4}]}}}]}, 0x40}}, 0x8004) (async)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=@newlink={0x40, 0x10, 0x401, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bond={{0x9}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_INTERVAL={0x8, 0x7, 0x9}, @IFLA_BOND_ARP_IP_TARGET={0x4}]}}}]}, 0x40}}, 0x8004)
readv(r1, &(0x7f0000000980)=[{&(0x7f0000000540)=""/50, 0x32}, {&(0x7f0000000580)=""/5, 0x5}, {&(0x7f00000005c0)=""/196, 0xc4}, {&(0x7f00000006c0)=""/50, 0x32}, {&(0x7f0000000700)=""/37, 0x25}, {&(0x7f0000000740)=""/67, 0x43}, {&(0x7f00000007c0)=""/232, 0xe8}, {&(0x7f00000008c0)=""/139, 0x8b}], 0x8)
readv(r0, &(0x7f0000001740)=[{&(0x7f00000011c0)=""/253, 0xfd}], 0x1)
readv(r0, &(0x7f0000000200)=[{&(0x7f0000000000)=""/192, 0xc0}, {&(0x7f00000000c0)=""/23, 0x17}, {&(0x7f0000000100)=""/55, 0x37}, {&(0x7f0000000140)=""/152, 0x98}], 0x4)
readv(r0, &(0x7f0000000500)=[{&(0x7f0000000240)=""/163, 0xa3}, {&(0x7f0000000300)=""/225, 0xe1}, {&(0x7f0000000400)=""/46, 0x2e}, {&(0x7f0000000440)=""/155, 0x9b}], 0x4)

2.893854189s ago: executing program 3 (id=1204):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0xd, @loopback}, 0x1c) (async)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000140), 0x8) (async)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
sendmsg$nl_route(r0, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)=ANY=[@ANYBLOB="5c000000520010002dbd7000fcdbdf250a00000300f2040000080003000600000008000200a04843600800030002000000080003000400000008000500ffffff7f080003000100000008000200f403000008000100", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00'], 0x5c}, 0x1, 0x0, 0x0, 0x4810}, 0x404c084)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x2, 0x5, 0x500, 0x0, 0x360, 0xffffffff, 0x210, 0x120, 0x430, 0x430, 0xffffffff, 0x430, 0x430, 0x5, 0x0, {[{{@uncond, 0x0, 0xd8, 0x120, 0x0, {}, [@common=@ah={{0x30}}]}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x5, @ipv4=@local, @ipv6=@mcast2, @icmp_id, @gre_key}}}, {{@ipv6={@private2, @rand_addr=' \x01\x00', [], [], 'pim6reg1\x00', 'lo\x00'}, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x3, @ipv4=@loopback, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @icmp_id}}}, {{@uncond, 0x0, 0x108, 0x150, 0x0, {}, [@common=@icmp6={{0x28}, {0x0, "954f"}}, @common=@unspec=@devgroup={{0x38}}]}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0x0, @ipv6=@local, @ipv6=@empty, @port, @icmp_id}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x560)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="7800000010000304000000000000000000007400", @ANYRES32=0x0, @ANYBLOB="00000000600000005800128008000100677470004c00028008000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32=r0], 0x78}}, 0x0) (async, rerun: 64)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106) (rerun: 64)
setsockopt$sock_int(r3, 0x1, 0x21, &(0x7f00000001c0), 0x4)
setsockopt$inet_int(r3, 0x0, 0x1, &(0x7f0000000000)=0xff, 0x4)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10)
setsockopt$inet_mreqsrc(r3, 0x0, 0x25, &(0x7f00000006c0)={@rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, 0xc)

2.893448431s ago: executing program 5 (id=1205):
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f00000000c0)="240000005f005f03a9f9f4ba0a1f0000000000000000ecffffffffffffff000000000000", 0x24)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000080)={'syztnl2\x00', &(0x7f0000000100)={'gre0\x00', <r2=>0x0, 0x700, 0x40, 0xa, 0x7, {{0xa, 0x4, 0x2, 0x1e, 0x28, 0x66, 0x0, 0x3, 0x29, 0x0, @broadcast, @private=0xa010102, {[@rr={0x7, 0x13, 0x2d, [@multicast1, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x28}]}]}}}}})
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000140)={'wg2\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0x4290, 0x10060}, [@IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x27ed6}]}, 0x28}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r7=>0x0})
bind$can_j1939(r6, &(0x7f0000000340)={0x1d, r7, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
sendmsg$nl_route_sched(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r7, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r9=>0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@ipv6_newroute={0x38, 0x18, 0x1, 0x0, 0x25dfdbff, {}, [@RTA_OIF={0x8, 0x4, r9}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x7}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @SEG6_LOCAL_ACTION={0x8, 0x1, 0x8}}]}, 0x38}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000180)={'syztnl2\x00', &(0x7f0000000200)={'syztnl2\x00', <r11=>0x0, 0x8, 0x20, 0x8, 0x9, {{0xf, 0x4, 0x1, 0x1a, 0x3c, 0x67, 0x0, 0x3, 0x4, 0x0, @multicast1, @private=0xa010101, {[@ra={0x94, 0x4}, @end, @timestamp={0x44, 0x1c, 0xe0, 0x0, 0x6, [0xfffffff7, 0xfff, 0x8c5, 0x3, 0x0, 0x6]}, @ra={0x94, 0x4}]}}}}})
getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000280)={@private1, <r12=>0x0}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000300)=@RTM_NEWMDB={0xf8, 0x54, 0x10, 0x70bd27, 0x25dfdbff, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x0, 0x1, 0x0, {@ip4=@broadcast}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r4, 0x1, 0x2, 0x3, {@ip4=@rand_addr=0x64010101, 0x8add}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r7, 0x1, 0x2, 0x0, {@in6_addr=@ipv4={'\x00', '\xff\xff', @empty}, 0x800}}}, @MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x2, 0x4, {@in6_addr=@mcast1, 0x86dd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r9, 0x0, 0x81e3640ff8b180a6, 0x0, {@ip4=@rand_addr=0x64010100, 0x86dd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r11, 0x0, 0x3, 0x3, {@in6_addr=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x400}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r12, 0x1, 0x1, 0x4, {@ip4=@empty, 0x800}}}]}, 0xf8}}, 0x0)
ioctl$IMGETVERSION(r0, 0x80044942, &(0x7f0000000000))

2.745432118s ago: executing program 0 (id=1206):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f00000000c0)=0x10)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f00000001c0)=r1, 0x4)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet6(0xa, 0x80001, 0x0)
getsockopt$inet_sctp6_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000080)={r1, 0x3}, &(0x7f0000000140)=0x8)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000040)=[@in={0x2, 0x4e64, @loopback}], 0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x1d, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0xae}}]}, &(0x7f0000000180)='syzkaller\x00', 0x4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
shutdown(r0, 0x0) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f00000000c0)=0x10) (async)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f00000001c0)=r1, 0x4) (async)
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
socket$inet6(0xa, 0x80001, 0x0) (async)
getsockopt$inet_sctp6_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000080)={r1, 0x3}, &(0x7f0000000140)=0x8) (async)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000040)=[@in={0x2, 0x4e64, @loopback}], 0x2) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x1d, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0xae}}]}, &(0x7f0000000180)='syzkaller\x00', 0x4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)

2.550574671s ago: executing program 0 (id=1207):
r0 = socket$inet_udp(0x2, 0x2, 0x0) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000060a0b0400000000000000000200000054000480500001800a000100696e6e65720000004000028008000240"], 0xa8}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x2}, {0xffff, 0xffff}, {0x4, 0xf}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_TARGET={0x8, 0x1, 0xa000}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x404c810}, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0}) (async)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r2, @ANYRES8=r0, @ANYRES16=r1, @ANYRESHEX=r1], 0x270}, 0x1, 0x0, 0x0, 0x8015}, 0x4) (async)
vmsplice(r0, &(0x7f0000000cc0)=[{&(0x7f0000000000)='gT/\\', 0x4}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, 0x8)

2.117736762s ago: executing program 2 (id=1208):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x4, 0x70bd2a, 0x0, {0x0, 0x0, 0x74, 0x0, 0x40000}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_MLD_VERSION={0x5, 0x2c, 0x7}, @IFLA_BR_GROUP_FWD_MASK={0x6, 0x9, 0x10}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4c010}, 0x20004410)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
writev(r2, &(0x7f0000000200)=[{&(0x7f0000000080)='/', 0x1}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(r3, 0x84, 0x0, &(0x7f0000000080)=""/4057, &(0x7f0000000000)=0xfd9)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge0\x00'})
sendmsg$ETHTOOL_MSG_DEBUG_SET(r4, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000300)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002002000000004000100080004"], 0x44}}, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r6 = accept4(r1, 0x0, 0x0, 0x80800)
sendmmsg(r6, &(0x7f0000000500)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000300)="dbe9dd529a865825a183b18429c03e5286dd065074fe0160292b5cfb887e13444b1f5f2fa8580ba08cb7b6a20d3cc9aa6879f886abad810eb50d2ece226848a22f8a62acf4a91e16f5d76aa5614dda29cc281bb53b78599180b68855fc9fdffb5ab9a6fccbb16a2eb8364dc4da7bbb144181125af897c4171218ef2892c9c8dc9a69fbc9161fa4c0108849b0378d5141919dc1569fee", 0x96}, {&(0x7f00000004c0)="ed", 0x1}, {&(0x7f0000000600)="5ef2a3cec38c44a0b9a541499eeb425b1982ccd446a6b4cfa8bf555ca2d549d49e405b220cfee005880c66bc383bdffcb106c9dee849e90be53bbbb0bfee34e031c4d924a5b966115e", 0x49}], 0x3}}], 0x1, 0x88014)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000196000/0x1000)=nil, 0x1000, 0x0, 0x840000000000a132, 0xffffffffffffffff, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='freezer.parent_freezing\x00', 0x275a, 0x0)
mmap(&(0x7f00008b7000/0x4000)=nil, 0x4000, 0x0, 0x13, r8, 0x0)
mmap(&(0x7f00005d3000/0x4000)=nil, 0x4000, 0x0, 0x12, r7, 0x0)
mmap(&(0x7f00004a3000/0x1000)=nil, 0x1000, 0x0, 0x13, r7, 0x0)
mmap(&(0x7f0000071000/0x4000)=nil, 0x4000, 0x0, 0x13, r8, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
mmap(&(0x7f000015b000/0x3000)=nil, 0x3000, 0x800001, 0x10012, r9, 0x0)
mmap(&(0x7f000086a000/0x2000)=nil, 0x2000, 0x4, 0x11, r7, 0x2000)
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff002, 0x0, 0x2000000000032, 0xffffffffffffffff, 0x0)

2.109054945s ago: executing program 0 (id=1209):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200001400e800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000440)={r4}, 0xc)
r5 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r5, &(0x7f00000009c0)={0x24, @none={0x0, 0xfffc}}, 0x14)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="300000000308010200000000000000050003002900000014000480080007400000000008000540000000000000000000"], 0x30}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000080)={'team0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newqdisc={0x70, 0x24, 0xe23, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_pie={{0x8}, {0x3c, 0x2, [@TCA_PIE_TUPDATE={0x8, 0x3, 0x9}, @TCA_PIE_BYTEMODE={0x8}, @TCA_PIE_ECN={0x8}, @TCA_PIE_ECN={0x8, 0x6, 0x1}, @TCA_PIE_LIMIT={0x8, 0x2, 0xf}, @TCA_PIE_BYTEMODE={0x8}, @TCA_PIE_ALPHA={0x8, 0x4, 0x4}]}}, @TCA_RATE={0x6, 0x2}]}, 0x70}}, 0x0)

1.802480634s ago: executing program 5 (id=1210):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000))
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000100000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0xa}}], {0x14}}, 0x3c}}, 0x0)
pipe(&(0x7f0000000380))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0xe, 0x0, 0x0, &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)={0x24, r4, 0x1, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x5}, 0x4004080)
socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8cc62}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x40, r4, 0x200, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_DURATION={0x8, 0x57, 0xa7b}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0xc, 0xcd, [0x2, 0x40, 0x40, 0x7ff]}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4080}, 0x20000004)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e", 0x19}, {&(0x7f00000000c0)="bc58020000007d081d465efc580e86eb7f27539c09", 0x15}], 0x2}, 0x0)

1.802030445s ago: executing program 3 (id=1211):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), r1)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x12, 0x1, 0x0, 0x0, {{@in6=@empty, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1, 0x1, 0x3}}, 0xb8}}, 0x0)

1.795667271s ago: executing program 0 (id=1212):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x5, 0x5)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(0xffffffffffffffff, 0x80286722, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000020000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000380)=@broute={'broute\x00', 0x5e04, 0x3, 0x90, [0x0, 0x0, 0x400000000400], 0x2, 0x0, &(0x7f0000000400)=[{}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x1}]}, 0x108)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c00000010001fff000000008000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000203f0000240012800b00010067726574617000001400028006000e000100000008000700ffffffff08000a00", @ANYRES32=r2, @ANYBLOB="cf29acbff1eb1d9197828faa82fc041f024ef24894e64ef62c94cc6b423869ffcbe04400560c92bfc5ff2ce9981a32cf5da2256b403804f915a416413960a3c3d8bf4666cd0bd3bd6e67bbbd5089a19d6b23623bd8d86920e1172a379eea86a794ab"], 0x4c}, 0x1, 0x0, 0x0, 0x40005}, 0x40000)

1.685552649s ago: executing program 2 (id=1213):
syz_emit_ethernet(0x66, &(0x7f0000000280)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x30, 0x3a, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, @mcast2, {[], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, '%kT', 0x0, 0x2b, 0x0, @mcast1, @dev}}}}}}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff)
r3 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r3, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000840)=ANY=[@ANYBLOB="1c00000022000106"], 0x1c}], 0x1}, 0x0)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x28, r2, 0x1, 0x70bd26, 0x25dfdbfb, {{}, {}, {0xc, 0x14, 'syz0\x00'}}}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r0, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r2, 0x0, 0x70bd29, 0x25dfdbfd, {}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000800}, 0x4001)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x0}, 0x20008800)
r4 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x2f, &(0x7f0000000080), 0x24)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000006c0)={'wlan0\x00', <r5=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x5c, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x2c}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x5c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xc, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000dd0a00000000000073013f00000000009500170000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x28, r7, 0x411, 0x70bd30, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x1, 0x38}}}}}, 0x28}}, 0x40004)

1.620423554s ago: executing program 3 (id=1214):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2, 0x0, 0x3}}, 0x2e)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000540)={{{@in, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x80}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {{@in=@multicast2, 0x0, 0x32}, 0x0, @in=@local}}, 0xe8)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="cd03aff0f8ffb158", @ANYRES16=r2, @ANYBLOB="01002cbd70100400000005000000080009000200000008000c00a80a0000060001000500000008000b0002000000"], 0x34}}, 0x20000034)

1.51078012s ago: executing program 3 (id=1215):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0) (async)
r5 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) (async)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r6, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x60, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003001008000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r6], 0x5c}}, 0x40) (async)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@newlink={0x20, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r6, 0xe1f}}, 0x20}}, 0x0) (async)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060", @ANYRESOCT, @ANYRES8=0x0], 0xb8}}, 0x20040014)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfe, {{@in6=@private0, @in=@remote, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x60, 0x3b, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, 0x9, 0x0, 0x0, 0x0, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50) (async)
sendto$inet6(r0, &(0x7f00000003c0)="ff094012e05b34eb7760a954da6d8eca3d240e1367fe5124704f6aaf798db62d81227424704b07120e0a0bf96d1bec76b3589b0460170fffebd3e0b7b373b93236ced78d3abedf003da0942365ba30a3ec7193543b57a8c69d", 0x59, 0x20000080, &(0x7f0000000140)={0xa, 0x4e23, 0x8, @mcast2, 0xfffffffa}, 0x1c) (async)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6) (async)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
sendmsg$nl_xfrm(r9, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x25dfdbfe, {{@in6=@private0={0xfc, 0x0, '\x00', 0x40}, @in6=@ipv4={'\x00', '\xff\xff', @loopback}, 0x0, 0x400, 0x0, 0x0, 0xa, 0x60, 0x80, 0x0, 0x0, 0xee01}, {}, {}, 0x1}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000200000000000000000000000000ac1e0001000000000000000000000000000000000000000a00400000000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="0000000000000000000000000000000009000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500"/112], 0xb8}}, 0x4000)

499.131186ms ago: executing program 2 (id=1216):
r0 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r0, &(0x7f0000000580)={&(0x7f0000001340)=@sco, 0x80, 0x0}, 0x4080)
r1 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={0xffffffffffffffff}, 0x4)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)

452.587647ms ago: executing program 0 (id=1217):
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180)=0xffffffffffffffff, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r0, 0x5, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000000)=0x5, 0x4) (async)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000000)=0x5, 0x4)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
listen(r3, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0xff, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r4=>0x0})
socket$inet_udp(0x2, 0x2, 0x0) (async)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) (async)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'none\x00', 0x28, 0x85, 0x1000004f}, 0x2c)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r6, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000000)={<r7=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r6, 0x84, 0x22, &(0x7f0000000080)={0x3, 0x8200, 0x5, 0x10001, r7}, &(0x7f00000000c0)=0x10)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="34000000f7bc88e922c8ee97d74e82135cef1400fe8cfb380a000000", @ANYRES32=r4, @ANYBLOB="140001005c4f5e6039c557cc27bc8d744cd9a0560735ea697471ed1abbd9d1c6567d788566a33d5f0fd5f9c4f1006e99001fcad7b0e8929f12805573f72f3417836f130b1ca822d15598"], 0x34}}, 0x4004000) (async)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="34000000f7bc88e922c8ee97d74e82135cef1400fe8cfb380a000000", @ANYRES32=r4, @ANYBLOB="140001005c4f5e6039c557cc27bc8d744cd9a0560735ea697471ed1abbd9d1c6567d788566a33d5f0fd5f9c4f1006e99001fcad7b0e8929f12805573f72f3417836f130b1ca822d15598"], 0x34}}, 0x4004000)

