last executing test programs:

1m55.590342584s ago: executing program 3 (id=1184):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="380100001000130700000000000000007f00000100000000000000000000001ae000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff00000000000000000000000000000000320000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0)

1m41.879002028s ago: executing program 3 (id=1184):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="380100001000130700000000000000007f00000100000000000000000000001ae000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff00000000000000000000000000000000320000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0)

1m29.022633519s ago: executing program 3 (id=1184):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="380100001000130700000000000000007f00000100000000000000000000001ae000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff00000000000000000000000000000000320000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0)

1m14.016073961s ago: executing program 3 (id=1184):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="380100001000130700000000000000007f00000100000000000000000000001ae000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff00000000000000000000000000000000320000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0)

1m2.230738362s ago: executing program 3 (id=1184):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="380100001000130700000000000000007f00000100000000000000000000001ae000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff00000000000000000000000000000000320000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0)

48.838974135s ago: executing program 3 (id=1184):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="380100001000130700000000000000007f00000100000000000000000000001ae000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff00000000000000000000000000000000320000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0)

3.699956229s ago: executing program 0 (id=2763):
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000010006050000000000005a0000000000000c00078008000800000000000500010006000000050005000200000005000400000000000900020073797a31000000000c000300686173683a697000"], 0x50}}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x2e}], 0x1}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000040)="2e0000001800818810000000e3bd6efb010511000b000a00cf9c3325a84b584d376b52d7", 0x24}], 0x1, 0x0, 0x0, 0xc9e}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r2, 0x8949, &(0x7f0000000580)={'bond0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x47, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r1], 0x0, 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r3, 0x400448cb, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
epoll_create1(0x0)
sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, &(0x7f0000000f00)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000ec0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="f892fed04abe6860bc301e88705394b9c553e42436dd35fcc10b12e07eb2e1d0b49eda109477b1a43876fa5439ea532838008aa358423f763421daf27b43156bce68c7ea31f2acbd246b3a8676af57a6f63c4caa8925cf9a77150bc291dc3ae06a9bb34561a23ce65ac3", @ANYRESDEC, @ANYBLOB="01002abd7000fedbdf2510000000"], 0x14}}, 0x0)
socket$packet(0x11, 0x0, 0x300)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_service_time\x00', 0x7a05, 0x1700)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_SET(r5, &(0x7f0000000380)={&(0x7f00000001c0), 0xc, &(0x7f00000002c0)={&(0x7f0000000440)={0x58, r6, 0x1, 0x2, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40}, 0x110)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r7, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x3, 0x0, 0x0, 0xfffffffe}}, 0x2e)

3.436325497s ago: executing program 2 (id=2766):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$IPSET_CMD_DEL(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYRESDEC=r1], 0x28}, 0x1, 0x0, 0x0, 0x841be9a7bba1c9f8}, 0x8000)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x128}, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, 0x0, 0x0)
recvmsg$unix(r3, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)}, 0x40008140)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x40002160)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff})
recvmsg(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001b40)=""/4101, 0x1005}, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @any, 0x1, 0x1}, 0xe)
r6 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
socket$kcm(0x2, 0x6, 0x2)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000440)={'veth0_virt_wifi\x00', @random="0200ac7ffe03"})
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0xfffffff9, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f00000001c0)=ANY=[@ANYRES16=r5, @ANYRES32, @ANYBLOB="0000000000000000b702000000004000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="89000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08123d000200080001400400446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r8, 0x84, 0x2, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x6}, 0x8)

3.392792274s ago: executing program 0 (id=2776):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3570], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
unshare(0x68040200)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x410200}], 0x1}}], 0x48}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, &(0x7f0000000f00)={0x0, 0x2, 0x2, 0x1, 0x0, [@mcast2]}, 0x18)
setsockopt$inet6_int(r2, 0x29, 0x10, &(0x7f0000000000), 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@newlink={0x38, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GENEVE_COLLECT_METADATA={0x4}]}}}]}, 0x38}, 0x1, 0x2}, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="d5"], 0x24}}, 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000005d00), 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_GET_CONFIG(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x400}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x30004080}, 0x8040)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01000000000000000000140000001800018014fcffffffffffffff756e0000000000000000000800050000000003ba662106d04a55f44b567300"], 0x34}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

3.125090015s ago: executing program 2 (id=2767):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f00000015c0)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x26}}, @loopback, @empty, 0x7, 0x0, 0x2, 0x100, 0x4b62c142})
r1 = socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x10d, 0x48, &(0x7f0000000040)=0xd, 0x4)

2.61867675s ago: executing program 2 (id=2768):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newsa={0x158, 0x10, 0x713, 0x0, 0x0, {{@in6=@local, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in=@multicast2, 0x0, 0x32}, @in=@local, {}, {0x19}, {}, 0x0, 0x0, 0xa}, [@algo_aead={0x68, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xe0, 0x80, "bfd1a1b0b7789a9feb6aead6e54944249665066438af308c79abda7f"}}]}, 0x158}}, 0x0)

2.368648274s ago: executing program 2 (id=2770):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f00000000c0)=0x10000)
r1 = socket$kcm(0x10, 0x3, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000003240)={&(0x7f0000000180)=ANY=[@ANYRESHEX=r1], 0x18}, 0x1, 0x0, 0x0, 0x1}, 0x4000041) (async)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000003240)={&(0x7f0000000180)=ANY=[@ANYRESHEX=r1], 0x18}, 0x1, 0x0, 0x0, 0x1}, 0x4000041)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x4080}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0) (async)
socket$inet_dccp(0x2, 0x6, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9feb0100180000000000000034000000340000000300000000000000000000030000000003000000020000000000000000000000000000010500000010000000010000000000000800000000005f"], 0x0, 0x4f}, 0x20) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9feb0100180000000000000034000000340000000300000000000000000000030000000003000000020000000000000000000000000000010500000010000000010000000000000800000000005f"], 0x0, 0x4f}, 0x20)
sendto$inet(r4, 0x0, 0x0, 0x2000e880, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) (async)
sendto$inet(r4, 0x0, 0x0, 0x2000e880, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
getpeername(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x2, 0x200000ff, 0x0, 0x1}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x144000, 0x7fe2, 0x1, 0x2240, r3, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffc, 0x5}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f0000000000)={0xffffffffffffffff, &(0x7f00000002c0)="13eb83a0d053dae6b017af6c96cb1075ac077f6bea2553c49112f2e24840394e3d1ddfbd7a860401019bd78e32ca883601ba535dae5e371fec8c9fe93b6adb31e4afaca0a0903eedc6ab22eb0cfc8290a14d47509cf11708cea11e7256e6b4d1435cd6b0abbf05679f9b9eb32d2a7a48f1d1df6b06f30d2e27b5458bd32a89314b90fbc3ec75748e1f5e359680edbb3f9888e10a79c2e86aed471094e9f9cb5b3e0a4762274c4883908368f6f1f7518cd82a22da9eda", 0x0}, 0x20)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$PPPIOCGL2TPSTATS(0xffffffffffffffff, 0x80487436, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000003c0), r6)
sendmsg$NLBL_CIPSOV4_C_LISTALL(r6, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000", @ANYRES64=0x0, @ANYBLOB="fba7000000002bd4000004"], 0x14}, 0x1, 0x0, 0x0, 0x4004880}, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000500)=[@in={0x2, 0x0, @private=0xa010102}]}, &(0x7f0000000140)=0x10) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000500)=[@in={0x2, 0x0, @private=0xa010102}]}, &(0x7f0000000140)=0x10)
socket$inet_smc(0x2b, 0x1, 0x0) (async)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_inet_tcp_SIOCATMARK(r8, 0x8905, &(0x7f0000000480))

1.686060183s ago: executing program 1 (id=2772):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003000000030000000020000000000000000120002000000000000000002000004680800000000000001000000000000000000000001"], 0x0, 0x4a, 0x0, 0x8}, 0x20)

1.586790191s ago: executing program 4 (id=2773):
setsockopt$SO_J1939_FILTER(0xffffffffffffffff, 0x6b, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$packet(0x11, 0x0, 0x300)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x5a)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000340), 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x275a, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000a00)="27e7c2d61a55a4fb7b6c00000000000000000000000000e2305c16d6c6eccbe17bbd70d8d042f78f7029d52c1aee5b0153e28d7685ef5ac9e08a3f9008c406441ed0b83e2b3ce79376cf467209b564b97f4f66579e3be4f367fe3380e71785d3ac08b9ae4744b8639d6186e83baa65a919a99330e40ad1d74ea3ec27e12fc03ba4ce38a378e2ef65dec5bb8acc879efe901f6e388e053852d2f30c79a9debcf50a996fc21f6985c751c6547670d95f2655fec9a0c6dc8c0939c52e7f79ca28ae6f6d8cfc2a17b3b119dbdda87ab960968e4f72d445e102fbca90b57ebf7d1faa818934b517ed75e46d5292a1b8567a9caac74c8522629c41b9fd5c607ed1f9e43a0f4f9d2c3bfa9eb7c5738b7db70b63ddb83ffde31a248abfe74717e9c55afd81522c8bdadb452497033c14b020a41ceec9f6f00c250bc2e53773db3cf181bbe99895a0863e8bdf1aec45af6762ff896b7f1f8c0dc61734c9f90076caf77c435e84c1bef60d0138807a2b208f4643c994fa50374c19670114739df0fbb00fb3fef6801050bea78b6f745395c7bdc281d6ca1bff4e962f9ed38d52e2976ce4ffa948de", &(0x7f0000000780)="c69c057ee659e7824c716607821db39e27a21c5f3050d81802865af96d54e03a104ffd42e7945a73370b760373e2198aa599d3a60f03e891a4d8f98203e0dc708f1924fba4d65b7b988e352814e1660677be53ff3dc6af53d750d512780f33c8a92b20b318b3ddaa31f1efa257cfeb6500464a84fe4af7a5b49f6674a3be1817e96d3d74ae4fd0ef9f42cc55c958dcfc478ac34448e270b52e92a014d99f6dc5f3c8c6e78e51c5a443f82ab5ec7255", 0xa7c, r6}, 0x38)
sendfile(r6, 0xffffffffffffffff, 0x0, 0xf03a0005)
sendfile(r6, r5, 0x0, 0x8000000000002)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000080)={'team0\x00', <r7=>0x0})
sendto$packet(r6, &(0x7f0000000000)="322e021a797a1c70fbe011ea7c85f822eaf8cba571cb26db37f81565cd6bf00b2998e23e3b57f783cbcfee6c52b9f280643be710a8e56c45dd3d8d4b1eb7ac800043de474c3f6c3dd5e18878d23866f8716e8ec4ba9af7f775da641500b305297b147dd55b17660444f5df4d9e63", 0x6e, 0x4880, &(0x7f0000000180)={0x11, 0x16, r7, 0x1, 0x8, 0x6, @broadcast}, 0x14)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="0107ffffffff000000000a00000008000300", @ANYRES32=0x0, @ANYBLOB="68e6cc3d86112db20666f35a0b74bf5ec46ccbee5e0da89415218b604e3c69bd0d4059a5e72921320d7f2530c07bfbbeb557ce673b7b7217c244a25da9f2d6187c3d"], 0x1c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="980000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="8304050000000000780012800e00010069703665727370616e000000640002801400060020010000000000000000000000000002080015006573070008000d00000000000400120014000700ff02000000000000000000000000000108000400000040784ec1ec7699a16adb02001400060000000000000000000000ffff000000000600030000000000"], 0x98}}, 0x0)

1.452895147s ago: executing program 0 (id=2774):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)={0x1b, 0x0, 0x0, 0x11a4, 0x0, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x5}, 0x48)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x1a, &(0x7f0000000000)=0x6, 0x4) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000340)={0x0, 0x0, 0xc3, 0xa}) (async)
sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="60000000100001040100"/20, @ANYRES32=0x0, @ANYBLOB="7b130000000000003800128008000100677470002c00028008000100", @ANYRES32, @ANYBLOB="080003000800000008000100", @ANYRES32=r3], 0x60}}, 0x0)
close(r3) (async)
r5 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)=@generic={&(0x7f0000000100)='./file0\x00', 0x0, 0x10}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x33, &(0x7f0000000180)=ANY=[@ANYBLOB="18004000d7c5a8720000000b080000001eee00b5", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000b7080000000000007b8af8ff00000000b7080000fdffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a50000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000364b00008500000006000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000085200000050000001863000008000000000000000e000000174840000400000018260000", @ANYRES32=r5, @ANYBLOB="00000000030000007f39fffff0ffffffbf91000000000000b7020000030000008500000085000000b7000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90)

1.452533978s ago: executing program 1 (id=2775):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_DEL(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x40, 0x3, 0x7, 0x101, 0x0, 0x0, {0x2, 0x0, 0x5}, [@NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}, @NFACCT_NAME={0x9, 0x1, 'syz0\x00'}, @NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x5}]}, 0x40}, 0x1, 0x0, 0x0, 0xffa8d6d626957b38}, 0x41)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYRES32=r3, @ANYBLOB="00410000000b000014001680100001800c000700"], 0x3c}}, 0x0)

1.285271476s ago: executing program 4 (id=2777):
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000010006050000000000005a0000000000000c00078008000800000000000500010006000000050005000200000005000400000000000900020073797a31000000000c000300686173683a697000"], 0x50}}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x2e}], 0x1}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000040)="2e0000001800818810000000e3bd6efb010511000b000a00cf9c3325a84b584d376b52d7", 0x24}], 0x1, 0x0, 0x0, 0xc9e}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r2, 0x8949, &(0x7f0000000580)={'bond0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x47, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r1], 0x0, 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r3, 0x400448cb, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
epoll_create1(0x0)
sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, &(0x7f0000000f00)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000ec0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="f892fed04abe6860bc301e88705394b9c553e42436dd35fcc10b12e07eb2e1d0b49eda109477b1a43876fa5439ea532838008aa358423f763421daf27b43156bce68c7ea31f2acbd246b3a8676af57a6f63c4caa8925cf9a77150bc291dc3ae06a9bb34561a23ce65ac3", @ANYRESDEC, @ANYBLOB="01002abd7000fedbdf2510000000"], 0x14}}, 0x0)
socket$packet(0x11, 0x0, 0x300)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_service_time\x00', 0x7a05, 0x1700)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_SET(r5, &(0x7f0000000380)={&(0x7f00000001c0), 0xc, &(0x7f00000002c0)={&(0x7f0000000440)={0x58, r6, 0x1, 0x2, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40}, 0x110)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r7, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x3, 0x0, 0x0, 0xfffffffe}}, 0x2e)

1.235641434s ago: executing program 1 (id=2778):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='cdg\x00', 0x9)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23}, 0x10) (async)
sendto$inet(r0, &(0x7f00000001c0)="8e77ca3389787867582dd0b9999e5e7ce579fc6b2977bf71ab517f68a8ddb58b93c91675a4b5dde502242a66491162f75f9b28f59cd9746ff7140fde3923b99bcc4c2cc72443169b2ab2f90a0f03dd842adba400500327de779dc66f3ebd32a81ebea8b89c9cc7e0f46e28fc1ff127a0", 0x70, 0x0, 0x0, 0x0) (async)
sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588", 0x8, 0x11, 0x0, 0x0) (async)
shutdown(r0, 0x1)
r1 = socket(0x1e, 0xa, 0x0) (async)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) (async)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @any, 0x0, 0x2}, 0xe)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000280)={0x28, 0x0, 0x0, @host}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff}) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x1, 0x8, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r5}, &(0x7f0000000180), &(0x7f0000000100)=r4}, 0x20) (async)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f00000000c0)={0x9, 0x208, 0x9, 0x46, <r6=>0x0}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000000300)={r6, @in6={{0xa, 0x4e21, 0xfff, @private0={0xfc, 0x0, '\x00', 0x1}, 0x8001}}, [0xffffffffffffffad, 0x4, 0x4, 0x5, 0x7, 0x0, 0x7fff, 0x4, 0x101, 0x4, 0x6, 0x4, 0x6000000, 0x81, 0x1000]}, &(0x7f0000000400)=0x100) (async)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000240)={r5, &(0x7f0000000280), 0x0}, 0x20) (async)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c0000001b0a01030000e6ff00000000020000000900010073797a3000000000090003"], 0x7c}}, 0x0) (async, rerun: 32)
r8 = socket(0x10, 0x3, 0x0) (rerun: 32)
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="2c0000001a00017a40fc39a6f68119000a0000000000000000000000080010000000000008000400", @ANYRES32=0x0, @ANYBLOB], 0x2c}}, 0x0) (async)
epoll_create1(0x0)
bind$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0x1}, 0xe) (async, rerun: 64)
getsockopt$nfc_llcp(r1, 0x10f, 0x2, 0x0, 0x0) (rerun: 64)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000580)={r5, &(0x7f0000000440)="db3f212536c0f975f590fa73d4996dadeafaba1d6fbdb7cc7a180cbc234b023d8b45a2e09f6a489ffa2ab4c63b343d73af3a616d1879abdaeb5c6823906add2a4e0fb4c5fcb25e4484af36fe77c3b74e44a31ec151f0b9b9f88b82cfc9b6fc7381641a54aa76edb4bee6395961400b84b30620a6257062ff970b1e63", &(0x7f0000000500)=""/113, 0x4}, 0x20) (async)
setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f0000000040)={0x1}, 0x1)
socket$inet_tcp(0x2, 0x1, 0x0)

1.112742511s ago: executing program 1 (id=2779):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f00000015c0)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x26}}, @loopback, @empty, 0x7, 0x0, 0x2, 0x100, 0x4b62c142})
r1 = socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x10d, 0x48, &(0x7f0000000040)=0xd, 0x4)