342.206319ms ago: executing program 2 (id=1218):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r1, 0x100, 0x70bd2c, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x38}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x80)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000140)={{{@in=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0, <r3=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@remote}}, &(0x7f0000000240)=0xe8)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@empty, @in6=@empty, 0x4e23, 0x3, 0x4e24, 0xd, 0xa, 0xa0, 0x80, 0x3c, 0x0, r3}, {0x7, 0x9, 0x2, 0x1, 0x4, 0x4c8f, 0x2, 0xfffffffffffffff7}, {0x8, 0x0, 0x9, 0x80000001}, 0x0, 0x6e6bb1, 0x0, 0x0, 0x1, 0x2}, {{@in=@empty, 0x4d6, 0x32}, 0x2, @in=@multicast2, 0x0, 0x2, 0x1, 0x0, 0x3, 0x5, 0x7}}, 0xe8)
socket$packet(0x11, 0x3, 0x300)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f00000003c0)='blkio.throttle.io_serviced\x00', 0x0, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$NFC_CMD_GET_TARGET(r6, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x14, r7, 0x100, 0x70bd2c, 0x0, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0xc040}, 0x4000)
ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000540)={0x1})
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, r5, 0x8, '\x00', 0x0, r5, 0x4, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000600)={r8}, 0x4)
syz_80211_join_ibss(&(0x7f0000000640)='wlan1\x00', &(0x7f0000000680)=@default_ap_ssid, 0x6, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
syz_80211_join_ibss(&(0x7f00000006c0)='wlan0\x00', &(0x7f0000000700)=@random="56b9d632fd8978e4e8c11d8ba92831c8a42e2962eb1a8dcd", 0x18, 0x0)
r9 = accept4$phonet_pipe(r5, &(0x7f0000000740), &(0x7f0000000780)=0x10, 0x80800)
ioctl$SIOCPNGETOBJECT(r9, 0x89e0, &(0x7f00000007c0)=0xa)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$TUNATTACHFILTER(r5, 0x401054d5, &(0x7f0000000840)={0x1, &(0x7f0000000800)=[{0xc, 0x5, 0x18, 0x3ff}]})
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000880)={'wlan1\x00'})
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f00000008c0)={'rose0\x00', <r11=>0x0})
sendto$netrom(r5, &(0x7f0000000900)="215733eb888938b5708c78e0f963c1b5a63c6744d8431b4b2e3a1b0dc0a0bff7e12dae9d2768e5c79e306313b27ad84dd8b84638b7c85833f3f4826257d0a99f0029edd009988f3367fdb18ea6ab4ece7acf3b7a65d45e003cf5fd89ca564bbb30b957925e5f6eb5a4ed1e0dfb3dcdf467", 0x71, 0x1, &(0x7f0000000980)={{0x3, @null, 0x5}, [@bcast, @bcast, @default, @null, @null, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
write$cgroup_subtree(r5, &(0x7f0000000a00)={[{0x2b, 'io'}, {0x2d, 'hugetlb'}, {0x2b, 'pids'}, {0x2b, 'blkio'}]}, 0x1a)
setsockopt$bt_BT_CHANNEL_POLICY(r5, 0x112, 0xa, &(0x7f0000000a40)=0x2, 0x4)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000ac0), r0)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r12, &(0x7f0000000cc0)={&(0x7f0000000a80), 0xc, &(0x7f0000000c80)={&(0x7f0000000b00)={0x144, r13, 0x200, 0x70bd25, 0x25dfdbfb, {}, [@HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}]}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}]}]}, 0x144}, 0x1, 0x0, 0x0, 0x4000000}, 0x24040044)

341.58646ms ago: executing program 3 (id=1219):
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000080), &(0x7f0000000340)=r1}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x9, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r3, 0x5, 0xb8, 0x0, &(0x7f00000003c0)="00e500000000aaf90f0041acde1a3f9ea96b12be5fe784fa6ac5b2a590e7987b281e5b5e423b2bf0f1d76affcc98659360c3399cfd0b47d51216d3ec08ad850240f59fad311d8b769c82fdfd5b269bd5769a2fda8afbe3598766471dd48ab5402c919b9c8b43b994dbb762cb937c18095ee987d8bfdb14e3f34147f747a09f2306efe8b98e097d30b674833beba737ba519649c6f66a51f3a70d195f237c47f73c2ff50afe07e31bb9c95959c8d2aa297d85e1962d1158d8", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r3, 0x5, 0xb8, 0x0, &(0x7f00000003c0)="00e500000000aaf90f0041acde1a3f9ea96b12be5fe784fa6ac5b2a590e7987b281e5b5e423b2bf0f1d76affcc98659360c3399cfd0b47d51216d3ec08ad850240f59fad311d8b769c82fdfd5b269bd5769a2fda8afbe3598766471dd48ab5402c919b9c8b43b994dbb762cb937c18095ee987d8bfdb14e3f34147f747a09f2306efe8b98e097d30b674833beba737ba519649c6f66a51f3a70d195f237c47f73c2ff50afe07e31bb9c95959c8d2aa297d85e1962d1158d8", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)

280.125575ms ago: executing program 5 (id=1220):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r1, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x38, 0x0, 0x1, 0x0, 0x0, {0x6, 0x0, 0x900}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @private}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @multicast1=0xe0000002}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'dummy0\x00'}]}, 0x38}, 0x2, 0x34005}, 0x0)
r2 = socket$phonet(0x23, 0x2, 0x1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ADD(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d00)={0x14, r4, 0x4c1dad3e3d6a7499, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000880}, 0x20000000)
ioctl$SIOCPNDELRESOURCE(r2, 0x89ee, &(0x7f0000000300))
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[], 0x44}}, 0x4001)
socket$nl_route(0x10, 0x3, 0x0) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r1, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x38, 0x0, 0x1, 0x0, 0x0, {0x6, 0x0, 0x900}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @private}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @multicast1=0xe0000002}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'dummy0\x00'}]}, 0x38}, 0x2, 0x34005}, 0x0) (async)
socket$phonet(0x23, 0x2, 0x1) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff) (async)
sendmsg$TIPC_NL_BEARER_ADD(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d00)={0x14, r4, 0x4c1dad3e3d6a7499, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000880}, 0x20000000) (async)
ioctl$SIOCPNDELRESOURCE(r2, 0x89ee, &(0x7f0000000300)) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[], 0x44}}, 0x4001) (async)

162.297166ms ago: executing program 3 (id=1221):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x4e, &(0x7f00000003c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd318", 0x18, 0x6, 0xff, @private1={0xfc, 0x1, '\x00', 0x6}, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@generic={0x8, 0x2}]}}}}}}}}, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)={0x50, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x50}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0x1, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0x10001, 0xa289, 0xe33, 0x41, 0x1, 0xe62, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x3, 0x9, @void, @value, @void, @value}, 0x50)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000300)={'batadv_slave_0\x00', <r3=>0x0})
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000340)={<r4=>r0, 0x6, 0xe7a4, 0x491e})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x7, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xd, 0x3, 0x4, 0x1, 0x0, r5, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r6}, &(0x7f0000000840), &(0x7f0000000880)=r5}, 0x20)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000440)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x4)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x12, 0x9, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000780)={@map=r9, 0x4, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$FS_IOC_SETFLAGS(r10, 0x40086602, &(0x7f0000000080)=0x20)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x42073, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r11, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r11, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r10, 0x29, 0x36, &(0x7f0000000600)={0x3a, 0x6, '\x00', [@calipso={0x7, 0x10, {0x1, 0x2, 0x8, 0x9, [0x0]}}, @hao={0xc9, 0x10, @rand_addr=' \x01\x00'}, @hao={0xc9, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, 0x40)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x1c, &(0x7f0000000180)=@raw=[@map_idx_val={0x18, 0x5, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0xd1d4}, @cb_func={0x18, 0x7, 0x4, 0x0, 0x5}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xa36}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xf}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0xd08d6562a1c4f583}}, @map_val={0x18, 0x2, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x3ff}, @initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @jmp={0x5, 0x0, 0x2, 0xb, 0x7, 0x18, 0x1}], &(0x7f0000000280)='syzkaller\x00', 0x30000, 0x0, 0x0, 0x41000, 0xa, '\x00', r3, 0x25, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000400)={0x5, 0x5, 0x4, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000500)=[r5, r7, 0x1, r8, 0xffffffffffffffff, r9, r10, r11, 0xffffffffffffffff], 0x0, 0x10, 0x4, @void, @value}, 0x94)

62.37798ms ago: executing program 5 (id=1222):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
r0 = accept4$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000000c0)=0x14, 0x0)
sendto$packet(r0, &(0x7f0000000100)="33c681b5c0026596da8b1385140419b0db178855e19393c0271a932a648574299becf11df08d5734c4a7b373248473f004b7f8", 0x33, 0x0, 0x0, 0x0)
socket$unix(0x1, 0x2, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
unshare(0x20400)

9.948765ms ago: executing program 5 (id=1223):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r1=>0x0})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000600)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000640), &(0x7f0000000680)=0x4)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x68, r3, 0x1, 0x70bd29, 0x0, {{0x2}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x41, 0x5f}}}}, [@chandef_params, @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x14d}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x354}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xfffffff8}]]}, 0x68}}, 0x8000)
r4 = socket(0x1a, 0x80000, 0x6)
recvmsg$can_j1939(r4, &(0x7f00000002c0)={&(0x7f0000000000)=@l2={0x1f, 0x0, @fixed}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000080)=""/137, 0x89}, {&(0x7f0000000140)=""/94, 0x5e}], 0x2, &(0x7f0000000200)=""/141, 0x8d}, 0x62)

0s ago: executing program 0 (id=1224):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r1, &(0x7f0000000240)={@val={0x8, 0x19}, @val={0x5c6af16bcc270d8, 0x0, 0x0, 0x300, 0x14}, @ipv4=@tcp={{0x5, 0x4, 0x0, 0x3c, 0x28, 0x0, 0x0, 0x0, 0x2f, 0x0, @remote, @broadcast}, {{0xa200, 0x22eb, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}, 0x36)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0xc, &(0x7f0000000000)=0x3, 0x4)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x41, 0x3, 0x228, 0x0, 0xa, 0x9a000000, 0xf8, 0x0, 0x190, 0x1f0, 0x1f0, 0x190, 0x1f0, 0x3, 0x0, {[{{@ip={@rand_addr=0x64010101, @remote, 0x0, 0x0, 'veth0\x00', 'wg1\x00', {}, {}, 0x6}, 0x0, 0xd0, 0xf8, 0x0, {0x0, 0xffffffffa0028000}, [@common=@inet=@tcp={{0x30}}, @common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x2, 0xf}}]}, @common=@inet=@TCPMSS={0x28}}, {{@ip={@multicast2, @broadcast, 0x0, 0x0, 'veth0_vlan\x00', 'ip6gretap0\x00'}, 0x0, 0x70, 0x98}, @common=@inet=@SET1={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x288)

kernel console output (not intermixed with test programs):

ce bond0
[   90.272651][ T3944] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.279832][ T3944] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.308365][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.317917][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[   90.379547][ T3944] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.386715][ T3944] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.436363][ T5839] 8021q: adding VLAN 0 to HW filter on device team0
[   90.465320][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.472571][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.513542][ T4878] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.520853][ T4878] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.553597][ T4878] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.560835][ T4878] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.714328][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.742653][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.790881][ T5843] 8021q: adding VLAN 0 to HW filter on device team0
[   90.831195][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[   90.858563][ T5109] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.866141][ T5109] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.912404][ T5109] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.919614][ T5109] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.954517][ T5109] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.961723][ T5109] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.985919][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.035929][ T4878] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.043153][ T4878] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.279140][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.295047][ T5830] veth0_vlan: entered promiscuous mode
[   91.341230][ T5830] veth1_vlan: entered promiscuous mode
[   91.356516][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.532336][ T5830] veth0_macvtap: entered promiscuous mode
[   91.561554][ T5830] veth1_macvtap: entered promiscuous mode
[   91.583094][ T5839] veth0_vlan: entered promiscuous mode
[   91.625153][ T5839] veth1_vlan: entered promiscuous mode
[   91.639640][ T5831] veth0_vlan: entered promiscuous mode
[   91.678818][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.719797][ T5831] veth1_vlan: entered promiscuous mode
[   91.739688][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.785506][ T5839] veth0_macvtap: entered promiscuous mode
[   91.796732][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.839902][ T5830] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.851236][ T5830] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.861835][ T5830] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.870575][ T5845] Bluetooth: hci0: command tx timeout
[   91.870614][ T5845] Bluetooth: hci4: command tx timeout
[   91.882373][ T5830] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.892879][ T1222] cfg80211: failed to load regulatory.db
[   91.903999][ T5839] veth1_macvtap: entered promiscuous mode
[   91.938194][ T5841] Bluetooth: hci2: command tx timeout
[   91.938540][ T5845] Bluetooth: hci1: command tx timeout
[   91.943626][ T5841] Bluetooth: hci3: command tx timeout
[   91.963859][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.976137][ T5831] veth0_macvtap: entered promiscuous mode
[   92.010310][ T5831] veth1_macvtap: entered promiscuous mode
[   92.067662][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.095782][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.112522][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.133846][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.162236][ T5831] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.173442][ T5831] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.190060][ T5831] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.198865][ T5831] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.224638][ T5839] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.241944][ T5839] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.251157][ T5839] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.261361][ T5839] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.331899][ T5833] veth0_vlan: entered promiscuous mode
[   92.340707][ T4878] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.349648][ T4878] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.430819][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.440097][ T5833] veth1_vlan: entered promiscuous mode
[   92.451334][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.540907][ T5843] veth0_vlan: entered promiscuous mode
[   92.566537][ T5830] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   92.582173][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.605764][ T5843] veth1_vlan: entered promiscuous mode
[   92.616653][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.666423][ T5833] veth0_macvtap: entered promiscuous mode
[   92.685265][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.693976][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.740773][ T5833] veth1_macvtap: entered promiscuous mode
[   92.786259][ T4878] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.796331][ T4878] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.830052][ T4878] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.849323][ T4878] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.891510][ T5843] veth0_macvtap: entered promiscuous mode
[   92.924248][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.963653][ T5843] veth1_macvtap: entered promiscuous mode
[   92.983370][ T5927] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6'.
[   92.994141][ T5927] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6'.
[   93.005159][ T5927] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6'.
[   93.024317][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.069766][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.096743][ T5833] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.117738][ T5833] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.147347][ T5833] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.168904][ T5833] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.195894][ T5932] netlink: 'syz.3.4': attribute type 1 has an invalid length.
[   93.203956][ T5932] netlink: 'syz.3.4': attribute type 4 has an invalid length.
[   93.206216][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.218684][ T5932] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.4'.
[   93.230053][ T5933] netlink: 'syz.2.3': attribute type 12 has an invalid length.
[   93.239034][ T5933] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3'.
[   93.328927][ T5843] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.338734][ T5843] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.348866][ T5843] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.357974][ T5843] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.454935][ T5942] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   93.601745][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.633240][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.766081][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.785186][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.822573][ T3944] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.861849][ T3944] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.937355][ T5841] Bluetooth: hci4: command tx timeout
[   93.941930][ T5845] Bluetooth: hci0: command tx timeout
[   93.954487][ T5952] IPVS: set_ctl: invalid protocol: 94 172.20.20.67:20002
[   94.005982][ T5109] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.006103][ T5955] Driver unsupported XDP return value 0 on prog  (id 4) dev N/A, expect packet loss!
[   94.018187][ T5845] Bluetooth: hci1: command tx timeout
[   94.028880][ T5845] Bluetooth: hci2: command tx timeout
[   94.034315][ T5845] Bluetooth: hci3: command tx timeout
[   94.048817][ T5957] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1'.
[   94.058172][ T5109] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.147714][ T5960] netlink: 40 bytes leftover after parsing attributes in process `syz.2.14'.
[   94.274104][ T5960] bond0: entered promiscuous mode
[   94.285341][ T5960] bond_slave_0: entered promiscuous mode
[   94.319952][ T5967] netlink: 40 bytes leftover after parsing attributes in process `syz.2.14'.
[   94.332026][ T5960] bond_slave_1: entered promiscuous mode
[   94.403605][ T5960] bond0: entered allmulticast mode
[   94.432613][ T5960] bond_slave_0: entered allmulticast mode
[   94.456924][ T5960] bond_slave_1: entered allmulticast mode
[   94.463141][ T5978] FAULT_INJECTION: forcing a failure.
[   94.463141][ T5978] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   94.548691][ T5978] CPU: 0 UID: 0 PID: 5978 Comm: syz.0.19 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[   94.548720][ T5978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.548735][ T5978] Call Trace:
[   94.548747][ T5978]  <TASK>
[   94.548756][ T5978]  dump_stack_lvl+0x189/0x250
[   94.548800][ T5978]  ? __pfx_dump_stack_lvl+0x10/0x10
[   94.548837][ T5978]  ? __pfx__printk+0x10/0x10
[   94.548909][ T5978]  should_fail_ex+0x414/0x560
[   94.548936][ T5978]  _copy_to_user+0x31/0xb0
[   94.548965][ T5978]  simple_read_from_buffer+0xe1/0x170
[   94.548995][ T5978]  proc_fail_nth_read+0x1df/0x250
[   94.549028][ T5978]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   94.549059][ T5978]  ? rw_verify_area+0x258/0x650
[   94.549080][ T5978]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   94.549109][ T5978]  vfs_read+0x1fd/0x980
[   94.549137][ T5978]  ? __pfx___mutex_lock+0x10/0x10
[   94.549163][ T5978]  ? __pfx_vfs_read+0x10/0x10
[   94.549186][ T5978]  ? __fget_files+0x2a/0x420
[   94.549215][ T5978]  ? __fget_files+0x3a0/0x420
[   94.549239][ T5978]  ? __fget_files+0x2a/0x420
[   94.549272][ T5978]  ksys_read+0x145/0x250
[   94.549292][ T5978]  ? rcu_is_watching+0x15/0xb0
[   94.549323][ T5978]  ? __pfx_ksys_read+0x10/0x10
[   94.549349][ T5978]  ? do_syscall_64+0xba/0x210
[   94.549377][ T5978]  do_syscall_64+0xf6/0x210
[   94.549402][ T5978]  ? clear_bhb_loop+0x45/0xa0
[   94.549427][ T5978]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.549445][ T5978] RIP: 0033:0x7fb8af18d37c
[   94.549469][ T5978] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   94.549486][ T5978] RSP: 002b:00007fb8aff90030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   94.549506][ T5978] RAX: ffffffffffffffda RBX: 00007fb8af3b6080 RCX: 00007fb8af18d37c
[   94.549521][ T5978] RDX: 000000000000000f RSI: 00007fb8aff900a0 RDI: 0000000000000004
[   94.549533][ T5978] RBP: 00007fb8aff90090 R08: 0000000000000000 R09: 0000000000000000
[   94.549545][ T5978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.549556][ T5978] R13: 0000000000000000 R14: 00007fb8af3b6080 R15: 00007fff680542a8
[   94.549587][ T5978]  </TASK>
[   95.068016][ T5994] netlink: 576 bytes leftover after parsing attributes in process `syz.4.5'.
[   95.079639][ T5993] netlink: 576 bytes leftover after parsing attributes in process `syz.4.5'.
[   95.309800][ T6001] netlink: 'syz.1.23': attribute type 10 has an invalid length.
[   95.380635][ T6001] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   95.381577][ T6000] syz.2.25 uses obsolete (PF_INET,SOCK_PACKET)
[   95.780588][ T6021] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   95.788894][ T5892] IPVS: starting estimator thread 0...
[   95.887393][ T6024] IPVS: using max 25 ests per chain, 60000 per kthread
[   96.245461][ T6040] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   96.384935][ T6046] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   97.004280][ T6051] team0 (unregistering): Port device team_slave_0 removed
[   97.036090][ T6051] team0 (unregistering): Port device team_slave_1 removed
[   97.521255][ T6096] NCSI netlink: No device for ifindex 0
[   98.057939][    C1] vcan0: j1939_tp_rxtimer: 0xffff88806c201800: rx timeout, send abort
[   98.150880][ T6116] Zero length message leads to an empty skb
[   98.558561][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805d877c00: rx timeout, send abort
[   98.567021][    C1] vcan0: j1939_tp_rxtimer: 0xffff88806c201800: abort rx timeout. Force session deactivation
[   98.654481][ T6133] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   99.067177][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805d877c00: abort rx timeout. Force session deactivation
[   99.289646][ T6150] netlink: 'syz.3.70': attribute type 1 has an invalid length.
[   99.310009][ T6150] netlink: 'syz.3.70': attribute type 2 has an invalid length.
[   99.357494][ T6150] netlink: 'syz.3.70': attribute type 1 has an invalid length.
[   99.596014][ T6169] __nla_validate_parse: 3 callbacks suppressed
[   99.596035][ T6169] netlink: 116 bytes leftover after parsing attributes in process `syz.0.73'.
[   99.630793][ T6172] netlink: 15930 bytes leftover after parsing attributes in process `syz.3.74'.
[   99.677294][ T6174] openvswitch: netlink: Either Ethernet header or EtherType is required.
[   99.749824][ T6178] xt_CT: You must specify a L4 protocol and not use inversions on it
[   99.909317][ T6187] netlink: 12 bytes leftover after parsing attributes in process `syz.3.78'.
[   99.990320][ T6187] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   99.999490][ T6187] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  100.008467][ T6187] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  100.018490][ T6187] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  100.050314][ T6194] netlink: 72 bytes leftover after parsing attributes in process `syz.2.80'.
[  100.070700][ T6200] netlink: 4 bytes leftover after parsing attributes in process `syz.4.81'.
[  100.081447][ T6187] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  100.092228][ T6187] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  100.104229][ T6187] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  100.114413][ T6187] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  100.227927][ T6201] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  100.237614][ T2148] IPVS: starting estimator thread 0...
[  100.354614][ T6203] IPVS: using max 25 ests per chain, 60000 per kthread
[  100.460350][ T6212] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  100.507283][ T6215] netlink: 36 bytes leftover after parsing attributes in process `syz.2.84'.
[  100.523660][ T6212] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  100.647462][ T6215] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.655914][ T6215] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.675440][ T6215] bond0: left promiscuous mode
[  100.684234][ T6215] bond_slave_0: left promiscuous mode
[  100.690101][ T6215] bond_slave_1: left promiscuous mode
[  100.695636][ T6215] bond0: left allmulticast mode
[  100.704440][ T6215] bond_slave_0: left allmulticast mode
[  100.710076][ T6215] bond_slave_1: left allmulticast mode
[  100.794680][ T6215] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  100.814965][ T6215] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  100.893977][ T6215] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  100.906241][ T6215] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  100.915217][ T6215] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  100.924216][ T6215] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  101.397267][ T6246] netlink: 16 bytes leftover after parsing attributes in process `syz.1.95'.
[  101.458470][ T2148] IPVS: starting estimator thread 0...
[  101.471091][ T6250] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  101.557026][ T6251] IPVS: using max 30 ests per chain, 72000 per kthread
[  101.591987][   T30] audit: type=1107 audit(1746919672.788:2): pid=6255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='ً�5����%��U�A����٠�0���l�t�ݕ/�� �6򊨊�'
[  102.096198][ T6260] IPv6: Can't replace route, no match found
[  102.449046][ T6310] netlink: 152064 bytes leftover after parsing attributes in process `syz.4.106'.
[  102.472192][ T6302] veth3: entered allmulticast mode
[  102.502195][ T6312] netlink: 'syz.0.108': attribute type 23 has an invalid length.
[  102.510418][ T6310] netlink: zone id is out of range
[  102.550842][ T6310] netlink: zone id is out of range
[  102.556029][ T6310] netlink: zone id is out of range
[  102.584274][ T6312] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  102.622271][ T6310] netlink: zone id is out of range
[  102.634611][ T6320] netlink: 12 bytes leftover after parsing attributes in process `syz.1.111'.
[  102.652382][ T6310] netlink: zone id is out of range
[  102.681158][ T6310] netlink: zone id is out of range
[  102.686358][ T6310] netlink: zone id is out of range
[  102.723837][ T6310] netlink: zone id is out of range
[  102.736117][ T6310] netlink: zone id is out of range
[  102.778132][ T6330] netlink: 48 bytes leftover after parsing attributes in process `syz.3.114'.
[  103.068833][ T6340] tipc: Started in network mode
[  103.073772][ T6340] tipc: Node identity 6, cluster identity 4711
[  103.182233][ T6340] tipc: Node number set to 6
[  104.113262][ T6393] gretap0: entered promiscuous mode
[  104.190709][ T6381] batman_adv: batadv0: Adding interface: gretap1
[  104.227062][ T6381] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  104.302521][ T6394] 0��{X��: renamed from gretap0
[  104.311794][ T6394] 0��{X��: left promiscuous mode
[  104.334660][ T6394] 0��{X��: entered allmulticast mode
[  105.273070][ T3944] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.300710][ T3944] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.311956][ T6452] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  105.326454][ T6451] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  105.396240][ T6452] __nla_validate_parse: 9 callbacks suppressed
[  105.396260][ T6452] netlink: 4 bytes leftover after parsing attributes in process `syz.2.144'.
[  105.542293][ T6460] netlink: 8 bytes leftover after parsing attributes in process `syz.3.146'.
[  105.552758][ T6459] netlink: 8 bytes leftover after parsing attributes in process `syz.3.146'.
[  106.063566][ T6499] xt_l2tp: invalid flags combination: c
[  106.127063][ T6500] netlink: 4 bytes leftover after parsing attributes in process `syz.1.151'.
[  106.277709][ T6507] netlink: 'syz.4.154': attribute type 11 has an invalid length.
[  106.300319][ T6509] netlink: 4 bytes leftover after parsing attributes in process `syz.0.155'.
[  106.734263][ T6532] x_tables: duplicate underflow at hook 1
[  106.840600][ T6536] netlink: 8 bytes leftover after parsing attributes in process `syz.0.164'.
[  106.869391][ T6539] sctp: [Deprecated]: syz.2.165 (pid 6539) Use of struct sctp_assoc_value in delayed_ack socket option.
[  106.869391][ T6539] Use struct sctp_sack_info instead
[  106.879328][ T6538] netlink: 'syz.3.163': attribute type 2 has an invalid length.
[  107.192744][ T6554] netlink: 'syz.2.169': attribute type 1 has an invalid length.
[  107.272773][ T6563] netlink: 20 bytes leftover after parsing attributes in process `syz.1.171'.
[  107.396595][ T6567] netlink: 20 bytes leftover after parsing attributes in process `syz.0.174'.
[  107.415578][ T6569] netlink: 12 bytes leftover after parsing attributes in process `syz.4.172'.
[  107.442893][ T6569] netlink: 104 bytes leftover after parsing attributes in process `syz.4.172'.
[  107.866419][ T6591] Cannot find add_set index 0 as target
[  108.010065][ T6596] netlink: 'syz.4.185': attribute type 1 has an invalid length.
[  108.042858][ T6601] netlink: 'syz.0.183': attribute type 3 has an invalid length.
[  108.608001][ T6624] netlink: 'syz.0.191': attribute type 1 has an invalid length.
[  108.645917][ T6624] netlink: 'syz.0.191': attribute type 2 has an invalid length.
[  109.024204][ T6651] Cannot find set identified by id 0 to match
[  109.414050][ T5885] udevd[5885]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  109.448254][ T6659] veth1_to_team: entered promiscuous mode
[  109.465419][ T5885] udevd[5885]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  109.466367][ T6670] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  109.583105][ T6665] veth1_to_team (unregistering): left promiscuous mode
[  109.729143][ T6665] team0: Port device team_slave_1 removed
[  109.910312][ T6684] netlink: 'syz.0.207': attribute type 10 has an invalid length.
[  110.116225][ T6688] net_ratelimit: 222 callbacks suppressed
[  110.116246][ T6688] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  110.137222][ T5895] IPVS: starting estimator thread 0...
[  110.238660][ T6697] IPVS: using max 30 ests per chain, 72000 per kthread
[  110.326237][ T6703] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.334059][ T6703] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.542627][ T6719] __nla_validate_parse: 48 callbacks suppressed
[  110.542647][ T6719] netlink: 8 bytes leftover after parsing attributes in process `syz.4.220'.
[  110.881569][ T6749] netlink: 'syz.1.226': attribute type 24 has an invalid length.
[  110.889347][ T6737] netlink: 'syz.2.224': attribute type 2 has an invalid length.
[  111.240405][ T6763] netlink: 36 bytes leftover after parsing attributes in process `syz.3.229'.
[  111.505216][ T6780] netlink: 8 bytes leftover after parsing attributes in process `syz.2.235'.
[  111.531568][ T6780] netlink: 4 bytes leftover after parsing attributes in process `syz.2.235'.
[  112.065099][ T6804] x_tables: duplicate underflow at hook 2