1.109200171s ago: executing program 0 (id=2789):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000280)={'syztnl0\x00', &(0x7f0000000240)={'erspan0\x00', <r1=>0x0, 0x7, 0x8, 0x2, 0x800, {{0x6, 0x4, 0x1, 0x4, 0x18, 0x64, 0x0, 0xff, 0x29, 0x0, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x17}, {[@noop, @end, @generic={0x82, 0x2}]}}}}})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0x1, 0x58, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet(0x2, 0x3, 0x2)
sendmmsg$inet(r3, &(0x7f00000015c0)=[{{&(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB="100000000000000000000000070000001400000000006c1ce8a6d6bbf0d84800000000000007000000000200000000000014000000000000000000000017e298ab4ebab2d400000000a9d8d3e84b5a6430205cc5fc7629a887c294a2faf65121d5825d7b3a6542b64b77360f1c779526b931be9175db65fb16c4d9402e7bf61cdc7013ce8ffe72e1349e0aed650212744491826f891efe705d511daed83555f23cd93684c64d90af6279aa2db5a8a0d395b0e26560e6d215be33566af761394866c0ea04b712a93325b2e9d87ceeb01e20cd775a001b3a3df23f818e5671f7015e07f66fe6feb775be6db1b9fff9102013234378ce2e0585dc405e89869bbe01070200000000000000a0a274e6d24766d8b1b8804050a773b72609af270173a3b56b6dcfa6eacc3ed4181e69bf62675f6c2cac3420bb61b735c77f18e212889e7dbb847b77044f383023"], 0x40}}], 0x1, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_GET(r4, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000e00)={0x20, r5, 0x1, 0x0, 0x0, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0x20}}, 0x0)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x42, 0x4, 0x1428, 0xffffffff, 0x11a8, 0x11a8, 0x11a8, 0xffffffff, 0xffffffff, 0x1390, 0x1390, 0x1390, 0xffffffff, 0x5, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'netpci0\x00', 'nr0\x00'}, 0x74000002, 0x70, 0x98, 0x1ba, {0x46010000, 0x2c000000000000}}, @REJECT={0x28}}, {{@ip={@remote, @broadcast, 0x0, 0x0, 'ip6gretap0\x00', 'team_slave_1\x00'}, 0x287, 0x10e8, 0x1110, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x1, 0x0, 0x0, './cgroup.cpu/syz1\x00'}}, @common=@unspec=@limit={{0x48}, {0x0, 0x7}}]}, @REJECT={0x28}}, {{@ip={@loopback, @broadcast, 0x0, 0x0, 'dvmrp1\x00', 'dummy0\x00'}, 0x0, 0x1c0, 0x1e8, 0x0, {}, [@common=@inet=@hashlimit2={{0x150}, {'gre0\x00'}}]}, @common=@unspec=@CONNSECMARK={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x1488)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'ip6gre0\x00', <r7=>r2, 0x2f, 0x0, 0x8, 0x2e, 0x0, @dev={0xfe, 0x80, '\x00', 0x43}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8000, 0x1, 0xffffffff, 0x7}})
sendmsg$ETHTOOL_MSG_WOL_GET(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000740)={&(0x7f0000000680)=ANY=[@ANYBLOB="a0000000", @ANYRES16=r5, @ANYBLOB="00022bbd7000fcdbdf25090000003c00018008000300030000001400020076657468305f766972745f7769666900140002006970366772653000000000000000000008000300030000000c00018008000300000000001400018008a22d00", @ANYRES32=r7, @ANYBLOB="080003000200000030000180080003000000000008000300000000001400020065727370616e300000000000000000000800030000000000"], 0xa0}, 0x1, 0x0, 0x0, 0x1}, 0x20000000)
pipe(&(0x7f0000000100)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)={0x1b, 0x0, 0x0, 0x8, 0x0, 0x1, 0x4424, '\x00', r1, r8, 0x0, 0x5, 0x3}, 0x48)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r9, 0x89f3, &(0x7f0000000140)={'gre0\x00', &(0x7f00000000c0)={'syztnl0\x00', r2, 0x7800, 0x7800, 0x0, 0x4, {{0x5, 0x4, 0x1, 0x7, 0x14, 0x67, 0x0, 0x0, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}}}}})
socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r13=>0x0})
sendmsg$NL80211_CMD_FRAME(r11, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)={0x74, r12, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r13}, @void}}, [@NL80211_ATTR_FRAME={0x56, 0x33, @beacon={{{}, {}, @device_b, @device_b}, 0x0, @random, 0x4019, @void, @val={0x1, 0x5, [{}, {}, {}, {}, {}]}, @val={0x3, 0x1}, @void, @val={0x6, 0x2}, @val={0x5, 0x3}, @void, @val={0x2a, 0x1, {0x1}}, @void, @void, @void, @void, @val={0x76, 0x6}, [{0xdd, 0x4, "31851c27f051"}, {0xdd, 0x6, "30d8ac98fded"}]}}]}, 0x74}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000001500)={'wlan1\x00', <r14=>0x0})
sendmsg$NL80211_CMD_GET_SCAN(r4, &(0x7f00000017c0)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001580)={&(0x7f0000001540)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r12, @ANYBLOB="0001f7ce0373b0312b76", @ANYRES32=r14, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x5880}, 0x40840)
r15 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x15, 0x4, 0x4, 0x1, 0x60, r9}, 0x48)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r15, 0x0}, 0x20)
r16 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r16, 0x0, 0xca, &(0x7f0000000180)={0x1, 0x1, 0x1, 0x2, @vifc_lcl_addr=@private=0xa010102, @empty}, 0x10)
r17 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_inet_SIOCSIFFLAGS(r17, 0x8914, &(0x7f0000000140)={'wlan1\x00'})

922.617345ms ago: executing program 0 (id=2780):
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001540)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000500000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e34ff65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd086004c4a56c6cce6e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480efd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e430a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b051f47db7aa110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c0000000000000000000a000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3938e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea875583e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba46cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee283894ab6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5ccb9f10f615c87c441dc50a244bc138a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d52204c335408941b8eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cbc12c7ae23bc88b8f10223ab2a093429f3f6965bc5af0114cf6f246e891e20ecaad7059866506c3000000000c3230e901e885b7a4a36bdfdb5ce7a2e5807a0f4c1d461d1243fccf51b875b49490cd7d044e7a1e1a4c013fae1f070a8a37ab90da2efc6c875b3aab34b75a252072691fc97bef0fed8ee597ab83bb53f89c36bc2ee3ad54904542f66dc94132df75fc9944882d6f2e13b7057e0000000000000000000000000000000000001b726c0ccd24000000000000cfd2f4d005578b9ed06e1c41ef3b411066739de953d39b968caaca1507928d68c8f052"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000000)=r1, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001180)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f99504ad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c07052c6bc314b0ac5c63bc2083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775a"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124004630277fbac141416ac14141644089f034d2f87e583020fab845013f2325f1a39014402038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c) (fail_nth: 1)

920.502352ms ago: executing program 1 (id=2781):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1001}, 0xc)
r2 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r2, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in, 0x0, 0x32}, 0x0, @in=@multicast2}}, 0xe8)
sendmmsg(r2, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="380100004000130700000000000000007f000001000000000000000000000000e000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff00000000000000000000000000000000320000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

897.368991ms ago: executing program 4 (id=2782):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="9800000010003704000000000000000000300000", @ANYRES32=0x0, @ANYBLOB="8304050000000000780012800e00010069703665727370616e000000640002801400060020010000000000000000000000000002080015006573070008000d00000000000400120014000700ff0200"], 0x98}}, 0x0)

812.891309ms ago: executing program 2 (id=2783):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$IPSET_CMD_DEL(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYRESDEC=r1], 0x28}, 0x1, 0x0, 0x0, 0x841be9a7bba1c9f8}, 0x8000)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x128}, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, 0x0, 0x0)
recvmsg$unix(r3, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)}, 0x40008140)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x40002160)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff})
recvmsg(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001b40)=""/4101, 0x1005}, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @any, 0x1, 0x1}, 0xe)
r6 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, 0x0)
socket$kcm(0x2, 0x6, 0x2)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000440)={'veth0_virt_wifi\x00', @random="0200ac7ffe03"})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f00000001c0)=ANY=[@ANYRES16=r5, @ANYRES32, @ANYBLOB="0000000000000000b702000000004000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="89000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08123d000200080001400400446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r8, 0x84, 0x2, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x6}, 0x8)

574.681097ms ago: executing program 1 (id=2784):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000340)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-avx\x00'}, 0x58)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f0000006e40)=[{&(0x7f0000006b00)="90", 0x39c33f082c641d23}], 0x1}}, {{0x0, 0x0, &(0x7f0000009380)=[{&(0x7f0000006f40)="d529f28981dc56d34e626ec70afef5ac85cccd3d5b5ad8d0375a3737f4d551faf0a67e16de35a73020042c87332d38b46e9a004c0bb7b645796845f3b133dcb3649407130478d319045927f892f48c69e1ed970cc8922bf91373ffcf73ec1d9f80b6967a617794e089effba2f8b19398ddf3138a66bb9d574d8f4bce9c4b7f21a6e4ee47f935c76cf05dbd4fb7e6e0864781baaae864a11ff1e719afd4014155f61987eb350b4d7ac791f4", 0xab}, {&(0x7f0000007000)="5824e9e1de71619e3571eed8033a4d7c370f40e706", 0x15}], 0x2}}], 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
recvmsg(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000003c0)=""/145, 0x91}, {&(0x7f0000000480)=""/247, 0xf7}], 0x2}, 0x10102)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
write$cgroup_int(r3, &(0x7f0000000200), 0x43400)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
socket(0x10, 0x2, 0x0)
write$binfmt_misc(r5, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r4, 0x0, r6, 0x0, 0x4ffe6, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000100)={0x7, 'nr0\x00', {0x1}, 0x5})
socket$inet6_sctp(0xa, 0x0, 0x84)
socket$nl_route(0x10, 0x3, 0x0)

497.8498ms ago: executing program 0 (id=2785):
pipe(&(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xc8)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f0000000140), 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
write$binfmt_script(r6, 0x0, 0xfffffe5d)
getsockname$packet(r6, &(0x7f0000000200)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="3c00000010008506000000ff0100000000000000", @ANYRES32=r7, @ANYBLOB="01ff00e1c2ed00001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
getsockname$packet(r6, &(0x7f0000000300)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000004c0)=0x14)
r9 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800e0001006970366772657461700000000c00028008000100", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r8], 0x48}}, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000001c0))
sendmsg$nl_route_sched(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=@newqdisc={0x24, 0x10, 0x1, 0x0, 0x0, {0x10, 0x0, 0x4c, r7, {0xd}}}, 0x24}}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000010000304000000000000000000007400", @ANYRES32=r8, @ANYBLOB="0000000001"], 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
splice(r0, 0x0, r2, 0x0, 0x8003, 0x0)
unshare(0x20040600)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000001b80)={<r11=>0xffffffffffffffff})
shutdown(r11, 0x0)

496.832536ms ago: executing program 4 (id=2786):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f0000000100))
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="64000000100003040000000000000ffe00000000", @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x64}}, 0x0)

210.027223ms ago: executing program 2 (id=2787):
setsockopt$SO_J1939_FILTER(0xffffffffffffffff, 0x6b, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$packet(0x11, 0x0, 0x300)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x5a)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000340), 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x275a, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000a00)="27e7c2d61a55a4fb7b6c00000000000000000000000000e2305c16d6c6eccbe17bbd70d8d042f78f7029d52c1aee5b0153e28d7685ef5ac9e08a3f9008c406441ed0b83e2b3ce79376cf467209b564b97f4f66579e3be4f367fe3380e71785d3ac08b9ae4744b8639d6186e83baa65a919a99330e40ad1d74ea3ec27e12fc03ba4ce38a378e2ef65dec5bb8acc879efe901f6e388e053852d2f30c79a9debcf50a996fc21f6985c751c6547670d95f2655fec9a0c6dc8c0939c52e7f79ca28ae6f6d8cfc2a17b3b119dbdda87ab960968e4f72d445e102fbca90b57ebf7d1faa818934b517ed75e46d5292a1b8567a9caac74c8522629c41b9fd5c607ed1f9e43a0f4f9d2c3bfa9eb7c5738b7db70b63ddb83ffde31a248abfe74717e9c55afd81522c8bdadb452497033c14b020a41ceec9f6f00c250bc2e53773db3cf181bbe99895a0863e8bdf1aec45af6762ff896b7f1f8c0dc61734c9f90076caf77c435e84c1bef60d0138807a2b208f4643c994fa50374c19670114739df0fbb00fb3fef6801050bea78b6f745395c7bdc281d6ca1bff4e962f9ed38d52e2976ce4ffa948de", &(0x7f0000000780)="c69c057ee659e7824c716607821db39e27a21c5f3050d81802865af96d54e03a104ffd42e7945a73370b760373e2198aa599d3a60f03e891a4d8f98203e0dc708f1924fba4d65b7b988e352814e1660677be53ff3dc6af53d750d512780f33c8a92b20b318b3ddaa31f1efa257cfeb6500464a84fe4af7a5b49f6674a3be1817e96d3d74ae4fd0ef9f42cc55c958dcfc478ac34448e270b52e92a014d99f6dc5f3c8c6e78e51c5a443f82ab5ec7255", 0xa7c, r6}, 0x38)
sendfile(r6, 0xffffffffffffffff, 0x0, 0xf03a0005)
sendfile(r6, r5, 0x0, 0x8000000000002)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000080)={'team0\x00', <r7=>0x0})
sendto$packet(r6, &(0x7f0000000000)="322e021a797a1c70fbe011ea7c85f822eaf8cba571cb26db37f81565cd6bf00b2998e23e3b57f783cbcfee6c52b9f280643be710a8e56c45dd3d8d4b1eb7ac800043de474c3f6c3dd5e18878d23866f8716e8ec4ba9af7f775da641500b305297b147dd55b17660444f5df4d9e63736c037ef8d3be74", 0x76, 0x4880, &(0x7f0000000180)={0x11, 0x16, r7, 0x1, 0x8, 0x6, @broadcast}, 0x14)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="0107ffffffff000000000a00000008000300", @ANYRES32=0x0, @ANYBLOB="68e6cc3d86112db20666f35a0b74bf5ec46ccbee5e0da89415218b604e3c69bd0d4059a5e72921320d7f2530c07bfbbeb557ce673b7b7217c244a25da9f2d6187c3d"], 0x1c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="980000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="8304050000000000780012800e00010069703665727370616e000000640002801400060020010000000000000000000000000002080015006573070008000d00000000000400120014000700ff02000000000000000000000000000108000400000040784ec1ec7699a16adb02001400060000000000000000000000ffff000000000600030000000000"], 0x98}}, 0x0)

60.916083ms ago: executing program 4 (id=2788):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1001}, 0xc)
r2 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r2, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in, 0x0, 0x32}, 0x0, @in=@multicast2}}, 0xe8)
r3 = socket(0x40000000015, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x5, 0x0, &(0x7f0000000080)=0x39)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_REMOVE(r3, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x74, r4, 0x4, 0x70bd26, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x5}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x3}, @MPTCP_PM_ATTR_ADDR={0x40, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x10}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x30}}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x6}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xff}]}, 0x74}, 0x1, 0x0, 0x0, 0x8}, 0x40000)
sendmmsg(r2, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="380100001000130700000000000000007f000001000000000000000000000000e000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff00000000000000000000000000000000320000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

0s ago: executing program 4 (id=2790):
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='\x00'/16, 0x10)
unshare(0x400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="b40500000000000071106c0000000000060000000000000095000000c130291ca8ee9c85c1f3f3ba9500000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc9, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x6, 0x8, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r2}, &(0x7f0000000180), &(0x7f0000000100)=r1}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r2, &(0x7f0000000300), &(0x7f0000000040)=""/10}, 0x20)
r3 = socket(0x2a, 0x80002, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000880)=@newtaction={0x60, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x4c, 0x1, [@m_sample={0x48, 0x1, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18}]}, {0x4}, {0xc}, {0xc, 0x4}}}]}]}, 0x60}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$alg(0x26, 0x5, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000480)={'wlan0\x00'})
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, 0x0, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), r5)
bind$alg(r4, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
r6 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$sock_int(r6, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0x1}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000170000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='kmem_cache_free\x00', r8}, 0x10)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r9, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r9, 0xfff)
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r10, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="500000002700010000000000000000000a010100000000000000000000000000fe800000000000", @ANYRES32=0x0], 0x50}}, 0x0)

kernel console output (not intermixed with test programs):