[  112.224040][ T6808] netlink: 8 bytes leftover after parsing attributes in process `syz.4.243'.
[  112.237540][ T6808] netlink: 12 bytes leftover after parsing attributes in process `syz.4.243'.
[  112.343762][ T6808] bond1: entered promiscuous mode
[  112.348977][ T6808] bond1: entered allmulticast mode
[  112.356210][ T6808] 8021q: adding VLAN 0 to HW filter on device bond1
[  112.375691][ T6816] netlink: 44 bytes leftover after parsing attributes in process `syz.0.244'.
[  112.400713][ T6816] netlink: 21 bytes leftover after parsing attributes in process `syz.0.244'.
[  112.422682][ T6816] netlink: 21 bytes leftover after parsing attributes in process `syz.0.244'.
[  112.427335][ T6820] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  112.454236][ T6820] netlink: 'syz.1.247': attribute type 12 has an invalid length.
[  112.477578][ T6820] netlink: 132 bytes leftover after parsing attributes in process `syz.1.247'.
[  112.573595][ T6820] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  112.586239][ T6817] syzkaller1: entered promiscuous mode
[  112.592174][ T6817] syzkaller1: entered allmulticast mode
[  112.640621][ T6820] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98
[  112.994584][ T6841] xfrm1: entered promiscuous mode
[  113.001500][ T6841] xfrm1: entered allmulticast mode
[  113.206144][ T6850] netlink: 'syz.2.256': attribute type 10 has an invalid length.
[  113.224828][ T6850] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  113.263973][ T6853] netlink: 'syz.0.258': attribute type 39 has an invalid length.
[  113.472473][ T6858] sch_tbf: burst 0 is lower than device team_slave_0 mtu (1514) !
[  113.681557][ T6872] Bluetooth: MGMT ver 1.23
[  113.690932][ T6872] sctp: [Deprecated]: syz.0.265 (pid 6872) Use of struct sctp_assoc_value in delayed_ack socket option.
[  113.690932][ T6872] Use struct sctp_sack_info instead
[  113.726536][ T6872] sctp: [Deprecated]: syz.0.265 (pid 6872) Use of struct sctp_assoc_value in delayed_ack socket option.
[  113.726536][ T6872] Use struct sctp_sack_info instead
[  114.102035][ T6898] netlink: 'syz.0.273': attribute type 1 has an invalid length.
[  114.241840][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.254177][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.266779][ T6904] vxcan1: Master is either lo or non-ether device
[  114.377321][    C1] vxcan0: j1939_tp_rxtimer: 0xffff8880121e4000: rx timeout, send abort
[  114.386483][ T6907] batman_adv: batadv0: Adding interface: dummy0
[  114.388339][    C1] vxcan0: j1939_xtp_rx_abort_one: 0xffff8880121e4000: 0x3ff01: (3) A timeout occurred and this is the connection abort to close the session.
[  114.397626][ T6907] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  114.498356][ T6907] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  114.531299][ T6914] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  114.630948][ T6919] pim6reg: entered allmulticast mode
[  114.662066][ T6919] pim6reg: left allmulticast mode
[  115.098236][ T6939] team0: entered promiscuous mode
[  115.103437][ T6939] team_slave_0: entered promiscuous mode
[  115.132510][ T6939] team_slave_1: entered promiscuous mode
[  115.137505][ T5841] Bluetooth: hci2: command tx timeout
[  115.440859][ T6939] team0: left promiscuous mode
[  115.453871][ T6939] team_slave_0: left promiscuous mode
[  115.465179][ T6939] team_slave_1: left promiscuous mode
[  115.996324][ T6979] netlink: 'syz.0.297': attribute type 1 has an invalid length.
[  116.039625][ T6979] 8021q: adding VLAN 0 to HW filter on device bond2
[  116.119775][ T6979] bond2: (slave veth3): Enslaving as an active interface with a down link
[  116.215820][ T6982] bond2: (slave veth0_to_bond): making interface the new active one
[  116.279088][ T6982] veth0_to_bond: entered promiscuous mode
[  116.285636][ T6982] bond2: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  116.299210][ T6990] trusted_key: syz.4.299 sent an empty control message without MSG_MORE.
[  116.330983][ T6987] (unnamed net_device) (uninitialized): ARP target 1.0.0.0 is already present
[  116.340259][ T6987] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (1)
[  116.705913][ T7001] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.785319][ T7003] tap0: tun_chr_ioctl cmd 1074025672
[  116.793456][ T7003] tap0: ignored: set checksum disabled
[  116.812215][ T7010] netlink: 'syz.3.306': attribute type 1 has an invalid length.
[  116.847696][ T7010] __nla_validate_parse: 11 callbacks suppressed
[  116.847714][ T7010] netlink: 232 bytes leftover after parsing attributes in process `syz.3.306'.
[  116.881750][ T7001] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.998954][ T7001] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.025371][ T7017] netlink: 16 bytes leftover after parsing attributes in process `syz.4.307'.
[  117.063206][ T7012] warning: `syz.4.307' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  117.216492][ T7001] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.351172][ T7027] netlink: 36 bytes leftover after parsing attributes in process `syz.2.311'.
[  117.419643][ T7029] netlink: 20 bytes leftover after parsing attributes in process `syz.3.312'.
[  117.564876][ T7001] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  117.616657][ T7036] netlink: 'syz.2.314': attribute type 2 has an invalid length.
[  117.625811][ T7038] netlink: 240 bytes leftover after parsing attributes in process `syz.3.315'.
[  117.629519][ T7001] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  117.646683][ T7036] netlink: 4 bytes leftover after parsing attributes in process `syz.2.314'.
[  117.692795][ T7038] netlink: 14 bytes leftover after parsing attributes in process `syz.3.315'.
[  117.712580][ T7001] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  118.040551][ T7038] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  118.087860][ T7038] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  118.138243][ T7038] bond0 (unregistering): Released all slaves
[  118.226727][ T7001] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  118.379701][ T7063] x_tables: duplicate entry at hook 3
[  118.463607][ T7066] netlink: 12 bytes leftover after parsing attributes in process `syz.0.325'.
[  127.377156][   T62] veth0_to_bond: left promiscuous mode
[  132.831679][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  132.838667][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  140.657785][ T7105] netlink: 4 bytes leftover after parsing attributes in process `syz.1.334'.
[  140.670504][ T7105] netlink: 12 bytes leftover after parsing attributes in process `syz.1.334'.
[  141.503029][ T7138] netlink: 56 bytes leftover after parsing attributes in process `syz.3.344'.
[  141.594869][ T7138] netlink: 52 bytes leftover after parsing attributes in process `syz.3.344'.
[  141.803105][ T7149] netlink: 96 bytes leftover after parsing attributes in process `syz.1.349'.
[  141.840685][ T7149] netlink: 96 bytes leftover after parsing attributes in process `syz.1.349'.
[  141.926550][ T7160] netlink: 4 bytes leftover after parsing attributes in process `syz.2.351'.
[  141.948207][ T7160] netlink: 4 bytes leftover after parsing attributes in process `syz.2.351'.
[  141.961540][ T7161] netlink: 36 bytes leftover after parsing attributes in process `syz.4.352'.
[  141.973476][ T7161] netlink: 36 bytes leftover after parsing attributes in process `syz.4.352'.
[  142.502243][ T7193] nbd: couldn't find device at index 16056320
[  142.870204][ T7211] netlink: 'syz.2.366': attribute type 4 has an invalid length.
[  142.947544][ T7211] Cannot find add_set index 0 as target
[  143.574037][ T7247] netlink: 'syz.3.379': attribute type 4 has an invalid length.
[  143.600851][ T7247] netlink: 'syz.3.379': attribute type 4 has an invalid length.
[  143.758085][ T7253] netlink: 'syz.3.381': attribute type 29 has an invalid length.
[  143.766408][ T7253] netlink: 'syz.3.381': attribute type 29 has an invalid length.
[  143.959899][ T7261] Bluetooth: MGMT ver 1.23
[  144.078665][ T7267] netlink: 'syz.1.386': attribute type 15 has an invalid length.
[  144.433831][ T7286] sctp: [Deprecated]: syz.1.389 (pid 7286) Use of struct sctp_assoc_value in delayed_ack socket option.
[  144.433831][ T7286] Use struct sctp_sack_info instead
[  144.732918][ T7296] netlink: 'syz.3.395': attribute type 21 has an invalid length.
[  145.009768][ T7311] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  145.314377][ T7327] netlink: 'syz.0.404': attribute type 9 has an invalid length.
[  145.576236][ T7334] openvswitch: netlink: IP tunnel TTL not specified.
[  146.076000][ T7354] __nla_validate_parse: 41 callbacks suppressed
[  146.076021][ T7354] netlink: 12 bytes leftover after parsing attributes in process `syz.1.412'.
[  146.230974][ T7360] netlink: 164 bytes leftover after parsing attributes in process `syz.3.413'.
[  146.507877][ T7375] netlink: 8 bytes leftover after parsing attributes in process `syz.3.419'.
[  146.633942][ T7378] xt_cgroup: invalid path, errno=-2
[  147.014014][ T7400] vlan0: entered promiscuous mode
[  147.741440][ T7421] netlink: 32 bytes leftover after parsing attributes in process `syz.3.432'.
[  147.768843][ T7421] netlink: 16 bytes leftover after parsing attributes in process `syz.3.432'.
[  148.187727][ T7433] netlink: 'syz.3.436': attribute type 24 has an invalid length.
[  148.875689][ T7470] netlink: 'syz.3.449': attribute type 29 has an invalid length.
[  148.883650][ T7470] netlink: 8 bytes leftover after parsing attributes in process `syz.3.449'.
[  149.110133][   T30] audit: type=1800 audit(1746919720.308:3): pid=7480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.450" name=4996AE17DFFC2E43C8174B54B620636894AAACF28FF62616363C70A440AEC4014CAF28C0ADC04308 dev="tmpfs" ino=483 res=0 errno=0
[  149.869422][ T7514] netlink: 24 bytes leftover after parsing attributes in process `syz.4.463'.
[  150.190264][ T7523] syzkaller0: entered promiscuous mode
[  150.195919][ T7523] syzkaller0: entered allmulticast mode
[  150.315690][ T7527] netlink: 'syz.0.467': attribute type 12 has an invalid length.
[  150.401927][ T7529] delete_channel: no stack
[  150.777636][ T7548] netlink: 8 bytes leftover after parsing attributes in process `syz.3.474'.
[  150.929028][ T7555] netlink: 12 bytes leftover after parsing attributes in process `syz.2.476'.
[  151.265248][ T7578] netlink: 'syz.2.482': attribute type 11 has an invalid length.
[  151.316339][ T7578] netlink: 228 bytes leftover after parsing attributes in process `syz.2.482'.
[  151.352233][ T7581] netlink: 8 bytes leftover after parsing attributes in process `syz.0.483'.
[  151.358235][ T7579] netlink: 'syz.2.482': attribute type 11 has an invalid length.
[  151.404310][ T7579] netlink: 228 bytes leftover after parsing attributes in process `syz.2.482'.
[  151.919929][ T7612] netlink: 16 bytes leftover after parsing attributes in process `syz.0.489'.
[  151.982128][ T7612] netlink: 4 bytes leftover after parsing attributes in process `syz.0.489'.
[  151.987173][ T7615] netlink: 4 bytes leftover after parsing attributes in process `syz.3.492'.
[  152.128134][ T7619] xt_l2tp: missing protocol rule (udp|l2tpip)
[  152.283090][ T7619] xt_CT: No such helper "syz1"
[  152.497472][ T7630] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.505422][ T7630] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.793219][ T7630] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  152.813444][ T7630] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  152.934641][ T7630] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  152.948360][ T7630] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  152.959704][ T7630] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  152.968951][ T7630] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  153.012745][ T7640] netdevsim netdevsim1: Firmware load for './file0/../file0' refused, path contains '..' component
[  153.045724][ T7655] sctp: [Deprecated]: syz.4.501 (pid 7655) Use of int in max_burst socket option.
[  153.045724][ T7655] Use struct sctp_assoc_value instead
[  153.100489][ T7655] bridge_slave_0: left allmulticast mode
[  153.106296][ T7655] bridge_slave_0: left promiscuous mode
[  153.155358][ T7655] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.199115][ T7655] bridge_slave_1: left allmulticast mode
[  153.215095][ T7655] bridge_slave_1: left promiscuous mode
[  153.234768][ T7655] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.261208][ T7655] bond0: (slave bond_slave_0): Releasing backup interface
[  153.285050][ T7655] bond0: (slave bond_slave_1): Releasing backup interface
[  153.319939][ T7655] team0: Port device team_slave_0 removed
[  153.333830][ T7655] team0: Port device team_slave_1 removed
[  153.350819][ T7669] netlink: 4 bytes leftover after parsing attributes in process `syz.3.503'.
[  153.362068][ T7655] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  153.378881][ T7655] batman_adv: batadv0: Removing interface: batadv_slave_0
[  153.389965][ T7655] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  153.399487][ T7655] batman_adv: batadv0: Removing interface: batadv_slave_1
[  153.541843][ T7671] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  153.836349][ T7678] netlink: 'syz.2.507': attribute type 1 has an invalid length.
[  153.862075][ T7677] netlink: 52 bytes leftover after parsing attributes in process `syz.4.508'.
[  154.609026][ T5845] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  154.620716][ T5845] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  154.629330][ T5845] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  154.638620][ T5845] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  154.647656][ T5845] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  154.690690][ T7702] SET target dimension over the limit!
[  154.812540][ T7705] IPVS: set_ctl: invalid protocol: 135 224.0.0.2:20001
[  155.647565][ T7707] netlink: 24 bytes leftover after parsing attributes in process `syz.3.515'.
[  155.678723][ T7707] netlink: 224 bytes leftover after parsing attributes in process `syz.3.515'.
[  156.086240][   T13] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.175665][ T7724] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (18446744073709551615)
[  156.189485][ T7724] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  156.255786][   T13] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.512591][   T13] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.571063][ T7751] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  156.614941][ T7698] chnl_net:caif_netlink_parms(): no params data found
[  156.751586][ T5845] Bluetooth: hci0: command tx timeout
[  156.927289][   T13] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.352499][ T7698] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.369813][ T7698] bridge0: port 1(bridge_slave_0) entered disabled state
[  157.380643][ T7698] bridge_slave_0: entered allmulticast mode
[  157.403015][ T7698] bridge_slave_0: entered promiscuous mode
[  157.427658][ T7767] __nla_validate_parse: 2 callbacks suppressed
[  157.427676][ T7767] netlink: 192 bytes leftover after parsing attributes in process `syz.0.533'.
[  157.458986][ T7767] netlink: 192 bytes leftover after parsing attributes in process `syz.0.533'.
[  157.487053][ T7698] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.506000][ T7698] bridge0: port 2(bridge_slave_1) entered disabled state
[  157.515037][ T7698] bridge_slave_1: entered allmulticast mode
[  157.523514][ T7698] bridge_slave_1: entered promiscuous mode
[  157.837328][ T7698] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  157.866584][ T7698] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  158.012223][ T7698] team0: Port device team_slave_0 added
[  158.027499][   T13] bridge_slave_1: left allmulticast mode
[  158.037074][   T13] bridge_slave_1: left promiscuous mode
[  158.048916][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.077189][   T13] bridge_slave_0: left allmulticast mode
[  158.086360][   T13] bridge_slave_0: left promiscuous mode
[  158.098929][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.622330][   T13] batman_adv: batadv0: Removing interface: gretap1
[  158.817010][ T5845] Bluetooth: hci0: command tx timeout
[  158.897906][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  158.935840][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  158.958601][   T13] bond0 (unregistering): Released all slaves
[  158.990094][   T13] bond1 (unregistering): Released all slaves
[  159.010204][   T13] bond2 (unregistering): Released all slaves
[  159.031233][ T7698] team0: Port device team_slave_1 added
[  159.269405][ T7698] batman_adv: batadv0: Adding interface: batadv_slave_0
[  159.281612][ T7698] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  159.319833][ T7698] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  159.340291][ T7698] batman_adv: batadv0: Adding interface: batadv_slave_1
[  159.349920][ T7698] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  159.391336][ T7698] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  159.404103][   T30] audit: type=1800 audit(1746919730.608:4): pid=7818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.544" name="memory.events" dev="tmpfs" ino=548 res=0 errno=0
[  159.438737][ T7811] lo: entered allmulticast mode
[  159.443866][ T7811] lo: left allmulticast mode
[  159.560855][ T7821] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  159.592647][   T30] audit: type=1804 audit(1746919730.778:5): pid=7818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.544" name="/newroot/104/memory.events" dev="tmpfs" ino=548 res=1 errno=0
[  159.731780][ T7698] hsr_slave_0: entered promiscuous mode
[  159.768243][ T7698] hsr_slave_1: entered promiscuous mode
[  159.774674][ T7698] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  159.800723][ T7829] xt_l2tp: wrong L2TP version: 0
[  159.806361][ T7829] netlink: 16 bytes leftover after parsing attributes in process `syz.0.549'.
[  159.816977][ T7698] Cannot create hsr debugfs directory
[  160.019276][ T7831] netlink: 8 bytes leftover after parsing attributes in process `syz.3.550'.
[  160.046585][ T7831] netlink: 4 bytes leftover after parsing attributes in process `syz.3.550'.
[  160.072332][ T7837] ieee802154 phy0 wpan0: encryption failed: -22
[  160.151012][   T13] hsr_slave_0: left promiscuous mode
[  160.159423][   T13] hsr_slave_1: left promiscuous mode
[  160.165799][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  160.174390][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  160.185618][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  160.200536][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  160.266707][   T13] veth1_macvtap: left promiscuous mode
[  160.280994][   T13] veth0_macvtap: left promiscuous mode
[  160.298994][   T13] veth1_vlan: left promiscuous mode
[  160.313499][   T13] veth0_vlan: left promiscuous mode
[  160.897059][ T5845] Bluetooth: hci0: command tx timeout
[  160.934702][   T13] team0 (unregistering): Port device team_slave_1 removed
[  160.972795][   T13] team0 (unregistering): Port device team_slave_0 removed
[  161.447287][ T7864] netlink: 4388 bytes leftover after parsing attributes in process `syz.2.556'.
[  161.908292][ T7881] xt_CT: No such helper "snmp"
[  162.202673][ T7909] x_tables: duplicate underflow at hook 1
[  162.303805][ T7917] netlink: 4 bytes leftover after parsing attributes in process `syz.3.567'.
[  162.393798][ T7917] netlink: 12 bytes leftover after parsing attributes in process `syz.3.567'.
[  162.534200][ T7923] netlink: 'syz.2.568': attribute type 5 has an invalid length.
[  162.552730][ T7923] netlink: 4 bytes leftover after parsing attributes in process `syz.2.568'.
[  162.768327][ T7936] veth0: entered promiscuous mode
[  162.790210][ T7936] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  162.821914][ T7935] veth0: left promiscuous mode
[  162.977192][ T5845] Bluetooth: hci0: command tx timeout
[  163.127110][ T7959] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  163.198482][ T7698] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  163.221832][ T7698] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  163.268877][ T7698] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  163.303045][ T7698] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  163.306274][ T7965] netlink: 32 bytes leftover after parsing attributes in process `syz.4.580'.
[  163.562404][ T7698] 8021q: adding VLAN 0 to HW filter on device bond0
[  163.616337][ T7698] 8021q: adding VLAN 0 to HW filter on device team0
[  163.672017][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.680006][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.740372][ T6489] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.747827][ T6489] bridge0: port 2(bridge_slave_1) entered forwarding state
[  164.061478][ T7990] xt_hashlimit: size too large, truncated to 1048576
[  164.525683][ T7698] 8021q: adding VLAN 0 to HW filter on device batadv0
[  164.643444][ T7698] veth0_vlan: entered promiscuous mode
[  164.675178][ T7698] veth1_vlan: entered promiscuous mode
[  164.727220][ T7698] veth0_macvtap: entered promiscuous mode
[  164.820238][ T7698] veth1_macvtap: entered promiscuous mode
[  164.956198][ T8021] netlink: 4 bytes leftover after parsing attributes in process `syz.4.591'.
[  164.992766][ T8026] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  165.045712][ T7698] batman_adv: batadv0: Interface activated: batadv_slave_0
[  165.136195][ T7698] batman_adv: batadv0: Interface activated: batadv_slave_1
[  165.255303][ T7698] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  165.276914][ T7698] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  165.286583][ T7698] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  165.300457][ T7698] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  165.335009][ T8030] netlink: 128 bytes leftover after parsing attributes in process `syz.2.593'.
[  165.378167][ T8044] netlink: 'syz.3.595': attribute type 11 has an invalid length.
[  165.439981][ T8032] netlink: 20 bytes leftover after parsing attributes in process `syz.2.593'.
[  165.453199][ T8032] netlink: 24 bytes leftover after parsing attributes in process `syz.2.593'.
[  165.535716][ T6485] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  165.566224][ T6485] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  165.634533][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  165.654257][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  166.237771][ T8069] netlink: 'syz.0.598': attribute type 1 has an invalid length.
[  166.296329][ T8061] can: request_module (can-proto-0) failed.
[  166.482554][    C1] vxcan0: j1939_tp_rxtimer: 0xffff888033bb3000: rx timeout, send abort
[  166.496257][    C1] vxcan0: j1939_xtp_rx_abort_one: 0xffff888033bb3000: 0x3ff01: (3) A timeout occurred and this is the connection abort to close the session.
[  166.629175][ T6485] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.828850][ T6485] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.040634][ T8098] netlink: 4 bytes leftover after parsing attributes in process `syz.0.603'.
[  167.081971][ T8095] tipc: Started in network mode
[  167.111913][ T8095] tipc: Node identity 6e278c67532d, cluster identity 4711
[  167.135582][ T8095] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  167.191636][ T8105] netlink: 16 bytes leftover after parsing attributes in process `syz.3.607'.
[  167.209538][ T6485] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.262133][ T8112] netlink: 16 bytes leftover after parsing attributes in process `syz.3.607'.
[  167.307363][ T8116] ieee802154 phy0 wpan0: encryption failed: -22
[  167.330673][ T8107] syzkaller0: entered promiscuous mode
[  167.346254][ T8107] syzkaller0: entered allmulticast mode
[  167.421644][ T8117] tipc: Resetting bearer <eth:syzkaller0>
[  167.519577][ T6485] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.536626][ T8093] tipc: Resetting bearer <eth:syzkaller0>
[  167.553413][ T8093] tipc: Disabling bearer <eth:syzkaller0>
[  167.577015][ T5841] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  167.588586][ T5841] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  167.596972][ T5841] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  167.621037][ T5841] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  167.635503][ T5841] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  167.874902][ T8139] netlink: 40 bytes leftover after parsing attributes in process `syz.2.614'.
[  168.048872][ T6485] bridge_slave_1: left allmulticast mode
[  168.055051][ T6485] bridge_slave_1: left promiscuous mode
[  168.070809][ T6485] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.102101][ T6485] bridge_slave_0: left allmulticast mode
[  168.120211][ T6485] bridge_slave_0: left promiscuous mode
[  168.126027][ T6485] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.211986][ T8156] netlink: 168 bytes leftover after parsing attributes in process `syz.3.618'.
[  168.293352][ T8159] netlink: 388 bytes leftover after parsing attributes in process `syz.0.619'.
[  168.779239][ T6485] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  168.791798][ T6485] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  168.803629][ T6485] bond0 (unregistering): Released all slaves
[  168.832521][ T8157] bond0: option mode: unable to set because the bond device has slaves
[  169.331671][ T8197] Bluetooth: MGMT ver 1.23
[  169.582726][ T8127] chnl_net:caif_netlink_parms(): no params data found
[  169.693281][ T6485] hsr_slave_0: left promiscuous mode
[  169.704244][ T5845] Bluetooth: hci0: command tx timeout
[  169.714812][ T6485] hsr_slave_1: left promiscuous mode
[  169.727631][ T6485] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  169.735726][ T8212] netlink: 'syz.0.630': attribute type 8 has an invalid length.
[  169.746134][ T8220] netlink: 128 bytes leftover after parsing attributes in process `syz.4.634'.
[  169.746553][ T6485] batman_adv: batadv0: Removing interface: batadv_slave_0
[  169.764721][ T6485] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.776270][ T6485] batman_adv: batadv0: Removing interface: batadv_slave_1
[  169.813139][ T6485] veth1_macvtap: left promiscuous mode
[  169.820250][ T6485] veth0_macvtap: left promiscuous mode
[  169.826071][ T6485] veth1_vlan: left promiscuous mode
[  169.832937][ T6485] veth0_vlan: left promiscuous mode
[  169.930930][ T8227] netlink: 8 bytes leftover after parsing attributes in process `syz.4.636'.
[  170.651514][ T6485] team0 (unregistering): Port device team_slave_1 removed
[  170.684906][ T8250] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  170.694073][ T6485] team0 (unregistering): Port device team_slave_0 removed
[  171.283156][ T8256] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  171.330303][ T8256] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  171.352384][ T8127] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.391374][ T8127] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.405616][ T8127] bridge_slave_0: entered allmulticast mode
[  171.424576][ T8127] bridge_slave_0: entered promiscuous mode
[  171.467669][ T8127] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.477513][ T8127] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.489745][ T8127] bridge_slave_1: entered allmulticast mode
[  171.517918][ T8127] bridge_slave_1: entered promiscuous mode
[  171.612163][ T8274] netlink: zone id is out of range
[  171.649882][ T8127] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  171.699714][ T8127] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  171.782095][ T5845] Bluetooth: hci0: command tx timeout
[  171.824354][ T8283] netlink: 16 bytes leftover after parsing attributes in process `syz.2.652'.
[  171.866265][ T8127] team0: Port device team_slave_0 added
[  171.909329][ T8127] team0: Port device team_slave_1 added
[  172.193415][ T8127] batman_adv: batadv0: Adding interface: batadv_slave_0
[  172.205795][ T8127] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.285163][ T8127] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  172.330625][ T8303] netlink: 8 bytes leftover after parsing attributes in process `syz.0.655'.
[  172.341246][ T8127] batman_adv: batadv0: Adding interface: batadv_slave_1
[  172.366578][ T8127] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.393581][ T8303] netlink: 72 bytes leftover after parsing attributes in process `syz.0.655'.
[  172.440014][ T8127] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  172.467204][ T8303] 8021q: VLANs not supported on tunl0
[  172.600979][ T8315] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  172.623381][ T8314] IPVS: set_ctl: invalid protocol: 50864 172.20.20.170:20002
[  172.630971][ T8315] netlink: 36 bytes leftover after parsing attributes in process `syz.4.660'.
[  172.702148][ T8127] hsr_slave_0: entered promiscuous mode
[  172.717423][ T8321] netlink: 'syz.4.661': attribute type 1 has an invalid length.
[  172.723236][ T8127] hsr_slave_1: entered promiscuous mode
[  173.025955][ T8321] 8021q: adding VLAN 0 to HW filter on device bond2
[  173.284540][ T8352] netlink: 48 bytes leftover after parsing attributes in process `syz.3.668'.
[  173.544879][ T8363] vlan2: entered allmulticast mode
[  173.566889][ T8363] gretap0: entered allmulticast mode
[  173.834512][ T8378] netlink: 8 bytes leftover after parsing attributes in process `syz.3.674'.
[  173.880135][ T8378] netlink: 24 bytes leftover after parsing attributes in process `syz.3.674'.
[  174.079975][ T8391] netlink: 5 bytes leftover after parsing attributes in process `syz.0.679'.
[  174.112747][ T8391] netlink: 4 bytes leftover after parsing attributes in process `syz.0.679'.
[  174.417245][ T8404] bond0: option mode: unable to set because the bond device has slaves
[  174.563072][ T8407] netlink: 'syz.3.684': attribute type 21 has an invalid length.
[  174.609477][ T8127] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  174.654887][ T8127] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  174.733298][ T8127] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  174.765444][ T8127] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  174.922381][ T8127] 8021q: adding VLAN 0 to HW filter on device bond0
[  175.018219][ T8127] 8021q: adding VLAN 0 to HW filter on device team0
[  175.073962][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.081207][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.191441][ T8433] netlink: 8 bytes leftover after parsing attributes in process `syz.3.691'.
[  175.238655][ T8433] netlink: 52 bytes leftover after parsing attributes in process `syz.3.691'.
[  175.253564][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.260821][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  175.510208][ T8447] netlink: 4 bytes leftover after parsing attributes in process `syz.4.695'.
[  175.734409][ T8465] netlink: 8 bytes leftover after parsing attributes in process `syz.4.700'.
[  175.782537][ T8465] netlink: 20 bytes leftover after parsing attributes in process `syz.4.700'.
[  176.139706][ T8486] nbd: must specify at least one socket
[  176.169762][ T8127] 8021q: adding VLAN 0 to HW filter on device batadv0
[  176.499682][ T8506] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  176.656357][ T8127] veth0_vlan: entered promiscuous mode
[  176.733764][ T8127] veth1_vlan: entered promiscuous mode
[  176.967483][ T8127] veth0_macvtap: entered promiscuous mode
[  177.018098][ T8127] veth1_macvtap: entered promiscuous mode
[  177.079313][ T8127] batman_adv: batadv0: Interface activated: batadv_slave_0
[  177.129817][ T8127] batman_adv: batadv0: Interface activated: batadv_slave_1
[  177.166643][ T8127] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  177.189122][ T8127] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  177.203250][ T8127] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  177.228056][ T8127] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  177.538890][   T12] tipc: Subscription rejected, illegal request
[  178.023508][ T4878] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.037871][ T8574] netlink: 'syz.0.728': attribute type 9 has an invalid length.
[  178.062952][ T4878] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.170710][ T8574] netlink: 'syz.0.728': attribute type 11 has an invalid length.
[  178.238236][ T8585] openvswitch: netlink: Actions may not be safe on all matching packets
[  178.312626][ T4878] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.322395][ T8585] __nla_validate_parse: 6 callbacks suppressed
[  178.322414][ T8585] netlink: 4 bytes leftover after parsing attributes in process `syz.3.731'.
[  178.338856][ T4878] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.389850][ T8592] netlink: 36 bytes leftover after parsing attributes in process `syz.3.731'.
[  178.761427][ T8603] netlink: 'syz.2.735': attribute type 10 has an invalid length.
[  178.782600][ T8610] netlink: 4552 bytes leftover after parsing attributes in process `syz.0.738'.
[  178.835118][ T8603] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  178.841909][ T8610] netlink: 4552 bytes leftover after parsing attributes in process `syz.0.738'.
[  178.959899][ T6485] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.054164][ T8622] nbd: must specify an index to disconnect
[  179.153350][ T8623] ip6gre1: entered promiscuous mode
[  179.225588][ T6485] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.362237][ T6485] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.541952][ T6485] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.572822][   T30] audit: type=1107 audit(1746919750.778:6): pid=8639 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  179.594227][ T8641] netlink: 8 bytes leftover after parsing attributes in process `syz.2.746'.
[  179.745733][ T8645] xt_hashlimit: size too large, truncated to 1048576
[  179.802050][ T5841] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  179.835387][ T5841] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  179.843643][ T5841] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  179.856538][ T5841] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  179.865645][ T5841] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  179.927499][ T8654] netlink: 8 bytes leftover after parsing attributes in process `syz.3.750'.
[  180.015818][ T6485] bridge_slave_1: left allmulticast mode
[  180.023614][ T6485] bridge_slave_1: left promiscuous mode
[  180.030401][ T6485] bridge0: port 2(bridge_slave_1) entered disabled state
[  180.043834][ T6485] bridge_slave_0: left allmulticast mode
[  180.051958][ T6485] bridge_slave_0: left promiscuous mode
[  180.063523][ T6485] bridge0: port 1(bridge_slave_0) entered disabled state
[  180.466330][ T6485] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  180.482575][ T6485] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  180.493442][ T6485] bond0 (unregistering): Released all slaves
[  180.524185][ T8663] pimreg: entered allmulticast mode
[  180.746350][ T8670] bond0: option ad_select: unable to set because the bond device is up
[  180.843448][ T8678] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  180.931823][ T8679] netlink: 'syz.3.759': attribute type 29 has an invalid length.
[  180.977366][ T5845] Bluetooth: hci4: command tx timeout
[  181.019959][ T8679] netlink: 'syz.3.759': attribute type 29 has an invalid length.
[  181.120798][ T8698] netlink: 40 bytes leftover after parsing attributes in process `syz.0.764'.
[  181.155263][ T6485] hsr_slave_0: left promiscuous mode
[  181.165586][ T6485] hsr_slave_1: left promiscuous mode
[  181.179871][ T6485] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  181.192008][ T6485] batman_adv: batadv0: Removing interface: batadv_slave_0
[  181.202031][ T6485] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  181.214776][ T6485] batman_adv: batadv0: Removing interface: batadv_slave_1
[  181.242291][ T6485] veth1_macvtap: left promiscuous mode
[  181.248883][ T6485] veth0_macvtap: left promiscuous mode
[  181.254686][ T6485] veth1_vlan: left promiscuous mode
[  181.260674][ T6485] veth0_vlan: left promiscuous mode
[  181.688215][ T6485] team0 (unregistering): Port device team_slave_1 removed
[  181.728994][ T6485] team0 (unregistering): Port device team_slave_0 removed
[  181.939282][ T5845] Bluetooth: hci0: command tx timeout
[  182.084553][ T8687] netlink: 'syz.3.759': attribute type 29 has an invalid length.
[  182.102591][ T8695] netlink: 'syz.3.759': attribute type 29 has an invalid length.
[  182.199303][ T8647] chnl_net:caif_netlink_parms(): no params data found
[  182.292769][ T8713] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input5
[  182.398318][ T8722] netlink: 'syz.3.771': attribute type 1 has an invalid length.
[  182.406039][ T8722] netlink: 224 bytes leftover after parsing attributes in process `syz.3.771'.
[  182.474975][ T8713] netlink: 40 bytes leftover after parsing attributes in process `syz.4.769'.
[  182.676171][ T8737] netlink: 16 bytes leftover after parsing attributes in process `syz.3.776'.
[  182.745620][ T8647] bridge0: port 1(bridge_slave_0) entered blocking state
[  182.766987][ T8647] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.774232][ T8647] bridge_slave_0: entered allmulticast mode
[  182.782583][ T8647] bridge_slave_0: entered promiscuous mode
[  182.839673][ T8647] bridge0: port 2(bridge_slave_1) entered blocking state
[  182.857310][ T8647] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.864689][ T8647] bridge_slave_1: entered allmulticast mode
[  182.885905][ T8647] bridge_slave_1: entered promiscuous mode
[  182.945099][ T8740] lo: entered allmulticast mode
[  183.009120][ T8740] lo: left allmulticast mode
[  183.021382][ T8647] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  183.053539][ T8647] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  183.241077][ T8647] team0: Port device team_slave_0 added
[  183.329314][ T8647] team0: Port device team_slave_1 added
[  183.512620][ T8647] batman_adv: batadv0: Adding interface: batadv_slave_0
[  183.533145][ T8647] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  183.598156][ T8647] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  183.622859][ T8647] batman_adv: batadv0: Adding interface: batadv_slave_1
[  183.630519][ T8647] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  183.662632][ T8647] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  183.718149][ T8784] __nla_validate_parse: 1 callbacks suppressed
[  183.718168][ T8784] netlink: 4 bytes leftover after parsing attributes in process `syz.4.787'.
[  183.761347][ T8784] netlink: 72 bytes leftover after parsing attributes in process `syz.4.787'.
[  183.774979][ T8784] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check.
[  184.018520][ T5845] Bluetooth: hci0: command tx timeout
[  184.037912][ T8647] hsr_slave_0: entered promiscuous mode
[  184.049645][ T8647] hsr_slave_1: entered promiscuous mode
[  184.168165][ T8803] netlink: 28 bytes leftover after parsing attributes in process `syz.4.791'.
[  184.221647][ T8803] netlink: 'syz.4.791': attribute type 7 has an invalid length.
[  184.245305][ T8803] netlink: 'syz.4.791': attribute type 8 has an invalid length.
[  184.254703][ T8803] netlink: 4 bytes leftover after parsing attributes in process `syz.4.791'.
[  184.427749][ T8823] xt_NFQUEUE: number of total queues is 0
[  184.552553][ T8827] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  184.733060][ T8841] netlink: 8 bytes leftover after parsing attributes in process `syz.4.802'.
[  184.767275][ T8841] netlink: 24 bytes leftover after parsing attributes in process `syz.4.802'.
[  184.767376][ T8843] netlink: 8 bytes leftover after parsing attributes in process `syz.4.802'.
[  184.920756][ T8843] netlink: 24 bytes leftover after parsing attributes in process `syz.4.802'.
[  184.998627][ T8852] delete_channel: no stack
[  185.128903][ T8856] netlink: 40 bytes leftover after parsing attributes in process `syz.4.805'.
[  185.150750][ T8857] netlink: 96 bytes leftover after parsing attributes in process `syz.2.806'.
[  185.162228][ T8857] 8021q: VLANs not supported on sit0
[  185.285274][ T8862] syz_tun: entered allmulticast mode
[  185.335715][ T8861] syz.2.807 (8861) used greatest stack depth: 18168 bytes left
[  185.542650][ T8647] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  185.572895][ T8647] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  185.585508][ T8867] openvswitch: netlink: VXLAN extension 1 has unexpected len 0 expected 4
[  185.594470][ T8647] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  185.617175][ T8647] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  185.785588][ T8647] 8021q: adding VLAN 0 to HW filter on device bond0
[  185.902496][ T8647] 8021q: adding VLAN 0 to HW filter on device team0
[  185.932558][ T8856] Bluetooth: hci1: Opcode 0x0401 failed: -4
[  185.972536][   T62] bridge0: port 1(bridge_slave_0) entered blocking state
[  185.979809][   T62] bridge0: port 1(bridge_slave_0) entered forwarding state
[  186.050196][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.057465][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.108136][ T5845] Bluetooth: hci0: command tx timeout
[  186.176173][ T8647] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  186.554371][ T8910] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  186.750318][ T8647] 8021q: adding VLAN 0 to HW filter on device batadv0
[  186.894559][ T8647] veth0_vlan: entered promiscuous mode
[  186.938594][ T8906] netlink: 'syz.2.817': attribute type 11 has an invalid length.
[  187.042796][ T8647] veth1_vlan: entered promiscuous mode
[  187.109584][ T8647] veth0_macvtap: entered promiscuous mode
[  187.161617][ T8647] veth1_macvtap: entered promiscuous mode
[  187.243162][ T8647] batman_adv: batadv0: Interface activated: batadv_slave_0
[  187.278687][ T8943] netlink: 'syz.4.828': attribute type 28 has an invalid length.
[  187.286713][ T8943] netlink: 'syz.4.828': attribute type 3 has an invalid length.
[  187.297199][ T5845] Bluetooth: hci1: command 0x0401 tx timeout
[  187.304797][ T8647] batman_adv: batadv0: Interface activated: batadv_slave_1
[  187.349260][ T8647] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  187.370947][ T8647] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  187.385895][ T8647] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  187.394894][ T8647] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  187.655504][ T6485] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  187.679879][ T6485] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  187.744316][ T8945] pim6reg1: entered promiscuous mode
[  187.750079][ T8945] pim6reg1: entered allmulticast mode
[  187.803090][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  187.827638][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  187.903309][ T8965] rdma_op ffff888030abb1f0 conn xmit_rdma 0000000000000000
[  188.140128][ T8977] netlink: 'syz.3.839': attribute type 1 has an invalid length.
[  188.177445][ T5845] Bluetooth: hci0: command tx timeout
[  188.408194][ T8989] netlink: 'syz.0.841': attribute type 2 has an invalid length.