48349][T10773] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1894'.
[  249.321521][T10784] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1897'.
[  249.598918][T10801] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1902'.
[  249.900700][T10808] macsec1: entered promiscuous mode
[  249.947207][T10808] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  250.050131][T10808] netdevsim netdevsim0 netdevsim0: left promiscuous mode
[  250.126068][T10812] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1906'.
[  250.155343][T10827] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1910'.
[  250.282162][   T35] hsr_slave_0: left promiscuous mode
[  250.336023][   T35] hsr_slave_1: left promiscuous mode
[  250.365335][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  250.379252][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  250.397580][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  250.410718][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  250.468201][   T35] veth1_macvtap: left promiscuous mode
[  250.487747][   T35] veth0_macvtap: left promiscuous mode
[  250.493476][   T35] veth1_vlan: left promiscuous mode
[  250.507173][   T35] veth0_vlan: left promiscuous mode
[  250.577583][T10844] netlink: 'syz.2.1916': attribute type 7 has an invalid length.
[  250.585371][T10844] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1916'.
[  250.880911][ T5237] Bluetooth: hci0: command tx timeout
[  251.111646][T10864] FAULT_INJECTION: forcing a failure.
[  251.111646][T10864] name failslab, interval 1, probability 0, space 0, times 0
[  251.131397][T10864] CPU: 0 UID: 0 PID: 10864 Comm: syz.2.1920 Not tainted 6.11.0-rc2-syzkaller-00116-g67927a1b255d #0
[  251.142241][T10864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  251.152343][T10864] Call Trace:
[  251.155629][T10864]  <TASK>
[  251.158580][T10864]  dump_stack_lvl+0x241/0x360
[  251.163310][T10864]  ? __pfx_dump_stack_lvl+0x10/0x10
[  251.168554][T10864]  ? __pfx__printk+0x10/0x10
[  251.173187][T10864]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  251.179192][T10864]  ? __pfx___might_resched+0x10/0x10
[  251.184493][T10864]  should_fail_ex+0x3b0/0x4e0
[  251.189191][T10864]  should_failslab+0xac/0x100
[  251.193908][T10864]  ? __alloc_skb+0x1c3/0x440
[  251.198531][T10864]  kmem_cache_alloc_node_noprof+0x71/0x320
[  251.204368][T10864]  __alloc_skb+0x1c3/0x440
[  251.208809][T10864]  ? is_bpf_text_address+0x285/0x2a0
[  251.214150][T10864]  ? __pfx___alloc_skb+0x10/0x10
[  251.219126][T10864]  ? __pfx_validate_chain+0x10/0x10
[  251.224353][T10864]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.230464][T10864]  alloc_skb_with_frags+0xc3/0x770
[  251.235611][T10864]  sock_alloc_send_pskb+0x91a/0xa60
[  251.240855][T10864]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  251.246692][T10864]  ? __lock_acquire+0x137a/0x2040
[  251.251758][T10864]  __ip6_append_data+0x2ad8/0x4070
[  251.256912][T10864]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  251.262496][T10864]  ? __pfx___ip6_append_data+0x10/0x10
[  251.267982][T10864]  ? ip6_setup_cork+0x9fd/0xfb0
[  251.272942][T10864]  ip6_make_skb+0x43b/0x530
[  251.277480][T10864]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  251.283055][T10864]  ? __pfx_ip6_make_skb+0x10/0x10
[  251.288104][T10864]  ? __pfx_lock_release+0x10/0x10
[  251.293144][T10864]  ? ip6_sk_dst_lookup_flow+0x87c/0xa30
[  251.298738][T10864]  udpv6_sendmsg+0x237f/0x3270
[  251.303540][T10864]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  251.309148][T10864]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  251.314303][T10864]  ? inet_send_prepare+0x21/0x260
[  251.319344][T10864]  ? inet_send_prepare+0x5a/0x260
[  251.324392][T10864]  __sock_sendmsg+0xef/0x270
[  251.329001][T10864]  ____sys_sendmsg+0x525/0x7d0
[  251.333784][T10864]  ? __pfx_____sys_sendmsg+0x10/0x10
[  251.339094][T10864]  __sys_sendmmsg+0x3b2/0x740
[  251.343796][T10864]  ? __pfx___sys_sendmmsg+0x10/0x10
[  251.349046][T10864]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  251.354965][T10864]  ? ksys_write+0x23e/0x2c0
[  251.359489][T10864]  ? __pfx_lock_release+0x10/0x10
[  251.364536][T10864]  ? vfs_write+0x7c4/0xc90
[  251.368971][T10864]  ? __mutex_unlock_slowpath+0x21d/0x750
[  251.374622][T10864]  ? __pfx_vfs_write+0x10/0x10
[  251.379422][T10864]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  251.385422][T10864]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  251.391766][T10864]  ? do_syscall_64+0x100/0x230
[  251.396555][T10864]  __x64_sys_sendmmsg+0xa0/0xb0
[  251.401417][T10864]  do_syscall_64+0xf3/0x230
[  251.405937][T10864]  ? clear_bhb_loop+0x35/0x90
[  251.410634][T10864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.416543][T10864] RIP: 0033:0x7f44a1b779f9
[  251.420968][T10864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.440593][T10864] RSP: 002b:00007f44a15ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  251.449026][T10864] RAX: ffffffffffffffda RBX: 00007f44a1d05f80 RCX: 00007f44a1b779f9
[  251.457008][T10864] RDX: 0000000000000001 RSI: 0000000020001840 RDI: 0000000000000003
[  251.465008][T10864] RBP: 00007f44a15ff090 R08: 0000000000000000 R09: 0000000000000000
[  251.472996][T10864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.480979][T10864] R13: 0000000000000000 R14: 00007f44a1d05f80 R15: 00007ffd37674c28
[  251.488979][T10864]  </TASK>
[  251.849611][   T35] team0 (unregistering): Port device team_slave_1 removed
[  251.897685][   T35] team0 (unregistering): Port device team_slave_0 removed
[  252.377425][T10829] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1911'.
[  252.395197][T10838] netlink: 736 bytes leftover after parsing attributes in process `syz.0.1914'.
[  252.426595][T10850] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1917'.
[  252.652226][T10874] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1923'.
[  252.705967][T10778] chnl_net:caif_netlink_parms(): no params data found
[  252.879214][T10888] A link change request failed with some changes committed already. Interface veth1_to_bridge may have been left with an inconsistent configuration, please check.
[  252.957690][ T5244] Bluetooth: hci5: command 0x0405 tx timeout
[  252.964075][ T5237] Bluetooth: hci0: command tx timeout
[  253.085169][T10897] sch_fq: defrate 0 ignored.
[  253.149375][T10778] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.163596][T10778] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.177359][T10778] bridge_slave_0: entered allmulticast mode
[  253.192627][T10778] bridge_slave_0: entered promiscuous mode
[  253.230019][T10778] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.243942][T10778] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.254243][T10778] bridge_slave_1: entered allmulticast mode
[  253.270177][T10778] bridge_slave_1: entered promiscuous mode
[  253.363469][T10778] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  253.391582][T10778] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  253.541802][T10778] team0: Port device team_slave_0 added
[  253.563511][T10778] team0: Port device team_slave_1 added
[  253.633768][T10778] batman_adv: batadv0: Adding interface: batadv_slave_0
[  253.642623][T10778] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  253.669534][T10778] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  253.695662][T10916] IPv6: NLM_F_CREATE should be specified when creating new route
[  253.704853][T10916] IPv6: NLM_F_REPLACE set, but no existing node found!
[  253.712764][T10778] batman_adv: batadv0: Adding interface: batadv_slave_1
[  253.720688][T10778] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  253.747876][T10778] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  253.821068][T10778] hsr_slave_0: entered promiscuous mode
[  253.833353][T10778] hsr_slave_1: entered promiscuous mode
[  253.840797][T10778] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  253.848861][T10778] Cannot create hsr debugfs directory
[  254.806642][T10952] __nla_validate_parse: 5 callbacks suppressed
[  254.806666][T10952] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1951'.
[  254.885566][T10956] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1952'.
[  254.898528][T10778] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  254.929804][T10778] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  254.948718][T10778] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  254.994196][T10778] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  255.038943][   T54] Bluetooth: hci0: command tx timeout
[  255.081457][T10964] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1956'.
[  255.215421][T10778] 8021q: adding VLAN 0 to HW filter on device bond0
[  255.278727][T10967] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1955'.
[  255.329769][T10778] 8021q: adding VLAN 0 to HW filter on device team0
[  255.386651][ T1094] bridge0: port 1(bridge_slave_0) entered blocking state
[  255.393902][ T1094] bridge0: port 1(bridge_slave_0) entered forwarding state
[  255.474947][ T1094] bridge0: port 2(bridge_slave_1) entered blocking state
[  255.482249][ T1094] bridge0: port 2(bridge_slave_1) entered forwarding state
[  255.520977][T10988] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1960'.
[  255.609158][T10988] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1960'.
[  256.012279][ T1271] ieee802154 phy0 wpan0: encryption failed: -22
[  256.019470][ T1271] ieee802154 phy1 wpan1: encryption failed: -22
[  256.024491][T11005] FAULT_INJECTION: forcing a failure.
[  256.024491][T11005] name failslab, interval 1, probability 0, space 0, times 0
[  256.067129][T11005] CPU: 0 UID: 0 PID: 11005 Comm: syz.0.1964 Not tainted 6.11.0-rc2-syzkaller-00116-g67927a1b255d #0
[  256.077969][T11005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  256.088060][T11005] Call Trace:
[  256.091374][T11005]  <TASK>
[  256.094337][T11005]  dump_stack_lvl+0x241/0x360
[  256.099068][T11005]  ? __pfx_dump_stack_lvl+0x10/0x10
[  256.104319][T11005]  ? __pfx__printk+0x10/0x10
[  256.106191][T10778] 8021q: adding VLAN 0 to HW filter on device batadv0
[  256.108964][T11005]  ? __nla_validate_parse+0x26ce/0x3090
[  256.109012][T11005]  should_fail_ex+0x3b0/0x4e0
[  256.109042][T11005]  ? xfrm_state_alloc+0x22/0x2a0
[  256.109067][T11005]  should_failslab+0xac/0x100
[  256.109104][T11005]  ? xfrm_state_alloc+0x22/0x2a0
[  256.109128][T11005]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  256.109151][T11005]  ? aa_get_newest_label+0xff/0x6f0
[  256.109184][T11005]  xfrm_state_alloc+0x22/0x2a0
[  256.109216][T11005]  xfrm_add_sa+0x134a/0x3b50
[  256.109259][T11005]  ? __pfx_xfrm_add_sa+0x10/0x10
[  256.109297][T11005]  ? __nla_parse+0x40/0x60
[  256.109331][T11005]  xfrm_user_rcv_msg+0x75b/0xa80
[  256.109370][T11005]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  256.109445][T11005]  ? __mutex_trylock_common+0x183/0x2e0
[  256.109470][T11005]  ? __pfx___might_resched+0x10/0x10
[  256.109514][T11005]  netlink_rcv_skb+0x1e3/0x430
[  256.109550][T11005]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  256.109583][T11005]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  256.109648][T11005]  xfrm_netlink_rcv+0x79/0x90
[  256.109677][T11005]  netlink_unicast+0x7f0/0x990
[  256.109718][T11005]  ? __pfx_netlink_unicast+0x10/0x10
[  256.222282][T11005]  ? __virt_addr_valid+0x183/0x530
[  256.222606][T11010] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1966'.
[  256.227414][T11005]  ? __check_object_size+0x49c/0x900
[  256.227443][T11005]  ? bpf_lsm_netlink_send+0x9/0x10
[  256.227477][T11005]  netlink_sendmsg+0x8e4/0xcb0
[  256.227529][T11005]  ? __pfx_netlink_sendmsg+0x10/0x10
[  256.227566][T11005]  ? __import_iovec+0x536/0x820
[  256.227595][T11005]  ? aa_sock_msg_perm+0x91/0x160
[  256.227625][T11005]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  256.227654][T11005]  ? security_socket_sendmsg+0x87/0xb0
[  256.227691][T11005]  ? __pfx_netlink_sendmsg+0x10/0x10
[  256.227724][T11005]  __sock_sendmsg+0x221/0x270
[  256.227761][T11005]  ____sys_sendmsg+0x525/0x7d0
[  256.227800][T11005]  ? __pfx_____sys_sendmsg+0x10/0x10
[  256.227848][T11005]  __sys_sendmsg+0x2b0/0x3a0
[  256.227879][T11005]  ? __pfx___sys_sendmsg+0x10/0x10
[  256.227904][T11005]  ? vfs_write+0x7c4/0xc90
[  256.227984][T11005]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  256.228019][T11005]  ? do_syscall_64+0x100/0x230
[  256.228057][T11005]  ? do_syscall_64+0xb6/0x230
[  256.228093][T11005]  do_syscall_64+0xf3/0x230
[  256.228126][T11005]  ? clear_bhb_loop+0x35/0x90
[  256.228153][T11005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.228182][T11005] RIP: 0033:0x7f029af779f9
[  256.228206][T11005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.285749][T10778] veth0_vlan: entered promiscuous mode
[  256.288179][T11005] RSP: 002b:00007f029bdde038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  256.288215][T11005] RAX: ffffffffffffffda RBX: 00007f029b105f80 RCX: 00007f029af779f9
[  256.288233][T11005] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  256.288248][T11005] RBP: 00007f029bdde090 R08: 0000000000000000 R09: 0000000000000000
[  256.328218][T10778] veth1_vlan: entered promiscuous mode
[  256.328251][T11005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  256.414239][T10778] veth0_macvtap: entered promiscuous mode
[  256.418774][T11005] R13: 0000000000000000 R14: 00007f029b105f80 R15: 00007fffe49e06d8
[  256.418815][T11005]  </TASK>
[  256.506485][T10778] veth1_macvtap: entered promiscuous mode
[  256.649720][T10778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  256.685853][T10778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.706727][T10778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  256.737833][T10778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.759152][T10778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  256.796205][T10778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.826632][T10778] batman_adv: batadv0: Interface activated: batadv_slave_0
[  256.851656][T10778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.894557][T11028] Bluetooth: MGMT ver 1.23
[  256.897356][T10778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.924489][T10778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.960570][T10778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.982204][T10778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.003292][T10778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.016534][T10778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.019073][T11034] netlink: 216 bytes leftover after parsing attributes in process `syz.4.1976'.
[  257.045421][T10778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.055554][T11034] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1976'.
[  257.070529][T10778] batman_adv: batadv0: Interface activated: batadv_slave_1
[  257.118595][   T54] Bluetooth: hci0: command tx timeout
[  257.126263][T10778] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  257.150043][T10778] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  257.163654][T10778] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  257.173886][T10778] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  257.320422][T11040] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1977'.
[  257.348811][ T1094] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  257.366978][ T1094] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  257.462683][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  257.484269][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  257.919899][T11049] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535)
[  258.462018][T11087] netlink: 'syz.1.1993': attribute type 10 has an invalid length.
[  258.946242][T11110] FAULT_INJECTION: forcing a failure.
[  258.946242][T11110] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  258.971023][T11110] CPU: 0 UID: 0 PID: 11110 Comm: syz.0.2002 Not tainted 6.11.0-rc2-syzkaller-00116-g67927a1b255d #0
[  258.981849][T11110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  258.991926][T11110] Call Trace:
[  258.995214][T11110]  <TASK>
[  258.998153][T11110]  dump_stack_lvl+0x241/0x360
[  259.002977][T11110]  ? __pfx_dump_stack_lvl+0x10/0x10
[  259.008223][T11110]  ? __pfx__printk+0x10/0x10
[  259.012829][T11110]  ? __pfx_lock_release+0x10/0x10
[  259.017896][T11110]  should_fail_ex+0x3b0/0x4e0
[  259.022622][T11110]  _copy_from_user+0x2f/0xe0
[  259.027246][T11110]  copy_msghdr_from_user+0xae/0x680
[  259.032489][T11110]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  259.038337][T11110]  __sys_sendmsg+0x23d/0x3a0
[  259.042943][T11110]  ? __pfx___sys_sendmsg+0x10/0x10
[  259.048066][T11110]  ? vfs_write+0x7c4/0xc90
[  259.052534][T11110]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  259.058879][T11110]  ? do_syscall_64+0x100/0x230
[  259.063666][T11110]  ? do_syscall_64+0xb6/0x230
[  259.068367][T11110]  do_syscall_64+0xf3/0x230
[  259.072892][T11110]  ? clear_bhb_loop+0x35/0x90
[  259.077587][T11110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.083501][T11110] RIP: 0033:0x7f029af779f9
[  259.087926][T11110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.107553][T11110] RSP: 002b:00007f029bdde038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  259.115992][T11110] RAX: ffffffffffffffda RBX: 00007f029b105f80 RCX: 00007f029af779f9
[  259.124016][T11110] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[  259.132097][T11110] RBP: 00007f029bdde090 R08: 0000000000000000 R09: 0000000000000000
[  259.140087][T11110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.148069][T11110] R13: 0000000000000000 R14: 00007f029b105f80 R15: 00007fffe49e06d8
[  259.156093][T11110]  </TASK>
[  259.429903][T11122] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  259.665732][T11131] netlink: 'syz.2.2011': attribute type 10 has an invalid length.
[  260.018200][   T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.104926][T11148] __nla_validate_parse: 7 callbacks suppressed
[  260.104952][T11148] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2015'.
[  260.212178][T11143] team0: Port device bridge3 added
[  260.997526][T11161] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2016'.
[  261.294419][   T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.481220][   T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.527415][T11174] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2022'.
[  261.681727][   T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.694167][ T5237] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  261.713508][ T5237] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  261.724537][ T5237] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  261.733299][T11180] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2024'.
[  261.746075][ T5237] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  261.751791][T11180] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2024'.
[  261.768519][ T5237] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  261.776299][ T5237] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  261.800880][T11185] netlink: 'syz.1.2025': attribute type 10 has an invalid length.
[  262.116246][T11196] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2030'.
[  262.320291][   T35] bridge_slave_1: left allmulticast mode
[  262.340463][   T35] bridge_slave_1: left promiscuous mode
[  262.346329][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.375273][   T35] bridge_slave_0: left allmulticast mode
[  262.381236][   T35] bridge_slave_0: left promiscuous mode
[  262.395329][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.089916][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  263.103028][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  263.115200][   T35] bond0 (unregistering): Released all slaves
[  263.139285][T11215] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2035'.
[  263.385080][T11228] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2038'.
[  263.402226][T11228] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2038'.
[  263.552514][T11239] netlink: 'syz.2.2041': attribute type 10 has an invalid length.
[  263.563867][T11241] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2042'.
[  263.833091][T11177] chnl_net:caif_netlink_parms(): no params data found
[  263.840131][   T54] Bluetooth: hci0: command tx timeout
[  264.018336][   T35] hsr_slave_0: left promiscuous mode
[  264.036704][   T35] hsr_slave_1: left promiscuous mode
[  264.060348][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  264.082195][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  264.104198][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  264.117393][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  264.176199][   T35] veth1_macvtap: left promiscuous mode