[  188.455614][ T8991] netlink: 'syz.4.843': attribute type 2 has an invalid length.
[  188.518615][ T8995] unknown channel width for channel at 909000KHz?
[  188.538535][ T8995] unknown channel width for channel at 909000KHz?
[  188.633060][ T9004] netlink: 'syz.3.848': attribute type 1 has an invalid length.
[  188.662735][ T8999] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.816624][ T8999] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.064306][ T8999] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.192518][ T8999] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.286572][ T6485] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.324871][ T8999] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  189.343369][ T8999] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  189.360851][ T8999] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  189.378314][ T8999] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  189.594126][ T6485] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.757889][ T9031] __nla_validate_parse: 18 callbacks suppressed
[  189.757910][ T9031] netlink: 4 bytes leftover after parsing attributes in process `syz.0.853'.
[  189.838278][ T6485] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.117422][ T6485] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.330630][ T5841] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  190.344139][ T5841] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  190.354465][ T5841] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  190.376523][ T5841] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  190.391461][ T5841] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  190.544987][ T9073] ip6gre2: entered allmulticast mode
[  190.562129][ T6485] bridge_slave_1: left allmulticast mode
[  190.569945][ T6485] bridge_slave_1: left promiscuous mode
[  190.575771][ T6485] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.604156][ T6485] bridge_slave_0: left allmulticast mode
[  190.623358][ T6485] bridge_slave_0: left promiscuous mode
[  190.633764][ T6485] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.944908][ T9105] netlink: 36 bytes leftover after parsing attributes in process `syz.4.871'.
[  191.100494][ T6485] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  191.112523][ T6485] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  191.124133][ T6485] bond0 (unregistering): Released all slaves
[  191.341338][ T9107] xt_CT: You must specify a L4 protocol and not use inversions on it
[  191.578806][ T6485] hsr_slave_0: left promiscuous mode
[  191.620678][ T6485] hsr_slave_1: left promiscuous mode
[  191.648168][ T6485] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  191.655825][ T6485] batman_adv: batadv0: Removing interface: batadv_slave_0
[  191.706570][ T6485] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  191.724058][ T6485] batman_adv: batadv0: Removing interface: batadv_slave_1
[  191.762672][ T9134] TCP: TCP_TX_DELAY enabled
[  191.790343][ T6485] veth1_macvtap: left promiscuous mode
[  191.796107][ T6485] veth0_macvtap: left promiscuous mode
[  191.803569][ T6485] veth1_vlan: left promiscuous mode
[  191.811196][ T6485] veth0_vlan: left promiscuous mode
[  192.174850][ T9146] netlink: 16 bytes leftover after parsing attributes in process `syz.3.885'.
[  192.218291][ T9146] netlink: 16 bytes leftover after parsing attributes in process `syz.3.885'.
[  192.383852][ T9152] sctp: [Deprecated]: syz.3.887 (pid 9152) Use of int in max_burst socket option.
[  192.383852][ T9152] Use struct sctp_assoc_value instead
[  192.462729][ T6485] team0 (unregistering): Port device team_slave_1 removed
[  192.497164][ T5845] Bluetooth: hci0: command tx timeout
[  192.538905][ T6485] team0 (unregistering): Port device team_slave_0 removed
[  192.922153][ T9173] netlink: 8 bytes leftover after parsing attributes in process `syz.3.894'.
[  192.937186][ T9173] netlink: 4 bytes leftover after parsing attributes in process `syz.3.894'.
[  192.952651][ T9173] netlink: 'syz.3.894': attribute type 1 has an invalid length.
[  192.962491][ T9173] netlink: 10 bytes leftover after parsing attributes in process `syz.3.894'.
[  193.146302][ T9119] syzkaller0: entered promiscuous mode
[  193.156444][ T9119] syzkaller0: entered allmulticast mode
[  193.177228][ T9134] netlink: 12 bytes leftover after parsing attributes in process `syz.4.879'.
[  193.186202][ T9134] netlink: 12 bytes leftover after parsing attributes in process `syz.4.879'.
[  193.834405][ T9187] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  194.265714][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  194.272276][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  194.587065][ T5845] Bluetooth: hci0: command tx timeout
[  194.678338][ T9169] netlink: 64 bytes leftover after parsing attributes in process `syz.2.892'.
[  194.820934][ T9198] netlink: 12 bytes leftover after parsing attributes in process `syz.3.901'.
[  194.830674][ T9198] netlink: 12 bytes leftover after parsing attributes in process `syz.3.901'.
[  194.885678][ T9206] ieee802154 phy0 wpan0: encryption failed: -22
[  194.956002][ T9209] netlink: 16 bytes leftover after parsing attributes in process `syz.2.905'.
[  195.085936][ T9063] chnl_net:caif_netlink_parms(): no params data found
[  195.291771][ T9223] pimreg3: entered allmulticast mode
[  195.420077][ T9063] bridge0: port 1(bridge_slave_0) entered blocking state
[  195.437746][ T9063] bridge0: port 1(bridge_slave_0) entered disabled state
[  195.445180][ T9063] bridge_slave_0: entered allmulticast mode
[  195.448944][ T9237] netlink: 'syz.2.913': attribute type 2 has an invalid length.
[  195.469787][ T9063] bridge_slave_0: entered promiscuous mode
[  195.488707][ T9063] bridge0: port 2(bridge_slave_1) entered blocking state
[  195.496259][ T9063] bridge0: port 2(bridge_slave_1) entered disabled state
[  195.523835][ T9063] bridge_slave_1: entered allmulticast mode
[  195.558268][ T9063] bridge_slave_1: entered promiscuous mode
[  195.706256][ T9063] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  195.741443][ T9063] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  195.859140][ T9063] team0: Port device team_slave_0 added
[  195.896538][ T9063] team0: Port device team_slave_1 added
[  195.975901][ T9063] batman_adv: batadv0: Adding interface: batadv_slave_0
[  195.992781][ T9063] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.023995][ T9063] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  196.042098][ T9063] batman_adv: batadv0: Adding interface: batadv_slave_1
[  196.050184][ T9063] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.092252][ T9063] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  196.124886][ T9271] (unnamed net_device) (uninitialized): option arp_validate: mode dependency failed, not supported in mode balance-alb(6)
[  196.295502][ T9063] hsr_slave_0: entered promiscuous mode
[  196.309269][ T9283] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535)
[  196.328361][ T9063] hsr_slave_1: entered promiscuous mode
[  196.338471][ T9278] xt_TPROXY: Can be used only with -p tcp or -p udp
[  196.369855][ T9283] netlink: 20 bytes leftover after parsing attributes in process `syz.2.925'.
[  196.397100][ T9283] netlink: 20 bytes leftover after parsing attributes in process `syz.2.925'.
[  196.439550][ T9292] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535)
[  196.526848][   T30] audit: type=1107 audit(1746919767.728:7): pid=9296 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='y�T'
[  196.658517][ T5845] Bluetooth: hci0: command tx timeout
[  197.004012][ T9327] netlink: 4 bytes leftover after parsing attributes in process `syz.3.938'.
[  197.094886][ T9331] tipc: Started in network mode
[  197.100371][ T9331] tipc: Node identity da32a4b4c03d, cluster identity 4711
[  197.115508][ T9331] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  197.205234][ T9333] tipc: Disabling bearer <eth:syzkaller0>
[  197.316032][ T9338] netlink: 80 bytes leftover after parsing attributes in process `syz.4.943'.
[  197.390267][ T9342] nbd: device at index 0 is going down
[  197.463402][ T9346] netlink: 4 bytes leftover after parsing attributes in process `syz.4.946'.
[  197.929485][ T9063] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  197.977827][ T9367] netlink: 4 bytes leftover after parsing attributes in process `syz.3.951'.
[  198.048907][ T9063] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  198.155491][ T9371] netlink: 'syz.2.954': attribute type 1 has an invalid length.
[  198.184793][ T9371] netlink: 'syz.2.954': attribute type 2 has an invalid length.
[  198.206440][ T9367] team0: Port device team_slave_0 removed
[  198.228557][ T9063] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  198.234961][ T9374] netlink: 'syz.2.954': attribute type 1 has an invalid length.
[  198.261409][ T9063] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  198.261474][ T9374] netlink: 'syz.2.954': attribute type 2 has an invalid length.
[  198.309776][ T9371] netlink: 12 bytes leftover after parsing attributes in process `syz.2.954'.
[  198.436769][ T9063] 8021q: adding VLAN 0 to HW filter on device bond0
[  198.540089][ T9063] 8021q: adding VLAN 0 to HW filter on device team0
[  198.603767][ T9090] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.611006][ T9090] bridge0: port 1(bridge_slave_0) entered forwarding state
[  198.634193][ T9392] netlink: 'syz.0.959': attribute type 4 has an invalid length.
[  198.644156][ T9090] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.651361][ T9090] bridge0: port 2(bridge_slave_1) entered forwarding state
[  198.738066][ T5845] Bluetooth: hci0: command tx timeout
[  198.753968][ T9392] netlink: 'syz.0.959': attribute type 32 has an invalid length.
[  198.785107][ T9392] netlink: 'syz.0.959': attribute type 4 has an invalid length.
[  198.800318][ T9399] (unnamed net_device) (uninitialized): peer notification delay (1164) is not a multiple of miimon (100), value rounded to 1100 ms
[  198.860134][ T9399] bond0: entered promiscuous mode
[  198.865236][ T9399] bond0: entered allmulticast mode
[  198.871420][ T9399] 8021q: adding VLAN 0 to HW filter on device bond0
[  199.236259][ T9418] syzkaller0: entered promiscuous mode
[  199.258146][ T9418] syzkaller0: entered allmulticast mode
[  199.313465][ T9063] 8021q: adding VLAN 0 to HW filter on device batadv0
[  200.667055][ T9063] veth0_vlan: entered promiscuous mode
[  200.706022][ T9063] veth1_vlan: entered promiscuous mode
[  200.757987][ T9063] veth0_macvtap: entered promiscuous mode
[  200.771130][ T9063] veth1_macvtap: entered promiscuous mode
[  200.796339][ T9063] batman_adv: batadv0: Interface activated: batadv_slave_0
[  200.821414][ T9063] batman_adv: batadv0: Interface activated: batadv_slave_1
[  200.854538][ T9063] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  200.867799][ T9063] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  200.876630][ T9063] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.890464][ T9063] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.013150][ T9090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  201.041794][ T9090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  201.126105][ T9090] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  201.149463][ T9458] xt_CT: No such helper "pptp"
[  201.162638][ T9090] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  201.494574][ T9475] netlink: 'syz.3.981': attribute type 1 has an invalid length.
[  201.502517][ T9475] __nla_validate_parse: 4 callbacks suppressed
[  201.502532][ T9475] netlink: 224 bytes leftover after parsing attributes in process `syz.3.981'.
[  201.520078][ T9475] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  201.528000][ T9473] netlink: 8 bytes leftover after parsing attributes in process `syz.2.980'.
[  202.325921][ T5109] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.780076][ T5109] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.063711][ T5109] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.167577][ T9534] netlink: 36 bytes leftover after parsing attributes in process `syz.0.999'.
[  203.182127][ T5109] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.243275][ T9537] netlink: 'syz.2.998': attribute type 7 has an invalid length.
[  203.278099][ T9537] : entered promiscuous mode
[  203.447849][ T5109] bridge_slave_1: left allmulticast mode
[  203.459348][ T9544] FAULT_INJECTION: forcing a failure.
[  203.459348][ T9544] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  203.472707][ T5109] bridge_slave_1: left promiscuous mode
[  203.487263][ T5109] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.508566][ T9544] CPU: 1 UID: 0 PID: 9544 Comm: syz.2.1003 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  203.508595][ T9544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  203.508606][ T9544] Call Trace:
[  203.508614][ T9544]  <TASK>
[  203.508623][ T9544]  dump_stack_lvl+0x189/0x250
[  203.508668][ T9544]  ? __lock_acquire+0xaac/0xd20
[  203.508698][ T9544]  ? __pfx_dump_stack_lvl+0x10/0x10
[  203.508726][ T9544]  ? __pfx__printk+0x10/0x10
[  203.508745][ T9544]  ? __might_fault+0xb0/0x130
[  203.508782][ T9544]  should_fail_ex+0x414/0x560
[  203.508807][ T9544]  _copy_from_user+0x2d/0xb0
[  203.508835][ T9544]  ___sys_recvmsg+0x12e/0x510
[  203.508868][ T9544]  ? __pfx____sys_recvmsg+0x10/0x10
[  203.508926][ T9544]  ? __fget_files+0x3a0/0x420
[  203.508963][ T9544]  __x64_sys_recvmsg+0x198/0x260
[  203.508993][ T9544]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  203.509037][ T9544]  ? do_syscall_64+0xba/0x210
[  203.509087][ T9544]  do_syscall_64+0xf6/0x210
[  203.509113][ T9544]  ? clear_bhb_loop+0x45/0xa0
[  203.509138][ T9544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.509156][ T9544] RIP: 0033:0x7f7c89f8e969
[  203.509181][ T9544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.509197][ T9544] RSP: 002b:00007f7c8aece038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  203.509224][ T9544] RAX: ffffffffffffffda RBX: 00007f7c8a1b5fa0 RCX: 00007f7c89f8e969
[  203.509238][ T9544] RDX: 0000000000000040 RSI: 0000200000000140 RDI: 0000000000000004
[  203.509249][ T9544] RBP: 00007f7c8aece090 R08: 0000000000000000 R09: 0000000000000000
[  203.509261][ T9544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.509271][ T9544] R13: 0000000000000000 R14: 00007f7c8a1b5fa0 R15: 00007ffefcc19b28
[  203.509300][ T9544]  </TASK>
[  203.728080][ T5109] bridge_slave_0: left allmulticast mode
[  203.733884][ T5109] bridge_slave_0: left promiscuous mode
[  203.739740][ T5109] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.771801][ T5841] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  203.787656][ T5841] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  203.795853][ T5841] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  203.805111][ T5841] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  203.822630][ T5841] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  203.913501][ T9556] netlink: 'syz.2.1006': attribute type 30 has an invalid length.
[  204.260499][ T5109] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  204.272657][ T5109] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  204.283098][ T5109] bond0 (unregistering): Released all slaves
[  204.303112][ T9556] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  204.329762][ T9556] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  204.484906][ T9573] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1009'.
[  204.521587][ T9573] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1009'.
[  204.671486][ T5109] hsr_slave_0: left promiscuous mode
[  204.688351][ T5109] hsr_slave_1: left promiscuous mode
[  204.693312][ T9580] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1010'.
[  204.711409][ T5109] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  204.716931][ T9580] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1010'.
[  204.736087][ T5109] batman_adv: batadv0: Removing interface: batadv_slave_0
[  204.755392][ T5109] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  204.766544][ T5109] batman_adv: batadv0: Removing interface: batadv_slave_1
[  204.778713][ T9583] x_tables: duplicate underflow at hook 1
[  204.842214][ T5109] veth1_macvtap: left promiscuous mode
[  204.850503][ T5109] veth0_macvtap: left promiscuous mode
[  204.856300][ T5109] veth1_vlan: left promiscuous mode
[  204.864609][ T5109] veth0_vlan: left promiscuous mode
[  205.275005][ T5109] team0 (unregistering): Port device team_slave_1 removed
[  205.319331][ T5109] team0 (unregistering): Port device team_slave_0 removed
[  205.857521][ T5841] Bluetooth: hci0: command tx timeout
[  205.928867][ T9600] FAULT_INJECTION: forcing a failure.
[  205.928867][ T9600] name failslab, interval 1, probability 0, space 0, times 1
[  205.942349][ T9600] CPU: 0 UID: 0 PID: 9600 Comm: syz.3.1016 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  205.942376][ T9600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  205.942387][ T9600] Call Trace:
[  205.942395][ T9600]  <TASK>
[  205.942404][ T9600]  dump_stack_lvl+0x189/0x250
[  205.942440][ T9600]  ? __pfx_dump_stack_lvl+0x10/0x10
[  205.942463][ T9600]  ? __pfx__printk+0x10/0x10
[  205.942483][ T9600]  ? __pfx___might_resched+0x10/0x10
[  205.942503][ T9600]  should_fail_ex+0x414/0x560
[  205.942522][ T9600]  should_failslab+0xa8/0x100
[  205.942545][ T9600]  __kmalloc_noprof+0xcb/0x4f0
[  205.942564][ T9600]  ? sock_kmalloc+0xd6/0x160
[  205.942590][ T9600]  sock_kmalloc+0xd6/0x160
[  205.942613][ T9600]  af_alg_alloc_areq+0x8d/0x260
[  205.942641][ T9600]  skcipher_recvmsg+0x356/0x11c0
[  205.942661][ T9600]  ? aa_sk_perm+0x81e/0x950
[  205.942686][ T9600]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  205.942706][ T9600]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  205.942723][ T9600]  ? security_socket_recvmsg+0x7e/0x2e0
[  205.942744][ T9600]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  205.942761][ T9600]  sock_recvmsg+0x229/0x270
[  205.942780][ T9600]  ____sys_recvmsg+0x1c9/0x460
[  205.942809][ T9600]  ? __pfx_____sys_recvmsg+0x10/0x10
[  205.942844][ T9600]  ? import_iovec+0x74/0xa0
[  205.942869][ T9600]  ___sys_recvmsg+0x1b5/0x510
[  205.942896][ T9600]  ? __pfx____sys_recvmsg+0x10/0x10
[  205.942941][ T9600]  ? __fget_files+0x3a0/0x420
[  205.942972][ T9600]  __x64_sys_recvmsg+0x198/0x260
[  205.942997][ T9600]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  205.943039][ T9600]  ? do_syscall_64+0xba/0x210
[  205.943064][ T9600]  do_syscall_64+0xf6/0x210
[  205.943086][ T9600]  ? clear_bhb_loop+0x45/0xa0
[  205.943108][ T9600]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.943125][ T9600] RIP: 0033:0x7f2de1b8e969
[  205.943141][ T9600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.943154][ T9600] RSP: 002b:00007f2de2a43038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  205.943171][ T9600] RAX: ffffffffffffffda RBX: 00007f2de1db5fa0 RCX: 00007f2de1b8e969
[  205.943182][ T9600] RDX: 0000000000000040 RSI: 0000200000000140 RDI: 0000000000000004
[  205.943191][ T9600] RBP: 00007f2de2a43090 R08: 0000000000000000 R09: 0000000000000000
[  205.943201][ T9600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.943210][ T9600] R13: 0000000000000000 R14: 00007f2de1db5fa0 R15: 00007fff71f603d8
[  205.943237][ T9600]  </TASK>
[  206.223627][ T9603] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1018'.
[  206.559874][ T9547] chnl_net:caif_netlink_parms(): no params data found
[  206.605032][ T9621] sch_tbf: peakrate 7 is lower than or equals to rate 2147483647 !
[  207.003075][ T9547] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.042185][ T9547] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.074768][ T9547] bridge_slave_0: entered allmulticast mode
[  207.092673][ T9547] bridge_slave_0: entered promiscuous mode
[  207.118088][ T9547] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.133259][ T9547] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.147292][ T9657] netlink: 'syz.0.1029': attribute type 1 has an invalid length.
[  207.157064][ T9656] netlink: 'syz.0.1029': attribute type 1 has an invalid length.
[  207.168837][ T9547] bridge_slave_1: entered allmulticast mode
[  207.176725][ T9547] bridge_slave_1: entered promiscuous mode
[  207.301730][ T9547] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  207.331216][ T9547] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  207.418047][ T9673] FAULT_INJECTION: forcing a failure.
[  207.418047][ T9673] name failslab, interval 1, probability 0, space 0, times 0
[  207.432580][ T9673] CPU: 0 UID: 0 PID: 9673 Comm: syz.2.1033 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  207.432607][ T9673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  207.432619][ T9673] Call Trace:
[  207.432627][ T9673]  <TASK>
[  207.432635][ T9673]  dump_stack_lvl+0x189/0x250
[  207.432672][ T9673]  ? __pfx_dump_stack_lvl+0x10/0x10
[  207.432701][ T9673]  ? __pfx__printk+0x10/0x10
[  207.432723][ T9673]  ? __pfx___might_resched+0x10/0x10
[  207.432742][ T9673]  ? fs_reclaim_acquire+0x7d/0x100
[  207.432776][ T9673]  should_fail_ex+0x414/0x560
[  207.432801][ T9673]  should_failslab+0xa8/0x100
[  207.432829][ T9673]  __kmalloc_noprof+0xcb/0x4f0
[  207.432852][ T9673]  ? sock_kmalloc+0xd6/0x160
[  207.432884][ T9673]  sock_kmalloc+0xd6/0x160
[  207.432914][ T9673]  skcipher_recvmsg+0x55c/0x11c0
[  207.432957][ T9673]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  207.432982][ T9673]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  207.433003][ T9673]  ? security_socket_recvmsg+0x7e/0x2e0