[  264.186774][   T35] veth0_macvtap: left promiscuous mode
[  264.192835][   T35] veth1_vlan: left promiscuous mode
[  264.198705][   T35] veth0_vlan: left promiscuous mode
[  264.872968][   T35] team0 (unregistering): Port device team_slave_1 removed
[  264.921491][   T35] team0 (unregistering): Port device team_slave_0 removed
[  265.352776][T11258] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2048'.
[  265.629144][T11177] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.668398][T11177] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.675806][T11177] bridge_slave_0: entered allmulticast mode
[  265.708517][T11177] bridge_slave_0: entered promiscuous mode
[  265.721930][T11286] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2053'.
[  265.751510][T11177] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.767461][T11177] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.774817][T11177] bridge_slave_1: entered allmulticast mode
[  265.808923][T11177] bridge_slave_1: entered promiscuous mode
[  265.927669][   T54] Bluetooth: hci0: command tx timeout
[  265.963736][T11177] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  265.983127][T11294] netlink: 'syz.1.2057': attribute type 10 has an invalid length.
[  266.032658][T11177] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  266.195701][T11305] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2062'.
[  266.309419][T11177] team0: Port device team_slave_0 added
[  266.362926][T11177] team0: Port device team_slave_1 added
[  266.617920][T11177] batman_adv: batadv0: Adding interface: batadv_slave_0
[  266.624922][T11177] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  266.703466][T11177] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  266.740826][T11177] batman_adv: batadv0: Adding interface: batadv_slave_1
[  266.767196][T11177] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  266.830955][T11177] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  266.994297][T11333] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2071'.
[  267.098087][T11177] hsr_slave_0: entered promiscuous mode
[  267.128169][T11177] hsr_slave_1: entered promiscuous mode
[  267.165626][T11177] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  267.177967][T11177] Cannot create hsr debugfs directory
[  267.279769][T11345] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2075'.
[  267.408038][T11347] netlink: 108 bytes leftover after parsing attributes in process `syz.1.2077'.
[  267.474519][T11349] netlink: 'syz.0.2076': attribute type 10 has an invalid length.
[  267.522024][T11351] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2078'.
[  267.862197][T11353] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2078'.
[  267.892492][T11353] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2078'.
[  267.997688][   T54] Bluetooth: hci0: command tx timeout
[  268.155109][T11375] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2085'.
[  268.664927][T11177] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  268.684055][T11394] netlink: 'syz.0.2091': attribute type 10 has an invalid length.
[  268.694071][T11177] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  268.738823][T11177] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  268.769664][T11177] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  268.941868][T11402] dccp_invalid_packet: P.Data Offset(0) too small
[  269.044582][T11177] 8021q: adding VLAN 0 to HW filter on device bond0
[  269.155672][T11177] 8021q: adding VLAN 0 to HW filter on device team0
[  269.194020][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.201278][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.249583][ T8250] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.256837][ T8250] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.915796][T11429] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  269.965371][T11177] 8021q: adding VLAN 0 to HW filter on device batadv0
[  269.978572][T11429] Bluetooth: MGMT ver 1.23
[  270.046567][T11431] netlink: 'syz.0.2104': attribute type 10 has an invalid length.
[  270.077757][   T54] Bluetooth: hci0: command tx timeout
[  270.171999][T11177] veth0_vlan: entered promiscuous mode
[  270.234139][T11177] veth1_vlan: entered promiscuous mode
[  270.303841][T11177] veth0_macvtap: entered promiscuous mode
[  270.341800][T11177] veth1_macvtap: entered promiscuous mode
[  270.382431][T11441] __nla_validate_parse: 3 callbacks suppressed
[  270.382452][T11441] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2109'.
[  270.410449][T11444] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2110'.
[  270.425892][T11177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.446131][T11177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.466324][T11177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.490101][T11177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.511550][T11177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.522675][T11177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.535265][T11177] batman_adv: batadv0: Interface activated: batadv_slave_0
[  270.561558][T11177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.587704][T11177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.611465][T11177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.638666][T11177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.663248][T11177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.674207][T11177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.692104][T11177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  270.704922][T11177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.718578][T11177] batman_adv: batadv0: Interface activated: batadv_slave_1
[  270.731278][T11177] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  270.742758][T11177] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  270.752225][T11177] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  270.761697][T11177] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  270.781340][T11448] bridge0: entered promiscuous mode
[  270.786987][T11448] bridge0: entered allmulticast mode
[  271.051727][T11457] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2113'.
[  271.078450][ T1070] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  271.114554][ T1070] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  271.210737][ T2554] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  271.241865][ T2554] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  271.389700][T11469] netlink: 'syz.2.2118': attribute type 10 has an invalid length.
[  271.465485][T11477] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2121'.
[  271.514059][T11480] netlink: 'syz.4.2122': attribute type 2 has an invalid length.
[  271.607296][T11482] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2123'.
[  271.626421][T11482] macvtap0: entered promiscuous mode
[  271.645607][T11484] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2124'.
[  271.646802][T11482] macvtap0: left promiscuous mode
[  271.910259][T11493] FAULT_INJECTION: forcing a failure.
[  271.910259][T11493] name failslab, interval 1, probability 0, space 0, times 0
[  271.924076][T11493] CPU: 1 UID: 0 PID: 11493 Comm: syz.1.2126 Not tainted 6.11.0-rc2-syzkaller-00116-g67927a1b255d #0
[  271.934983][T11493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  271.945077][T11493] Call Trace:
[  271.948392][T11493]  <TASK>
[  271.951355][T11493]  dump_stack_lvl+0x241/0x360
[  271.956183][T11493]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.961440][T11493]  ? __pfx__printk+0x10/0x10
[  271.966354][T11493]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  271.972389][T11493]  ? __pfx___might_resched+0x10/0x10
[  271.977742][T11493]  should_fail_ex+0x3b0/0x4e0
[  271.982465][T11493]  should_failslab+0xac/0x100
[  271.987196][T11493]  ? __alloc_skb+0x1c3/0x440
[  271.991818][T11493]  kmem_cache_alloc_node_noprof+0x71/0x320
[  271.997676][T11493]  __alloc_skb+0x1c3/0x440
[  272.002139][T11493]  ? __pfx___might_resched+0x10/0x10
[  272.007478][T11493]  ? __pfx___alloc_skb+0x10/0x10
[  272.012460][T11493]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[  272.018575][T11493]  ? security_socket_getpeersec_dgram+0x88/0xb0
[  272.024880][T11493]  netlink_sendmsg+0x638/0xcb0
[  272.029719][T11493]  ? __pfx_netlink_sendmsg+0x10/0x10
[  272.035054][T11493]  ? __import_iovec+0x536/0x820
[  272.039950][T11493]  ? aa_sock_msg_perm+0x91/0x160
[  272.044939][T11493]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  272.050273][T11493]  ? security_socket_sendmsg+0x87/0xb0
[  272.055792][T11493]  ? __pfx_netlink_sendmsg+0x10/0x10
[  272.061122][T11493]  __sock_sendmsg+0x221/0x270
[  272.065849][T11493]  ____sys_sendmsg+0x525/0x7d0
[  272.070662][T11493]  ? __pfx_____sys_sendmsg+0x10/0x10
[  272.076097][T11493]  __sys_sendmsg+0x2b0/0x3a0
[  272.080737][T11493]  ? __pfx___sys_sendmsg+0x10/0x10
[  272.085892][T11493]  ? vfs_write+0x7c4/0xc90
[  272.090404][T11493]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  272.096972][T11493]  ? do_syscall_64+0x100/0x230
[  272.101880][T11493]  ? do_syscall_64+0xb6/0x230
[  272.106612][T11493]  do_syscall_64+0xf3/0x230
[  272.111162][T11493]  ? clear_bhb_loop+0x35/0x90
[  272.115882][T11493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.121912][T11493] RIP: 0033:0x7f02527779f9
[  272.126365][T11493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.146108][T11493] RSP: 002b:00007f02534f4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  272.154673][T11493] RAX: ffffffffffffffda RBX: 00007f0252905f80 RCX: 00007f02527779f9
[  272.163295][T11493] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  272.171305][T11493] RBP: 00007f02534f4090 R08: 0000000000000000 R09: 0000000000000000
[  272.179832][T11493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.188274][T11493] R13: 0000000000000000 R14: 00007f0252905f80 R15: 00007ffe743919a8
[  272.196296][T11493]  </TASK>
[  272.204191][T11469] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  272.389490][T11499] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2128'.
[  272.420881][T11504] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2130'.
[  272.763240][T11519] rdma_op ffff88801228c9f0 conn xmit_rdma 0000000000000000
[  272.915791][T11527] netlink: 'syz.1.2138': attribute type 10 has an invalid length.
[  273.082903][T11534] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2140'.
[  273.094833][T11533] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2141'.
[  273.645611][T11563] netlink: 'syz.4.2151': attribute type 10 has an invalid length.
[  274.483124][T11602] netlink: 'syz.1.2165': attribute type 10 has an invalid length.
[  275.030428][ T1070] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.142503][ T1070] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.218735][ T1070] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.292851][ T1070] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.382823][ T1070] bridge_slave_1: left allmulticast mode
[  275.388664][ T1070] bridge_slave_1: left promiscuous mode
[  275.394414][ T1070] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.404334][ T1070] bridge_slave_0: left allmulticast mode
[  275.411854][ T1070] bridge_slave_0: left promiscuous mode
[  275.418959][ T1070] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.835729][ T1070] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  275.856253][ T1070] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  275.870783][ T1070] bond0 (unregistering): Released all slaves
[  276.271874][T11643] netlink: 'syz.2.2179': attribute type 10 has an invalid length.
[  276.536950][T11645] __nla_validate_parse: 7 callbacks suppressed
[  276.536975][T11645] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2180'.
[  276.711495][ T5237] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  276.722930][ T5237] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  276.732031][ T5237] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  276.741000][ T5237] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  276.756946][ T5237] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  276.766645][ T5237] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  276.775037][ T1070] hsr_slave_0: left promiscuous mode
[  276.799034][ T1070] hsr_slave_1: left promiscuous mode
[  276.805626][ T1070] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  276.821828][ T1070] batman_adv: batadv0: Removing interface: batadv_slave_0
[  276.830951][ T1070] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  276.839643][ T1070] batman_adv: batadv0: Removing interface: batadv_slave_1
[  276.876506][ T1070] veth1_macvtap: left promiscuous mode
[  276.883369][ T1070] veth0_macvtap: left promiscuous mode
[  276.896184][ T1070] veth1_vlan: left promiscuous mode
[  276.903783][ T1070] veth0_vlan: left promiscuous mode
[  277.869368][ T1070] team0 (unregistering): Port device team_slave_1 removed
[  277.911889][ T1070] team0 (unregistering): Port device team_slave_0 removed
[  278.335122][T11655] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2184'.
[  278.358734][T11691] netlink: 'syz.4.2193': attribute type 10 has an invalid length.
[  278.572807][T11693] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  278.691402][T11700] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2195'.
[  279.009385][T11656] chnl_net:caif_netlink_parms(): no params data found
[  279.319888][T11656] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.339542][T11656] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.353689][T11656] bridge_slave_0: entered allmulticast mode
[  279.380908][T11656] bridge_slave_0: entered promiscuous mode
[  279.409878][T11656] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.422443][T11656] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.430057][T11656] bridge_slave_1: entered allmulticast mode
[  279.438292][T11656] bridge_slave_1: entered promiscuous mode
[  279.447004][T11734] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2204'.
[  279.574367][T11656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  279.609186][T11656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  279.631167][T11740] netlink: 'syz.2.2208': attribute type 10 has an invalid length.
[  279.744392][T11742] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2209'.
[  279.766222][T11656] team0: Port device team_slave_0 added
[  279.779987][T11656] team0: Port device team_slave_1 added
[  279.831697][T11748] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2211'.
[  279.851247][T11656] batman_adv: batadv0: Adding interface: batadv_slave_0
[  279.866302][T11656] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.902715][T11656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  279.918540][T11656] batman_adv: batadv0: Adding interface: batadv_slave_1
[  279.925681][T11656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.952898][T11656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  280.107504][T11656] hsr_slave_0: entered promiscuous mode
[  280.147255][T11656] hsr_slave_1: entered promiscuous mode
[  280.183027][T11656] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  280.194745][T11656] Cannot create hsr debugfs directory
[  280.397371][T11740] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  280.584680][T11764] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2218'.
[  281.083752][T11780] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2223'.
[  281.121299][T11778] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2222'.
[  281.318031][T11656] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  281.354691][T11656] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  281.375310][T11656] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  281.405698][T11656] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  281.476692][T11795] netlink: 'syz.2.2227': attribute type 10 has an invalid length.
[  281.668306][T11656] 8021q: adding VLAN 0 to HW filter on device bond0
[  281.701196][T11656] 8021q: adding VLAN 0 to HW filter on device team0
[  281.726805][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.734101][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  281.792153][ T1070] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.799427][ T1070] bridge0: port 2(bridge_slave_1) entered forwarding state
[  281.823768][T11802] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2229'.
[  281.836532][T11803] tipc: New replicast peer: 255.255.255.255
[  281.853216][T11803] tipc: Enabled bearer <udp:s>, priority 10
[  281.886407][T11803] netlink: 'syz.4.2230': attribute type 21 has an invalid length.
[  281.901971][T11803] netlink: 128 bytes leftover after parsing attributes in process `syz.4.2230'.
[  281.914835][T11803] netlink: 'syz.4.2230': attribute type 4 has an invalid length.
[  281.930374][T11803] netlink: 'syz.4.2230': attribute type 3 has an invalid length.
[  281.939335][T11803] netlink: 3 bytes leftover after parsing attributes in process `syz.4.2230'.
[  282.280228][T11795] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  282.435176][T11656] 8021q: adding VLAN 0 to HW filter on device batadv0
[  282.478271][T11823] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2234'.
[  282.594476][T11656] veth0_vlan: entered promiscuous mode
[  282.626282][T11656] veth1_vlan: entered promiscuous mode
[  282.647906][T11826] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2236'.
[  282.720963][T11656] veth0_macvtap: entered promiscuous mode
[  282.761259][T11656] veth1_macvtap: entered promiscuous mode
[  282.849780][ T1172] tipc: Node number set to 722865420
[  282.873292][T11656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  282.918118][T11656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  282.947268][T11656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  282.986415][T11656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.008921][T11656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  283.038007][T11656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.060019][T11656] batman_adv: batadv0: Interface activated: batadv_slave_0
[  283.081031][T11839] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2241'.
[  283.102841][T11656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  283.115015][T11656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.157720][T11656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  283.177879][T11656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.198434][T11656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  283.220794][T11656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.257744][T11656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  283.287748][T11656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.337784][T11656] batman_adv: batadv0: Interface activated: batadv_slave_1
[  283.392404][T11656] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  283.437909][T11656] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  283.456863][T11656] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  283.474723][T11656] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  283.502207][T11855] netlink: 'syz.2.2245': attribute type 10 has an invalid length.
[  283.548211][T11864] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2247'.
[  283.563879][T11864] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2247'.
[  283.691596][ T1070] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  283.722094][ T1070] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  283.797127][ T8250] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  283.816796][T11866] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2248'.
[  283.826638][ T8250] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  284.045788][T11874] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2252'.
[  284.162624][T11862] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  284.541972][T11891] netlink: 'syz.4.2258': attribute type 32 has an invalid length.
[  284.603307][T11891] netlink: 'syz.4.2258': attribute type 1 has an invalid length.
[  284.629400][T11891] netlink: 'syz.4.2258': attribute type 1 has an invalid length.
[  284.651365][T11891] netlink: 'syz.4.2258': attribute type 1 has an invalid length.
[  285.375458][T11925] netlink: 'syz.0.2270': attribute type 10 has an invalid length.
[  285.659912][ T5237] block nbd20: Receive control failed (result -107)
[  286.098228][T11959] netlink: 'syz.1.2283': attribute type 10 has an invalid length.
[  286.774242][ T1070] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.789719][ T1070] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.980147][ T1070] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.040628][T11998] __nla_validate_parse: 13 callbacks suppressed
[  288.040652][T11998] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2293'.
[  288.060102][T12001] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2296'.
[  288.225314][ T1070] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.276320][T12009] netlink: 'syz.2.2297': attribute type 10 has an invalid length.
[  288.315163][T12010] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2299'.
[  288.623050][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  288.636182][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  288.654295][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  288.696080][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  288.701304][ T1070] bridge_slave_1: left allmulticast mode
[  288.713477][   T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  288.722839][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  288.733251][ T1070] bridge_slave_1: left promiscuous mode
[  288.768432][ T1070] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.808791][ T1070] bridge_slave_0: left allmulticast mode
[  288.814511][ T1070] bridge_slave_0: left promiscuous mode
[  288.836210][ T1070] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.054445][T12039] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2307'.
[  289.546830][ T1070] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  289.565174][ T1070] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  289.578673][ T1070] bond0 (unregistering): Released all slaves
[  289.617967][T12041] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2308'.
[  289.846262][T12043] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2309'.
[  289.947867][T12054] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2311'.
[  290.327826][T12060] netlink: 'syz.4.2313': attribute type 10 has an invalid length.
[  290.395755][ T1070] hsr_slave_0: left promiscuous mode
[  290.416448][ T1070] hsr_slave_1: left promiscuous mode
[  290.433311][ T1070] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  290.454822][ T1070] batman_adv: batadv0: Removing interface: batadv_slave_0
[  290.467387][ T1070] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  290.485227][ T1070] batman_adv: batadv0: Removing interface: batadv_slave_1
[  290.532064][ T1070] veth1_macvtap: left promiscuous mode
[  290.544811][ T1070] veth0_macvtap: left promiscuous mode
[  290.552183][ T1070] veth1_vlan: left promiscuous mode
[  290.563952][ T1070] veth0_vlan: left promiscuous mode
[  290.891598][T12064] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  291.404808][ T1070] team0 (unregistering): Port device team_slave_1 removed
[  291.456629][ T1070] team0 (unregistering): Port device team_slave_0 removed
[  291.964056][T12080] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2320'.
[  292.086658][T12020] chnl_net:caif_netlink_parms(): no params data found
[  292.139707][T12092] FAULT_INJECTION: forcing a failure.
[  292.139707][T12092] name failslab, interval 1, probability 0, space 0, times 0
[  292.181343][T12094] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2323'.
[  292.206239][T12092] CPU: 0 UID: 0 PID: 12092 Comm: syz.0.2322 Not tainted 6.11.0-rc2-syzkaller-00116-g67927a1b255d #0
[  292.217072][T12092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  292.227167][T12092] Call Trace:
[  292.230471][T12092]  <TASK>
[  292.233414][T12092]  dump_stack_lvl+0x241/0x360
[  292.238162][T12092]  ? __pfx_dump_stack_lvl+0x10/0x10
[  292.243377][T12092]  ? __pfx__printk+0x10/0x10
[  292.247986][T12092]  ? __kmalloc_noprof+0xb0/0x400
[  292.252935][T12092]  ? __pfx___might_resched+0x10/0x10
[  292.258234][T12092]  should_fail_ex+0x3b0/0x4e0
[  292.262925][T12092]  ? bpf_test_init+0xe1/0x180
[  292.267622][T12092]  should_failslab+0xac/0x100
[  292.272336][T12092]  ? bpf_test_init+0xe1/0x180
[  292.277033][T12092]  __kmalloc_noprof+0xd8/0x400
[  292.281825][T12092]  bpf_test_init+0xe1/0x180
[  292.286520][T12092]  bpf_prog_test_run_skb+0x2bb/0x1820
[  292.291914][T12092]  ? __pfx_lock_release+0x10/0x10
[  292.296983][T12092]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  292.302818][T12092]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  292.308650][T12092]  bpf_prog_test_run+0x33a/0x3b0
[  292.313615][T12092]  __sys_bpf+0x48d/0x810
[  292.317885][T12092]  ? __pfx___sys_bpf+0x10/0x10
[  292.322703][T12092]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  292.328736][T12092]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  292.335079][T12092]  ? do_syscall_64+0x100/0x230
[  292.339864][T12092]  __x64_sys_bpf+0x7c/0x90
[  292.344292][T12092]  do_syscall_64+0xf3/0x230
[  292.348900][T12092]  ? clear_bhb_loop+0x35/0x90
[  292.353750][T12092]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.359655][T12092] RIP: 0033:0x7f029af779f9
[  292.364082][T12092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.383748][T12092] RSP: 002b:00007f029bdde038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  292.392200][T12092] RAX: ffffffffffffffda RBX: 00007f029b105f80 RCX: 00007f029af779f9
[  292.400210][T12092] RDX: 0000000000000050 RSI: 0000000020000580 RDI: 000000000000000a
[  292.408193][T12092] RBP: 00007f029bdde090 R08: 0000000000000000 R09: 0000000000000000
[  292.416176][T12092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  292.424161][T12092] R13: 0000000000000000 R14: 00007f029b105f80 R15: 00007fffe49e06d8
[  292.432162][T12092]  </TASK>
[  292.778046][T12116] set match dimension is over the limit!
[  292.803503][T12020] bridge0: port 1(bridge_slave_0) entered blocking state
[  292.823304][T12020] bridge0: port 1(bridge_slave_0) entered disabled state
[  292.835807][T12020] bridge_slave_0: entered allmulticast mode
[  292.853980][T12020] bridge_slave_0: entered promiscuous mode
[  292.865849][T12111] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2326'.
[  292.887843][T12020] bridge0: port 2(bridge_slave_1) entered blocking state
[  292.895319][T12020] bridge0: port 2(bridge_slave_1) entered disabled state
[  292.922305][T12020] bridge_slave_1: entered allmulticast mode
[  292.935459][T12020] bridge_slave_1: entered promiscuous mode
[  293.082060][T12020] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  293.123354][T12020] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  293.143841][T12122] netlink: 'syz.0.2331': attribute type 10 has an invalid length.
[  293.284460][T12020] team0: Port device team_slave_0 added
[  293.299630][T12133] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2334'.
[  293.313089][T12136] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2336'.
[  293.326259][T12020] team0: Port device team_slave_1 added
[  293.436927][T12020] batman_adv: batadv0: Adding interface: batadv_slave_0
[  293.464355][T12143] xt_CT: You must specify a L4 protocol and not use inversions on it
[  293.467562][T12020] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  293.499577][T12020] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  293.523295][T12020] batman_adv: batadv0: Adding interface: batadv_slave_1
[  293.557183][T12020] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  293.610897][T12020] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  293.642795][T12146] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2339'.
[  293.755789][T12020] hsr_slave_0: entered promiscuous mode
[  293.763933][T12020] hsr_slave_1: entered promiscuous mode
[  293.772085][T12020] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  293.788085][T12128] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  293.795002][T12020] Cannot create hsr debugfs directory
[  294.420596][T12167] FAULT_INJECTION: forcing a failure.
[  294.420596][T12167] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  294.437521][T12167] CPU: 1 UID: 0 PID: 12167 Comm: syz.1.2345 Not tainted 6.11.0-rc2-syzkaller-00116-g67927a1b255d #0
[  294.448353][T12167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  294.458452][T12167] Call Trace:
[  294.461768][T12167]  <TASK>
[  294.464724][T12167]  dump_stack_lvl+0x241/0x360
[  294.469473][T12167]  ? __pfx_dump_stack_lvl+0x10/0x10
[  294.474730][T12167]  ? __pfx__printk+0x10/0x10
[  294.479376][T12167]  ? __pfx_lock_release+0x10/0x10
[  294.484477][T12167]  should_fail_ex+0x3b0/0x4e0
[  294.489193][T12167]  _copy_from_iter+0x1f6/0x1960
[  294.494093][T12167]  ? __virt_addr_valid+0x183/0x530
[  294.499219][T12167]  ? __pfx_lock_release+0x10/0x10
[  294.504284][T12167]  ? __alloc_skb+0x28f/0x440
[  294.508890][T12167]  ? __pfx__copy_from_iter+0x10/0x10
[  294.514191][T12167]  ? __virt_addr_valid+0x183/0x530
[  294.519486][T12167]  ? __virt_addr_valid+0x183/0x530
[  294.524608][T12167]  ? __virt_addr_valid+0x45f/0x530
[  294.529727][T12167]  ? __check_object_size+0x49c/0x900
[  294.535031][T12167]  netlink_sendmsg+0x73d/0xcb0
[  294.539844][T12167]  ? __pfx_netlink_sendmsg+0x10/0x10
[  294.545150][T12167]  ? __import_iovec+0x536/0x820
[  294.550017][T12167]  ? aa_sock_msg_perm+0x91/0x160
[  294.554970][T12167]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  294.560271][T12167]  ? security_socket_sendmsg+0x87/0xb0
[  294.565755][T12167]  ? __pfx_netlink_sendmsg+0x10/0x10
[  294.571065][T12167]  __sock_sendmsg+0x221/0x270
[  294.575768][T12167]  ____sys_sendmsg+0x525/0x7d0
[  294.580551][T12167]  ? __pfx_____sys_sendmsg+0x10/0x10
[  294.585862][T12167]  __sys_sendmsg+0x2b0/0x3a0
[  294.590466][T12167]  ? __pfx___sys_sendmsg+0x10/0x10
[  294.595589][T12167]  ? vfs_write+0x7c4/0xc90
[  294.600078][T12167]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  294.606519][T12167]  ? do_syscall_64+0x100/0x230
[  294.611310][T12167]  ? do_syscall_64+0xb6/0x230
[  294.616024][T12167]  do_syscall_64+0xf3/0x230
[  294.620547][T12167]  ? clear_bhb_loop+0x35/0x90
[  294.625236][T12167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.631143][T12167] RIP: 0033:0x7f02527779f9
[  294.635568][T12167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.655201][T12167] RSP: 002b:00007f02534f4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  294.663639][T12167] RAX: ffffffffffffffda RBX: 00007f0252905f80 RCX: 00007f02527779f9
[  294.671628][T12167] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004
[  294.679700][T12167] RBP: 00007f02534f4090 R08: 0000000000000000 R09: 0000000000000000
[  294.687681][T12167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  294.695657][T12167] R13: 0000000000000000 R14: 00007f0252905f80 R15: 00007ffe743919a8
[  294.703654][T12167]  </TASK>
[  294.749605][T12169] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2347'.
[  294.922372][T12020] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  294.940273][T12020] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  294.961997][T12172] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2348'.
[  294.993654][T12020] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  295.032031][T12020] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  295.077170][T12176] netlink: 'syz.4.2350': attribute type 10 has an invalid length.
[  295.079272][T12180] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2351'.
[  295.388978][T12020] 8021q: adding VLAN 0 to HW filter on device bond0
[  295.444800][T12020] 8021q: adding VLAN 0 to HW filter on device team0
[  295.478740][ T1094] bridge0: port 1(bridge_slave_0) entered blocking state
[  295.486012][ T1094] bridge0: port 1(bridge_slave_0) entered forwarding state
[  295.546693][ T1094] bridge0: port 2(bridge_slave_1) entered blocking state
[  295.553927][ T1094] bridge0: port 2(bridge_slave_1) entered forwarding state
[  295.648640][T12199] netlink: 'syz.2.2356': attribute type 4 has an invalid length.
[  295.656432][T12199] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.2356'.
[  295.768352][T12199] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2356'.
[  295.789618][T12176] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  295.964720][T12208] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2358'.
[  296.132245][T12020] 8021q: adding VLAN 0 to HW filter on device batadv0
[  296.335319][T12020] veth0_vlan: entered promiscuous mode
[  296.428078][T12218] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  296.435512][T12218] macsec2: entered promiscuous mode
[  296.506135][T12218] netdevsim netdevsim1 netdevsim0: left promiscuous mode
[  296.601718][T12020] veth1_vlan: entered promiscuous mode
[  296.612673][T12220] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2362'.
[  296.786171][T12020] veth0_macvtap: entered promiscuous mode
[  296.830948][T12020] veth1_macvtap: entered promiscuous mode
[  296.893272][T12020] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  296.927068][T12020] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.936935][T12020] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  296.957067][T12020] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.966929][T12020] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  296.997079][T12020] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.018987][T12020] batman_adv: batadv0: Interface activated: batadv_slave_0
[  297.082658][T12020] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.128430][T12020] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.160874][T12020] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.178630][T12020] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.191732][T12020] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.207778][T12020] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.220553][T12020] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.239630][T12020] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.268337][T12020] batman_adv: batadv0: Interface activated: batadv_slave_1
[  297.294469][T12020] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  297.325322][T12020] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  297.346880][T12020] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  297.377721][T12020] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  297.539467][T12250] netlink: 'syz.4.2371': attribute type 10 has an invalid length.
[  297.795009][ T8254] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  297.819793][ T8254] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  297.873557][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  297.906783][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  298.289810][T12250] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  298.304222][T12276] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  298.360490][T12280] __nla_validate_parse: 2 callbacks suppressed
[  298.360516][T12280] netlink: 272 bytes leftover after parsing attributes in process `syz.2.2379'.
[  298.386846][T12276] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  298.484197][T12285] IPv6: NLM_F_CREATE should be specified when creating new route
[  298.501263][T12285] IPv6: NLM_F_REPLACE set, but no existing node found!
[  298.556572][T12275] siw: device registration error -23
[  298.687731][T12293] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2382'.
[  299.012774][T12299] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2385'.
[  299.460067][T12315] netlink: 'syz.2.2390': attribute type 10 has an invalid length.
[  299.656863][T12319] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2391'.
[  299.760820][T12323] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2393'.
[  300.228957][   T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.870744][   T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.954177][   T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.015731][   T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.125123][   T35] bridge_slave_1: left allmulticast mode
[  301.131086][   T35] bridge_slave_1: left promiscuous mode
[  301.136879][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.146549][   T35] bridge_slave_0: left allmulticast mode
[  301.152691][   T35] bridge_slave_0: left promiscuous mode
[  301.158790][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.661746][T12349] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2401'.
[  301.769579][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  301.876635][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  301.922751][   T35] bond0 (unregistering): Released all slaves
[  301.978221][T12360] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2405'.
[  302.039356][T12361] netlink: 'syz.1.2404': attribute type 10 has an invalid length.
[  302.288705][ T5237] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  302.303412][ T5237] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  302.318507][ T5237] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  302.348943][ T5237] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  302.361058][ T5237] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  302.369414][ T5237] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  302.383681][T12370] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2407'.
[  302.914449][   T35] hsr_slave_0: left promiscuous mode
[  302.933678][   T35] hsr_slave_1: left promiscuous mode
[  302.951257][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  302.967938][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  302.986903][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  303.001420][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  303.075802][   T35] veth1_macvtap: left promiscuous mode
[  303.088303][   T35] veth0_macvtap: left promiscuous mode
[  303.100789][   T35] veth1_vlan: left promiscuous mode
[  303.114141][   T35] veth0_vlan: left promiscuous mode
[  304.084977][   T35] team0 (unregistering): Port device team_slave_1 removed
[  304.140178][   T35] team0 (unregistering): Port device team_slave_0 removed
[  304.214319][T12422] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  304.575695][T12430] xt_bpf: check failed: parse error
[  304.725803][T12398] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2415'.
[  304.752002][T12401] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2415'.
[  304.762878][T12416] netlink: 'syz.0.2419': attribute type 10 has an invalid length.
[  304.779740][T12418] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2420'.
[  304.955759][T12434] FAULT_INJECTION: forcing a failure.
[  304.955759][T12434] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  305.031381][T12434] CPU: 0 UID: 0 PID: 12434 Comm: syz.1.2424 Not tainted 6.11.0-rc2-syzkaller-00116-g67927a1b255d #0
[  305.042391][T12434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  305.052587][T12434] Call Trace:
[  305.055899][T12434]  <TASK>
[  305.058863][T12434]  dump_stack_lvl+0x241/0x360
[  305.063613][T12434]  ? __pfx_dump_stack_lvl+0x10/0x10
[  305.068881][T12434]  ? __pfx__printk+0x10/0x10
[  305.073574][T12434]  ? snprintf+0xda/0x120
[  305.077877][T12434]  should_fail_ex+0x3b0/0x4e0
[  305.082785][T12434]  _copy_to_user+0x2f/0xb0
[  305.087259][T12434]  simple_read_from_buffer+0xca/0x150
[  305.092697][T12434]  proc_fail_nth_read+0x1e9/0x250
[  305.097868][T12434]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  305.103459][T12434]  ? rw_verify_area+0x520/0x6b0
[  305.108334][T12434]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  305.113936][T12434]  vfs_read+0x204/0xbc0
[  305.118119][T12434]  ? __pfx_lock_release+0x10/0x10
[  305.123177][T12434]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  305.129137][T12434]  ? __pfx_vfs_read+0x10/0x10
[  305.133842][T12434]  ? __fget_files+0x29/0x470
[  305.138454][T12434]  ? __fget_files+0x3f6/0x470
[  305.143158][T12434]  ksys_read+0x1a0/0x2c0
[  305.147464][T12434]  ? __pfx_ksys_read+0x10/0x10
[  305.152258][T12434]  ? do_syscall_64+0x100/0x230
[  305.157085][T12434]  ? do_syscall_64+0xb6/0x230
[  305.161817][T12434]  do_syscall_64+0xf3/0x230
[  305.166344][T12434]  ? clear_bhb_loop+0x35/0x90
[  305.171042][T12434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.176953][T12434] RIP: 0033:0x7f025277643c
[  305.181399][T12434] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48
[  305.201017][T12434] RSP: 002b:00007f02534f4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  305.209453][T12434] RAX: ffffffffffffffda RBX: 00007f0252905f80 RCX: 00007f025277643c
[  305.217456][T12434] RDX: 000000000000000f RSI: 00007f02534f40a0 RDI: 0000000000000006
[  305.225451][T12434] RBP: 00007f02534f4090 R08: 0000000000000000 R09: 0000000000000000
[  305.233440][T12434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  305.241470][T12434] R13: 0000000000000000 R14: 00007f0252905f80 R15: 00007ffe743919a8
[  305.249475][T12434]  </TASK>
[  305.259059][T12438] xt_TCPMSS: Only works on TCP SYN packets
[  305.361685][T12372] chnl_net:caif_netlink_parms(): no params data found
[  305.468095][T12446] FAULT_INJECTION: forcing a failure.
[  305.468095][T12446] name failslab, interval 1, probability 0, space 0, times 0