[  207.433029][ T9673]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  207.433050][ T9673]  sock_recvmsg+0x229/0x270
[  207.433074][ T9673]  ____sys_recvmsg+0x1c9/0x460
[  207.433111][ T9673]  ? __pfx_____sys_recvmsg+0x10/0x10
[  207.433163][ T9673]  ? import_iovec+0x74/0xa0
[  207.433194][ T9673]  ___sys_recvmsg+0x1b5/0x510
[  207.433227][ T9673]  ? __pfx____sys_recvmsg+0x10/0x10
[  207.433282][ T9673]  ? __fget_files+0x3a0/0x420
[  207.433320][ T9673]  __x64_sys_recvmsg+0x198/0x260
[  207.433350][ T9673]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  207.433396][ T9673]  ? do_syscall_64+0xba/0x210
[  207.433425][ T9673]  do_syscall_64+0xf6/0x210
[  207.433450][ T9673]  ? clear_bhb_loop+0x45/0xa0
[  207.433475][ T9673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.433493][ T9673] RIP: 0033:0x7f7c89f8e969
[  207.433511][ T9673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.433527][ T9673] RSP: 002b:00007f7c8aece038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  207.433548][ T9673] RAX: ffffffffffffffda RBX: 00007f7c8a1b5fa0 RCX: 00007f7c89f8e969
[  207.433561][ T9673] RDX: 0000000000000040 RSI: 0000200000000140 RDI: 0000000000000004
[  207.433574][ T9673] RBP: 00007f7c8aece090 R08: 0000000000000000 R09: 0000000000000000
[  207.433585][ T9673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  207.433597][ T9673] R13: 0000000000000000 R14: 00007f7c8a1b5fa0 R15: 00007ffefcc19b28
[  207.433628][ T9673]  </TASK>
[  207.696621][ T9547] team0: Port device team_slave_0 added
[  207.712300][ T9547] team0: Port device team_slave_1 added
[  207.780151][ T9547] batman_adv: batadv0: Adding interface: batadv_slave_0
[  207.788647][ T9547] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.815936][ T9547] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  207.829121][ T9547] batman_adv: batadv0: Adding interface: batadv_slave_1
[  207.836204][ T9547] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.863027][ T9547] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  207.939585][ T5841] Bluetooth: hci0: command tx timeout
[  208.034345][ T9547] hsr_slave_0: entered promiscuous mode
[  208.041786][ T9547] hsr_slave_1: entered promiscuous mode
[  208.050072][ T9690] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1038'.
[  208.077605][ T9691] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1036'.
[  208.569240][ T9711] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1043'.
[  208.585600][ T9711] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1043'.
[  208.660579][ T9717] FAULT_INJECTION: forcing a failure.
[  208.660579][ T9717] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  208.681688][ T9717] CPU: 1 UID: 0 PID: 9717 Comm: syz.2.1045 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  208.681717][ T9717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  208.681729][ T9717] Call Trace:
[  208.681737][ T9717]  <TASK>
[  208.681745][ T9717]  dump_stack_lvl+0x189/0x250
[  208.681781][ T9717]  ? __pfx_dump_stack_lvl+0x10/0x10
[  208.681810][ T9717]  ? __pfx__printk+0x10/0x10
[  208.681843][ T9717]  should_fail_ex+0x414/0x560
[  208.681868][ T9717]  _copy_to_user+0x31/0xb0
[  208.681897][ T9717]  simple_read_from_buffer+0xe1/0x170
[  208.681927][ T9717]  proc_fail_nth_read+0x1df/0x250
[  208.681958][ T9717]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  208.681989][ T9717]  ? rw_verify_area+0x258/0x650
[  208.682009][ T9717]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  208.682038][ T9717]  vfs_read+0x1fd/0x980
[  208.682076][ T9717]  ? __pfx___mutex_lock+0x10/0x10
[  208.682100][ T9717]  ? __pfx_vfs_read+0x10/0x10
[  208.682123][ T9717]  ? __fget_files+0x2a/0x420
[  208.682153][ T9717]  ? __fget_files+0x3a0/0x420
[  208.682177][ T9717]  ? __fget_files+0x2a/0x420
[  208.682212][ T9717]  ksys_read+0x145/0x250
[  208.682231][ T9717]  ? rcu_is_watching+0x15/0xb0
[  208.682263][ T9717]  ? __pfx_ksys_read+0x10/0x10
[  208.682288][ T9717]  ? do_syscall_64+0xba/0x210
[  208.682317][ T9717]  do_syscall_64+0xf6/0x210
[  208.682343][ T9717]  ? clear_bhb_loop+0x45/0xa0
[  208.682367][ T9717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.682385][ T9717] RIP: 0033:0x7f7c89f8d37c
[  208.682403][ T9717] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  208.682419][ T9717] RSP: 002b:00007f7c8aece030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  208.682439][ T9717] RAX: ffffffffffffffda RBX: 00007f7c8a1b5fa0 RCX: 00007f7c89f8d37c
[  208.682453][ T9717] RDX: 000000000000000f RSI: 00007f7c8aece0a0 RDI: 0000000000000005
[  208.682465][ T9717] RBP: 00007f7c8aece090 R08: 0000000000000000 R09: 0000000000000000
[  208.682476][ T9717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.682488][ T9717] R13: 0000000000000000 R14: 00007f7c8a1b5fa0 R15: 00007ffefcc19b28
[  208.682519][ T9717]  </TASK>
[  208.988180][ T9719] xt_connbytes: Forcing CT accounting to be enabled
[  209.009239][ T9721] ������: renamed from vlan0
[  209.109056][ T9726] netlink: 71 bytes leftover after parsing attributes in process `syz.2.1047'.
[  209.115439][ T9547] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  209.135725][ T9547] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  209.154419][ T9547] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  209.223659][ T9547] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  209.236627][ T9730] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1048'.
[  209.252650][ T9730] openvswitch: netlink: Flow key attr not present in new flow.
[  209.373774][ T9734] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1049'.
[  209.428511][ T9547] 8021q: adding VLAN 0 to HW filter on device bond0
[  209.435540][ T9738] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1050'.
[  209.499475][ T9547] 8021q: adding VLAN 0 to HW filter on device team0
[  209.519855][ T9090] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.527193][ T9090] bridge0: port 1(bridge_slave_0) entered forwarding state
[  209.558639][ T9745] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0)
[  209.572482][ T9745] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647
[  209.607442][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.614643][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  210.017379][ T5835] Bluetooth: hci0: command tx timeout
[  210.117696][ T9770] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1057'.
[  210.419010][ T9780] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1060'.
[  210.504949][ T9547] 8021q: adding VLAN 0 to HW filter on device batadv0
[  210.639174][ T9547] veth0_vlan: entered promiscuous mode
[  210.661744][ T9547] veth1_vlan: entered promiscuous mode
[  210.698002][ T9547] veth0_macvtap: entered promiscuous mode
[  210.755419][ T9547] veth1_macvtap: entered promiscuous mode
[  210.832558][ T9547] batman_adv: batadv0: Interface activated: batadv_slave_0
[  210.874922][ T9547] batman_adv: batadv0: Interface activated: batadv_slave_1
[  210.916375][ T9547] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  210.940707][ T9547] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  210.967110][ T9547] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  210.987370][ T9547] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  211.134375][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  211.145618][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  211.199511][ T5109] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  211.210027][ T5109] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  211.701877][ T5835] Bluetooth: hci1: command 0x0401 tx timeout
[  211.708397][ T5850] Bluetooth: hci3: command 0x0406 tx timeout
[  211.714604][ T5850] Bluetooth: hci2: command 0x0406 tx timeout
[  211.783699][ T9820] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  212.107171][ T5845] Bluetooth: hci0: command 0x0419 tx timeout
[  212.172635][ T9831] unsupported nla_type 52263
[  212.294309][ T9831] syzkaller0: entered promiscuous mode
[  212.300654][ T9831] syzkaller0: entered allmulticast mode
[  212.992460][ T5845] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  213.011419][ T5845] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  213.025460][ T5845] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  213.043576][ T5845] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  213.065846][ T5845] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  213.862322][ T5845] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  213.871959][ T5845] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  213.886872][ T5845] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  213.899667][ T5845] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  213.909533][ T5845] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  213.958668][ T9854] __nla_validate_parse: 4 callbacks suppressed
[  213.958691][ T9854] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1079'.
[  214.015707][ T9860] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1079'.
[  214.374794][ T9841] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !寿$���UY�vy��آ
�D��U�w�}�z
[  214.461389][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.505981][ T9862] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1080'.
[  214.615887][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.673602][ T9869] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1081'.
[  214.868133][ T9878] (unnamed net_device) (uninitialized): option miimon: invalid value (18446744073709551585)
[  214.914343][ T9878] (unnamed net_device) (uninitialized): option miimon: allowed values 0 - 2147483647
[  215.034591][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.211910][ T9895] Bluetooth: MGMT ver 1.23
[  215.221040][ T9896] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1090'.
[  215.425142][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.651506][ T9911] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1094'.
[  216.019950][ T5845] Bluetooth: hci5: command tx timeout
[  217.160229][ T9856] chnl_net:caif_netlink_parms(): no params data found
[  217.223064][ T9927] netlink: 'syz.2.1101': attribute type 2 has an invalid length.
[  217.242271][ T9845] chnl_net:caif_netlink_parms(): no params data found
[  217.502770][ T9944] bond5: entered promiscuous mode
[  217.508533][ T9944] bond5: entered allmulticast mode
[  217.514182][ T9944] 8021q: adding VLAN 0 to HW filter on device bond5
[  217.572209][ T9954] netlink: 'syz.2.1106': attribute type 7 has an invalid length.
[  217.587135][ T9954] netlink: 15 bytes leftover after parsing attributes in process `syz.2.1106'.
[  217.622884][ T9954] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1106'.
[  217.647269][ T9954] netlink: 872 bytes leftover after parsing attributes in process `syz.2.1106'.
[  217.691303][ T9944] bond5 (unregistering): Released all slaves
[  217.716232][ T9954] netlink: 'syz.2.1106': attribute type 7 has an invalid length.
[  217.725616][ T9954] netlink: 15 bytes leftover after parsing attributes in process `syz.2.1106'.
[  217.791411][   T12] bridge_slave_1: left allmulticast mode
[  217.807216][   T12] bridge_slave_1: left promiscuous mode
[  217.813490][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.833020][   T12] bridge_slave_0: left allmulticast mode
[  217.839818][   T12] bridge_slave_0: left promiscuous mode
[  217.846396][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.879912][ T9965] netlink: 'syz.2.1108': attribute type 21 has an invalid length.
[  218.097100][ T5845] Bluetooth: hci5: command tx timeout
[  218.197635][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  218.209040][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  218.219357][   T12] bond0 (unregistering): Released all slaves
[  218.234417][ T9945] Bluetooth: hci2: Opcode 0x0401 failed: -4
[  218.332466][ T9856] bridge0: port 1(bridge_slave_0) entered blocking state
[  218.354596][ T9856] bridge0: port 1(bridge_slave_0) entered disabled state
[  218.381295][ T9856] bridge_slave_0: entered allmulticast mode
[  218.392711][ T9856] bridge_slave_0: entered promiscuous mode
[  218.615958][ T9856] bridge0: port 2(bridge_slave_1) entered blocking state
[  218.636290][ T9856] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.644604][ T9856] bridge_slave_1: entered allmulticast mode
[  218.672028][ T9856] bridge_slave_1: entered promiscuous mode
[  218.686314][ T9977] netlink: 'syz.2.1110': attribute type 2 has an invalid length.
[  218.731026][ T9845] bridge0: port 1(bridge_slave_0) entered blocking state
[  218.747469][ T9845] bridge0: port 1(bridge_slave_0) entered disabled state
[  218.755212][ T9845] bridge_slave_0: entered allmulticast mode
[  218.771952][ T9845] bridge_slave_0: entered promiscuous mode
[  218.783015][ T9845] bridge0: port 2(bridge_slave_1) entered blocking state
[  218.815733][ T9845] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.847483][ T9845] bridge_slave_1: entered allmulticast mode
[  218.855355][ T9845] bridge_slave_1: entered promiscuous mode
[  219.064154][T10000] tipc: Enabled bearer <eth:vlan1>, priority 12
[  219.102776][T10000] ieee802154 phy0 wpan0: encryption failed: -22
[  219.212362][T10001] batman_adv: batadv0: Removing interface: batadv_slave_1
[  219.263741][ T9856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  219.305840][ T9856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  219.334186][ T9845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  219.418728][T10019] IPVS: length: 157 != 24
[  219.421576][ T9845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  219.497624][   T12] hsr_slave_0: left promiscuous mode
[  219.526889][   T12] hsr_slave_1: left promiscuous mode
[  219.533227][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  219.542255][ T5845] Bluetooth: hci2: command 0x0406 tx timeout
[  219.548748][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  219.559533][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  219.567266][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  219.592778][   T12] veth1_macvtap: left promiscuous mode
[  219.599107][   T12] veth0_macvtap: left promiscuous mode
[  219.605081][   T12] veth1_vlan: left promiscuous mode
[  219.611234][   T12] veth0_vlan: left promiscuous mode
[  219.624786][T10025] __nla_validate_parse: 2 callbacks suppressed
[  219.624805][T10025] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1124'.
[  219.651811][T10025] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1124'.
[  220.080573][   T47] tipc: Node number set to 1024101479
[  220.151541][   T12] team0 (unregistering): Port device team_slave_1 removed
[  220.178884][ T5845] Bluetooth: hci5: command tx timeout
[  220.203735][   T12] team0 (unregistering): Port device team_slave_0 removed
[  220.656217][ T9845] team0: Port device team_slave_0 added
[  220.746955][ T9856] team0: Port device team_slave_0 added
[  220.771853][ T9856] team0: Port device team_slave_1 added
[  220.801009][ T9845] team0: Port device team_slave_1 added
[  220.855379][T10040] netlink: 'syz.0.1127': attribute type 27 has an invalid length.
[  220.919976][T10044] netlink: 165 bytes leftover after parsing attributes in process `syz.0.1127'.
[  220.969557][T10047] openvswitch: netlink: Flow actions attr not present in new flow.
[  220.979809][ T9856] batman_adv: batadv0: Adding interface: batadv_slave_0
[  220.997615][ T9856] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.025531][ T9856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  221.049229][ T9845] batman_adv: batadv0: Adding interface: batadv_slave_0
[  221.068456][ T9845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.095986][ T9845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  221.117923][ T9856] batman_adv: batadv0: Adding interface: batadv_slave_1
[  221.125015][ T9856] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.187071][ T9856] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  221.203158][ T9845] batman_adv: batadv0: Adding interface: batadv_slave_1
[  221.214668][ T9845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.242337][ T9845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  221.605661][ T9845] hsr_slave_0: entered promiscuous mode
[  221.613386][ T9845] hsr_slave_1: entered promiscuous mode
[  221.646204][ T9856] hsr_slave_0: entered promiscuous mode
[  221.653361][ T9856] hsr_slave_1: entered promiscuous mode
[  221.663213][ T9856] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  221.674690][ T9856] Cannot create hsr debugfs directory
[  221.687367][T10072] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1134'.
[  222.086277][T10097] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1141'.
[  222.264444][ T5845] Bluetooth: hci5: command tx timeout
[  222.322444][T10109] netlink: 'syz.0.1144': attribute type 2 has an invalid length.
[  222.330558][T10109] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1144'.
[  222.467192][T10115] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1146'.
[  222.584235][T10119] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1147'.
[  222.624235][T10119] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1147'.
[  222.640340][T10119] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1147'.
[  222.654044][ T9845] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  222.670904][ T9845] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  222.687998][T10117] syzkaller0: refused to change device tx_queue_len
[  222.724371][ T9845] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  222.738817][ T9845] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  222.812226][T10129] netlink: 'syz.3.1150': attribute type 12 has an invalid length.
[  222.820685][T10129] netlink: 'syz.3.1150': attribute type 29 has an invalid length.
[  222.833470][T10129] netlink: 'syz.3.1150': attribute type 12 has an invalid length.
[  222.843002][T10129] netlink: 'syz.3.1150': attribute type 29 has an invalid length.
[  222.995501][T10135] can: request_module (can-proto-0) failed.
[  223.083753][ T9845] 8021q: adding VLAN 0 to HW filter on device bond0
[  223.177888][ T9845] 8021q: adding VLAN 0 to HW filter on device team0
[  223.216694][ T6485] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.223931][ T6485] bridge0: port 1(bridge_slave_0) entered forwarding state
[  223.309367][ T6485] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.316843][ T6485] bridge0: port 2(bridge_slave_1) entered forwarding state
[  223.333147][T10147] netlink: 'syz.0.1155': attribute type 1 has an invalid length.
[  223.400142][ T9856] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  223.434865][ T9856] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  223.440255][T10153] netlink: 'syz.3.1157': attribute type 11 has an invalid length.
[  223.463968][ T9856] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  223.505067][ T9856] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  223.724407][T10168] [H: renamed from veth0_vlan
[  223.873276][ T9856] 8021q: adding VLAN 0 to HW filter on device bond0
[  223.931243][ T9856] 8021q: adding VLAN 0 to HW filter on device team0
[  224.021224][ T5109] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.028473][ T5109] bridge0: port 1(bridge_slave_0) entered forwarding state
[  224.087886][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.095131][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[  224.168666][T10192] FAULT_INJECTION: forcing a failure.
[  224.168666][T10192] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.205895][T10192] CPU: 0 UID: 0 PID: 10192 Comm: syz.0.1167 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  224.205925][T10192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  224.205937][T10192] Call Trace:
[  224.205945][T10192]  <TASK>
[  224.205953][T10192]  dump_stack_lvl+0x189/0x250
[  224.205989][T10192]  ? __pfx_dump_stack_lvl+0x10/0x10
[  224.206016][T10192]  ? __pfx__printk+0x10/0x10
[  224.206049][T10192]  should_fail_ex+0x414/0x560
[  224.206074][T10192]  _copy_to_user+0x31/0xb0
[  224.206105][T10192]  simple_read_from_buffer+0xe1/0x170
[  224.206134][T10192]  proc_fail_nth_read+0x1df/0x250
[  224.206165][T10192]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  224.206196][T10192]  ? rw_verify_area+0x258/0x650
[  224.206215][T10192]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  224.206243][T10192]  vfs_read+0x1fd/0x980
[  224.206269][T10192]  ? __pfx___mutex_lock+0x10/0x10
[  224.206295][T10192]  ? __pfx_vfs_read+0x10/0x10
[  224.206317][T10192]  ? __fget_files+0x2a/0x420
[  224.206346][T10192]  ? __fget_files+0x3a0/0x420
[  224.206369][T10192]  ? __fget_files+0x2a/0x420
[  224.206403][T10192]  ksys_read+0x145/0x250
[  224.206423][T10192]  ? rcu_is_watching+0x15/0xb0
[  224.206455][T10192]  ? __pfx_ksys_read+0x10/0x10
[  224.206479][T10192]  ? do_syscall_64+0xba/0x210
[  224.206507][T10192]  do_syscall_64+0xf6/0x210
[  224.206532][T10192]  ? clear_bhb_loop+0x45/0xa0
[  224.206557][T10192]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.206576][T10192] RIP: 0033:0x7fb8af18d37c
[  224.206594][T10192] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  224.206616][T10192] RSP: 002b:00007fb8affb1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  224.206637][T10192] RAX: ffffffffffffffda RBX: 00007fb8af3b5fa0 RCX: 00007fb8af18d37c
[  224.206652][T10192] RDX: 000000000000000f RSI: 00007fb8affb10a0 RDI: 0000000000000005
[  224.206664][T10192] RBP: 00007fb8affb1090 R08: 0000000000000000 R09: 0000000000000000
[  224.206676][T10192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.206687][T10192] R13: 0000000000000000 R14: 00007fb8af3b5fa0 R15: 00007fff680542a8