[  305.503128][T12446] CPU: 1 UID: 0 PID: 12446 Comm: syz.4.2428 Not tainted 6.11.0-rc2-syzkaller-00116-g67927a1b255d #0
[  305.514049][T12446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  305.524235][T12446] Call Trace:
[  305.527559][T12446]  <TASK>
[  305.530543][T12446]  dump_stack_lvl+0x241/0x360
[  305.535823][T12446]  ? __pfx_dump_stack_lvl+0x10/0x10
[  305.541373][T12446]  ? __pfx__printk+0x10/0x10
[  305.546025][T12446]  ? __nla_validate_parse+0x26ce/0x3090
[  305.551742][T12446]  should_fail_ex+0x3b0/0x4e0
[  305.556545][T12446]  ? xfrm_state_alloc+0x22/0x2a0
[  305.561624][T12446]  should_failslab+0xac/0x100
[  305.566354][T12446]  ? xfrm_state_alloc+0x22/0x2a0
[  305.571310][T12446]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  305.576712][T12446]  ? aa_get_newest_label+0xff/0x6f0
[  305.582216][T12446]  xfrm_state_alloc+0x22/0x2a0
[  305.587177][T12446]  xfrm_add_sa+0x134a/0x3b50
[  305.591953][T12446]  ? __pfx_xfrm_add_sa+0x10/0x10
[  305.597036][T12446]  ? __nla_parse+0x40/0x60
[  305.601491][T12446]  xfrm_user_rcv_msg+0x75b/0xa80
[  305.606478][T12446]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  305.612014][T12446]  ? __mutex_trylock_common+0x183/0x2e0
[  305.618887][T12446]  ? __pfx___might_resched+0x10/0x10
[  305.624920][T12446]  netlink_rcv_skb+0x1e3/0x430
[  305.629832][T12446]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  305.635448][T12446]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  305.640783][T12446]  xfrm_netlink_rcv+0x79/0x90
[  305.645509][T12446]  netlink_unicast+0x7f0/0x990
[  305.650493][T12446]  ? __pfx_netlink_unicast+0x10/0x10
[  305.655802][T12446]  ? __virt_addr_valid+0x183/0x530
[  305.660931][T12446]  ? __check_object_size+0x49c/0x900
[  305.666607][T12446]  ? bpf_lsm_netlink_send+0x9/0x10
[  305.671920][T12446]  netlink_sendmsg+0x8e4/0xcb0
[  305.677542][T12446]  ? __pfx_netlink_sendmsg+0x10/0x10
[  305.683531][T12446]  ? tomoyo_socket_sendmsg_permission+0x12e/0x420
[  305.690779][T12446]  ? aa_sock_msg_perm+0x91/0x160
[  305.696099][T12446]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  305.701953][T12446]  ? security_socket_sendmsg+0x87/0xb0
[  305.707477][T12446]  ? __pfx_netlink_sendmsg+0x10/0x10
[  305.712836][T12446]  __sock_sendmsg+0x221/0x270
[  305.718100][T12446]  ____sys_sendmsg+0x525/0x7d0
[  305.723331][T12446]  ? __pfx_____sys_sendmsg+0x10/0x10
[  305.728659][T12446]  __sys_sendmsg+0x2b0/0x3a0
[  305.733390][T12446]  ? __pfx___sys_sendmsg+0x10/0x10
[  305.738780][T12446]  ? vfs_write+0x7c4/0xc90
[  305.743260][T12446]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  305.750043][T12446]  ? do_syscall_64+0x100/0x230
[  305.755098][T12446]  ? do_syscall_64+0xb6/0x230
[  305.760104][T12446]  do_syscall_64+0xf3/0x230
[  305.764949][T12446]  ? clear_bhb_loop+0x35/0x90
[  305.769644][T12446]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.775561][T12446] RIP: 0033:0x7f26d45779f9
[  305.780111][T12446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  305.799925][T12446] RSP: 002b:00007f26d5322038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  305.808357][T12446] RAX: ffffffffffffffda RBX: 00007f26d4705f80 RCX: 00007f26d45779f9
[  305.816353][T12446] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  305.824442][T12446] RBP: 00007f26d5322090 R08: 0000000000000000 R09: 0000000000000000
[  305.832434][T12446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  305.840461][T12446] R13: 0000000000000000 R14: 00007f26d4705f80 R15: 00007ffede9b8298
[  305.848484][T12446]  </TASK>
[  305.981207][T12458] wg2: entered promiscuous mode
[  306.006861][T12372] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.031526][T12372] bridge0: port 1(bridge_slave_0) entered disabled state
[  306.047561][T12372] bridge_slave_0: entered allmulticast mode
[  306.056453][T12372] bridge_slave_0: entered promiscuous mode
[  306.067484][T12372] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.074681][T12372] bridge0: port 2(bridge_slave_1) entered disabled state
[  306.085276][T12372] bridge_slave_1: entered allmulticast mode
[  306.092998][T12372] bridge_slave_1: entered promiscuous mode
[  306.224589][T12372] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  306.273579][T12372] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  306.510149][T12372] team0: Port device team_slave_0 added
[  306.529734][T12372] team0: Port device team_slave_1 added
[  306.601572][T12478] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2435'.
[  306.616535][T12372] batman_adv: batadv0: Adding interface: batadv_slave_0
[  306.638331][T12372] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  306.683852][T12372] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  306.698197][T12482] netlink: 'syz.1.2436': attribute type 10 has an invalid length.
[  306.714346][T12372] batman_adv: batadv0: Adding interface: batadv_slave_1
[  306.725548][T12372] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  306.756257][T12372] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  306.843765][T12372] hsr_slave_0: entered promiscuous mode
[  306.854653][T12372] hsr_slave_1: entered promiscuous mode
[  306.862348][T12372] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  306.871533][T12372] Cannot create hsr debugfs directory
[  307.042365][T12490] netlink: 216 bytes leftover after parsing attributes in process `syz.0.2440'.
[  307.054133][T12490] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2440'.
[  307.431518][T12480] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  307.730919][T12509] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2448'.
[  307.748707][T12372] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  307.786347][T12372] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  307.829036][T12372] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  307.863397][T12372] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  308.233599][T12372] 8021q: adding VLAN 0 to HW filter on device bond0
[  308.311726][T12372] 8021q: adding VLAN 0 to HW filter on device team0
[  308.334850][ T1094] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.342106][ T1094] bridge0: port 1(bridge_slave_0) entered forwarding state
[  308.368658][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.375986][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  308.528485][T12372] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  308.680403][T12545] netlink: 'syz.4.2457': attribute type 10 has an invalid length.
[  308.803162][T12372] 8021q: adding VLAN 0 to HW filter on device batadv0
[  308.895515][T12372] veth0_vlan: entered promiscuous mode
[  308.924645][T12372] veth1_vlan: entered promiscuous mode
[  308.994346][T12372] veth0_macvtap: entered promiscuous mode
[  309.010181][T12372] veth1_macvtap: entered promiscuous mode
[  309.069274][T12372] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  309.121152][T12372] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.157803][T12372] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  309.180794][T12372] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.191158][T12372] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  309.210167][T12372] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.234888][T12372] batman_adv: batadv0: Interface activated: batadv_slave_0
[  309.243211][T12556] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2461'.
[  309.283911][T12372] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  309.315164][T12372] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.347895][T12372] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  309.365256][T12564] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2463'.
[  309.376687][T12372] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.395223][T12372] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  309.417373][T12372] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.438301][T12372] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  309.471749][T12372] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  309.498175][T12372] batman_adv: batadv0: Interface activated: batadv_slave_1
[  309.512003][T12564] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2463'.
[  309.568712][T12372] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  309.602766][T12372] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  309.613344][T12372] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  309.639998][T12372] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  309.833465][ T1070] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  309.861832][ T1070] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  309.915644][T12577] netlink: 'syz.2.2467': attribute type 21 has an invalid length.
[  309.938192][T12577] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2467'.
[  309.972552][ T1070] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  309.989436][ T1070] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  310.250542][T12587] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2469'.
[  310.260534][T12587] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2469'.
[  310.270337][T12587] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2469'.
[  310.330540][   T54] block nbd21: Receive control failed (result -107)
[  310.868795][T12598] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2472'.
[  311.123072][T12606] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2475'.
[  311.855037][T12619] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2489'.
[  311.858944][T12618] FAULT_INJECTION: forcing a failure.
[  311.858944][T12618] name failslab, interval 1, probability 0, space 0, times 0
[  311.879293][T12618] CPU: 1 UID: 0 PID: 12618 Comm: syz.2.2479 Not tainted 6.11.0-rc2-syzkaller-00116-g67927a1b255d #0
[  311.890289][T12618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  311.900473][T12618] Call Trace:
[  311.903779][T12618]  <TASK>
[  311.906741][T12618]  dump_stack_lvl+0x241/0x360
[  311.911483][T12618]  ? __pfx_dump_stack_lvl+0x10/0x10
[  311.917875][T12618]  ? __pfx__printk+0x10/0x10
[  311.922534][T12618]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  311.928569][T12618]  ? __pfx___might_resched+0x10/0x10
[  311.934007][T12618]  should_fail_ex+0x3b0/0x4e0
[  311.938745][T12618]  should_failslab+0xac/0x100
[  311.943485][T12618]  ? __alloc_skb+0x1c3/0x440
[  311.948132][T12618]  kmem_cache_alloc_node_noprof+0x71/0x320
[  311.953997][T12618]  __alloc_skb+0x1c3/0x440
[  311.958648][T12618]  ? __pfx___alloc_skb+0x10/0x10
[  311.963718][T12618]  ? netlink_autobind+0xd6/0x2f0
[  311.968786][T12618]  ? netlink_autobind+0x2b0/0x2f0
[  311.974044][T12618]  netlink_sendmsg+0x638/0xcb0
[  311.979060][T12618]  ? __pfx_netlink_sendmsg+0x10/0x10
[  311.984408][T12618]  ? __import_iovec+0x536/0x820
[  311.989400][T12618]  ? aa_sock_msg_perm+0x91/0x160
[  311.994478][T12618]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  311.999901][T12618]  ? security_socket_sendmsg+0x87/0xb0
[  312.000160][T12622] Bluetooth: hci3: unsupported parameter 64512
[  312.006007][T12618]  ? __pfx_netlink_sendmsg+0x10/0x10
[  312.006048][T12618]  __sock_sendmsg+0x221/0x270
[  312.006086][T12618]  ____sys_sendmsg+0x525/0x7d0
[  312.012574][T12622] Bluetooth: hci3: invalid length 0, exp 2 for type 0
[  312.017796][T12618]  ? __pfx_____sys_sendmsg+0x10/0x10
[  312.017850][T12618]  __sys_sendmsg+0x2b0/0x3a0
[  312.044632][T12618]  ? __pfx___sys_sendmsg+0x10/0x10
[  312.049844][T12618]  ? vfs_write+0x7c4/0xc90
[  312.054461][T12618]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  312.061029][T12618]  ? do_syscall_64+0x100/0x230
[  312.065959][T12618]  ? do_syscall_64+0xb6/0x230
[  312.071141][T12618]  do_syscall_64+0xf3/0x230
[  312.075712][T12618]  ? clear_bhb_loop+0x35/0x90
[  312.080446][T12618]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.086477][T12618] RIP: 0033:0x7f44a1b779f9
[  312.091716][T12618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.111366][T12618] RSP: 002b:00007f44a15ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  312.119835][T12618] RAX: ffffffffffffffda RBX: 00007f44a1d05f80 RCX: 00007f44a1b779f9
[  312.127861][T12618] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[  312.135880][T12618] RBP: 00007f44a15ff090 R08: 0000000000000000 R09: 0000000000000000
[  312.143892][T12618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  312.152019][T12618] R13: 0000000000000000 R14: 00007f44a1d05f80 R15: 00007ffd37674c28
[  312.160055][T12618]  </TASK>
[  313.817453][T12654] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2491'.
[  314.562560][T12666] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2490'.
[  316.316942][T12706] netlink: 'syz.1.2503': attribute type 10 has an invalid length.
[  316.487993][T12710] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2504'.
[  316.753093][T12719] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2508'.
[  316.869737][T12719] team0: Port device bridge5 added
[  317.024896][T12728] team0: Port device vlan3 added
[  317.443434][ T1271] ieee802154 phy0 wpan0: encryption failed: -22
[  317.450774][ T1271] ieee802154 phy1 wpan1: encryption failed: -22
[  317.812755][T12753] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2520'.
[  319.079832][T12791] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2532'.
[  319.187811][ T5244] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  319.199113][ T5244] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  319.208072][ T5244] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  319.220365][ T5244] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  319.231454][ T5244] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  319.240967][ T5244] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  319.252592][T12797] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2535'.
[  319.754002][T12796] chnl_net:caif_netlink_parms(): no params data found
[  319.952236][T12830] netlink: 'syz.2.2544': attribute type 10 has an invalid length.
[  319.985215][T12833] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2545'.
[  320.029580][T12796] bridge0: port 1(bridge_slave_0) entered blocking state
[  320.036775][T12796] bridge0: port 1(bridge_slave_0) entered disabled state
[  320.059181][T12796] bridge_slave_0: entered allmulticast mode
[  320.066763][T12796] bridge_slave_0: entered promiscuous mode
[  320.091883][T12796] bridge0: port 2(bridge_slave_1) entered blocking state
[  320.107923][T12796] bridge0: port 2(bridge_slave_1) entered disabled state
[  320.115263][T12796] bridge_slave_1: entered allmulticast mode
[  320.139857][T12796] bridge_slave_1: entered promiscuous mode
[  320.145963][T12840] dccp_invalid_packet: P.Data Offset(0) too small
[  320.285058][T12796] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  320.338762][T12796] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  320.451990][T12796] team0: Port device team_slave_0 added
[  320.474780][T12796] team0: Port device team_slave_1 added
[  320.540700][T12796] batman_adv: batadv0: Adding interface: batadv_slave_0
[  320.550547][T12796] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  320.578917][T12796] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  320.592677][T12796] batman_adv: batadv0: Adding interface: batadv_slave_1
[  320.600022][T12796] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  320.627186][T12796] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  320.728042][T12796] hsr_slave_0: entered promiscuous mode
[  320.745987][T12796] hsr_slave_1: entered promiscuous mode
[  320.753031][T12796] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  320.763183][T12796] Cannot create hsr debugfs directory
[  320.798057][T12852] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  320.812876][T12852] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  321.062713][T12796] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  321.073699][T12796] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.170809][T12796] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  321.182634][T12796] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.282139][ T5244] Bluetooth: hci1: command tx timeout
[  321.373103][T12796] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  321.384593][T12796] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.574260][T12796] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  321.592107][T12796] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.623781][T12867] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2555'.
[  321.659358][T12869] netlink: 'syz.0.2556': attribute type 10 has an invalid length.
[  321.851868][T12796] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  321.873143][T12796] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  321.905663][T12796] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  321.913933][T12877] netlink: 'syz.1.2560': attribute type 2 has an invalid length.
[  321.951803][T12796] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  322.234302][T12796] 8021q: adding VLAN 0 to HW filter on device bond0
[  322.282051][T12796] 8021q: adding VLAN 0 to HW filter on device team0
[  322.330959][ T8254] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.338249][ T8254] bridge0: port 1(bridge_slave_0) entered forwarding state
[  322.355337][ T8254] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.362621][ T8254] bridge0: port 2(bridge_slave_1) entered forwarding state
[  322.796819][T12796] 8021q: adding VLAN 0 to HW filter on device batadv0
[  323.113744][T12911] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2567'.
[  323.161629][T12913] netlink: 'syz.0.2568': attribute type 10 has an invalid length.
[  323.300417][T12919] rdma_op ffff88802d7e09f0 conn xmit_rdma 0000000000000000
[  323.359326][ T5244] Bluetooth: hci1: command tx timeout
[  323.419687][T12796] veth0_vlan: entered promiscuous mode
[  323.482017][T12796] veth1_vlan: entered promiscuous mode
[  323.544835][T12930] x_tables: duplicate entry at hook 2
[  323.590326][T12930] netlink: 'syz.1.2574': attribute type 27 has an invalid length.
[  325.188423][T12930] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  325.200681][T12930] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  325.217598][T12930] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  325.233433][T12930] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  325.341076][T12930] bond1: left promiscuous mode
[  325.438882][ T5244] Bluetooth: hci1: command tx timeout
[  325.471862][T12930] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  325.481290][T12930] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  325.491388][T12930] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  325.501708][T12930] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  325.528072][T12930] vxlan0: left promiscuous mode
[  325.590944][T12796] veth0_macvtap: entered promiscuous mode
[  325.611175][T12796] veth1_macvtap: entered promiscuous mode
[  325.721387][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.740093][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.763385][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.774382][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.807215][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.832783][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.851760][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.875727][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.905492][T12796] batman_adv: batadv0: Interface activated: batadv_slave_0
[  326.028517][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.043312][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.053843][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.064702][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.074872][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.085844][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.108191][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.134336][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.151052][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.162519][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.185655][T12796] batman_adv: batadv0: Interface activated: batadv_slave_1
[  326.194622][T12976] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2579'.
[  326.221211][T12796] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  326.231162][T12796] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  326.243244][T12796] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  326.262704][T12796] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  326.426557][ T1070] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  326.447720][ T1070] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  326.470085][T12983] netlink: 'syz.2.2582': attribute type 10 has an invalid length.
[  326.500277][T12985] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2592'.
[  326.513649][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  326.534764][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  326.836341][T12998] netlink: 'syz.4.2585': attribute type 2 has an invalid length.
[  327.087900][T13009] netlink: 27 bytes leftover after parsing attributes in process `syz.4.2589'.
[  327.202057][T13009] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2589'.
[  327.328454][T13009] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2589'.
[  327.414263][T13013] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2588'.
[  327.528768][ T5244] Bluetooth: hci1: command tx timeout
[  327.531458][T13026] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  327.555385][T13026] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  327.604325][T13028] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2594'.
[  327.632229][T13020] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2591'.
[  327.706592][T13030] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2596'.
[  327.753034][T13026] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  327.918300][T13032] netlink: 'syz.4.2597': attribute type 10 has an invalid length.
[  327.967758][T13032] batman_adv: batadv0: Adding interface: team0
[  327.990649][T13032] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  328.038384][T13032] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  328.229816][T13038] netlink: 'syz.0.2600': attribute type 4 has an invalid length.
[  328.272717][T13037] netlink: 'syz.0.2600': attribute type 4 has an invalid length.
[  328.759886][T13051] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2602'.
[  329.560441][T13073] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2606'.
[  330.100114][T13085] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2609'.
[  333.702197][T13124] __nla_validate_parse: 1 callbacks suppressed
[  333.702221][T13124] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2620'.
[  333.950926][T13144] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  333.985212][T13144] netlink: 'syz.2.2625': attribute type 4 has an invalid length.
[  334.375577][T13160] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2631'.
[  334.400897][T13160] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2631'.
[  334.427926][T13160] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2631'.
[  334.507147][ T5244] block nbd22: Receive control failed (result -107)
[  334.645828][T13173] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2636'.
[  334.758985][T13178] netlink: 'syz.4.2638': attribute type 21 has an invalid length.
[  334.771980][T13178] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2638'.
[  335.153176][T13202] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2645'.
[  335.349269][T13211] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2646'.
[  335.555891][T13217] DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
[  335.594864][T13229] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2647'.
[  335.645608][T13229] Κό: entered promiscuous mode
[  335.655101][T13230] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2650'.
[  336.072022][T13252] FAULT_INJECTION: forcing a failure.
[  336.072022][T13252] name failslab, interval 1, probability 0, space 0, times 0
[  336.094701][T13252] CPU: 0 UID: 0 PID: 13252 Comm: syz.1.2658 Not tainted 6.11.0-rc2-syzkaller-00116-g67927a1b255d #0
[  336.105618][T13252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  336.115722][T13252] Call Trace:
[  336.119042][T13252]  <TASK>
[  336.122006][T13252]  dump_stack_lvl+0x241/0x360
[  336.126750][T13252]  ? __pfx_dump_stack_lvl+0x10/0x10
[  336.132007][T13252]  ? __pfx__printk+0x10/0x10
[  336.136663][T13252]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  336.142167][T13252]  ? __pfx___might_resched+0x10/0x10
[  336.147515][T13252]  should_fail_ex+0x3b0/0x4e0
[  336.152238][T13252]  should_failslab+0xac/0x100
[  336.156975][T13252]  ? rtnl_newlink+0xf2/0x20a0
[  336.161696][T13252]  __kmalloc_cache_noprof+0x6c/0x2c0
[  336.167025][T13252]  rtnl_newlink+0xf2/0x20a0
[  336.171596][T13252]  ? __mutex_trylock_common+0x183/0x2e0
[  336.177192][T13252]  ? __pfx___might_resched+0x10/0x10
[  336.182524][T13252]  ? __pfx_rtnl_newlink+0x10/0x10
[  336.187756][T13252]  ? __pfx___mutex_trylock_common+0x10/0x10
[  336.193769][T13252]  ? rcu_is_watching+0x15/0xb0
[  336.198560][T13252]  ? trace_contention_end+0x3c/0x120
[  336.203899][T13252]  ? __mutex_lock+0x2ef/0xd70
[  336.208617][T13252]  ? rcu_read_unlock+0x87/0xa0
[  336.213404][T13252]  ? rtnetlink_rcv_msg+0x6e6/0xcf0
[  336.218533][T13252]  ? __pfx_lock_release+0x10/0x10
[  336.223679][T13252]  ? __pfx___mutex_lock+0x10/0x10
[  336.228932][T13252]  ? __pfx_rtnl_newlink+0x10/0x10
[  336.234061][T13252]  rtnetlink_rcv_msg+0x73f/0xcf0
[  336.239022][T13252]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  336.244156][T13252]  ? __lock_acquire+0x137a/0x2040
[  336.249290][T13252]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  336.254803][T13252]  netlink_rcv_skb+0x1e3/0x430
[  336.259606][T13252]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  336.265101][T13252]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  336.270435][T13252]  ? netlink_deliver_tap+0x2e/0x1b0
[  336.275666][T13252]  netlink_unicast+0x7f0/0x990
[  336.280469][T13252]  ? __pfx_netlink_unicast+0x10/0x10
[  336.285774][T13252]  ? __virt_addr_valid+0x183/0x530
[  336.290901][T13252]  ? __check_object_size+0x49c/0x900
[  336.296204][T13252]  ? bpf_lsm_netlink_send+0x9/0x10
[  336.301361][T13252]  netlink_sendmsg+0x8e4/0xcb0
[  336.306183][T13252]  ? __pfx_netlink_sendmsg+0x10/0x10
[  336.311501][T13252]  ? __import_iovec+0x536/0x820
[  336.316371][T13252]  ? aa_sock_msg_perm+0x91/0x160
[  336.321333][T13252]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  336.326637][T13252]  ? security_socket_sendmsg+0x87/0xb0
[  336.332122][T13252]  ? __pfx_netlink_sendmsg+0x10/0x10
[  336.337428][T13252]  __sock_sendmsg+0x221/0x270
[  336.342136][T13252]  ____sys_sendmsg+0x525/0x7d0
[  336.346923][T13252]  ? __pfx_____sys_sendmsg+0x10/0x10
[  336.352246][T13252]  __sys_sendmsg+0x2b0/0x3a0
[  336.356856][T13252]  ? __pfx___sys_sendmsg+0x10/0x10
[  336.361987][T13252]  ? vfs_write+0x7c4/0xc90
[  336.366468][T13252]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  336.372818][T13252]  ? do_syscall_64+0x100/0x230
[  336.377618][T13252]  ? do_syscall_64+0xb6/0x230
[  336.382331][T13252]  do_syscall_64+0xf3/0x230
[  336.386857][T13252]  ? clear_bhb_loop+0x35/0x90
[  336.391557][T13252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.397483][T13252] RIP: 0033:0x7f02527779f9
[  336.401930][T13252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.421555][T13252] RSP: 002b:00007f02534f4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  336.429992][T13252] RAX: ffffffffffffffda RBX: 00007f0252905f80 RCX: 00007f02527779f9
[  336.437977][T13252] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004
[  336.446058][T13252] RBP: 00007f02534f4090 R08: 0000000000000000 R09: 0000000000000000
[  336.454044][T13252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.462038][T13252] R13: 0000000000000000 R14: 00007f0252905f80 R15: 00007ffe743919a8
[  336.470036][T13252]  </TASK>
[  336.711742][T13263] FAULT_INJECTION: forcing a failure.
[  336.711742][T13263] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  336.741459][T13263] CPU: 1 UID: 0 PID: 13263 Comm: syz.4.2663 Not tainted 6.11.0-rc2-syzkaller-00116-g67927a1b255d #0
[  336.752313][T13263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  336.762502][T13263] Call Trace:
[  336.765817][T13263]  <TASK>
[  336.768777][T13263]  dump_stack_lvl+0x241/0x360
[  336.773512][T13263]  ? __pfx_dump_stack_lvl+0x10/0x10
[  336.778853][T13263]  ? __pfx__printk+0x10/0x10
[  336.783501][T13263]  ? __pfx_lock_release+0x10/0x10
[  336.788592][T13263]  should_fail_ex+0x3b0/0x4e0
[  336.793313][T13263]  _copy_from_user+0x2f/0xe0
[  336.797962][T13263]  copy_msghdr_from_user+0xae/0x680
[  336.800995][T13267] netlink: 'syz.2.2664': attribute type 1 has an invalid length.
[  336.803198][T13263]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  336.816860][T13263]  __sys_sendmsg+0x23d/0x3a0
[  336.821499][T13263]  ? __pfx___sys_sendmsg+0x10/0x10
[  336.826658][T13263]  ? vfs_write+0x7c4/0xc90
[  336.831168][T13263]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  336.837523][T13263]  ? do_syscall_64+0x100/0x230
[  336.842323][T13263]  ? do_syscall_64+0xb6/0x230
[  336.847121][T13263]  do_syscall_64+0xf3/0x230
[  336.851673][T13263]  ? clear_bhb_loop+0x35/0x90
[  336.856391][T13263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.862425][T13263] RIP: 0033:0x7f50773779f9
[  336.866865][T13263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.886491][T13263] RSP: 002b:00007f5078192038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  336.894938][T13263] RAX: ffffffffffffffda RBX: 00007f5077505f80 RCX: 00007f50773779f9
[  336.903466][T13263] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  336.911628][T13263] RBP: 00007f5078192090 R08: 0000000000000000 R09: 0000000000000000
[  336.919619][T13263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.927702][T13263] R13: 0000000000000000 R14: 00007f5077505f80 R15: 00007ffdfd2e6cd8
[  336.935794][T13263]  </TASK>
[  337.211218][T13279] openvswitch: netlink: Unknown nsh attribute 0
[  337.886869][T13306] vlan2: entered promiscuous mode
[  337.930999][T13306] bridge0: entered promiscuous mode
[  337.941971][T13306] bridge0: left promiscuous mode
[  338.040001][T13312] FAULT_INJECTION: forcing a failure.
[  338.040001][T13312] name failslab, interval 1, probability 0, space 0, times 0
[  338.063963][T13312] CPU: 0 UID: 0 PID: 13312 Comm: syz.1.2679 Not tainted 6.11.0-rc2-syzkaller-00116-g67927a1b255d #0
[  338.074890][T13312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  338.085600][T13312] Call Trace:
[  338.089009][T13312]  <TASK>
[  338.091983][T13312]  dump_stack_lvl+0x241/0x360
[  338.096986][T13312]  ? __pfx_dump_stack_lvl+0x10/0x10
[  338.102332][T13312]  ? __pfx__printk+0x10/0x10
[  338.106983][T13312]  ? fs_reclaim_acquire+0x93/0x140
[  338.112243][T13312]  ? __pfx___might_resched+0x10/0x10
[  338.117679][T13312]  should_fail_ex+0x3b0/0x4e0
[  338.122589][T13312]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  338.128546][T13312]  should_failslab+0xac/0x100
[  338.133402][T13312]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  338.139259][T13312]  __kmalloc_noprof+0xd8/0x400
[  338.144608][T13312]  ? kfree+0x4e/0x360
[  338.148645][T13312]  tomoyo_realpath_from_path+0xcf/0x5e0
[  338.154270][T13312]  tomoyo_path_number_perm+0x23a/0x880
[  338.161350][T13312]  ? tomoyo_path_number_perm+0x208/0x880
[  338.167040][T13312]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  338.173389][T13312]  ? __fget_files+0x29/0x470
[  338.178131][T13312]  ? __fget_files+0x3f6/0x470
[  338.183309][T13312]  ? __fget_files+0x29/0x470
[  338.187973][T13312]  security_file_ioctl+0x75/0xb0
[  338.193773][T13312]  __se_sys_ioctl+0x47/0x170
[  338.198646][T13312]  do_syscall_64+0xf3/0x230
[  338.203183][T13312]  ? clear_bhb_loop+0x35/0x90
[  338.207959][T13312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.213965][T13312] RIP: 0033:0x7f02527779f9
[  338.218506][T13312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.238581][T13312] RSP: 002b:00007f02534f4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  338.247229][T13312] RAX: ffffffffffffffda RBX: 00007f0252905f80 RCX: 00007f02527779f9
[  338.255413][T13312] RDX: 0000000020000140 RSI: 0000000000008914 RDI: 000000000000000f
[  338.264009][T13312] RBP: 00007f02534f4090 R08: 0000000000000000 R09: 0000000000000000
[  338.272209][T13312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  338.280507][T13312] R13: 0000000000000000 R14: 00007f0252905f80 R15: 00007ffe743919a8
[  338.288598][T13312]  </TASK>
[  338.304832][T13312] ERROR: Out of memory at tomoyo_realpath_from_path.
[  338.631221][T13330] FAULT_INJECTION: forcing a failure.
[  338.631221][T13330] name failslab, interval 1, probability 0, space 0, times 0
[  338.701795][T13330] CPU: 0 UID: 0 PID: 13330 Comm: syz.0.2687 Not tainted 6.11.0-rc2-syzkaller-00116-g67927a1b255d #0
[  338.713073][T13330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  338.723177][T13330] Call Trace:
[  338.726741][T13330]  <TASK>
[  338.729716][T13330]  dump_stack_lvl+0x241/0x360
[  338.734622][T13330]  ? __pfx_dump_stack_lvl+0x10/0x10
[  338.739875][T13330]  ? __pfx__printk+0x10/0x10
[  338.744617][T13330]  ? __kmalloc_node_noprof+0xb7/0x440
[  338.750212][T13330]  ? __pfx___might_resched+0x10/0x10
[  338.755548][T13330]  should_fail_ex+0x3b0/0x4e0
[  338.760378][T13330]  should_failslab+0xac/0x100
[  338.765287][T13330]  __kmalloc_node_noprof+0xdf/0x440
[  338.770609][T13330]  ? crypto_create_tfm_node+0x88/0x3d0
[  338.776121][T13330]  crypto_create_tfm_node+0x88/0x3d0
[  338.781560][T13330]  crypto_alloc_tfm_node+0x161/0x360
[  338.787475][T13330]  esp6_init_state+0x611/0x10b0
[  338.792477][T13330]  ? __pfx_esp6_init_state+0x10/0x10
[  338.797915][T13330]  ? __xfrm_init_state+0x708/0xea0
[  338.803259][T13330]  ? __pfx_lock_release+0x10/0x10
[  338.808449][T13330]  __xfrm_init_state+0x9db/0xea0
[  338.813460][T13330]  xfrm_add_sa+0x2a76/0x3b50
[  338.818117][T13330]  ? __pfx_xfrm_add_sa+0x10/0x10
[  338.823201][T13330]  ? __nla_parse+0x40/0x60
[  338.827675][T13330]  xfrm_user_rcv_msg+0x75b/0xa80
[  338.832671][T13330]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  338.838665][T13330]  ? __mutex_trylock_common+0x183/0x2e0
[  338.844238][T13330]  ? __pfx___might_resched+0x10/0x10
[  338.849559][T13330]  netlink_rcv_skb+0x1e3/0x430
[  338.854435][T13330]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  338.860102][T13330]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  338.865475][T13330]  xfrm_netlink_rcv+0x79/0x90
[  338.870214][T13330]  netlink_unicast+0x7f0/0x990
[  338.875060][T13330]  ? __pfx_netlink_unicast+0x10/0x10
[  338.880395][T13330]  ? __virt_addr_valid+0x183/0x530
[  338.885555][T13330]  ? __check_object_size+0x49c/0x900
[  338.890907][T13330]  ? bpf_lsm_netlink_send+0x9/0x10
[  338.896340][T13330]  netlink_sendmsg+0x8e4/0xcb0
[  338.901181][T13330]  ? __pfx_netlink_sendmsg+0x10/0x10
[  338.906702][T13330]  ? __import_iovec+0x536/0x820
[  338.911602][T13330]  ? aa_sock_msg_perm+0x91/0x160
[  338.916595][T13330]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  338.922281][T13330]  ? security_socket_sendmsg+0x87/0xb0
[  338.928241][T13330]  ? __pfx_netlink_sendmsg+0x10/0x10
[  338.934192][T13330]  __sock_sendmsg+0x221/0x270
[  338.938930][T13330]  ____sys_sendmsg+0x525/0x7d0
[  338.943849][T13330]  ? __pfx_____sys_sendmsg+0x10/0x10
[  338.949293][T13330]  __sys_sendmsg+0x2b0/0x3a0
[  338.954120][T13330]  ? __pfx___sys_sendmsg+0x10/0x10
[  338.959547][T13330]  ? vfs_write+0x7c4/0xc90
[  338.964071][T13330]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  338.970722][T13330]  ? do_syscall_64+0x100/0x230
[  338.975720][T13330]  ? do_syscall_64+0xb6/0x230
[  338.980460][T13330]  do_syscall_64+0xf3/0x230
[  338.985031][T13330]  ? clear_bhb_loop+0x35/0x90
[  338.989905][T13330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.995824][T13330] RIP: 0033:0x7f029af779f9
[  339.000291][T13330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  339.020025][T13330] RSP: 002b:00007f029bdde038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  339.028468][T13330] RAX: ffffffffffffffda RBX: 00007f029b105f80 RCX: 00007f029af779f9
[  339.036557][T13330] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  339.044633][T13330] RBP: 00007f029bdde090 R08: 0000000000000000 R09: 0000000000000000
[  339.052631][T13330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  339.060618][T13330] R13: 0000000000000000 R14: 00007f029b105f80 R15: 00007fffe49e06d8
[  339.068619][T13330]  </TASK>
[  339.250460][T13347] netlink: 'syz.0.2692': attribute type 9 has an invalid length.
[  339.258918][T13347] __nla_validate_parse: 6 callbacks suppressed
[  339.265575][T13347] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2692'.
[  339.542939][T13361] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2695'.
[  339.572467][T13361] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2695'.
[  339.710640][T13365] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2699'.
[  340.065741][T13380] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2704'.
[  340.655327][T13414] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2712'.
[  341.263455][T13436] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2717'.
[  341.299880][T13436] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2717'.
[  341.320526][T13432] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2716'.
[  341.337966][T13436] xt_bpf: check failed: parse error
[  341.497257][T13448] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2721'.
[  341.749534][T13461] netlink: 'syz.0.2725': attribute type 10 has an invalid length.
[  342.798682][T13506] netlink: 'syz.1.2737': attribute type 10 has an invalid length.
[  342.868530][T13504] ΙΆΖ£0G0w
: entered promiscuous mode
[  342.898511][T13509] dccp_v6_rcv: dropped packet with invalid checksum
[  343.229511][T13520] netlink: 'syz.4.2742': attribute type 1 has an invalid length.
[  343.306951][T13520] bond1: entered promiscuous mode
[  343.331354][T13528] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  343.406187][T13528] bond1: (slave ip6gretap1): making interface the new active one
[  343.448461][T13528] ip6gretap1: entered promiscuous mode
[  343.469196][T13528] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  343.504414][T13520] bond1: left promiscuous mode
[  343.518234][T13520] ip6gretap1: left promiscuous mode
[  343.533505][T13520] 8021q: adding VLAN 0 to HW filter on device bond1
[  343.619213][T13539] netlink: 'syz.1.2749': attribute type 10 has an invalid length.
[  343.966193][T13545] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  344.017644][T13554] syzkaller1: entered promiscuous mode
[  344.033894][T13554] syzkaller1: entered allmulticast mode
[  344.430273][T13569] FAULT_INJECTION: forcing a failure.
[  344.430273][T13569] name failslab, interval 1, probability 0, space 0, times 0
[  344.443678][T13569] CPU: 1 UID: 0 PID: 13569 Comm: syz.2.2756 Not tainted 6.11.0-rc2-syzkaller-00116-g67927a1b255d #0
[  344.454501][T13569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  344.464563][T13569] Call Trace:
[  344.467849][T13569]  <TASK>
[  344.470807][T13569]  dump_stack_lvl+0x241/0x360
[  344.475508][T13569]  ? __pfx_dump_stack_lvl+0x10/0x10
[  344.480719][T13569]  ? __pfx__printk+0x10/0x10
[  344.485338][T13569]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  344.491327][T13569]  ? __pfx___might_resched+0x10/0x10
[  344.496630][T13569]  should_fail_ex+0x3b0/0x4e0
[  344.501334][T13569]  should_failslab+0xac/0x100
[  344.506059][T13569]  ? __alloc_skb+0x1c3/0x440
[  344.510685][T13569]  kmem_cache_alloc_node_noprof+0x71/0x320
[  344.516558][T13569]  __alloc_skb+0x1c3/0x440
[  344.521012][T13569]  ? __pfx___alloc_skb+0x10/0x10
[  344.525965][T13569]  ? netlink_autobind+0xd6/0x2f0
[  344.531004][T13569]  ? netlink_autobind+0x2b0/0x2f0
[  344.536063][T13569]  netlink_sendmsg+0x638/0xcb0
[  344.540855][T13569]  ? __pfx_netlink_sendmsg+0x10/0x10
[  344.546164][T13569]  ? __import_iovec+0x536/0x820
[  344.551030][T13569]  ? aa_sock_msg_perm+0x91/0x160
[  344.555987][T13569]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  344.561315][T13569]  ? security_socket_sendmsg+0x87/0xb0
[  344.566809][T13569]  ? __pfx_netlink_sendmsg+0x10/0x10
[  344.572129][T13569]  __sock_sendmsg+0x221/0x270
[  344.576919][T13569]  ____sys_sendmsg+0x525/0x7d0
[  344.581798][T13569]  ? __pfx_____sys_sendmsg+0x10/0x10
[  344.587121][T13569]  __sys_sendmsg+0x2b0/0x3a0
[  344.591724][T13569]  ? __pfx___sys_sendmsg+0x10/0x10
[  344.596842][T13569]  ? vfs_write+0x7c4/0xc90
[  344.601309][T13569]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  344.607666][T13569]  ? do_syscall_64+0x100/0x230
[  344.612482][T13569]  ? do_syscall_64+0xb6/0x230
[  344.617180][T13569]  do_syscall_64+0xf3/0x230
[  344.621710][T13569]  ? clear_bhb_loop+0x35/0x90
[  344.626405][T13569]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.632315][T13569] RIP: 0033:0x7f44a1b779f9
[  344.636752][T13569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.656477][T13569] RSP: 002b:00007f44a15ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  344.664931][T13569] RAX: ffffffffffffffda RBX: 00007f44a1d05f80 RCX: 00007f44a1b779f9
[  344.672932][T13569] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006
[  344.680927][T13569] RBP: 00007f44a15ff090 R08: 0000000000000000 R09: 0000000000000000