[  224.206719][T10192]  </TASK>
[  224.243038][ T9856] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  224.441063][ T9856] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  224.610279][ T9845] 8021q: adding VLAN 0 to HW filter on device batadv0
[  224.726715][T10209] openvswitch: netlink: Missing key (keys=40, expected=80)
[  224.999669][T10221] netlink: 'syz.0.1174': attribute type 2 has an invalid length.
[  225.009091][T10223] SET target dimension over the limit!
[  225.041236][T10221] __nla_validate_parse: 8 callbacks suppressed
[  225.041255][T10221] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1174'.
[  225.058203][T10225] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1176'.
[  225.133433][ T9856] 8021q: adding VLAN 0 to HW filter on device batadv0
[  225.273740][ T9856] veth0_vlan: entered promiscuous mode
[  225.312021][ T9856] veth1_vlan: entered promiscuous mode
[  225.409343][T10236] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1180'.
[  225.431921][ T9856] veth0_macvtap: entered promiscuous mode
[  225.477147][ T9856] veth1_macvtap: entered promiscuous mode
[  225.490972][ T1222] hid-generic 0005:0458:0009.0001: unknown main item tag 0x0
[  225.508680][ T1222] hid-generic 0005:0458:0009.0001: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  225.572347][ T9856] batman_adv: batadv0: Interface activated: batadv_slave_0
[  225.590082][ T9845] veth0_vlan: entered promiscuous mode
[  225.626669][ T9856] batman_adv: batadv0: Interface activated: batadv_slave_1
[  225.705077][ T9856] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  225.731176][ T9856] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  225.740902][ T9856] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  225.749942][ T9856] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  225.764344][ T9845] veth1_vlan: entered promiscuous mode
[  225.952784][ T9845] veth0_macvtap: entered promiscuous mode
[  226.001235][ T9845] veth1_macvtap: entered promiscuous mode
[  226.015167][T10260] xt_CT: You must specify a L4 protocol and not use inversions on it
[  226.023039][T10264] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  226.046054][T10261] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1187'.
[  226.202966][ T9845] batman_adv: batadv0: Interface activated: batadv_slave_0
[  226.234291][ T9845] batman_adv: batadv0: Interface activated: batadv_slave_1
[  226.269359][ T5109] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  226.275824][ T9845] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  226.292658][ T5109] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  226.312141][ T9845] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  226.334505][ T9845] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  226.353604][ T9845] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  226.415138][T10278] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1194'.
[  226.452900][ T6485] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  226.482730][ T6485] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  226.605575][T10282] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1195'.
[  226.618212][T10281] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1196'.
[  226.630380][ T6485] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  226.643604][ T6485] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  226.794995][ T6485] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  226.834761][ T6485] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  227.348646][ T5109] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.504794][ T5109] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.577107][ T5109] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.821293][ T5109] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.006279][ T5109] bridge_slave_1: left allmulticast mode
[  228.012187][ T5109] bridge_slave_1: left promiscuous mode
[  228.019226][ T5109] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.034728][ T5109] bridge_slave_0: left allmulticast mode
[  228.040567][ T5109] bridge_slave_0: left promiscuous mode
[  228.046362][ T5109] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.317002][T10321] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1204'.
[  228.463913][T10333] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1205'.
[  228.735076][ T5109] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  228.762307][ T5109] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  228.780398][ T5109] bond0 (unregistering): Released all slaves
[  228.802629][T10312] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  228.834451][ T5838] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  228.843739][ T5838] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  228.852108][ T5838] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  228.861939][ T5838] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  228.866316][T10311] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  228.885880][ T5838] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  228.887526][T10311] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  228.897758][T10321] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1204'.
[  229.031139][T10347] Unsupported ieee802154 address type: 0
[  229.287304][ T5109] hsr_slave_0: left promiscuous mode
[  229.328786][ T5109] hsr_slave_1: left promiscuous mode
[  229.382498][ T5109] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  229.395129][ T5109] batman_adv: batadv0: Removing interface: batadv_slave_0
[  229.428536][T10360] netlink: 'syz.0.1212': attribute type 1 has an invalid length.
[  229.429628][ T5109] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  229.466917][ T5109] batman_adv: batadv0: Removing interface: batadv_slave_1
[  229.547930][ T5109] veth1_macvtap: left promiscuous mode
[  229.553546][ T5109] veth0_macvtap: left promiscuous mode
[  229.568691][ T5109] veth1_vlan: left promiscuous mode
[  229.586616][ T5109] veth0_vlan: left promiscuous mode
[  229.640522][T10369] netlink: 'syz.3.1215': attribute type 1 has an invalid length.
[  230.086481][ T5109] team0 (unregistering): Port device team_slave_1 removed
[  230.142223][ T5109] team0 (unregistering): Port device team_slave_0 removed
[  230.583813][T10369] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  230.866107][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  230.932422][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  230.980666][ T5845] Bluetooth: hci5: command tx timeout
[  231.106642][ T9091] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.116915][ T9091] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.154996][    C0] ------------[ cut here ]------------
[  231.160559][    C0] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0x0 with flags 0x0
[  231.171557][    C0] WARNING: CPU: 0 PID: 10398 at net/mac80211/rate.c:404 __rate_control_send_low+0x63b/0x890
[  231.181758][    C0] Modules linked in:
[  231.185947][    C0] CPU: 0 UID: 0 PID: 10398 Comm: syz.3.1221 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  231.198371][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  231.209158][    C0] RIP: 0010:__rate_control_send_low+0x63b/0x890
[  231.215522][    C0] Code: 42 0f b6 04 28 84 c0 0f 85 e9 01 00 00 41 8b 0e 48 c7 c7 60 38 8c 8c 48 8b 74 24 10 44 8b 44 24 1c 45 89 e1 e8 b6 aa b6 f6 90 <0f> 0b 90 90 e9 6f fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c fb
[  231.235306][    C0] RSP: 0018:ffffc90000007760 EFLAGS: 00010246
[  231.241484][    C0] RAX: 3e01f29e0bb85e00 RBX: 000000000000000c RCX: ffff8880578d8000
[  231.249558][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[  231.257627][    C0] RBP: 0000000000000084 R08: 0000000000000003 R09: 0000000000000004
[  231.265657][    C0] R10: dffffc0000000000 R11: fffffbfff1bba4b4 R12: 0000000000000000
[  231.273708][    C0] R13: dffffc0000000000 R14: ffff88807dbeb0d8 R15: ffff88807c4ed168
[  231.281766][    C0] FS:  0000000000000000(0000) GS:ffff8881260cc000(0000) knlGS:0000000000000000
[  231.290876][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  231.297735][    C0] CR2: 0000200000000000 CR3: 000000002f80a000 CR4: 00000000003526f0
[  231.305761][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  231.313834][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  231.321922][    C0] Call Trace:
[  231.325262][    C0]  <IRQ>
[  231.328239][    C0]  rate_control_send_low+0x194/0x7a0
[  231.333615][    C0]  rate_control_get_rate+0x20b/0x5d0
[  231.339048][    C0]  ieee80211_beacon_get_finish+0x38c/0x6b0
[  231.344933][    C0]  ? __pfx_ieee80211_beacon_get_finish+0x10/0x10
[  231.351590][    C0]  ? __pfx___netdev_alloc_skb+0x10/0x10
[  231.357260][    C0]  ? __ieee80211_beacon_get+0xf12/0x1630
[  231.362954][    C0]  ? __ieee80211_beacon_get+0x36/0x1630
[  231.368631][    C0]  __ieee80211_beacon_get+0xfef/0x1630
[  231.374172][    C0]  ? __lock_acquire+0xaac/0xd20
[  231.378557][T10410] xt_TCPMSS: Only works on TCP SYN packets
[  231.379189][    C0]  ieee80211_beacon_get_tim+0xb4/0x2b0
[  231.390496][    C0]  ? __pfx_ieee80211_beacon_get_tim+0x10/0x10
[  231.396634][    C0]  mac80211_hwsim_beacon_tx+0x3d2/0x860
[  231.402353][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  231.409710][    C0]  __iterate_interfaces+0x2a8/0x590
[  231.414985][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  231.421181][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  231.428761][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  231.434905][    C0]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  231.442058][    C0]  mac80211_hwsim_beacon+0xbb/0x1c0
[  231.447364][    C0]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  231.453221][    C0]  __hrtimer_run_queues+0x529/0xc60
[  231.458518][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  231.464353][    C0]  ? read_tsc+0x9/0x20
[  231.469470][    C0]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  231.475525][    C0]  hrtimer_run_softirq+0x187/0x2b0
[  231.480743][    C0]  handle_softirqs+0x283/0x870
[  231.485560][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  231.490408][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  231.495849][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  231.501169][    C0]  __irq_exit_rcu+0xca/0x1f0
[  231.505823][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  231.511228][    C0]  irq_exit_rcu+0x9/0x30
[  231.515519][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  231.521251][    C0]  </IRQ>
[  231.524230][    C0]  <TASK>
[  231.527262][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  231.533283][    C0] RIP: 0010:check_preemption_disabled+0x1e/0x120
[  231.539951][    C0] Code: 90 90 90 90 90 90 90 90 90 90 90 90 55 41 57 41 56 53 48 83 ec 10 65 48 8b 05 4e 0e 1f 07 48 89 44 24 08 65 8b 05 56 0e 1f 07 <65> 8b 0d 4b 0e 1f 07 f7 c1 ff ff ff 7f 74 23 65 48 8b 0d 2b 0e 1f
[  231.559735][    C0] RSP: 0018:ffffc90003357558 EFLAGS: 00000282
[  231.565940][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000080000001
[  231.574079][    C0] RDX: 0000000000000000 RSI: ffffffff8bc1d240 RDI: ffffffff8bc1d200
[  231.582756][    C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  231.590827][    C0] R10: 0000000000000000 R11: ffffffff822cb0e5 R12: 00000000000001c0
[  231.598887][    C0] R13: 0000000000077eb4 R14: ffff88801b900000 R15: dffffc0000000000
[  231.606967][    C0]  ? page_table_check_clear+0x165/0x6e0
[  231.612597][    C0]  rcu_lockdep_current_cpu_online+0x37/0x120
[  231.618671][    C0]  rcu_read_lock_held+0x1e/0x50
[  231.623557][    C0]  page_ext_lookup+0xe2/0x160
[  231.628446][    C0]  ? page_table_check_clear+0x165/0x6e0
[  231.634156][    C0]  page_table_check_clear+0x232/0x6e0
[  231.639641][    C0]  ? vm_normal_page+0xb4/0x210
[  231.644458][    C0]  unmap_page_range+0x30be/0x4210
[  231.649575][    C0]  ? kernel_text_address+0xa5/0xe0
[  231.654865][    C0]  ? mas_next_slot+0xc20/0xcf0
[  231.659737][    C0]  ? __pfx_unmap_page_range+0x10/0x10
[  231.665189][    C0]  ? unmap_single_vma+0x1b2/0x2a0
[  231.670501][    C0]  unmap_vmas+0x25d/0x3c0
[  231.675332][    C0]  ? __pfx_unmap_vmas+0x10/0x10
[  231.680451][    C0]  exit_mmap+0x245/0xba0
[  231.684840][    C0]  ? __pfx_exit_mmap+0x10/0x10
[  231.689690][    C0]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  231.695471][    C0]  ? __pfx_exit_aio+0x10/0x10
[  231.700684][    C0]  ? uprobe_clear_state+0x274/0x290
[  231.705945][    C0]  __mmput+0x118/0x420
[  231.710389][    C0]  exit_mm+0x1da/0x2c0
[  231.714655][    C0]  ? __pfx_exit_mm+0x10/0x10
[  231.719629][    C0]  ? taskstats_exit+0x43c/0xa30
[  231.724541][    C0]  ? tty_audit_exit+0x153/0x200
[  231.729492][    C0]  do_exit+0x859/0x2550
[  231.733707][    C0]  ? preempt_schedule_common+0x83/0xd0
[  231.739249][    C0]  ? preempt_schedule+0xae/0xc0
[  231.744137][    C0]  ? __pfx_do_exit+0x10/0x10
[  231.748812][    C0]  ? preempt_schedule_thunk+0x16/0x30
[  231.754317][    C0]  do_group_exit+0x21c/0x2d0
[  231.759001][    C0]  __x64_sys_exit_group+0x3f/0x40
[  231.764197][    C0]  x64_sys_call+0x21ba/0x21c0
[  231.769655][    C0]  do_syscall_64+0xf6/0x210
[  231.774317][    C0]  ? clear_bhb_loop+0x45/0xa0
[  231.779363][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.785301][    C0] RIP: 0033:0x7f2de1b8e969
[  231.789785][    C0] Code: Unable to access opcode bytes at 0x7f2de1b8e93f.
[  231.796984][    C0] RSP: 002b:00007fff71f60738 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  231.805569][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2de1b8e969
[  231.813641][    C0] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[  231.821688][    C0] RBP: 00007fff71f6079c R08: 0000001771f6082f R09: 00000000000927c0
[  231.829866][    C0] R10: 0000000000000001 R11: 0000000000000246 R12: 000000000000013c
[  231.837910][    C0] R13: 00000000000927c0 R14: 000000000003859b R15: 00007fff71f607f0
[  231.846125][    C0]  </TASK>
[  231.849675][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  231.857261][    C0] CPU: 0 UID: 0 PID: 10398 Comm: syz.3.1221 Not tainted 6.15.0-rc5-syzkaller-00136-g4d64321c4f6f #0 PREEMPT(full) 
[  231.869523][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  231.879596][    C0] Call Trace:
[  231.882897][    C0]  <IRQ>
[  231.885754][    C0]  dump_stack_lvl+0x99/0x250
[  231.890366][    C0]  ? __asan_memcpy+0x40/0x70
[  231.895161][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  231.900413][    C0]  ? __pfx__printk+0x10/0x10
[  231.905179][    C0]  panic+0x2db/0x790
[  231.909160][    C0]  ? __pfx_panic+0x10/0x10
[  231.913841][    C0]  ? show_trace_log_lvl+0x4fb/0x550
[  231.919434][    C0]  __warn+0x31b/0x4b0
[  231.923463][    C0]  ? __rate_control_send_low+0x63b/0x890
[  231.929237][    C0]  ? __rate_control_send_low+0x63b/0x890
[  231.935606][    C0]  report_bug+0x2be/0x4f0
[  231.940117][    C0]  ? __rate_control_send_low+0x63b/0x890
[  231.945971][    C0]  ? __rate_control_send_low+0x63b/0x890
[  231.951658][    C0]  ? __rate_control_send_low+0x63d/0x890
[  231.957329][    C0]  handle_bug+0x84/0x160
[  231.961630][    C0]  exc_invalid_op+0x1a/0x50
[  231.966151][    C0]  asm_exc_invalid_op+0x1a/0x20
[  231.971107][    C0] RIP: 0010:__rate_control_send_low+0x63b/0x890
[  231.977415][    C0] Code: 42 0f b6 04 28 84 c0 0f 85 e9 01 00 00 41 8b 0e 48 c7 c7 60 38 8c 8c 48 8b 74 24 10 44 8b 44 24 1c 45 89 e1 e8 b6 aa b6 f6 90 <0f> 0b 90 90 e9 6f fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c fb
[  231.997101][    C0] RSP: 0018:ffffc90000007760 EFLAGS: 00010246
[  232.003272][    C0] RAX: 3e01f29e0bb85e00 RBX: 000000000000000c RCX: ffff8880578d8000
[  232.011384][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[  232.019404][    C0] RBP: 0000000000000084 R08: 0000000000000003 R09: 0000000000000004
[  232.027402][    C0] R10: dffffc0000000000 R11: fffffbfff1bba4b4 R12: 0000000000000000
[  232.035397][    C0] R13: dffffc0000000000 R14: ffff88807dbeb0d8 R15: ffff88807c4ed168
[  232.043405][    C0]  rate_control_send_low+0x194/0x7a0
[  232.048722][    C0]  rate_control_get_rate+0x20b/0x5d0
[  232.054031][    C0]  ieee80211_beacon_get_finish+0x38c/0x6b0
[  232.059884][    C0]  ? __pfx_ieee80211_beacon_get_finish+0x10/0x10
[  232.066249][    C0]  ? __pfx___netdev_alloc_skb+0x10/0x10
[  232.071808][    C0]  ? __ieee80211_beacon_get+0xf12/0x1630
[  232.077546][    C0]  ? __ieee80211_beacon_get+0x36/0x1630
[  232.083105][    C0]  __ieee80211_beacon_get+0xfef/0x1630
[  232.088610][    C0]  ? __lock_acquire+0xaac/0xd20
[  232.093479][    C0]  ieee80211_beacon_get_tim+0xb4/0x2b0
[  232.098960][    C0]  ? __pfx_ieee80211_beacon_get_tim+0x10/0x10
[  232.105073][    C0]  mac80211_hwsim_beacon_tx+0x3d2/0x860
[  232.110638][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  232.117861][    C0]  __iterate_interfaces+0x2a8/0x590
[  232.123085][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  232.129178][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  232.136429][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  232.142520][    C0]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  232.149852][    C0]  mac80211_hwsim_beacon+0xbb/0x1c0
[  232.155091][    C0]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  232.160933][    C0]  __hrtimer_run_queues+0x529/0xc60
[  232.166187][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  232.171945][    C0]  ? read_tsc+0x9/0x20
[  232.176025][    C0]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  232.181862][    C0]  hrtimer_run_softirq+0x187/0x2b0
[  232.187072][    C0]  handle_softirqs+0x283/0x870
[  232.191983][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  232.196774][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  232.202125][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  232.207371][    C0]  __irq_exit_rcu+0xca/0x1f0
[  232.211996][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  232.217254][    C0]  irq_exit_rcu+0x9/0x30
[  232.221513][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  232.227172][    C0]  </IRQ>
[  232.230109][    C0]  <TASK>
[  232.233071][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  232.239193][    C0] RIP: 0010:check_preemption_disabled+0x1e/0x120
[  232.245554][    C0] Code: 90 90 90 90 90 90 90 90 90 90 90 90 55 41 57 41 56 53 48 83 ec 10 65 48 8b 05 4e 0e 1f 07 48 89 44 24 08 65 8b 05 56 0e 1f 07 <65> 8b 0d 4b 0e 1f 07 f7 c1 ff ff ff 7f 74 23 65 48 8b 0d 2b 0e 1f
[  232.265185][    C0] RSP: 0018:ffffc90003357558 EFLAGS: 00000282
[  232.271327][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000080000001
[  232.279330][    C0] RDX: 0000000000000000 RSI: ffffffff8bc1d240 RDI: ffffffff8bc1d200
[  232.287334][    C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  232.295325][    C0] R10: 0000000000000000 R11: ffffffff822cb0e5 R12: 00000000000001c0
[  232.303307][    C0] R13: 0000000000077eb4 R14: ffff88801b900000 R15: dffffc0000000000
[  232.311294][    C0]  ? page_table_check_clear+0x165/0x6e0
[  232.316873][    C0]  rcu_lockdep_current_cpu_online+0x37/0x120
[  232.322865][    C0]  rcu_read_lock_held+0x1e/0x50
[  232.327809][    C0]  page_ext_lookup+0xe2/0x160
[  232.332498][    C0]  ? page_table_check_clear+0x165/0x6e0
[  232.338058][    C0]  page_table_check_clear+0x232/0x6e0
[  232.343454][    C0]  ? vm_normal_page+0xb4/0x210
[  232.348236][    C0]  unmap_page_range+0x30be/0x4210
[  232.353303][    C0]  ? kernel_text_address+0xa5/0xe0
[  232.358472][    C0]  ? mas_next_slot+0xc20/0xcf0
[  232.363288][    C0]  ? __pfx_unmap_page_range+0x10/0x10
[  232.368788][    C0]  ? unmap_single_vma+0x1b2/0x2a0
[  232.373858][    C0]  unmap_vmas+0x25d/0x3c0
[  232.378239][    C0]  ? __pfx_unmap_vmas+0x10/0x10
[  232.383193][    C0]  exit_mmap+0x245/0xba0
[  232.387475][    C0]  ? __pfx_exit_mmap+0x10/0x10
[  232.392257][    C0]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  232.397941][    C0]  ? __pfx_exit_aio+0x10/0x10
[  232.402666][    C0]  ? uprobe_clear_state+0x274/0x290
[  232.407894][    C0]  __mmput+0x118/0x420
[  232.411976][    C0]  exit_mm+0x1da/0x2c0
[  232.416059][    C0]  ? __pfx_exit_mm+0x10/0x10
[  232.420902][    C0]  ? taskstats_exit+0x43c/0xa30
[  232.425971][    C0]  ? tty_audit_exit+0x153/0x200
[  232.431040][    C0]  do_exit+0x859/0x2550
[  232.435221][    C0]  ? preempt_schedule_common+0x83/0xd0
[  232.440693][    C0]  ? preempt_schedule+0xae/0xc0
[  232.445729][    C0]  ? __pfx_do_exit+0x10/0x10
[  232.450337][    C0]  ? preempt_schedule_thunk+0x16/0x30
[  232.455817][    C0]  do_group_exit+0x21c/0x2d0
[  232.460521][    C0]  __x64_sys_exit_group+0x3f/0x40
[  232.465592][    C0]  x64_sys_call+0x21ba/0x21c0
[  232.470283][    C0]  do_syscall_64+0xf6/0x210
[  232.474810][    C0]  ? clear_bhb_loop+0x45/0xa0
[  232.479499][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.485401][    C0] RIP: 0033:0x7f2de1b8e969
[  232.489847][    C0] Code: Unable to access opcode bytes at 0x7f2de1b8e93f.
[  232.496871][    C0] RSP: 002b:00007fff71f60738 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  232.505305][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2de1b8e969
[  232.513302][    C0] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[  232.521381][    C0] RBP: 00007fff71f6079c R08: 0000001771f6082f R09: 00000000000927c0
[  232.529452][    C0] R10: 0000000000000001 R11: 0000000000000246 R12: 000000000000013c
[  232.537429][    C0] R13: 00000000000927c0 R14: 000000000003859b R15: 00007fff71f607f0
[  232.545463][    C0]  </TASK>
[  232.548816][    C0] Kernel Offset: disabled
[  232.553154][    C0] Rebooting in 86400 seconds..