[  344.688913][T13569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  344.696899][T13569] R13: 0000000000000000 R14: 00007f44a1d05f80 R15: 00007ffd37674c28
[  344.704901][T13569]  </TASK>
[  344.841304][T13571] __nla_validate_parse: 8 callbacks suppressed
[  344.841328][T13571] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2757'.
[  344.884110][T13571] vlan4: entered allmulticast mode
[  344.891205][T13571] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  344.910183][T13571] netdevsim netdevsim1 netdevsim0: left allmulticast mode
[  345.012772][T13578] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2760'.
[  345.079783][T13580] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 50015 - 0
[  345.091826][T13580] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 50015 - 0
[  345.131345][T13580] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 50015 - 0
[  345.170640][T13580] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 50015 - 0
[  345.197822][T13580] netdevsim netdevsim2 netdevsim0: set [1, 2] type 2 family 0 port 40681 - 0
[  345.209225][T13580] netdevsim netdevsim2 netdevsim1: set [1, 2] type 2 family 0 port 40681 - 0
[  345.218350][T13580] netdevsim netdevsim2 netdevsim2: set [1, 2] type 2 family 0 port 40681 - 0
[  345.227539][T13580] netdevsim netdevsim2 netdevsim3: set [1, 2] type 2 family 0 port 40681 - 0
[  345.241149][T13588] netlink: 'syz.0.2763': attribute type 10 has an invalid length.
[  345.546436][T13600] batman_adv: batadv0: Removing interface: team0
[  345.563768][T13600] bridge_slave_0: left allmulticast mode
[  345.571727][T13600] bridge_slave_0: left promiscuous mode
[  345.578368][T13600] bridge0: port 1(bridge_slave_0) entered disabled state
[  345.594193][T13600] bridge_slave_1: left allmulticast mode
[  345.601334][T13600] bridge_slave_1: left promiscuous mode
[  345.623999][T13600] bridge0: port 2(bridge_slave_1) entered disabled state
[  345.702422][T13600] bond0: (slave bond_slave_0): Releasing backup interface
[  345.765721][T13600] bond0: (slave bond_slave_1): Releasing backup interface
[  345.861003][T13600] team0: Port device team_slave_0 removed
[  345.901872][T13600] team0: Port device team_slave_1 removed
[  345.919947][T13600] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  345.929710][T13600] batman_adv: batadv0: Removing interface: batadv_slave_0
[  345.949648][T13600] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  345.958044][T13600] batman_adv: batadv0: Removing interface: batadv_slave_1
[  345.988240][T13600] bond1: (slave ip6gretap1): Releasing active interface
[  346.091906][T13605] netlink: 52 bytes leftover after parsing attributes in process `syz.4.2765'.
[  346.749483][T13626] FAULT_INJECTION: forcing a failure.
[  346.749483][T13626] name failslab, interval 1, probability 0, space 0, times 0
[  346.770139][T13626] CPU: 1 UID: 0 PID: 13626 Comm: syz.1.2771 Not tainted 6.11.0-rc2-syzkaller-00116-g67927a1b255d #0
[  346.780971][T13626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  346.791071][T13626] Call Trace:
[  346.794401][T13626]  <TASK>
[  346.797378][T13626]  dump_stack_lvl+0x241/0x360
[  346.802113][T13626]  ? __pfx_dump_stack_lvl+0x10/0x10
[  346.807472][T13626]  ? __pfx__printk+0x10/0x10
[  346.812125][T13626]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  346.818169][T13626]  ? __pfx___might_resched+0x10/0x10
[  346.823707][T13626]  should_fail_ex+0x3b0/0x4e0
[  346.828429][T13626]  should_failslab+0xac/0x100
[  346.833154][T13626]  ? __alloc_skb+0x1c3/0x440
[  346.837800][T13626]  kmem_cache_alloc_node_noprof+0x71/0x320
[  346.843676][T13626]  __alloc_skb+0x1c3/0x440
[  346.848150][T13626]  ? __pfx___alloc_skb+0x10/0x10
[  346.853139][T13626]  ? netlink_autobind+0xd6/0x2f0
[  346.858120][T13626]  ? netlink_autobind+0x2b0/0x2f0
[  346.863194][T13626]  netlink_sendmsg+0x638/0xcb0
[  346.868027][T13626]  ? __pfx_netlink_sendmsg+0x10/0x10
[  346.873365][T13626]  ? __import_iovec+0x536/0x820
[  346.878259][T13626]  ? aa_sock_msg_perm+0x91/0x160
[  346.883249][T13626]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  346.888578][T13626]  ? security_socket_sendmsg+0x87/0xb0
[  346.894112][T13626]  ? __pfx_netlink_sendmsg+0x10/0x10
[  346.899472][T13626]  __sock_sendmsg+0x221/0x270
[  346.904202][T13626]  ____sys_sendmsg+0x525/0x7d0
[  346.909024][T13626]  ? __pfx_____sys_sendmsg+0x10/0x10
[  346.914468][T13626]  __sys_sendmsg+0x2b0/0x3a0
[  346.919121][T13626]  ? __pfx___sys_sendmsg+0x10/0x10
[  346.924272][T13626]  ? vfs_write+0x7c4/0xc90
[  346.928882][T13626]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  346.935260][T13626]  ? do_syscall_64+0x100/0x230
[  346.940082][T13626]  ? do_syscall_64+0xb6/0x230
[  346.944814][T13626]  do_syscall_64+0xf3/0x230
[  346.949365][T13626]  ? clear_bhb_loop+0x35/0x90
[  346.954086][T13626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.960017][T13626] RIP: 0033:0x7f02527779f9
[  346.964464][T13626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.984203][T13626] RSP: 002b:00007f02534f4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  346.992898][T13626] RAX: ffffffffffffffda RBX: 00007f0252905f80 RCX: 00007f02527779f9
[  347.000924][T13626] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  347.008933][T13626] RBP: 00007f02534f4090 R08: 0000000000000000 R09: 0000000000000000
[  347.016953][T13626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  347.025059][T13626] R13: 0000000000000000 R14: 00007f0252905f80 R15: 00007ffe743919a8
[  347.033094][T13626]  </TASK>
[  347.431781][T13631] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2773'.
[  347.445224][T13634] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2775'.
[  347.477917][T13634] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  347.495145][T13635] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2774'.
[  347.535254][T13635] gtp0: entered promiscuous mode
[  347.558458][T13635] gtp0: entered allmulticast mode
[  347.675217][T13641] netlink: 'syz.4.2777': attribute type 10 has an invalid length.
[  347.685288][T13641] batman_adv: batadv0: Adding interface: team0
[  347.693299][T13641] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  347.749068][T13641] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  347.984641][T13653] FAULT_INJECTION: forcing a failure.
[  347.984641][T13653] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  348.029978][T13653] CPU: 1 UID: 0 PID: 13653 Comm: syz.0.2780 Not tainted 6.11.0-rc2-syzkaller-00116-g67927a1b255d #0
[  348.030031][T13656] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2782'.
[  348.040784][T13653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  348.040807][T13653] Call Trace:
[  348.040817][T13653]  <TASK>
[  348.040828][T13653]  dump_stack_lvl+0x241/0x360
[  348.040871][T13653]  ? __pfx_dump_stack_lvl+0x10/0x10
[  348.040904][T13653]  ? __pfx__printk+0x10/0x10
[  348.040939][T13653]  ? __pfx_lock_release+0x10/0x10
[  348.085786][T13653]  ? vfs_write+0x7c4/0xc90
[  348.090258][T13653]  should_fail_ex+0x3b0/0x4e0
[  348.094987][T13653]  _copy_from_user+0x2f/0xe0
[  348.099623][T13653]  __sys_bpf+0x1a4/0x810
[  348.103906][T13653]  ? __pfx___sys_bpf+0x10/0x10
[  348.108744][T13653]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  348.114781][T13653]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  348.121155][T13653]  ? do_syscall_64+0x100/0x230
[  348.125982][T13653]  __x64_sys_bpf+0x7c/0x90
[  348.130448][T13653]  do_syscall_64+0xf3/0x230
[  348.135000][T13653]  ? clear_bhb_loop+0x35/0x90
[  348.139719][T13653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.145647][T13653] RIP: 0033:0x7f029af779f9
[  348.150096][T13653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.169840][T13653] RSP: 002b:00007f029bdde038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  348.178312][T13653] RAX: ffffffffffffffda RBX: 00007f029b105f80 RCX: 00007f029af779f9
[  348.186337][T13653] RDX: 000000000000002c RSI: 0000000020000080 RDI: 000000000000000a
[  348.194351][T13653] RBP: 00007f029bdde090 R08: 0000000000000000 R09: 0000000000000000
[  348.202359][T13653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  348.210364][T13653] R13: 0000000000000000 R14: 00007f029b105f80 R15: 00007fffe49e06d8
[  348.218396][T13653]  </TASK>
[  348.410968][T13666] netlink: 'syz.0.2785': attribute type 1 has an invalid length.
[  348.474626][T13666] bond2: entered promiscuous mode
[  348.486302][T13667] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2786'.
[  348.513453][T13667] vlan2: entered promiscuous mode
[  348.519728][T13667] bridge0: entered promiscuous mode
[  348.530951][T13667] bridge0: left promiscuous mode
[  348.615857][T13671] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  348.693837][T13671] bond2: (slave ip6gretap1): making interface the new active one
[  348.728092][T13671] ip6gretap1: entered promiscuous mode
[  348.778250][T13671] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[  348.814131][T12545] ==================================================================
[  348.822277][T12545] BUG: KASAN: slab-use-after-free in skb_queue_purge_reason+0xb9/0x500
[  348.830575][T12545] Read of size 8 at addr ffff8880609b0058 by task syz.4.2457/12545
[  348.838521][T12545] 
[  348.840870][T12545] CPU: 1 UID: 0 PID: 12545 Comm: syz.4.2457 Not tainted 6.11.0-rc2-syzkaller-00116-g67927a1b255d #0
[  348.851664][T12545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  348.861751][T12545] Call Trace:
[  348.865046][T12545]  <TASK>
[  348.867990][T12545]  dump_stack_lvl+0x241/0x360
[  348.872713][T12545]  ? __pfx_dump_stack_lvl+0x10/0x10
[  348.878021][T12545]  ? __pfx__printk+0x10/0x10
[  348.882801][T12545]  ? _printk+0xd5/0x120
[  348.887167][T12545]  ? __virt_addr_valid+0x183/0x530
[  348.892305][T12545]  ? __virt_addr_valid+0x183/0x530
[  348.897468][T12545]  print_report+0x169/0x550
[  348.902003][T12545]  ? __virt_addr_valid+0x183/0x530
[  348.907126][T12545]  ? __virt_addr_valid+0x183/0x530
[  348.912293][T12545]  ? __virt_addr_valid+0x45f/0x530
[  348.917419][T12545]  ? __phys_addr+0xba/0x170
[  348.921935][T12545]  ? skb_queue_purge_reason+0xb9/0x500
[  348.927408][T12545]  kasan_report+0x143/0x180
[  348.931931][T12545]  ? skb_queue_purge_reason+0xb9/0x500
[  348.937414][T12545]  skb_queue_purge_reason+0xb9/0x500
[  348.942813][T12545]  ? trace_contention_end+0x3c/0x120
[  348.948110][T12545]  ? __mutex_lock+0x2ef/0xd70
[  348.952828][T12545]  ? __pfx_skb_queue_purge_reason+0x10/0x10
[  348.958765][T12545]  ? drain_workqueue+0x2d3/0x3a0
[  348.963737][T12545]  ? hci_conn_hash_flush+0x1da/0x240
[  348.969042][T12545]  vhci_flush+0x44/0x50
[  348.973210][T12545]  ? __pfx_vhci_flush+0x10/0x10
[  348.978071][T12545]  hci_dev_reset+0x42a/0x5d0
[  348.982687][T12545]  sock_do_ioctl+0x158/0x460
[  348.987293][T12545]  ? __pfx_sock_do_ioctl+0x10/0x10
[  348.992425][T12545]  sock_ioctl+0x629/0x8e0
[  348.996775][T12545]  ? __pfx_sock_ioctl+0x10/0x10
[  349.001641][T12545]  ? __fget_files+0x29/0x470
[  349.006248][T12545]  ? __fget_files+0x3f6/0x470
[  349.010938][T12545]  ? __fget_files+0x29/0x470
[  349.015633][T12545]  ? bpf_lsm_file_ioctl+0x9/0x10
[  349.020588][T12545]  ? security_file_ioctl+0x87/0xb0
[  349.025703][T12545]  ? __pfx_sock_ioctl+0x10/0x10
[  349.030569][T12545]  __se_sys_ioctl+0xfc/0x170
[  349.035171][T12545]  do_syscall_64+0xf3/0x230
[  349.039692][T12545]  ? clear_bhb_loop+0x35/0x90
[  349.044385][T12545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.050291][T12545] RIP: 0033:0x7f26d45779f9
[  349.054713][T12545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  349.074339][T12545] RSP: 002b:00007f26d5322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  349.082763][T12545] RAX: ffffffffffffffda RBX: 00007f26d4705f80 RCX: 00007f26d45779f9
[  349.090742][T12545] RDX: 0000000000000000 RSI: 00000000400448cb RDI: 000000000000000c
[  349.098724][T12545] RBP: 00007f26d45e58ee R08: 0000000000000000 R09: 0000000000000000
[  349.106710][T12545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  349.114685][T12545] R13: 0000000000000000 R14: 00007f26d4705f80 R15: 00007ffede9b8298
[  349.122674][T12545]  </TASK>
[  349.125697][T12545] 
[  349.128024][T12545] Allocated by task 12372:
[  349.132438][T12545]  kasan_save_track+0x3f/0x80
[  349.137151][T12545]  __kasan_kmalloc+0x98/0xb0
[  349.141758][T12545]  __kmalloc_cache_noprof+0x19c/0x2c0
[  349.147149][T12545]  vhci_open+0x57/0x370
[  349.151323][T12545]  misc_open+0x313/0x390
[  349.155573][T12545]  chrdev_open+0x5b0/0x630
[  349.160018][T12545]  do_dentry_open+0x970/0x1440
[  349.164801][T12545]  vfs_open+0x3e/0x330
[  349.168873][T12545]  path_openat+0x2b3e/0x3470
[  349.173471][T12545]  do_filp_open+0x235/0x490
[  349.178008][T12545]  do_sys_openat2+0x13e/0x1d0
[  349.182690][T12545]  __x64_sys_openat+0x247/0x2a0
[  349.187546][T12545]  do_syscall_64+0xf3/0x230
[  349.192171][T12545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.198167][T12545] 
[  349.200576][T12545] Freed by task 12372:
[  349.204642][T12545]  kasan_save_track+0x3f/0x80
[  349.209328][T12545]  kasan_save_free_info+0x40/0x50
[  349.214361][T12545]  poison_slab_object+0xe0/0x150
[  349.219316][T12545]  __kasan_slab_free+0x37/0x60
[  349.224096][T12545]  kfree+0x149/0x360
[  349.228095][T12545]  vhci_release+0xbf/0xd0
[  349.232454][T12545]  __fput+0x24a/0x8a0
[  349.236472][T12545]  task_work_run+0x24f/0x310
[  349.241068][T12545]  do_exit+0xa2f/0x27f0
[  349.245225][T12545]  do_group_exit+0x207/0x2c0
[  349.249818][T12545]  __x64_sys_exit_group+0x3f/0x40
[  349.254848][T12545]  x64_sys_call+0x2634/0x2640
[  349.259570][T12545]  do_syscall_64+0xf3/0x230
[  349.264090][T12545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.269988][T12545] 
[  349.272310][T12545] The buggy address belongs to the object at ffff8880609b0000
[  349.272310][T12545]  which belongs to the cache kmalloc-1k of size 1024
[  349.286371][T12545] The buggy address is located 88 bytes inside of
[  349.286371][T12545]  freed 1024-byte region [ffff8880609b0000, ffff8880609b0400)
[  349.300181][T12545] 
[  349.302513][T12545] The buggy address belongs to the physical page:
[  349.308934][T12545] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880609b5000 pfn:0x609b0
[  349.319012][T12545] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  349.327517][T12545] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  349.336025][T12545] page_type: 0xfdffffff(slab)
[  349.340707][T12545] raw: 00fff00000000240 ffff888015841dc0 ffffea000183f210 ffffea0001882c10
[  349.349300][T12545] raw: ffff8880609b5000 000000000010000c 00000001fdffffff 0000000000000000
[  349.357917][T12545] head: 00fff00000000240 ffff888015841dc0 ffffea000183f210 ffffea0001882c10
[  349.366591][T12545] head: ffff8880609b5000 000000000010000c 00000001fdffffff 0000000000000000
[  349.375467][T12545] head: 00fff00000000003 ffffea0001826c01 ffffffffffffffff 0000000000000000
[  349.384140][T12545] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  349.392809][T12545] page dumped because: kasan: bad access detected
[  349.399232][T12545] page_owner tracks the page as allocated
[  349.404942][T12545] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 1058, tgid 1058 (kworker/u8:5), ts 84312322216, free_ts 25519000796
[  349.427092][T12545]  post_alloc_hook+0x1f3/0x230
[  349.431871][T12545]  get_page_from_freelist+0x2e4c/0x2f10
[  349.437432][T12545]  __alloc_pages_noprof+0x256/0x6c0
[  349.442640][T12545]  alloc_slab_page+0x5f/0x120
[  349.447331][T12545]  allocate_slab+0x5a/0x2f0
[  349.451852][T12545]  ___slab_alloc+0xcd1/0x14b0
[  349.456542][T12545]  __slab_alloc+0x58/0xa0
[  349.460890][T12545]  __kmalloc_node_track_caller_noprof+0x281/0x440
[  349.467318][T12545]  kmalloc_reserve+0x111/0x2a0
[  349.472089][T12545]  __alloc_skb+0x1f3/0x440
[  349.476508][T12545]  inet6_rt_notify+0xdf/0x290
[  349.481201][T12545]  fib6_add+0x1e33/0x4430
[  349.485538][T12545]  ip6_ins_rt+0x106/0x170
[  349.489958][T12545]  __ipv6_ifa_notify+0x5d2/0x1230
[  349.494993][T12545]  addrconf_dad_completed+0x181/0xcd0
[  349.500375][T12545]  addrconf_dad_work+0xdc2/0x16f0
[  349.505412][T12545] page last free pid 1 tgid 1 stack trace:
[  349.511230][T12545]  free_unref_page+0xd22/0xea0
[  349.516010][T12545]  free_contig_range+0x9e/0x160
[  349.520865][T12545]  destroy_args+0x8a/0x890
[  349.525292][T12545]  debug_vm_pgtable+0x4be/0x550
[  349.530166][T12545]  do_one_initcall+0x248/0x880
[  349.534945][T12545]  do_initcall_level+0x157/0x210
[  349.539897][T12545]  do_initcalls+0x3f/0x80
[  349.544234][T12545]  kernel_init_freeable+0x435/0x5d0
[  349.549452][T12545]  kernel_init+0x1d/0x2b0
[  349.553789][T12545]  ret_from_fork+0x4b/0x80
[  349.558226][T12545]  ret_from_fork_asm+0x1a/0x30
[  349.563182][T12545] 
[  349.565508][T12545] Memory state around the buggy address:
[  349.571146][T12545]  ffff8880609aff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  349.579218][T12545]  ffff8880609aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  349.587282][T12545] >ffff8880609b0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  349.595347][T12545]                                                     ^
[  349.602286][T12545]  ffff8880609b0080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  349.610441][T12545]  ffff8880609b0100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  349.618504][T12545] ==================================================================
[  349.645494][T13666] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2785'.
[  349.669784][T13666] bond2: left promiscuous mode
[  349.674618][T13666] ip6gretap1: left promiscuous mode
[  349.697945][T13666] 8021q: adding VLAN 0 to HW filter on device bond2
[  349.711361][T12545] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  349.718610][T12545] CPU: 1 UID: 0 PID: 12545 Comm: syz.4.2457 Not tainted 6.11.0-rc2-syzkaller-00116-g67927a1b255d #0
[  349.729415][T12545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  349.739591][T12545] Call Trace:
[  349.742902][T12545]  <TASK>
[  349.745958][T12545]  dump_stack_lvl+0x241/0x360
[  349.750685][T12545]  ? __pfx_dump_stack_lvl+0x10/0x10
[  349.755929][T12545]  ? __pfx__printk+0x10/0x10
[  349.760571][T12545]  ? preempt_schedule+0xe1/0xf0
[  349.765457][T12545]  ? vscnprintf+0x5d/0x90
[  349.769805][T12545]  panic+0x349/0x860
[  349.773727][T12545]  ? check_panic_on_warn+0x21/0xb0
[  349.778849][T12545]  ? __pfx_panic+0x10/0x10
[  349.783283][T12545]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  349.789276][T12545]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  349.795703][T12545]  ? print_report+0x502/0x550
[  349.800399][T12545]  check_panic_on_warn+0x86/0xb0
[  349.805431][T12545]  ? skb_queue_purge_reason+0xb9/0x500
[  349.810904][T12545]  end_report+0x77/0x160
[  349.815162][T12545]  kasan_report+0x154/0x180
[  349.819686][T12545]  ? skb_queue_purge_reason+0xb9/0x500
[  349.825171][T12545]  skb_queue_purge_reason+0xb9/0x500
[  349.830474][T12545]  ? trace_contention_end+0x3c/0x120
[  349.835768][T12545]  ? __mutex_lock+0x2ef/0xd70
[  349.840463][T12545]  ? __pfx_skb_queue_purge_reason+0x10/0x10
[  349.846395][T12545]  ? drain_workqueue+0x2d3/0x3a0
[  349.851464][T12545]  ? hci_conn_hash_flush+0x1da/0x240
[  349.856811][T12545]  vhci_flush+0x44/0x50
[  349.860992][T12545]  ? __pfx_vhci_flush+0x10/0x10
[  349.865863][T12545]  hci_dev_reset+0x42a/0x5d0
[  349.870485][T12545]  sock_do_ioctl+0x158/0x460
[  349.875098][T12545]  ? __pfx_sock_do_ioctl+0x10/0x10
[  349.880327][T12545]  sock_ioctl+0x629/0x8e0
[  349.884691][T12545]  ? __pfx_sock_ioctl+0x10/0x10
[  349.889580][T12545]  ? __fget_files+0x29/0x470
[  349.894203][T12545]  ? __fget_files+0x3f6/0x470
[  349.898935][T12545]  ? __fget_files+0x29/0x470
[  349.903570][T12545]  ? bpf_lsm_file_ioctl+0x9/0x10
[  349.908541][T12545]  ? security_file_ioctl+0x87/0xb0
[  349.913682][T12545]  ? __pfx_sock_ioctl+0x10/0x10
[  349.918579][T12545]  __se_sys_ioctl+0xfc/0x170
[  349.923199][T12545]  do_syscall_64+0xf3/0x230
[  349.927729][T12545]  ? clear_bhb_loop+0x35/0x90
[  349.932420][T12545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.938337][T12545] RIP: 0033:0x7f26d45779f9
[  349.942763][T12545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  349.962383][T12545] RSP: 002b:00007f26d5322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  349.970903][T12545] RAX: ffffffffffffffda RBX: 00007f26d4705f80 RCX: 00007f26d45779f9
[  349.978901][T12545] RDX: 0000000000000000 RSI: 00000000400448cb RDI: 000000000000000c
[  349.986890][T12545] RBP: 00007f26d45e58ee R08: 0000000000000000 R09: 0000000000000000
[  349.994876][T12545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  350.002855][T12545] R13: 0000000000000000 R14: 00007f26d4705f80 R15: 00007ffede9b8298
[  350.010973][T12545]  </TASK>
[  350.014405][T12545] Kernel Offset: disabled
[  350.018740][T12545] Rebooting in 86400 seconds..